artifacthub helm/cilium/cilium 1.8.3
on Artifact Hub

latest releases: 1.16.0-pre.2, 1.15.4, 1.14.10...
3 years ago

Summary of Changes

Major Changes:

  • Add a check for loadBalancerSourceRanges to the kube-proxy replacement (Backport PR #12963, Upstream PR #12841, @brb)
  • Cilium operator HA mode (Backport PR #12764, Upstream PR #12409, @fristonio)

Minor Changes:

  • Add hidden --k8s-sync-timeout flag to set the timeout for initial Kubernetes synchronization (Backport PR #12849, Upstream PR #12822, @joestringer)
  • Add Hubble Relay Kubernetes service account (Backport PR #12722, Upstream PR #12650, @m4rx0)
  • Add permissive tolerations to Cilium Operator deployment (Backport PR #12942, Upstream PR #12916, @aanm)
  • connectivity-check: Use unprivileged ports (Backport PR #13004, Upstream PR #12948, @tgraf)
  • Disable BPF-masq in KIND getting started guide (Backport PR #12990, Upstream PR #12973, @brb)
  • hubble/relay: report nodes connectivity status on ServerStatus (Backport PR #12702, Upstream PR #12655, @rolinh)
  • Improve TCP backend selection for socket LB in case socket cookies are non-global. (Backport PR #12702, Upstream PR #12651, @borkmann)
  • Istio integration has been updated to Istio release 1.5.9. (Backport PR #12889, Upstream PR #12861, @jrajahalme)
  • k8s: update k8s dependencies to 1.18.6 (#12669, @aanm)
  • k8s: update k8s dependencies to 1.18.8 (#12881, @aanm)
  • Make EC2 AWS API endpoint configurable in operator (Backport PR #12912, Upstream PR #12835, @tklauser)
  • Parallelise CRD registration to improve bootstrap time (Backport PR #12745, Upstream PR #12719, @tgraf)

Bugfixes:

  • Cilium Operator: bind provider-specific flags for operator-aws and operator-aks (Backport PR #12889, Upstream PR #12871, @tklauser)
  • Disable BPF masquerade if host reachable services is disabled in tunnel mode (Backport PR #13060, Upstream PR #13006, @brb)
  • endpointsynchronizer: suppress logging context.Canceled errors on CEP creation/update (Backport PR #12761, Upstream PR #12637, @ghouscht)
  • Fix bug in ENI environments where connections to NodePort would fail due to asymmetric routing (Backport PR #13060, Upstream PR #12770, @qmonnet)
  • Fix bug where cilium-health reports connectivity failures to stale IPs (Backport PR #13060, Upstream PR #12989, @kkourt)
  • health: Differentiate between unknown and unreachable state in Cilium status (Backport PR #12702, Upstream PR #12521, @mrostecki)
  • Ignore collisions for named ports that are not actually used in an egress policy (Backport PR #12816, Upstream PR #12567, @jrajahalme)
  • Improve error handling in initialization of etcd connectivity (Backport PR #12803, Upstream PR #12773, @tgraf)
  • Improved reliability of etcd connectivity by adding gRPC keep alives (Backport PR #12963, Upstream PR #12947, @aanm)
  • node-init restartPods should use docker if /etc/crictl.yaml not found (Backport PR #12990, Upstream PR #12894, @UnwashedMeme)
  • nodeinit: Disable default ip-masq-agent jumps (Backport PR #12849, Upstream PR #11782, @dctrwatson)
  • Re-add removed rule 'ciliumidentities/status' for Cilium's and Preflight's Kubernetes ClusterRole (#12721, @aanm)
  • Shuffle etcd endpoints before making initial connectivity to etcd servers (Backport PR #13060, Upstream PR #12943, @aanm)
  • Use the global Azure key in helm (Backport PR #12702, Upstream PR #12683, @gravis)

CI Changes:

Misc Changes:

Check out latest releases or
releases around helm/cilium/cilium 1.8.3

Don't miss a new cilium release

NewReleases is sending notifications on new releases.

Get notifications