github antrea-io/antrea v0.9.0
Release v0.9.0
on GitHub

latest releases: v2.0.0, v1.13.4, v1.14.3...
pre-release3 years ago

Added

  • Add flow exporter feature. [Alpha - Feature Gate: FlowExporter]
    • Support sending network flow records using the IPFIX protocol from each Agent (#825 #984, @srikartati)
    • Add reference cookbook to visualize exported flows using Elastic Stack (#836, @zyiou)
  • Support OVS hardware offload for Pod networking: Pods can now be assigned an SR-IOV Virtual Function. (#786, @moshe010)
    • Add new CI job to validate the hardware offload functionality (@AbdYsn)
  • Support Node MTU auto-discovery in the Antrea Agent; the user can still override this value in the Agent configuration if desired. (#909, @reachjainrahul)
  • Enable Antrea support for the AKS managed K8s service, using CNI chaining and the "networkPolicyOnly" traffic mode. (#998, @reachjainrahul)
  • Support for NetworkPolicy tiering (ClusterNetworkPolicy only). (#956 #986, @abhiraut @Dyanngg)
    • The ClusterNetworkPolicy Feature Gate must now be enabled for the Agent (in addition to the Controller) to activate the feature
  • Support executing Traceflow requests with antctl. (#932, @lzhecheng)
  • Support automatic rotation for the self-signed certificate generated by Antrea when no certificate is provided by the user. (#1024, @MatthewHinton56)
  • Add new Agent Prometheus metrics for OVS flow operations. (#866, @yktsubo)
  • Provide a DaemonSet to automatically restart Pods on new Nodes in EKS when Antrea becomes ready: this ensures that NetworkPolicies are enforced correctly for all Pods. (#1057, @reachjainrahul)
  • Add scripts to run the Antrea Agent directly without using a Pod to manage the lifecycle of the process. (#1013, @ruicao93) [Windows]

Changed

  • Restrict all traffic modes except for "encap" to use "Antrea Proxy" for Pod-to-Service traffic, as this greatly simplifies the datapath implementation. (#1015, @suwang48404)
  • Improve Antrea Octant plugin. (#913, @ZhangYW18)
    • Merge the two existing plugins (Agent / Controller Info, Traceflow) into a single plugin / binary
    • Enhance Traceflow graph color theme
    • Improve layout of the "Overview" page for the plugin: all CRDs are shown on the same page
    • Update Octant plugin installation guide (#914, @mengdie-song)
  • Use Ubuntu 20.04 (instead of Ubuntu 18.04) as the base distribution for the Antrea Docker image. (#1022, @antoninbas)
  • Enable outer UDP checksum for Geneve and VXLAN tunnels to benefit from Generic Receive Offload (GRO) on the receiver's side. (#1049, @tnqn)
  • Support Services as destinations for Traceflow. (#979, @gran-vmv)
  • Provide additional printer columns in the Traceflow CRD definition, so that more information is included in the "kubectl get" output. (#958, @abhiraut)
  • More comprehensive OpenAPI schema for Traceflow CRD validation. (#918, @abhiraut)
  • Optimize OVS flow updates for NetworkPolicies when the Agent restarts, by using batching. (#844, @Dyanngg)
  • Increase watch timeout for the Antrea apiserver to reduce reconnection frequency; reduce log verbosity when a legitimate reconnection happens. (#1055, @antoninbas)
  • Update OVS pipeline documentation to account for the new tables used for ClusterNetworkPolicy and tiering support. (#921 #1073, @abhiraut)

Fixed

  • Fix implementation of NodePort Service on Windows for traffic for which the destination Pod (Service backend) is on the same Node as the source Pod. (#948, @wenyingd) [Windows]
  • Fix IPsec support, which was broken because of Python3 error in an upstream OVS script. (#1046, @lzhecheng)
  • Support Pod-to-LoadBalancer Service traffic in "Antrea Proxy". (#943, @ruicao93)
  • Support incoming LoadBalancer Service traffic on Windows, by relying on kube-proxy. (#943, @ruicao93) [Windows]
  • Avoid OpenFlow bundle timeout issues when using Traceflow: if PacketIn messages are not consumed fast enough, all inbound messages from OVS are blocked, including bundle reply messages. (#951, @gran-vmv)
  • Move host routes from the uplink interface to the OVS bridge during Agent initialization on Windows. (#959, @ruicao93) [Windows]
  • Optimize handling of very large AddressGroups (introduced by NetworkPolicies which select a large number of Pods in to/from rules) in the Antrea Agent. (#1031, @tnqn)
  • Modify "List" apiserver requests in the Agent to use "resourceVersion=0", which forces requests to be served from the cache (instead of etcd persistent storage) and removes performance issues when many agents are restarted simultaneously. (#1045, @wenyingd)
  • Fix OVS deadlock caused by glibc bug, by upgrading base distribution to Ubuntu 20.04 in Antrea Docker image. (#1022, @antoninbas @alex-vmw)
  • Set the "no-flood" configuration option on the uplink bridge port in Windows, so that ARP broadcast traffic is not sent out to the underlay network. (#922, @wenyingd) [Windows]
  • Avoid inaccurate warnings in the logs about "POD_NAMESPACE" not set. (#925, @antoninbas)
  • Fix format of tracing packets for Traceflow:
    • Set protocol version to the correct value in the IP header (#946, @lzhecheng)
    • Add correct L3/L4 checksum values (#967, @gran-vmv)
    • Set destination MAC address correctly when the provided destination IP address matches a local Pod. (#981, @ZhangYW18)
  • In "hybrid" traffic mode, reject Traceflow requests if the source and destination Nodes are not connected by a tunnel. (#944, @gran-vmv)
  • Log human-readable messages when the ofnet library returns an error. (#1065, @wenyingd)
  • Wait for the Antrea client in the Agent to be ready before starting watches to avoid error log messages. (#1042, @tnqn)
Check out latest releases or
releases around antrea-io/antrea v0.9.0

Don't miss a new antrea release

NewReleases is sending notifications on new releases.

Get notifications