github antrea-io/antrea v1.8.0
Release v1.8.0

latest releases: v2.2.0, v2.2.0-alpha.2, v2.2.0-alpha.1...
2 years ago

Added

  • Add ExternalNode feature which enables Antrea to manage security policies for non-Kubernetes Nodes (like virtual machines or bare-metal servers). (#4110, @wenyingd @mengdie-song @Anandkumar26)
    • It introduces the ExternalNode CRD; each resource of this kind represents a virtual machine or bare-metal server and supports specifying which network interfaces on the external Node are expected to be protected with Antrea-native policies.
    • An ExternalEntity resource will be created for each network interface specified in the ExternalNode resource. Antrea-native policies are applied to an external Node by using the ExternalEntity selector.
    • Refer to this document for more information about this feature.
  • Add the following capabilities to Antrea-native policies:
    • Add Audit Logging support for K8s Networkpolicy. (#4047, @qiyueyao)
    • Support applying Antrea ClusterNetworkPolicy to NodePort Services for securing ingress traffic. (#3997, @GraysonWu)
    • Introduce the Group CRD to logically group different network endpoints and reference them together in Antrea NetworkPolicy. (#2438, @qiyueyao @abhiraut)
  • Release new Antrea Helm chart version for each Antrea release. (#3935 #3952, @antoninbas @yanjunz97)
  • Support TopologyAwareHints in AntreaProxy. (#3515, @hongliangl)
  • Add encap mode support for the Multicast feature. (#3947, @wenyingd)
  • Support configurable Geneve, VXLAN, or STT port number for encap mode. (#4065, @Jexf)
  • Add Status field to the IPPool CRD: it is used to report usage information for the pool (total number of IPs in the pool and number of IPs that are currently assigned). (#3072 #4088, @ksamoray @tnqn)
  • Support updating configuration at runtime for flow-aggregator via antctl or by updating the ConfigMap. (#3642, @yuntanghsu)
  • Add antctl commands to set up and delete Multi-cluster ClusterSet. (#3992, @hjiajing)
  • Add documentation to set up Multi-cluster ClusterSet with antctl. (#4096, @jianjuns)

Changed

  • Antrea now uses OpenFlow 1.5 to program OVS. (#3770, @wenyingd @ashish-varma)
  • Rename Windows script Start.ps1 to Start-AntreaAgent.ps1, and rename Stop.ps1 to Stop-AntreaAgent.ps1. (#3904, @wenyingd)
  • Unify NodePortLocal behavior across Linux and Windows. Linux agents now support allocating different Node ports for different protocols even when the Pod port number is the same. (#3936, @XinShuYang)
  • Antrea IPAM now uses the name of the uplink interface to name the host internal port, and the uplink interface will be renamed with a ~ suffix, e.g. eth0~. (#3938, @gran-vmv)
  • Send Neighbor Advertisement messages after creating Pods in an IPv6 cluster. (#3998, @gran-vmv)
  • Add an output formatter "raw" to better display multi-line string responses for antctl. (#3589, @Atish-iaf)
  • Add new ports to network requirement doc. (#4063, @luolanzone)
  • Windows OVS installation script now installs required SSL library if missing. (#4029, @XinShuYang)
  • Upgrade whereabouts CNI to v0.5.4 and provide required pluginArgs when invoking the CNI binary. (#3987, @arunvelayutham)
  • Remove Grafana flow collector files in the Antrea repo (as they were moved to the Theia repo). (#4048, @dreamtalen)
  • Make the following changes to the Multi-cluster feature:

Fixed

  • Fix reconnection issue between Agent and OVS. (#4091, @wenyingd)
  • Fix the wrong DNAT IP used by AntreaProxy for serving NodePort traffic on Windows Nodes. (#4103, @XinShuYang)
  • Fix Antrea Octant plugin build. (#4107, @antoninbas)
  • Fix Pod-to-external traffic on EKS in policyOnly mode. (#3975, @antoninbas)
  • Fix problems caused by Node restart on EKS in policyOnly mode. (#4012 #4042, @antoninbas)
  • Fix race conditions in NetworkPolicyController. (#4028, @tnqn)
  • Fix FlowExporter memory bloat when export process is dead. (#3994, @wsquan171)
  • Fix socket leak in an IPv6 cluster. (#4104, @wenyingd)
  • Fix ClickHouse client race during batch commit. (#4071, @wsquan171)
  • Retry when retrieval of PodCIDRs fails to avoid Agent crash due to the delay in allocating PodCIDRs for the Node. (#3950, @ksamoray)
  • Fix nil pointer issue when ClusterSet is deleted in leader cluster. (#3915, @luolanzone)
  • Clean up ResourceExport if the exported Service has no available Endpoints. (#4056, @luolanzone)

Don't miss a new antrea release

NewReleases is sending notifications on new releases.