First release candidate for CNI v1.7.0. This pre-release image is only available in us-west-2 and there are couple of changes that require some extra attention:
- #972 - We persist internal state of the
aws-nodepod to a file and use that to recover after a restart. Because of that, just changing the image tag will not work. Please update using the latest config file. - #955 - Added init container to copy portmap and loopback binaries, and set up
rp_filter. This means theaws-nodepermissions can be reduced fromprivilegedto just"NET-ADMIN"
Full changelog
- Bug - Use limits from API for g4dn.16xlarge (#1086, @mogren)
- Improvement - Use sed as a stream editor and redirect to file (#1069, @willejs)
- Docs - Fix docs links for cni-metrics-agent (#1072, @mogren)
- Bug - Make metrics-helper docker logging statement multi-arch compatible (#1067, @nprab428)
- Improvement - JSON output format for the entrypoint script (#1066, @jayanthvn)
- Testing - scripts/lib: bump up tester to v1.4.0 (#1065, @gyuho)
- Improvement - Use install command instead of cp (#1061, @mogren)
- Improvement - Updated manifest configs with default env vars (#1057, @saiteja313)
- Improvement - Default to random-fully (#1048, @mogren)
- Improvement - Update probe settings (#1028, @mogren)
- Improvement - Added warning if delete on termination is set to false for the primary ENI (#1024, @jayanthvn)
- Testing - Add parallel testing to conformance (#1018, @bnapolitan)
- Testing - Cache go packages in CircleCI (#1017, @bnapolitan)
- Testing - Create roles by default for e2e test cluster creation (#994, @bnapolitan)
- Improvement - Limit scope of logs writable by ipamd container (#987, @anguslees)
- Improvement - Autogenerate per-region YAML manifests from a common template (#986, @anguslees)
- Improvement - Persist IPAM state to local file and use across restarts (#972, @anguslees)
- Improvement - Add init container (#955, @mogren)
- Improvement - Refresh subnet/CIDR information periodically (#903, @nithu0115)
Thanks to everyone who contributed to this release, @anguslees, @bnapolitan, @gyuho, @jayanthvn, @nithu0115, @nprab428, @saiteja313, @willejs
If you want to test this release candidate in one of your clusters, you can use this sample aws-node daemonset config:
kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/release-1.7/config/v1.7/aws-k8s-cni.yaml
Verify the update:
kubectl describe ds aws-node -n kube-system | grep Image | cut -d ":" -f 2-3
602401143452.dkr.ecr.us-west-2.amazonaws.com/amazon-k8s-cni:v1.7.0-rc1
To test version v1.7.0-rc1 of the cni-metrics-helper in a cluster:
kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/release-1.7/config/v1.7/cni-metrics-helper.yaml