What's Changed
Major Changes:
- Add support for VXLAN in IPsec (VinE) (cilium/cilium#37723, @ldelossa)
- Promote
CiliumLoadBalancerIPPoolCRD to v2 API version (cilium/cilium#39090, @pippolo84) - Support IPv6 as a tunneling underlay. (cilium/cilium#38296, @pchaigno)
Minor Changes:
- Add support for IPv6 egress gateway policies (cilium/cilium#38452, @rgo3)
- cilium-cli: Fix ipv6 ping regex (cilium/cilium#38814, @yrsuthari)
- policy: Add validation and docs for TLS SNI ServerNames (cilium/cilium#38615, @sayboras)
- Since pod CIDRs are now stored into the ipcache map, tunnel map is not needed anymore. Any reference to the tunnel map have been removed from cilium-dbg, cilium status and bugtool. (cilium/cilium#38839, @pippolo84)
Bugfixes:
- cli: default to SPDY connection for exec (cilium/cilium#38988, @asauber)
- gateway-api: Fix parentRefMatched to check Group and Kind (cilium/cilium#39275, @syedazeez337)
CI Changes:
- Assign codeowners for no-errors-in-logs testcase (cilium/cilium#38812, @marseel)
- cilium-cli: IPv6 connectivity tests for PodToHostPort (cilium/cilium#39666, @gentoo-root)
- cilium-cli: Use v2alpha1 version of CCG for Cilium versions below v1.18 (cilium/cilium#39776, @christarazi)
- cilium-cli:fix: account for current TunnelPort when building tcpdump overlay filters (cilium/cilium#38680, @smagnani96)
- CLI: bump ConnectivityTestConnDisruptImage (cilium/cilium#39200, @darox)
- cli: encryption: improve ICMPv6 NA detection (cilium/cilium#39160, @julianwiedmann)
- cli: Generate each owners field separately (cilium/cilium#38987, @joestringer)
- cli: Simplify junit representation of code owners (cilium/cilium#39020, @joestringer)
- gateway-api: Fix parentRefMatched to check Group and Kind (cilium/cilium#39275, @syedazeez337)
CI Changes:
- Assign codeowners for no-errors-in-logs testcase (cilium/cilium#38812, @marseel)
- cilium-cli: IPv6 connectivity tests for PodToHostPort (cilium/cilium#39666, @gentoo-root)
- cilium-cli: Use v2alpha1 version of CCG for Cilium versions below v1.18 (cilium/cilium#39776, @christarazi)
- cilium-cli:fix: account for current TunnelPort when building tcpdump overlay filters (cilium/cilium#38680, @smagnani96)
- CLI: bump ConnectivityTestConnDisruptImage (cilium/cilium#39200, @darox)
- cli: encryption: improve ICMPv6 NA detection (cilium/cilium#39160, @julianwiedmann)
- cli: Generate each owners field separately (cilium/cilium#38987, @joestringer)
- cli: Simplify junit representation of code owners (cilium/cilium#39020, @joestringer)
- cli: sysdump: collect logs from restarted test pods. (cilium/cilium#38796, @tommyp1ckles)
- connectivity: Correct version check for Ingress test (cilium/cilium#38803, @sayboras)
- connectivity: encryption tests: filter when icmpv6.type == 136 (cilium/cilium#38798, @tommyp1ckles)
- connectivity: Fix flow validation for wildcard tls sni (cilium/cilium#38881, @sayboras)
- feat(connectivity): add network bandwidth management test (cilium/cilium#38390, @l1b0k)
- ipsec: fix connection disruption issue for ipv6 ipsec upgrade scenarios. (cilium/cilium#39061, @ldelossa)
- test/runtime: remove already covered FQDN tests (cilium/cilium#38866, @tklauser)
Misc Changes:
- chore(deps): update all-dependencies (main) (cilium/cilium#39044, @cilium-renovate[bot])
- chore(deps): update all-dependencies (main) (cilium/cilium#39686, @cilium-renovate[bot])
- chore(deps): update docker.io/library/golang:1.24.2 docker digest to 18a1f2d (main) (cilium/cilium#38857, @cilium-renovate[bot])
- chore(deps): update docker.io/library/golang:1.24.2 docker digest to 1ecc479 (main) (cilium/cilium#38902, @cilium-renovate[bot])
- chore(deps): update docker.io/library/golang:1.24.2 docker digest to 30baaea (main) (cilium/cilium#39308, @cilium-renovate[bot])
- chore(deps): update docker.io/library/golang:1.24.2 docker digest to d9db321 (main) (cilium/cilium#39042, @cilium-renovate[bot])
- chore(deps): update docker.io/library/golang:1.24.3 docker digest to 4c0a181 (main) (cilium/cilium#39698, @cilium-renovate[bot])
- chore(deps): update docker.io/library/golang:1.24.3 docker digest to 81bf592 (main) (cilium/cilium#39811, @cilium-renovate[bot])
- chore(deps): update docker.io/library/golang:1.24.3 docker digest to 86b4cff (main) (cilium/cilium#39596, @cilium-renovate[bot])
- chore(deps): update docker/dockerfile:1.15 docker digest to 9857836 (main) (cilium/cilium#39309, @cilium-renovate[bot])
- chore(deps): update go to v1.24.2 (main) (cilium/cilium#38708, @cilium-renovate[bot])
- chore(deps): update go to v1.24.3 (main) (cilium/cilium#39378, @cilium-renovate[bot])
- cilium-cli: add annotation to indicate we should wait for policy (cilium/cilium#38867, @squeed)
- cilium-cli: add conn tests for ipv6 egress gateway policies (cilium/cilium#38691, @rgo3)
- cilium-cli: Allow BINDIR environment variable to be dynamically configured for install path (cilium/cilium#38799, @mowntan)
- cilium-cli: Capture stderr from tcpdump as an error (cilium/cilium#38884, @gentoo-root)
- cilium-cli: Export codeowners for passing testcases (cilium/cilium#38710, @joestringer)
- cilium-cli: Migrate from
corev1.Endpointstodiscoveryv1.EndpointSlice(cilium/cilium#39364, @HadrienPatte) - cli: De-duplicate workflow owners results in junit (cilium/cilium#39157, @joestringer)
- cli: Emit target package for error in logs failure (cilium/cilium#38986, @joestringer)
- cli: encryption: limit tunnel filter to dst port (cilium/cilium#39222, @julianwiedmann)
- cli: Move unexpected packet drops to final test (cilium/cilium#39334, @nebril)
- cli: require Cilium v1.14 (cilium/cilium#39717, @julianwiedmann)
- cli: Search and print previous logs if failed (cilium/cilium#39347, @joestringer)
- cli: Tidy up owners sorting logic (cilium/cilium#39019, @joestringer)
- cli: Use RFC3339 for junit timestamp reporting (cilium/cilium#39017, @joestringer)
- connectivity/check: fix logging error (cilium/cilium#38956, @mhofstetter)
- Fix the message when no nodes are available to be added multicast group. (cilium/cilium#38637, @fujitatomoya)
- go.mod: bump github.com/google/go-github to v71 (cilium/cilium#38827, @tklauser)
- Move node to slog (cilium/cilium#39147, @aanm)
- New clusters created in ENI mode will no longer masquerade pod traffic to the external world. (cilium/cilium#38663, @liyihuang)
- sysdump: don't rely on timeout command to collect hubble flows (cilium/cilium#38999, @giorio94)
- Use modern Go constructs, part 2 (cilium/cilium#38652, @tklauser)
- Update stable release to v0.18.3 by @michi-covalent in #3004
- chore(deps): update go to v1.24.2 (patch) by @renovate in #3005
- github: Clean up kind workflow by @michi-covalent in #3008
- github: Remove cloud provider workflows by @michi-covalent in #3006
- chore(deps): update docker.io/library/golang:1.24.2 docker digest to b51b7be by @renovate in #3010
- chore(deps): update golangci/golangci-lint docker tag to v2.1.0 by @renovate in #3012
- chore(deps): update docker.io/library/golang:1.24.2 docker digest to 1ecc479 by @renovate in #3011
- chore(deps): update golangci/golangci-lint docker tag to v2.1.1 by @renovate in #3013
- chore(deps): update dependency cilium/cilium to v1.17.3 by @renovate in #3014
- chore(deps): update docker/dockerfile docker tag to v1.15 by @renovate in #3015
- chore(deps): update golangci/golangci-lint docker tag to v2.1.2 by @renovate in #3016
- chore(deps): update docker.io/library/golang:1.24.2 docker digest to d9db321 by @renovate in #3017
- chore(deps): update softprops/action-gh-release action to v2.2.2 by @renovate in #3018
- chore(deps): update docker/build-push-action action to v6.16.0 by @renovate in #3019
- chore(deps): update golangci/golangci-lint docker tag to v2.1.4 by @renovate in #3020
- chore(deps): update docker/dockerfile:1.15 docker digest to 9857836 by @renovate in #3021
- chore(deps): update docker.io/library/golang:1.24.2 docker digest to 30baaea by @renovate in #3022
- chore(deps): update golangci/golangci-lint-action action to v7.0.1 by @renovate in #3023
- chore(deps): update golangci/golangci-lint docker tag to v2.1.6 by @renovate in #3025
- chore(deps): update golangci/golangci-lint-action action to v8 by @renovate in #3024
- Dockerfile: do not specify syntax by @tklauser in #3026
- README.md: remove status badges for removed cloud provider workflows by @tklauser in #3027
- chore(deps): update golang docker tag to v1.24.3 by @renovate in #3028
- chore(deps): update actions/setup-go action to v5.5.0 by @renovate in #3029
- chore(deps): update go to v1.24.3 (patch) by @renovate in #3030
- chore(deps): update docker.io/library/golang:1.24.3 docker digest to 86b4cff by @renovate in #3033
- chore(deps): update docker/build-push-action action to v6.17.0 by @renovate in #3031
- chore(deps): update dependency cilium/cilium to v1.17.4 by @renovate in #3032
- chore(deps): update gcr.io/distroless/static:latest docker digest to d9f9472 by @renovate in #3034
- chore(deps): update dependency kubernetes-sigs/kind to v0.28.0 by @renovate in #3035
- Update CONTRIBUTING.md by @xmulligan in #3036
- chore(deps): update dependency kubernetes-sigs/kind to v0.29.0 by @renovate in #3037
- chore(deps): update docker.io/library/golang:1.24.3 docker digest to 795a40c by @renovate in #3038
- chore(deps): update docker/build-push-action action to v6.18.0 by @renovate in #3040
- Prepare for v0.18.4 release by @michi-covalent in #3039
Full Changelog: v0.18.3...v0.18.4