github cilium/cilium v1.12.6
1.12.6

latest releases: v1.17.0-pre.2, 1.17.0-pre.2, v1.16.3...
21 months ago

We are pleased to release Cilium v1.12.6. This release contains a new flag for bugtool, fixes related to BPF load-balancer and NodePort, the CES queue delay metric, the Agent init check, as well as a range of other regular bugfixes.

See the notes below for a full description of the changes.

Summary of Changes

Minor Changes:

Bugfixes:

  • Added Agent init check that removes all CiliumEndpoints referencing local Node that are not managed. This fixes issues where sometimes CiliumEndpoints referencing still running Pods can become unmanaged during Cilium restart. (Backport PR #23096, Upstream PR #20350, @tommyp1ckles)
  • bpf: add drop notification for missed L7 LB tailcall in to-netdev (Backport PR #23003, Upstream PR #22679, @julianwiedmann)
  • bpf: lb: catch write error in lb6_xlate() (Backport PR #23301, Upstream PR #23075, @julianwiedmann)
  • bpf: nat: fix snat_v4_can_skip() for egress gateway (Backport PR #23331, Upstream PR #23274, @jibi)
  • bpf: nodeport: fix drop notification in IPv6 revNAT (Backport PR #23003, Upstream PR #22543, @julianwiedmann)
  • bpf: nodeport: fix tracing for handle_nat_fwd() (Backport PR #23260, Upstream PR #22678, @julianwiedmann)
  • bpf: nodeport: wire up trace aggregation for rev_nodeport_lb6() (Backport PR #23260, Upstream PR #22794, @julianwiedmann)
  • clustermesh: Add missing brackets of IPv6 address for etcd option (Backport PR #23260, Upstream PR #22962, @YutaroHayakawa)
  • daemon: Do not remove PERM L2 entries in L4LB (Backport PR #23003, Upstream PR #22676, @brb)
  • datapath: Fix L7 ingress with XDP (Backport PR #23260, Upstream PR #22985, @brb)
  • envoy: Fix lock leak in config validation failure (Backport PR #23301, Upstream PR #23077, @joestringer)
  • Fix a data race in dnsproxy which could lead to DNS requests drops. (Backport PR #23003, Upstream PR #22619, @aspsk)
  • Fix bugs where ciliumendpoints for statefulset pods where being incorrectly overwritten/deleted (Backport PR #23096, Upstream PR #21768, @tommyp1ckles)
  • Fix missing node neigh metric for counting arping requests (Backport PR #23260, Upstream PR #22930, @christarazi)
  • Fix packet drops when service pod connects to itself via clusterIP, and selected by an ingress policy. (Backport PR #23260, Upstream PR #22972, @aditighag)
  • Fixes semaphore_rejected_total metric and adds new scope to proxy_upstream_reply_seconds metric. (Backport PR #23260, Upstream PR #21267, @rahulkjoshi)
  • helm: Delete validations for certManagerIssuerRef (Backport PR #23301, Upstream PR #22921, @Shunpoco)
  • ipsec: Fix packet mark for FWD XFRM policy (Backport PR #23301, Upstream PR #23254, @pchaigno)
  • Reduce the risk of packet fragmentation on IPv6 when using KPR with DSR mode. (Backport PR #23301, Upstream PR #23235, @julianwiedmann)

CI Changes:

Misc Changes:

Other Changes:

Docker Manifests

cilium

docker.io/cilium/cilium:v1.12.6@sha256:454134506b0448c756398d3e8df68d474acde2a622ab58d0c7e8b272b5867d0d
quay.io/cilium/cilium:v1.12.6@sha256:454134506b0448c756398d3e8df68d474acde2a622ab58d0c7e8b272b5867d0d
docker.io/cilium/cilium:stable@sha256:454134506b0448c756398d3e8df68d474acde2a622ab58d0c7e8b272b5867d0d
quay.io/cilium/cilium:stable@sha256:454134506b0448c756398d3e8df68d474acde2a622ab58d0c7e8b272b5867d0d

clustermesh-apiserver

docker.io/cilium/clustermesh-apiserver:v1.12.6@sha256:5570302568c62dc7873ad77f2e3280471a5537c4654689a8f52beff47d2c2b9d
quay.io/cilium/clustermesh-apiserver:v1.12.6@sha256:5570302568c62dc7873ad77f2e3280471a5537c4654689a8f52beff47d2c2b9d
docker.io/cilium/clustermesh-apiserver:stable@sha256:5570302568c62dc7873ad77f2e3280471a5537c4654689a8f52beff47d2c2b9d
quay.io/cilium/clustermesh-apiserver:stable@sha256:5570302568c62dc7873ad77f2e3280471a5537c4654689a8f52beff47d2c2b9d

docker-plugin

docker.io/cilium/docker-plugin:v1.12.6@sha256:095a6a076b3d72f1d1ab85b2851e15a291f8f7a480f55c7f11b53d583256b4d3
quay.io/cilium/docker-plugin:v1.12.6@sha256:095a6a076b3d72f1d1ab85b2851e15a291f8f7a480f55c7f11b53d583256b4d3
docker.io/cilium/docker-plugin:stable@sha256:095a6a076b3d72f1d1ab85b2851e15a291f8f7a480f55c7f11b53d583256b4d3
quay.io/cilium/docker-plugin:stable@sha256:095a6a076b3d72f1d1ab85b2851e15a291f8f7a480f55c7f11b53d583256b4d3

hubble-relay

docker.io/cilium/hubble-relay:v1.12.6@sha256:27a68a16f0ee7ed6ba690e91847de6931a5511f85a7f939320df216486764cb9
quay.io/cilium/hubble-relay:v1.12.6@sha256:27a68a16f0ee7ed6ba690e91847de6931a5511f85a7f939320df216486764cb9
docker.io/cilium/hubble-relay:stable@sha256:27a68a16f0ee7ed6ba690e91847de6931a5511f85a7f939320df216486764cb9
quay.io/cilium/hubble-relay:stable@sha256:27a68a16f0ee7ed6ba690e91847de6931a5511f85a7f939320df216486764cb9

operator-alibabacloud

docker.io/cilium/operator-alibabacloud:v1.12.6@sha256:828d7f19fead2dc8d416d8b145b605d0697ef0c573a46cce5557236627575873
quay.io/cilium/operator-alibabacloud:v1.12.6@sha256:828d7f19fead2dc8d416d8b145b605d0697ef0c573a46cce5557236627575873
docker.io/cilium/operator-alibabacloud:stable@sha256:828d7f19fead2dc8d416d8b145b605d0697ef0c573a46cce5557236627575873
quay.io/cilium/operator-alibabacloud:stable@sha256:828d7f19fead2dc8d416d8b145b605d0697ef0c573a46cce5557236627575873

operator-aws

docker.io/cilium/operator-aws:v1.12.6@sha256:5fa430442b7176b45726784df880ce0a1cfaf45512ef3b730f7f722f49c9be4a
quay.io/cilium/operator-aws:v1.12.6@sha256:5fa430442b7176b45726784df880ce0a1cfaf45512ef3b730f7f722f49c9be4a
docker.io/cilium/operator-aws:stable@sha256:5fa430442b7176b45726784df880ce0a1cfaf45512ef3b730f7f722f49c9be4a
quay.io/cilium/operator-aws:stable@sha256:5fa430442b7176b45726784df880ce0a1cfaf45512ef3b730f7f722f49c9be4a

operator-azure

docker.io/cilium/operator-azure:v1.12.6@sha256:814ddb315b509367c3ea29b0892cf1c48691b2083002b823b87e20d0b4a28b1a
quay.io/cilium/operator-azure:v1.12.6@sha256:814ddb315b509367c3ea29b0892cf1c48691b2083002b823b87e20d0b4a28b1a
docker.io/cilium/operator-azure:stable@sha256:814ddb315b509367c3ea29b0892cf1c48691b2083002b823b87e20d0b4a28b1a
quay.io/cilium/operator-azure:stable@sha256:814ddb315b509367c3ea29b0892cf1c48691b2083002b823b87e20d0b4a28b1a

operator-generic

docker.io/cilium/operator-generic:v1.12.6@sha256:eec4430d222cb2967d42d3b404d2606e66468de47ae85e0a3ca3f58f00a5e017
quay.io/cilium/operator-generic:v1.12.6@sha256:eec4430d222cb2967d42d3b404d2606e66468de47ae85e0a3ca3f58f00a5e017
docker.io/cilium/operator-generic:stable@sha256:eec4430d222cb2967d42d3b404d2606e66468de47ae85e0a3ca3f58f00a5e017
quay.io/cilium/operator-generic:stable@sha256:eec4430d222cb2967d42d3b404d2606e66468de47ae85e0a3ca3f58f00a5e017

operator

docker.io/cilium/operator:v1.12.6@sha256:8010e5ce0abc61f4b076165b064780eee3bf69f1d50b3808f2a16672a60a9986
quay.io/cilium/operator:v1.12.6@sha256:8010e5ce0abc61f4b076165b064780eee3bf69f1d50b3808f2a16672a60a9986
docker.io/cilium/operator:stable@sha256:8010e5ce0abc61f4b076165b064780eee3bf69f1d50b3808f2a16672a60a9986
quay.io/cilium/operator:stable@sha256:8010e5ce0abc61f4b076165b064780eee3bf69f1d50b3808f2a16672a60a9986

Don't miss a new cilium release

NewReleases is sending notifications on new releases.