github cloudnativelabs/kube-router v1.5.2

latest releases: v2.2.2, v2.2.1, v2.2.0...
2 years ago

Special thanks to @makhov and @jnummelin for contributing to this release!

Changelog

  • fe3e8b0 - Bump to go 1.19 / alpine 3.16 <@mrueg>
  • 8574163 - iptables mode selection fixed. iptables-wrapper script updated to the latest upstream version <@makhov>

The primary reason for this bug fix was to update Alpine to 3.16 so that we got a more recent version of the iptables user-space binaries in the kube-router container (iptables-1.8.8). This helps address the issues found by @jnummelin in #1370 where iptables mark attributes can be lost when the host's user-space version of iptables is greater than the kube-router container's version.

As per the newly updated docs: https://github.com/cloudnativelabs/kube-router/blob/master/docs/user-guide.md#requirements it is recommended that users who:

  • use kube-router as a container deployment AND...
  • operate iptables from the host's user-space tooling AND...
  • utilize the network policy feature-set of kube-router (--run-firewall)

Keep the host's user-space tooling (e.g. iptables, ipset, ipvsadm, etc.) in sync with the version contained in kube-router's container as much as possible to avoid potential problems with firewall rule data loss.

This will hold true, until there is some resolve to the upstream issue (https://bugzilla.netfilter.org/show_bug.cgi?id=1632) which would help us identify when there might be potential for conflict or loss in the future before writing rules.

Don't miss a new kube-router release

NewReleases is sending notifications on new releases.