Summary
This is a pre-release or release candidate for the upcoming v2.0.0 release of kube-router. The most prominent feature of this release is the addition of dual-stack support for some parts of kube-router. With this release candidate, the following functions have been upgraded to be dual-stack compatible:
- CNI Supports Dual-Stack
- Router / BGP Supports Dual-Stack
- Network Policies Supports Dual-Stack
The major outlier here being the Proxy (--run-service-proxy) portion of kube-router has not had dual-stack support integrated yet. Also, this represents a major refactor on the kube-router code base, so it would be good to get this tested in at least a few different environments before forming a full release.
You'll also notice that this has been tagged as a major release version. This is due to the fact that there are breaking changes in this version of kube-router that are not backwards compatible with previous versions of kube-router. Specifically, tunnel names have changed, so if you run kube-router with an overlay network (ipip tunnels), you'll want to deploy this update carefully. At this point, the project recommends doing a rolling-reboot of nodes after the application of this release candidate to ensure that unused tunnels are properly cleaned up and don't have a negative impact on traffic flows.
More details about this release will be shared in the IPv6 / Dual-Stack documentation page shortly: https://github.com/cloudnativelabs/kube-router/blob/master/docs/ipv6.md
Contributions
The kube-router project would like to give a big thanks to @vadorovsky and @thomasferrandiz who graciously contributed all of the dual-stack functionality for the Network Policy Controller!
Changelog
- a9b8adf - fix(NPC): add warning for unsupported family
<Aaron U'Ren> - 74a0803 - fix(NPC): don't add chains for missing family
<Aaron U'Ren> - abcefb4 - doc(bgp.md): clean up grammar and syntax
<Aaron U'Ren> - f4668fd - fix(NPC/pod): check drop policy on ipv4 & ipv6
<Aaron U'Ren> - 6bd6d94 - fix(bgp_policies): add empty DS set checking
<Aaron U'Ren> - ae15ebb - fact(bgp_policies): rename clusterIPPrefixSet -> serviceVIPIPPrefixSet
<Aaron U'Ren> - ed29baa - fact(bgp_policies): abstract get DS for GoBGP
<Aaron U'Ren> - 6a1bab2 - fix(ecmp_vip): handle ipv4 & ipv6 protocols
<Aaron U'Ren> - 437da14 - test(bgp_policies_test): add local address
<Aaron U'Ren> - 3129bf2 - fix(node): do nil checking on FindBestIP util funcs
<Aaron U'Ren> - 8183b18 - fix(NRC): ensure local addr IP is bindable early
<Aaron U'Ren> - bd0d00f - fix(bgp_peers): adv. AfiSafi based on capabability
<Aaron U'Ren> - b714bba - fix(bgp_peers): do peer only if IP protos match
<Aaron U'Ren> - 230aa58 - fix(NRC): error when nec. host IP not found
<Aaron U'Ren> - dd7c47e - fix(NRC): add IPv6 logic to bgp-local-addresses
<Aaron U'Ren> - 70b3f30 - feat(ci): run CI on version prep branches and MRs
<Aaron U'Ren> - e4e1088 - fix(options): make clusterIP specification similar to other options
<Aaron U'Ren> - 93d6169 - fix(NPC): actually separate chain indices for ipv4 / ipv6
<Aaron U'Ren> - ef72d90 - fact(NPC): pluralize newIPTablesHandler
<Aaron U'Ren> - 5fb874f - feat(NRC): make NRC dual stack
<Aaron U'Ren> - 35b3f37 - fact(NRC): convert BGP set names to const
<Aaron U'Ren> - d27f2fe - feat(pod_cidr): handle multiple pod CIDRs
<Aaron U'Ren> - 51d7db8 - fix(kube-router.go): metric message -> not error
<Aaron U'Ren> - eb4e6f9 - fix(NPC): separate chain indices for ipv4 / ipv6
<Aaron U'Ren> - d128b17 - fix(node.go): make node address errors more helpful
<Aaron U'Ren> - 06c39d6 - fix golangci issues
<Thomas Ferrandiz> - bdc0600 - fix test compilation error
<Thomas Ferrandiz> - 9e8ee3a - go mod
<Thomas Ferrandiz> - 59a4fa1 - use createGenericHashIPSet
<Thomas Ferrandiz> - b1181f1 - rename utilsnet import to netutils
<Thomas Ferrandiz> - cba00b2 - syncPodFirewallChains: loop on all NodeIp to find the pods running on a given Node - Load PodIp in podInfo struct and use it instead of pod.ips[0].IP
<Thomas Ferrandiz> - 3958095 - refactor whitelisting of cluster IP Range
<Thomas Ferrandiz> - 1433bee - Validate that ClusterIP service range type matches the configuration and update documentation
<Thomas Ferrandiz> - 9aa7bcd - godoc update
<Thomas Ferrandiz> - 344b3cd - remove redundant default value
<Thomas Ferrandiz> - 318a29c - rename Adresses
<Thomas Ferrandiz> - a7e5803 - Turn IPTablesSaveRestore into an interface
<Thomas Ferrandiz> - 033444b - init iptablesCmdHandlers and ipSetHandlers inside NewNetworkPolicyController
<Thomas Ferrandiz> - a38c97c - disable ipv6 by default
<Thomas Ferrandiz> - 1bc0435 - netpol: Add dual-stack support
<Michal Rostecki>