Summary
The big headline of this release is support for dual-stack capabilities in the Network Services Controller (--proxy
option). This was the last major outstanding feature milestone that was left to round out the v2.0.0 release. Now the entire kube-router code base has support for dual-stack capabilities.
As part of this work, kube-router now needs to be able to get
, list
, and watch
EndpointSlice
objects. Please make sure to update your ClusterRole RBAC before deploying this release if you use kube-router with the --proxy
functionality enabled or you'll get an error. For examples of this RBAC please see the daemonset examples from the prep-v2.0 branch.
I want to make this release candidate available for the community to test for the next 1 - 2 weeks, and get a chance to resolve any open issues. After this, if the release candidate is stable, I'll merge the prep-v2.0
branch to master
and make an official v2.0.0
release. This release has been a long time in coming and I'm excited to get it out there! A huge thanks to everyone that has helped test it and contributed to it!
Additionally, this release fixed a significant performance regression with Network Policies that was introduced in the v2.0.0 codebase during dual-stack implementation.
This release also updates Go from 1.19
to 1.20
and adds support for Kubernetes v1.27
. We also upgraded our Alpine base version from 3.17
to 3.18
and GoBGP from v3.11.0
to v3.17.0
.
Contributions
Big thanks goes to @brandond (and the k3s project) for finding and fixing the Network Policy performance issues and also adding additional metrics to the Network Policy Controller for increased observability.
Thanks @iggy for adding RISC-V 64 support for kube-router binaries. We are not yet building official container images for RISC-V 64 because Alpine doesn't yet officially support it, but when they do we'll enable container builds for RISC-V64 as well.
Changelog
65ac87d - fix(ecmp_vip.go): non-local service advertisement <Aaron U'Ren>
d780687 - fix(dsr): add family specific link inside pod <Aaron U'Ren>
907565d - fix(dsr): add family for fwmark <Aaron U'Ren>
9e86535 - fix(service_endpoints_sync.go): use save command <Aaron U'Ren>
4761bbb - fix(NSC): compare all pod IPs for endpoint check <Aaron U'Ren>
6758598 - fix(linux_networking.go): add better error messages <Aaron U'Ren>
b2d2b59 - fix(linux_networking.go): don't return err on warn <Aaron U'Ren>
d2ae639 - feat(debug): add some extra debug at level 3 <Aaron U'Ren>
a3c5694 - feat(ipset): consolidate ipset usage across controllers <Aaron U'Ren>
854440d - feat(linux_networking.go): add more logging info <Aaron U'Ren>
327e894 - feat(NSC): use EndpointSlice instead of Endpoints <Aaron U'Ren>
f8d9812 - feat(nsc): add more insight into sync steps <Aaron U'Ren>
b03f3b7 - fix(nsc): don't modify netmask during flag setup <Aaron U'Ren>
859658a - fix(nsc): fail fast during init <Aaron U'Ren>
d425077 - feat(nsc): add dualstack capabilities <Aaron U'Ren>
56cd602 - feat: increase log level for save/restore msgs <Aaron U'Ren>
2d4ad45 - lint(metrics_controller.go): reduce line length <Aaron U'Ren>
a1db517 - fix: take family metrics out of defer <Aaron U'Ren>
fc34ae5 - fix(NPC): remove redundant assign <Aaron U'Ren>
bbcedc8 - Move ipset restore outside policy loop <Brad Davidson>
92201bb - Add additional save/restore metrics <Brad Davidson>
df7905b - Make metrics registerer/gathererer replacable <Brad Davidson>
d3ecb4e - fix: syntax updates for Go 1.20.X and k8s 1.27 <Aaron U'Ren>
08f05a8 - fix(moq): chown generated moqs <Aaron U'Ren>
ee85441 - fix(moq): remove previous moqs before generation <Aaron U'Ren>
4556aa3 - fix(lint): convert sh -> bash <Aaron U'Ren>
3c16d3c - feat(close_stale.yml): increase operations 30 -> 100 <Aaron U'Ren>
0d12e61 - feat(close_stale.yml): add workflow for closing stale issues & PRs <Aaron U'Ren>
b084c2a - fix: available typo <guoguangwu>
82cd7c9 - build(deps): bump github.com/aws/aws-sdk-go from 1.44.334 to 1.45.1 <dependabot[bot]>
16474cf - build(deps): bump github.com/aws/aws-sdk-go from 1.44.332 to 1.44.334 <dependabot[bot]>
0110d1d - Partially revert riscv64 support <Manuel Rüger>
9805c79 - Makefile: Bump go + alpine as well <Manuel Rüger>
ade98d6 - Bump go 1.20 + k8s 1.27 <Manuel Rüger>
e7a521a - feat(ci.yml): add ppc64le and riscv64 to ci <Aaron U'Ren>
8b76e9c - Add RISC-V 64 support <Iggy Jackson>
70defa4 - build(deps): bump github.com/aws/aws-sdk-go from 1.44.313 to 1.44.332 <dependabot[bot]>
8de9b64 - build(deps): bump golang.org/x/net from 0.12.0 to 0.14.0 <dependabot[bot]>