v1.8.4 -- Bugfix

Bugfix

• fix provider network range loop
• increase memory limit of ovn-central
• add missing link scope routes in vpc-nat-gateway
• update ip assigned check
• fix external egress gateway
• update nodeips for restore cmd in ko plugin
• append vm deletion check
• check the cidr format whether is correct
• add reset for kube-ovn-monitor metrics
• The underlay physical gateway config by external-gw-addr when use snat&eip
• avoid frequent ipset update
• do not recreate port for terminating pods
• create ip crd in kube-ovn-controller

v1.9.1 -- Bugfix

New Feature

• Add new arg to configure ns of ExternalGatewayConfig
• add dnsutils for base image
• kubectl-ko: support trace Pods being created
• Add args to configure port ln-ovn-external
• add back centralized subnet active-standby mode
• add metric for ovn nb/sb db status
• update provider network via node annotation
• support to add multiple subnets for a namespace
• append add cidr and excludeIps annotation for namespace
• keep ip for kubevirt pod
• add webhook for subnet update validation

Bugfix

• ignore hostnetwork pod when initipam
• update check for delete statefulset pod
• liveMigration with IPv6
• validate statefulset pod by name
• add gateway check after update subnet
• fix clusterrole in ovn-ha.yaml
• set up tunnel correctly in hybrid mode
• check static route conflict
• transfer IP/route earlier in OVS startup
• only log matched svc with np (#1287)
• fix underlay subnet in custom VPC
• resync provider network status periodically
• fix statefulset Pod deletion
• Fix usage of ovn commands
• continue of deletion for del pod failed when can't found vpc or subnet
• fix OVS bridge with bond port in mode 6
• replace ecmp dp_hash with hash by src_ip (#1289)
• fix ips update
• add check for pod update process
• skip ping gateway for pods during live migration
• modify ipam v6 release ip problem
• fix SNAT/PR on Pod startup
• update networkpolicy port process
• append htbqos para in crd yaml
• update flag parse in webhook

v1.8.3 -- Bugfix

Bugfix

• update check for delete statefulset pod
• update networkpolicy port process
• add back centralized subnet active-standby mode
• add gateway check after update subnet
• fix clusterrole in ovn-ha.yaml
• set up tunnel correctly in hybrid mode
• check static route conflict
• transfer IP/route earlier in OVS startup
• fix only log matched svc with np (#1287)
• fix statefulset Pod deletion
• ignore cilint
• Fix usage of ovn commands
• fix continue of deletion for del pod failed when can't found vpc or subnet
• fix OVS bridge with bond port in mode 6
• fix replace ecmp dp_hash with hash by src_ip (#1289)
• fix cni deepcopy
• fix ips update
• add check for pod update process
• fix SNAT/PR on Pod startup
• optimize log for node port-group

New Feature

• support to add multiple subnets for a namespace
• append add cidr and excludeIps annotation for namespace
• feat optimize log
• resync provider network status periodically
• add metric for ovn nb/sb db status
• feat update provider network via node annotation
• keep ip for kubevirt pod

v1.9.0 —— VPC enhance, performance boost and more

New Feature

• Policy route support in custom VPC
• VLAN subnet support in custom VPC
• Load balancer support in custom VPC
• Add nodeSelector for vpc-nat-gateway pod
• Add vpc-nat-gateway support for default VPC
• VIP for pod support
• Support to set HTB QoS priority
• Integrate Cilium with Kube-OVN
• Pod can use multiple nic with the same subnet
• Support using logical gateway in underlay subnet
• Add args to configure port ln-ovn-external
• Other CNI can be used as the default network
• Add networkpolicy support for attachment cni
• Add back webhook for subnet and ip validation
• Sync live migration vm port
• Update OVN to 21.06
• Add macvlan CNI binary into image
• Add kubectl-ko plugin into image

Performance

• switch's router port's addresses to "router"
• do not diagnose external access
• increase ovn-nb timeout
• add stt section and update benchmark
• add fastpath module for 4.x kernel
• reduce qos query with ovs-vsctl cmd
• use logical router policy for accessing node
• do not send multicast packets to conntrack
• add db compact for nb and sb db
• do not send traffic to ct if not designate to svc
• jemalloc and ISA optimization
• change nbctl args 'wait=sb' to 'no-wait'

Security

• security: update base ubuntu image

Monitoring & Troubleshooting

• kubectl-ko: support trace Pods being created
• add dnsutils for base image

Test

• add e2e testing for dual stack underlay
• add ovn-ic e2e
• add cilium e2e
• support running ovn-ic e2e on macOS

Refactor

• remove ovn ipam option
• mute ovn0 ping log and add ping details
• refactor: reuse waitNetworkReady to check ovn0 and slightly improve the installation speed
• cleanup command flags
• update klog to v2 which embed log rotation
• update Go modules
• delete frequently log
• add healthcheck cmd to probe live and ready

Bugfix

• fix nat-outgoing/policy-routing on pod startup
• fix variable reference
• fix e2e testing
• fix gc lsp statistic for multiple subnet
• re-check ns annotation to avoid annotations lost
• append externalIds for pod and node when upgrade
• fix IPAM for StatefulSet
• wrong link for iptables
• fix StatefulSet down scale
• fix getting LSP UUID by name
• fix installation scripts
• init node with wrong ipamkey and lead conflict
• modify kube-ovn as multus-cni problem
• In netpol egress rules, except rule should be set to "!=" and should not be "=="
• replace api for get lsp id by name
• fix trace command in dual stack underlay networking
• fix pinger and monitor in underlay networking
• fix pinger in dual stack cluster
• fix kubectl-ko diagnose
• fix cleanup.sh and uninstall.sh
• fix: check and load ip_tables module
• add inspection
• change inspection logic from manually adding lsp to just reading pod queue
• fix: serialize pod add/delete order
• fix: delete vpc-nat-gw deployment
• remove node chassis annotation on cleanup
• fix: ensure all kube-ovn components deleted before annotate pods
• fix bug: logical switch ts not ready
• fix: check allocated annotation in update handler
• fix LB in dual stack cluster
• fix: multus-cni subnet allocation
• fix: trace in custom vpc
• fix read-only pointer in vlan and provider-network
• fix ko trace
• fix: no need to set address for ls to lr port
• add sg acl check when init
• add pod in default vpc to node port-group
• fix LB: skip service without cluster IP
• fix pinger's compatibility for k8s v1.16
• deleting all chassises which are not nodes
• add vendor param for fix list LR
• fix: add kube-ovn-cni prob timeout
• update delete operation for statefulset pod
• fix: add back the leader check
• when update subnet's except ip,we should filter repeat ip
• when netpol is added to a workload, the workload's POD can be accessed using service
• fix: check np switch
• filter used qos when delete qos
• add protocol check when subnet is dual-stack
• pinger: fix getting empty PodIPs
• delete frequently log
• fix: do not reuse released ip after subnet updated
• use multus-cni as default cni to assign ip
• use different ip crd with provider suffix for pod multus nic
• move chassis judge to the end of node processing
• append check for centralized subnet nat process
• fix installation script
• fix pod tolerations
• modify pod's process of update for use multus cni as default cni
• fix iptables rules and service e2e
• update check for delete statefulset pod
• ignore hostnetwork pod when initipam

v1.8.2 -- Bugfix

Bugfix

• modify kube-ovn as multus-cni problem
• In netpol egress rules, except rule should be set to "!=" and should not be "=="
• replace api for get lsp id by name
• fix trace command in dual stack underlay networking
• fix pinger and monitor in underlay networking
• fix pinger in dual stack cluster
• fix kubectl-ko diagnose
• fix cleanup.sh and uninstall.sh
• fix: check and load ip_tables module
• add inspection
• change inspection logic from manually adding lsp to just reading pod queue
• fix: serialize pod add/delete order
• fix: delete vpc-nat-gw deployment
• remove node chassis annotation on cleanup
• fix: ensure all kube-ovn components deleted before annotate pods
• fix bug: logical switch ts not ready
• fix: check allocated annotation in update handler
• fix LB in dual stack cluster
• fix: multus-cni subnet allocation
• fix: trace in custom vpc
• fix read-only pointer in vlan and provider-network
• fix ko trace
• fix: no need to set address for ls to lr port
• add sg acl check when init
• add pod in default vpc to node port-group
• fix LB: skip service without cluster IP
• fix pinger's compatibility for k8s v1.16
• deleting all chassises which are not nodes
• add vendor param for fix list LR
• fix: add kube-ovn-cni prob timeout
• update delete operation for statefulset pod
• fix: add back the leader check
• when update subnet's except ip,we should filter repeat ip
• when netpol is added to a workload, the workload's POD can be accessed using service
• fix: check np switch
• filter used qos when delete qos
• add protocol check when subnet is dual-stack
• pinger: fix getting empty PodIPs
• delete frequently log
• fix: do not reuse released ip after subnet updated
• use multus-cni as default cni to assign ip
• use different ip crd with provider suffix for pod multus nic
• move chassis judge to the end of node processing
• append check for centralized subnet nat process
• fix installation script
• fix pod tolerations

Security

• security: update base ubuntu image

Test

• add e2e testing for dual stack underlay

Performance

• add db compact for nb and sb db
• change nbctl args 'wait=sb' to 'no-wait'

v1.8.1 -- Bugfix

Performance

• switch's router port's addresses to "router"
• do not diagnose external access
• increase ovn-nb timeout

Bugfix

• fix nat-outgoing/policy-routing on pod startup
• fix variable reference
• fix e2e testing
• fix gc lsp statistic for multiple subnet
• re-check ns annotation to avoid annotations lost
• append externalIds for pod and node when upgrade
• fix IPAM for StatefulSet
• wrong link for iptables
• fix StatefulSet down scale
• fix getting LSP UUID by name
• fix installation scripts
• init node with wrong ipamkey and lead conflict

Refactor

• remove ovn ipam option
• mute ovn0 ping log and add ping details

v1.7.3 -- Bugfix

Performance

• switch's router port's addresses to "router"
• do not diagnose external access
• increase ovn-nb timeout

Bugfix

• fix nat-outgoing/policy-routing on pod startup
• fix variable reference
• fix e2e testing
• fix gc lsp statistic for multiple subnet
• re-check ns annotation to avoid annotations lost
• append externalIds for pod and node when upgrade
• fix IPAM for StatefulSet
• wrong link for iptables
• fix StatefulSet down scale
• fix getting LSP UUID by name
• fix installation scripts
• init node with wrong ipamkey and lead conflict
• serialize pod add/delete order
• kubeclient timeout
• update base image

Refactor

• remove ovn ipam option
• mute ovn0 ping log and add ping details

v1.8.0 -- Underlay Refactor, Latency Optimization and more

New Feature

• Underlay/Vlan network refactoring to adapt more complicate network infrastructure
• Share same OVN infrastructure with OpenStack and run Pods in OpenStack VPC
• Support SecurityGroup in VPCs
• Support Service in VPCs
• Adapt to vfio-pci driver type device
• Use annotation to dynamic change tunnel interface
• Pod level annotation to control traffic mirror
• Kube-OVN ipam supports custom routes
• Switch to enable/disable OVN network policy support
• Switch to enable/disable OVN LB
• Switch to enable/disable gateway connectivity check

Performance

• New fastpath module which can reduce about 40% latency and cpu usage
• New performance tuning guide to boost the performance and comparison for different network
• Enable tx offload again as fix for double nat kernel issue

Monitoring

• Diagnose command 'kubectl ko' support trace in underlay networking
• Diagnose command 'kubectl ko' support cluster operations status/kick/backup

Security

• fix CVE-2021-33910
• Add go build security options
• Fix CVE-2021-3121
• fix CVE-2021-3538
• Update base image to ubuntu:21.04

Mics

• update kind to v0.11.1
• fix gofmt lint
• ci: use stable golang version
• update ovn to 21.03

Test

• update underlay e2e testing
• fix subnet e2e
• fix dual stack cluster created by kind
• Correct vlan e2e testing
• Remove dpdk ci

Bugfix

• fix CRD provider-networks.kubeovn.io
• fix ipsets, subnets using underlay networking should not be included in ipsets
• update qos ingress_policing_burst
• match chassis until timeout
• delete overlapped var subnet
• fix: if nftables not exists do no exit
• delete ecmp route when node is deleted
• fix cleanup.sh
• fix image version
• fix iptables
• ignore empty strings when counting lbs
• fix external_ids:pod_netns
• delete attachment ips
• update qos process
• fix: panic when node has nil annotations
• append pod/exec resource for vpc nat gw
• fix underlay networking on node reboot
• fix default bind socket of cni server
• if the string of ip is empty,program will die
• fix uninstall.sh
• ensure provider nic is up
• fix: bad udp checksum when access nodeport
• fix IPv6-related issues
• fix issues in underlay networking
• avoid Pod IP to be the same with node internal IP
• fix subnet conflict check for node address
• fix ipset on pod creation/deletion
• delete subnet AvailableIPs and UsingIPs para
• fix: ovn-northd svc flip flop
• delete residual ovs internal ports
• initialize ipsets on cni server startup
• Fix acl overlay issues
• Fix available ips count of subnet
• Fix lsp may lost when server pressure is high
• Cleanup kube-ovn-monitor resource
• Remove wait ovn sb
• Remove kube-ovn-controller rollout check
• Delete process of ip crd delete in cni delete request
• Delete ecmp route when node is not ready
• Ignore update pod nic annotation when not nil
• Clean up gateway chassis list for external gw
• Node route should filter out 'vpc'
• Do not delete statefulset pod when update pod
• Add master check when a node adding to a cluster and config sb/nb address
• Fix IP/route transfer on node reboot
• Fix uninstall.sh execution in OVS pods
• Add node internal ip into ovn-ic advertise blacklist
• Fix bug for deleting ovn-ic lrp failed
• Keep subnet's vlan empty if not specified
• Add field defaultNetworkType in configmap ovn-config

v1.7.2

This release mainly fix bugs found in 1.7.1

Feature

• update encap ip by node annotation periodic
• update node labels and provider network's status.readyNodes when provider network is not initialized successfully in a node
• add ready status for provider network

Bugfix

• fix CRD provider-networks.kubeovn.io
• fix ipsets, subnets using underlay networking should not be included in ipsets
• update qos ingress_policing_burst
• match chassis until timeout
• delete overlapped var subnet
• fix: if nftables not exists do no exit
• delete ecmp route when node is deleted
• fix cleanup.sh
• fix image version
• fix iptables
• ignore empty strings when counting lbs
• fix external_ids:pod_netns
• delete attachment ips
• update qos process
• fix: panic when node has nil annotations
• append pod/exec resource for vpc nat gw
• fix underlay networking on node reboot
• fix default bind socket of cni server
• if the string of ip is empty,program will die
• fix uninstall.sh
• ensure provider nic is up
• fix: bad udp checksum when access nodeport
• fix IPv6-related issues
• fix issues in underlay networking
• avoid Pod IP to be the same with node internal IP
• fix subnet conflict check for node address
• fix ipset on pod creation/deletion
• delete subnet AvailableIPs and UsingIPs para
• fix: ovn-northd svc flip flop
• delete residual ovs internal ports
• initialize ipsets on cni server startup

Test

• update underlay e2e testing
• fix subnet e2e
• fix dual stack cluster created by kind

Security

• fix CVE-2021-33910

Chore

• update kind to v0.11.1
• fix gofmt lint
• ci: use stable golang version

v1.7.1

New Feature

• Underlay/Vlan network refactoring
• Diagnose command 'kubectl ko' support trace in underlay networking
• Diagnose command 'kubectl ko' support cluster operations status/kick/backup
• Support to specify node nic name

Bugfix

• Fix acl overlay issues
• Fix available ips count of subnet
• Fix lsp may lost when server pressure is high
• Cleanup kube-ovn-monitor resource
• Remove wait ovn sb
• Remove kube-ovn-controller rollout check
• Delete process of ip crd delete in cni delete request
• Delete ecmp route when node is not ready
• Ignore update pod nic annotation when not nil
• Clean up gateway chassis list for external gw
• Node route should filter out 'vpc'
• Do not delete statefulset pod when update pod
• Add master check when a node adding to a cluster and config sb/nb address
• Fix IP/route transfer on node reboot
• Fix uninstall.sh execution in OVS pods
• Add node internal ip into ovn-ic advertise blacklist
• Fix bug for deleting ovn-ic lrp failed
• Keep subnet's vlan empty if not specified
• Add field defaultNetworkType in configmap ovn-config

Performance

• Enable tx offload again as upstream already fix it

Test

• Correct vlan e2e testing
• Remove dpdk ci

Security

• Add go build security options
• Fix CVE-2021-3121