Releases: everoute/everoute
Releases · everoute/everoute
1.1.1
What's Changed
- add kube-proxy replace config and init iptables route by @qingwusunny in #769
- ci: fix install ippool failed for no crd match, fix k8s doesn't ready before run e2e by @qingwusunny in #775
- ci: use kube-apiServer v1.24 in unit test image by @qingwusunny in #776
- feat: init ovs flow for kube-proxy replace feature by @qingwusunny in #773
- feat: set svc group with local and cluster traffic policy by @qingwusunny in #777
- Pick release 2.0.3 by @wu-cl in #784
- fix: fatal when lose groupmemberpatch delete event by @qingwusunny in #789
- [main] skip match monitor tier3 ingress when ct match monitor drop by @zwtop in #787
- fix: delete rule should check other policyRuleReference by @qingwusunny in #795
- fix: check externalIDs when merge old ip to agentinfo by @qingwusunny in #796
- feat: support logging connection match security policy by @zwtop in #794
- feat: add Priority and Isblocklist in securitypolicy api and webhook by @qingwusunny in #790
- feat: implement securitypolicy priority and blocklist by @qingwusunny in #798
- ut: fix monitor ut by @qingwusunny in #800
- feat: set internal policy priority by @qingwusunny in #799
- feat: add blocklist e2e by @qingwusunny in #802
- feat: set default rule priority by @qingwusunny in #803
- feat: transform tower blocklist datamodel to securitypolicy api by @qingwusunny in #801
- feat: use the latest ipam version by @qingwusunny in #804
- feat: add ip range and multi ips support in sp by @wu-cl in #813
- feat(cni): sync attached ip in ext id before start cni agent by @wu-cl in #815
Full Changelog: 1.1.0...1.1.1
Contributors
qingwusunny, wu-cl, and zwtop
Assets 3
1.1.0
What's Changed
- Revert "fix(dp): do not set nil for ofSwitch while ovs is disconnected" by @wu-cl in #530
- feat(plugin-tower): add upload scalar support by @zwtop in #532
- fix: replace concurrent-map with upstream lib to solve deadlock by @wu-cl in #534
- support namedport by @qingwusunny in #536
- feat(collector): add arp in_port in arp pkt msg by @wu-cl in #540
- fix(dp): do not commit new non-syc tcp connection into CT by @wu-cl in #544
- refactor(plugin-tower): reuse default http client by @zwtop in #546
- special tag trigger release by @qingwusunny in #543
- start e2e on tower by @eustrainLee in #550
- Add vlan trunk feature by @echkenluo in #551
- ci: add more runner tag for k8s-e2e by @wu-cl in #556
- Add tower-e2e-test by @eustrainLee in #553
- test(e2e): adapt create vlan on SMTXOS 504 by @zwtop in #557
- fix(monitor): add reconnect event for ovsdb monitor by @wu-cl in #555
- build: speed up build with docker cache by @zwtop in #558
- add a baseBridge class to facilitate adding new bridge by @qingwusunny in #564
- fix(dp): only match VID in VLAN TCI scope by @wu-cl in #565
- update ofnet reference by @qingwusunny in #568
- test(e2e): filter out invalid vlan by @zwtop in #561
- Create bridge nat and change config by @qingwusunny in #567
- fix: clean all related ct flow when policy changed by @wu-cl in #571
- add agent all options by @qingwusunny in #576
- feat: sync to libovsdb with reconnection by @wu-cl in #563
- push image to smtx.io by @qingwusunny in #573
- ci: add typos check and conventional commits check by @wu-cl in #581
- ci: add pr size label action by @wu-cl in #578
- style: delete the year in the generated files' copyright by @qingwusunny in #584
- fix: match ct clear in both forward and reverse dir by @wu-cl in #580
- init bridge nat by @qingwusunny in #575
- ci: ignore generated files in pr size check by @wu-cl in #586
- ci: the release action auto generate changelog by @qingwusunny in #587
- refactor(plugin-tower): streaming upload file with graphql by @zwtop in #590
- cni: add servicePort CRD by @qingwusunny in #582
- fix(dp): reset port no flood while reply flows by @wu-cl in #595
- test: move e2e test into container by @wu-cl in #592
- fix(cni): check cni enable while reply flows by @wu-cl in #594
- fix: update flowID reference while reply flows by @wu-cl in #596
- ci: helm chart package and push in workflow by @qingwusunny in #598
- fix(plugin-tower): handle default apply type by @zwtop in #600
- feat(cni): add svcindex struct and its method by @qingwusunny in #588
- feat(cni): genServicePort by @qingwusunny in #601
- fix(cni): pod add liveness probe by @qingwusunny in #605
- feat(agent-monitor): only notify sync agentinfo on new address by @zwtop in #606
- fix(policy): filter DROP policy in EST ct item by @wu-cl in #603
- fix: reduce requeue time limit to 1 nanosecond by @wu-cl in #608
- build(deps): bump github.com/emicklei/go-restful from 2.9.5+incompatible to 2.16.0+incompatible by @dependabot in #616
- build(deps): bump github.com/prometheus/client_golang from 1.7.1 to 1.11.1 by @dependabot in #617
- fix(plugin-tower): handle zero length selector by @zwtop in #619
- build(deps): bump golang.org/x/net from 0.1.0 to 0.7.0 by @dependabot in #618
- feat(cni): generate BaseSvc cache and push service cluster ip flow by @qingwusunny in #583
- feat(rpc): return flow id in Get-Policy interface by @wu-cl in #623
- fix: sync libopenflow with deadlock fix by @wu-cl in #621
- test(cni): add proxy unittest frame by @qingwusunny in #622
- feat(monitor): only learn global unicast ip by @zwtop in #628
- ci: ignore test file in pr size check by @qingwusunny in #630
- refactor(monitor): update ovsdb event by @echkenluo in #599
- feat(cni): fliter invalid servicePort backend by @qingwusunny in #633
- ci: upgrade golangci-lint action to v3 by @wu-cl in #637
- feat: vlan trunk list filter by @echkenluo in #612
- fix(monitor): Separation of OVS cache update and OVS event callback f… by @echkenluo in #636
- fix(monitor): check endpoint ready before update endpoint by @qingwusunny in #640
- fix: upgrade dependencies by @zwtop in #639
- ci: pre-check runner change to self-hosted pod by @qingwusunny in #642
- feat(cni): watch service change and update ovs flow by @qingwusunny in #627
- feat(cni): add l3forward flow by @qingwusunny in #591
- fix(cni): set bridge internal port rp_filter=1 by @qingwusunny in #650
- feat(cni): gen svcport name from svcname and portname by @qingwusunny in #649
- fix: remove unused flowReplayChan from datapathManager by @echkenluo in #651
- feat(cni): everouter-controller use hostnetwork by @qingwusunny in #641
- feat(cni): set enableProxy default value is false by @qingwusunny in #652
- feat(cni): add deletecollection premission to controller by @qingwusunny in #653
- feat(cni): watch servicePort change and update ovs flow group by @qingwusunny in #648
- test(cni): fix proxy unit test case for servicePort without service by @qingwusunny in #657
- feat(cni): process service flow in local bridge by @qingwusunny in #632
- feat(cni): replay service proxy flows by @qingwusunny in #654
- feat(cni): erctrl add proxy debug cmd by @qingwusunny in #658
- ci: use sks ro run k8s-e2e by @qingwusunny in #646
- ci: don't need login docker, change sksconfig from github env to sks secret by @qingwusunny in #660
- feat(alg): support ftp and tftp by @qingwusunny in #659
- change test image to smartx harbor by @qingwusunny in #666
- feat(alg): support AlgProtocol field by @qingwusunny in #667
- feat: support service by @qingwusunny in #665
- feat(e2e): add ftp e2e by @qingwusunny in #664
- feat: user-defined global whitelist support policy mode by @qingwusunny in #670
- ci: add timeout for k8s e2e by @qingwusunny in #669
- feat: support ipip by @qingwusunny in #668
- feat: peer support disable symmetric by @qingwusunny in #671
- ci: update ci vm template id by @qingwusunny in #673
- feat: support tier-ecp for ecp network policy by @qingwusunny in #672
- Patch update pr size action by @zwtop in #655
- fix: create eventBroadcaster before manager to avoid goroutine leakage by @zwtop in #674
- refactor: allow start agent monitor without apis...
Contributors
qingwusunny, dependabot, and 5 other contributors
Assets 3
1.0.11
Full Changelog: 1.0.10...1.0.11
1.0.10
1.0.9
What's Changed
- fix(cni): delete expired iptables in EVEROUTE-OUTPUT chain by @qingwusunny in #679
Full Changelog: 1.0.8...1.0.9
Contributors
qingwusunny
Assets 3
1.0.8
What's Changed
- fix(cni): set bridge internal port rp_filter=1 by @qingwusunny in #645
Full Changelog: 1.0.7...1.0.8
Contributors
qingwusunny
Assets 3
1.0.7
What's Changed
Full Changelog: 1.0.6...1.0.7
1.0.6
What's Changed
- feat(plugin-tower): support number as graphql error code by @zwtop in #506
- fix(cni): restrict local-gw to use its own ip as arp src ip by @wu-cl in #507
- fix(cni): check policy rule with ip rule list instead of ip rule add by @wu-cl in #508
- fix: add src/dst ip mask in conntrack-tools by @wu-cl in #510
- fix(label-selector): labels should be the superset of match labels by @zwtop in #509
- fix(cni): mount ovsdb file to host path by @wu-cl in #511
- fix(cni): refactor init agent workflow by @wu-cl in #512
- build: show enforcement mode with kubectl by @zwtop in #514
- build: set static conntrack tools version to 1:1.4.5-2 by @wu-cl in #516
- fix(dp): do not set nil for ofSwitch while ovs is disconnected by @wu-cl in #518
- ci: add auto build for tags and main branch by @wu-cl in #515
- feat(plugin-tower): support ignore multiple fields on type by @zwtop in #519
- test(group-controller): fix test in group controller by @zwtop in #522
- fix(clientset): update resource name from groupmemberses to groupmembers by @zwtop in #523
- fix(policy-controller): update patch check condition by @zwtop in #524
- fix(policy): change apply order while updating patches by @wu-cl in #528
- refactor(datapath): delete conntrack with netlink by @zwtop in #527
Full Changelog: 1.0.5...1.0.6
Contributors
wu-cl and zwtop
Assets 3
1.0.5
What's Changed
- Support tower security group by @zwtop in #481
- chore(cni): use pod network instead of host network for er-ctrl by @wu-cl in #487
- Visual rebase review by @wu-cl in #488
- refactor(plugin-tower): consider zero IP as match all by @zwtop in #491
- feat(cni): use dynamic local gateway ofport by @wu-cl in #493
- Erctl by @haohanyuzmx in #494
- fix(tower-plugin): encode systemEndpoint name by @wu-cl in #495
- fix(plugin-tower): unstable test case on listener by @zwtop in #492
- refactor(plugin-tower): do not encode on valid name by @zwtop in #497
- Revert "feat(collector): clear ct commit tables for collector if existed" by @wu-cl in #496
- feat(endpoint): add new endpoint type with static IPs and dynamic agents by @wu-cl in #499
- build: add helm chart by @wu-cl in #500
- fix(datapath): do not return error when deleting ruleId is not found by @wu-cl in #501
- refactor(plugin-tower): use interface to handle different types by @zwtop in #502
- refactor(cni): merge CNI RPC server into ER RPC server by @wu-cl in #503
- fix(dp): modify whitelist rule for all internal IPs dynamically by @wu-cl in #504
- fix(cni): add post-check in init-agent pod by @wu-cl in #505
New Contributors
- @haohanyuzmx made their first contribution in #494
Full Changelog: 1.0.4...1.0.5
Contributors
wu-cl, haohanyuzmx, and zwtop
Assets 3
1.0.4
What's Changed
- ci: add schedule runner and slack notification by @wu-cl in #361
- docs: fix broken link in README.md by @zdyxry in #365
- ci: only report error with job status 'failure' by @wu-cl in #364
- ci: add more sleep for policy ready by @wu-cl in #366
- refactor(agent): add more logs when missing PodCIDR by @zwtop in #368
- fix(cni): refactor datapath for pods by @wu-cl in #369
- refactor(tower-plugin): fix listener data race by @zwtop in #384
- chore: make unit test with docker by @zwtop in #390
- build: update ovs version in dockerfile by @wu-cl in #394
- feat: use node name for agent name in kubernetes by @wu-cl in #398
- update the readme link address by @KeyongSun in #389
- feat: add agents in endpoint status by @wu-cl in #397
- feat: add endpoint agent in GroupMember by @wu-cl in #399
- build: add iproute2 in base image by @wu-cl in #402
- Use "mac_in_use" to add non-vm interface as endpoint by @cl1111 in #401
- Enable codeql scanning and fix secure issues by @zwtop in #405
- feat(agent): filter policy rules DO NOT related to current agent by @wu-cl in #403
- feat(policy): filter rules with same srcIP and dstIP by @wu-cl in #419
- fix(cni): add support for nftables by @wu-cl in #420
- bugfix: ARP flux occurs in the virtual machine with multiple interfac… by @cl1111 in #422
- fix(plugin-tower): data race when server immediately stop by @zwtop in #432
- fix(cni): commit traffic not for service into cni CT zone by @wu-cl in #429
- Cherry-Pick chore commits to main from demo branch by @zwtop in #433
- fix(ER-76): failed to deploy er while the patch-port ofport have already used by @echkenluo in #434
- feat: add arptables utils by @wu-cl in #439
- build: reorder imports on make generate by @zwtop in #446
- fix(datapath): fix fetch ofport from interface by @zwtop in #447
- Run ci in release branches by @zwtop in #451
- build: clean old everoute config before k8s e2e test by @wu-cl in #448
- feat: check health on cache synced by @zwtop in #455
- refactor(agent): decouple agent and ovsdb monitor by @zwtop in #456
- fix(cni): add hairpin support for pod access its own svc by @wu-cl in #462
- feat: support non-standard kubernetes labels by @zwtop in #445
- feat(plugin-tower): support except cidr in ip block by @zwtop in #460
- fix(health-checker): unstable health check result by @zwtop in #463
- Add notice information. by @KeyongSun in #464
- Fix everoute e2e on Tower by @zwtop in #470
- fix(e2e): wait for kube-apiserver ready before create CRDs by @zwtop in #472
- docs: fix broken link in NOTICE.md by @zwtop in #475
- Fix unstable e2e results on tower by @zwtop in #474
- Cherry-pick chores about tower-plugin from visual by @zwtop in #480
New Contributors
Full Changelog: 1.0.2...1.0.4
Contributors
zdyxry, wu-cl, and 4 other contributors