@ianvernon ianvernon released this Oct 11, 2018 · 756 commits to master since this release

Assets 2

Changes

    André Martins (11):
          vendor: update etcd client lib that contains bugfixes
          pkg/kvstore: use leaseID from etcd session
          etcd-operator: update etcd-operator cilium-deployment
          etcd-operator: update cilium-developer descriptor
          test: move kube-dns pre-flight check to ExpectKubeDNSReady
          test: ignore headless services in precheck
          pkg/k8s: delete old policies installed if new policy contains 0 rules
          examples/kubernetes: add better comment for bpf-maps volume
          crio: don't mount bpf path for k8s >= 1.11
          policy: do policy modifications based on the CNP identifiable labels
          pkg/node: propagate local node change to kv-store in a controller

    Anit Gandhi (3):
          Documentation: add minimum firewall rules, examples
          Documentation: minor fixes
          Documentation: note that firewall rules for health information are optional but recommended

    Cynthia Thomas (3):
          Update prereqs to install dependencies
          Update dns pod label modification
          Added formatting

    Daniel Borkmann (1):
          daemon: fix potential nil pointer dereference

    Eloy Coto (2):
          Test: Re-Enable kafka
          Test: Use AfterSuite to clean the VMs at the end.

    Ian Vernon (3):
          Prepare for release v1.2.4
          examples: set Cilium image version to v1.2.3
          pkg/node: delete tunnel routes when remote nodes are removed

    Jarno Rajahalme (6):
          envoy: Make NACK cancel the WaitGroup
          xds: Start versioning at 1.
          envoy: Pass error detail when NACK
          envoy: Update generated protobufs
          envoy: Use separate clusters for egress and ingress redirects.
          bpf: Fix setting IPv6 proxy rule

    Joe Stringer (6):
          bpf: Fix CGO import warning
          bpf: Fix only monitoring one byte of packets
          lxcmap: Fix invalid dumping of IPv4 entries
          daemon: Improve syncLXCMap failure log
          bpf: Add basic endpointKey.ToIP() test
          bpf: Fix some remaining monitor truncation issues

    John Fastabend (1):
          cilium: config fails without MonitorAggregationLevel specified

    Maciej Kwiek (3):
          Add service preflight check to tests
          Check bpf lb map in pre flight check
          Add kubectl.serviceCache and k8s service check

    Romain Lenglet (7):
          xds: Return a revert function on every cache update
          endpoint: Implement stack of endpoint state revert functions
          endpoint: Revert xDS network policy changes on regeneration failure
          endpoint: Revert listener addition/removal on configuration failure
          endpoint: Move the revert types and logic into pkg/revert
          endpoint: In revert, only delete from realizedRedirects if necessary
          endpoint: Add proxy revert logging

    Thomas Graf (6):
          agent: Don't masquerade ingress traffic to local endpoints
          agent: Fix temporary corruption of BPF endpoint map on restart
          bpf: Do not delete and re-add ip rules and routes in the proxy table
          endpoint: Establish grace period when endpoint changes identity
          ipcache: Re-create keys when necessary
          bpf: Only attempt to install ip rules if address family is available

Release binaries

@ianvernon ianvernon released this Sep 21, 2018 · 1 commit to limit-docker-build-resources since this release

Assets 2

Changes

    André Martins (8):
          fix alignment in Go structs
          pkg/identity: fix log warning to be correctly formatted
          pkg/identity: return user fixed identities with cilium identity list
          pkg/identity: return identities ordered by ID
          etcd-operator: update k8s descriptor with cilium 1.2.2
          etcd-operator: update k8s developer descriptor
          pkg/k8s: allow namespace specification in FromEndpoints without k8s source
          dep: avoid dep panic for fsnotify repository
    
    Eloy Coto (2):
          Test: Using locks on read/write operations
          Test/Demos: Make assert more robust.
    
    Ian Vernon (2):
          endpoint: remove revision check around L4 policy calculation
          test: add CI test for endpoint with already-allocated identity
    
    Joe Stringer (5):
          examples/kubernetes: Add clean-cilium-bpf-state option
          docs: Document safe downgrade to Cilium 1.0.
          bpf: Monitor DNS with MTU-sized payload len
          bpf: Rework monitor tracing to specify capture len
          daemon: Define MTU in node_config.h
    
    Romain Lenglet (1):
          proxy: Check whether a port is already open before allocating
    
    Thomas Graf (2):
          k8s: Include type of derived k8s resource in policy rule
          k8s: Fix CNP delete handling to not rely on rules being embedded

Release binaries

@tgraf tgraf released this Sep 17, 2018 · 2090 commits to master since this release

Assets 2

Changes

André Martins (9):
      pkg/endpoint: annotate pod with numeric identity
      daemon: always re-add CNP when receiving an update from Kubernetes
      kubernetes: set maxUnavailable to pods to 2 on upgrade
      Revert "test/k8sT: use specific commit for cilium/star-wars-demo YAMLs"
      test: fix star wars demo to run star-wars v1.0
      k8s fix clean state InitContainer permissions
      k8s: add /status to RBAC for backport compatability
      examples/kubernetes: add node.kubernetes.io/not-ready toleration
      examples/kubernetes: remove etcd Secrets from the ConfigMap

Daniel Borkmann (1):
      allocator: nextCache can hold a nil value for a id/key

Ian Vernon (2):
      pkg/k8s: properly handle empty NamespaceSelector
      test/k8sT: use specific commit for cilium/star-wars-demo YAMLs

Joe Stringer (7):
      docs: Update sphinx theme to print version for stable
      docs: Expand the "v:" to "version:" in the nav bar
      docs: Fix theme paths so RTD picks up in-tree theme
      lxcmap: Improve error messages in DeleteElement()
      lxcmap: Fix always returning an error on delete
      test/k8sT: Fix bad backport
      examples/kubernetes: Add clean-cilium-bpf-state option

Maciej Kwiek (2):
      Add label script for backporting
      Add label script docs to backporting process

Romain Lenglet (1):
      proxy: Remove port binding check on redirect creation

Thomas Graf (7):
      monitor: Fix spin loop when reading stdout from monitor fails
      endpoint: Fix locking while calling endpoint.getLogger()
      lbmap: Mark internal APIs as private
      lbmap: Introduce lock to allow for transactional operations
      lbmap: Support transactional updates
      lbmap: Guarantee order of backends while scaling service
      Prepare 1.0.6 release

Release binaries

Sep 17, 2018
1.0.6 release