Skip to content

@murali-reddy murali-reddy released this Jul 25, 2019 · 1 commit to master since this release


42a046b Send heartbeats during NetworkPolicy and NetworkService sync. (#741)

Assets 4

@murali-reddy murali-reddy released this May 12, 2019 · 6 commits to master since this release

Bug fix release. Fixes regression introduced in 0.3 while adding support for --overlay-type=fulll/subnet


d6a93d4 handle null *route (#732)
8bb50d5 do not setup ipip tunneling when --enable-overlay is false (#722)

Assets 4

@murali-reddy murali-reddy released this Apr 29, 2019 · 8 commits to master since this release


New Features

54eedcd Issue 572 - Graceful termination + Update to go-1.10.8, alpine-3.9 (#706)
8f9729a Introduces the option --overlay-type={subnet,full}, to be able to always generate IPIP tunnels regardless of node subnets (#666)
736757d Support named port of network policy (#679)

Bug Fixes

7181d6f Prefer node PodCIDR from an annotation (#720)
e230176 docs,pkgs: change 'can not' to 'cannot' (#701)
c2f893f default cni config to list format (#690)
375ccc2 Minor typo fix in logs (#700)
fac0663 add Jimmy to maintainers (#687)
70969a3 Add iptables rules for accessing tunneled services from node (#682)
42997cb Delete iptables rule if --masquerade-all is false (#665)
961d8ab fix #639 (#670)
7b20ae9 document workaround for #676 (#677)
a63d386 fix typo (#673)
ffc37f7 remove gitter and add slack as community forum
00824cd Fix typo (#661)
52127e6 Fix ’make test’ when GOPATH contains multiple paths (#658)
34666a1 Run ‘go generate’ from %_moq.go target in docker when BUILD_IN_DOCKER is true (#660)

Assets 4

@murali-reddy murali-reddy released this Feb 1, 2019 · 25 commits to master since this release

This release has two security fixes (#648, #649) and other small fixes

Thanks to all the contributors.


1876993 Removes IPv6 address insertion into BGP IPv4-only nexthop field. (#606)
e99b694 make gobgp grpc server listen only nodeip and (#649)
62d0e86 handle network policies with named ports gracefully (#648)
a93dec2 fix: broken links in contributing guide (#650)
0599a27 Add iptables INPUT rules for tunneled services (#610)
f07ec53 avoid duplicate peer pods in npc rules variables (#634)
bdfdc12 when use multiple registries for pulling images in container runtime, we need specify which registry will use exacly (#645)
a968b2b cleanup local routes if nexthop moves outside host subnet (#629)
11ae253 Validate the presence of port definitions before attempting to access (#643)

Assets 4

@murali-reddy murali-reddy released this Jan 11, 2019 · 34 commits to master since this release

Apart from bug fixes some nice enhancements went in to the release

thanks to @asteven for adding support for

  • #575 annotation that let your selectively advertise service VIP's
  • #618 prevent access to the nodes through service IP, permit traffic to the only required ports

thanks to @uablrek @Arvinderpal for continued IPv6 incremental updates

thanks @bazuchan @eric @zerkms @mk01 for your contributions


10ddc09 Fixed typo in Global External BGP Peers example (#627)
d7a7a6d Add missing ip6tables package to docker container (#631)
4da8ee7 [RFC] prevent host services from being accessible through service IPs (#618)
4efc6cc Add documentation on dependency management using dep. (#621)
34270e4 Periodicaly sync iptables MASQUERADE rules (#619)
c63e71a Enable net.bridge.bridge-nf-call-ip6tables for IPv6. (#608)
48e2c7b Add iptables input rules for ipvs services (#604)
c38e8f6 Change append to insert for iptables rules (#596)
853b75b Periodicaly sync default forward rules (#603)
6cdc237 Make ipv6 routing to pods (CNI routing) work for ipv6 (#578)
7b9291a fix docs
1a30f9e implement per-service annotations to control IP advertisment (#575)
e5d599b Roffe/metrics polish (#595)
0cdaa43 docs/ change example to use printf (#594)
46f8265 docs: how to configure explicit proxy (#582)

Assets 4

@roffe roffe released this Nov 22, 2018 · 49 commits to master since this release

IPVS throughput fixes and enable arp_ignore and arp_announce


c39c13b No reason to restrict Peer ASN's to private only. (#576)
87718c9 make NSC set net.ipv4.vs.conn_reuse_mode=0 (#577)
5bfab47 unified function to set sysctl values and enable arp_ignore and arp_announce(#580)

Assets 2

@murali-reddy murali-reddy released this Nov 15, 2018 · 53 commits to master since this release

Apart from support IPVS maglev hashing rest are bug fixes. No breaking changes.


4d6b7fa Fixes regression in BGP route reflector functionality. (#573)
cf9bf47 Integrate ip_vs_mh scheduler into kube-router (#564)
3723d82 fix typo on docs/ (#568)
535fcc5 Added "--router-id=" parameter. (#563)
2a82035 Add mount of /lib/modules to kube-router kubeadm setup doc (#565)
f95cded Improved detect in ipv6IsEnabled() (#555)
827bbbc infer endpoint is local from endpoints "subset.addresses.nodeName" (#560)
d9570c5 all toleration for nodes with taint (#558)
bf636c0 Added ipv6 documentation (#551)
0416e07 Change IMAGE_TAG -> IMG_TAG in developing guide (#550)

Assets 4

@murali-reddy murali-reddy released this Oct 10, 2018 · 63 commits to master since this release

We are excited to bring a new release with great enhancements. Finally kube-router is starting to add support for
IPv6. Its still WIP progress but pretty close to full working functionality. Also kube-router now fully support network policy semantics with addition of support for ipblock and except.

Shout-out to @uablrek for leading the IPv6 effort in kube-router and @jimmy-zh for filling the last remaining gaps to network policies.


077ff86 Ipv6; BGP peering (#545)
a47e0f4 Add support for 'except' feature of network policy rule (#543)
05907d8 Ipv6; Support ipset with "family inet6" (#538)
77459dd Add CLI option to toggle disabling of source-dest-check in EC2 (#541)
cadba6c Use ipset to manage multiple CIDRs in a network policy rule (#529)
cd4ad6f update docker build image to go1.10.3 (#535)
c10a615 update vendored gobgp to latest release (#533)
b479f25 Added support for ARCH=s390x (#532)
1b7ae13 make the comments of the iptables rules more accurate and reasonable (#527)

Assets 4

@murali-reddy murali-reddy released this Sep 1, 2018 · 72 commits to master since this release

We are excited to bring the new release version of kube-router. There were 10 pre-releases from v0.1.0

Here is the quick highlight of enhancements in v0.2.0 from version v0.1.0

  • kube-router is refactored to be usable to advertise just service VIP's. Kube-router can used with other CNI's like cillium (for e.g, Weave etc
  • support for advertising service load-balancer IPs with flag --advertise-loadbalancer-ip
  • various fixes/enhancements to intelligently advertise/withdraw service VIP's (cluster IP, external IP and load balancer IP's) in case of service with service.Spec.ExternalTrafficPolicy=Local
  • support to control on which local IP of the node GoBGP will listen
  • ability to enable/disable advertising its pod CIDR to external BGP peers
  • bug fixes to BGP graceful restart functionality integrated in kube-router. data-path is not impacted when performing rolling upgrade of kube-router
  • better support for the nodes with multiple physical interfaces. Kube-router configures GoBGP such that next hop advertised for a router is an appropriate local IP


7496b00 dont shutdown gobgp server if graceful restart is enabled (#526)
02eb11b Sponsorship update (#524)
468f16b Delete (#520)

Assets 4

@murali-reddy murali-reddy released this Aug 15, 2018 · 75 commits to master since this release


  • Support to choose a different port for BGP than default value of 179. This opens up possibility to run a different BGP implementation (like for e.g. BIRD) in conjunction with GoBGP running as part of kube-router

     An e.g use-case:
  • In case of multiple uplinks to different external peers, next-hop used should be appropriate local IP (instead of hard code node IP as earlier). --override-nexthop basically overrides the next hop configured in local RIB with appropriate local ip as next hop when advertising routes to the BGP peers.

  • Support for user configurable list of local IP address on which BGP server should listen. This is important in case of nodes with multiple interfaces and multiple external peers.


01ec883 prevent IPIP tunnel creation when --override-nexthop=ture (#518)
1db83ad Added support for custom BGP ports with 179 still being default (#492) (#493)
86ba784 Introduces the option --override-nexthop, to override the next hop used in advertised routes (#502)
b76d22f [jjo] ipAddrDel(): also delete VIP local rt addition (#514)
624c74f issue-385: make it optional on which ip address BGP server listens (#473)
94e163b update BGP export policies on endpoints add event (#508)
85d8df4 Improve health check for cache synchronization (#498)
e2ee6a7 Fix blackholing of traffic when using local traffic policy / annotation (#495)
8bed56f processing k8s version for NPC (#488)
f340218 fix case where 1 min unintended delay is added when checking for tunnel interface to come ip in pod (#472)

thanks @jjo @johanot @jimmy-zh @jdconti for the contributions.

Assets 4
You can’t perform that action at this time.