This release of flannel brings some significant improvements to the vxlan backend.
- No longer listen for netlink messages. This improves flannel performance at high scale (especially on heavily loaded systems) and minimizes the possibility for dropped traffic when the flannel deamon is stopped (e.g. during upgrades).
- Fully compatible with previous versions of flannel to allow for easy upgrade
- Adds support for new "direct routing" mode where packets are only VXLAN encapsulated if there isn't a directly connected route to the destination host.
It also adds a retry mechanism to the
--ip-masq feature to ensure that
iptables rules are correct.
There are a number of other important bug fixes and improvements. See the complete list below.
Install on kubernetes
kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/v0.9.0/Documentation/kube-flannel.yml
The Docker image can be downloaded from quay.io
Please provide feedback through one of the following channels:
- Slack: #flannel on Calico Users Slack
- Mailing list: coreos-dev
- IRC: #coreos on freenode.org
The complete list of PRs in this release
#808 Always ensure iptables masquerade rules are installed (thanks @julia-stripe)
#817 Makefile: Stop pulling the unused lib from kube-cross
#809 subnet/*: Remove unused reservations code
#811 Remove Library copy commands from dockefiles (thanks @mkumatag)
#807 backend/hostgw: Improve robustness, add logging and comments
#787 backend/vxlan: Add support for "direct routing"
#803 Fix route deletion when replacing route in hostgw backend (thanks @julia-stripe)
#800 Add flag validation for subnet-lease-renew-margin (thanks @ruoshan)
#785 backend/vxlan: simplify vxlan processing
#791 add ca-certificates (thanks @oilbeater)
#789 Remove broken reference (thanks @athai)
#777 main.go: Remove sleep during shutdown
#776 Remove RevokeLease from manager interface
#778 Remove wait() from backendmanager. Nothing calls it