Simple, resilient multi-host containers networking and more.
APACHE-2.0 License
Bot releases are hidden (Show)
Published by bboreham almost 7 years ago
As 2.1.0, but fixing a couple of installation glitches - #3175,#3176
Improved Kubernetes Network Policy - Weave Net now supports the 'v1' policies introduced in Kubernetes 1.7 as well as the 'beta' policies supported previously. See Kubernetes 1.7 changelog for differences. To use old policies, --use-legacy-netpol
argument should be passed to weave-npc
. #3105,#3141,#3151,#3169
Weave Net now reclaims IP addresses owned by Kubernetes nodes which have been deleted from the cluster - this avoids running out of IP addresses when many nodes are added and deleted over a long period. #2797,#3149,#3170,#3172
weave-kube
)There is an updated DaemonSet manifest for Kubernetes 1.7 and 1.8 that adds an access to networkpolicies
from the networking.k8s.io
API group used by the 'v1' policies and a new role to create ConfigMaps:
kubectl apply -f https://cloud.weave.works/k8s/v1.7/net
To use old network policies:
kubectl apply -f https://cloud.weave.works/k8s/v1.7/net?use-legacy-netpol=true
weave expose
is used, allow traffic into the Weave network - up till version 1.12 Docker would do this for us, but in 1.13 they stopped so now we do it. This change makes weave expose
to require Weave Net to be running. #2758,#3122Thanks to the following contributors:
@caarlos0
@dtshepherd
Published by bboreham almost 7 years ago
NOTE This release had an error in the installation; please do not use. Replaced by 2.1.1.
Published by bboreham about 7 years ago
weave reset
will now remove the persistence file created by the 'v2' Docker plugin #3103,#3114weave-kube
)There is an updated DaemonSet manifest for Kubernetes 1.7 and 1.8 that adds a volume-mount for the iptables
lock file, which avoids collisions between Weave Net components and kube-proxy that can sometimes result in a half-configured network.:
kubectl apply -f https://cloud.weave.works/k8s/v1.7/net
Thanks to the following who contributed changes in this release:
@dtshepherd
Published by bboreham about 7 years ago
Bug fixes
Published by bboreham about 7 years ago
NOTE: Weave Net 2.0.2 and 2.0.3 do not work on Centos 7, due to an incompatibility with the ipset support in the kernel
This release is to fix a bug which snuck into 2.0.2
Published by bboreham about 7 years ago
kubelet --hostname-override
was used #3049,#3051If you have edited the Weave Net DaemonSet from a previous release, you will need to re-make your changes against the new version.
weave-kube
)Kubernetes 1.6 and above supports rolling upgrades of DaemonSets. To upgrade, simply run:
kubectl apply -f https://cloud.weave.works/k8s/v1.6/net
Kubernetes will then delete the existing Weave Net pods one by one, and create new ones with the latest Weave Net version.
The 1.6
link will work for Kubernetes 1.6 and 1.7
Thanks to the following who contributed changes in this release:
@dlespiau
@mikebryant
Published by marccarre over 7 years ago
sleeve
), rather than crashing, when the machine lacks VXLAN support (required for “fast data path”, fastdp
) #3043lookup --tlsverify: no such host
#3039kube-system
namespace back to weave-kube
's YAMLs, preventing omissions leading to errors like error contacting APIServer: the server does not allow access to the requested resource
#3033,#3042net-plugin
, leading to Error response from daemon: dial unix /run/docker/plugins/<id>/weave.sock: connect: no such file or directory
when installing net-plugin
#3045weave reset
and weave rmpeer
now only contact Weave Cloud when Weave Net is configured with a Weave Cloud token, preventing unnecessary requests and potentially confusing 401 Unauthorized
errors in Weave Net’s logs #3044Follow the installation instructions to install this latest release of weave.
When upgrading from a version earlier than 1.9.0, if your host's network interface has a limit on packet size (the "MTU") smaller than 1496 bytes, you should reboot after upgrading to ensure encrypted fast datapath can work. For instance this applies to Google Cloud Platform, but is not necessary on AWS.
Weave Net 2.0.1 is compatible with previous versions back to 1.1.0, so it is possible to upgrade clusters incrementally and run mixed versions.
In version 1.6, Kubernetes has increased security, so we need to create a special service account to run Weave Net. This is done in the file weave-daemonset-k8s-1.6.yaml
attached to the release.
Also, the toleration required to let Weave Net run on master nodes has moved from an annotation to a field on the DaemonSet spec object.
The command to apply this new configuration via short URL is:
kubectl apply -f https://cloud.weave.works/k8s/v1.6/net
If you have edited the Weave Net DaemonSet from a previous release, you will need to re-make your changes against the new version.
weave-kube
)Kubernetes 1.6 now supports rolling upgrades of DaemonSets, and we have added this setting to the YAML. To upgrade, simply run:
kubectl apply -f https://cloud.weave.works/k8s/v1.6/net
Kubernetes will then delete the existing Weave Net pods one by one, and create new ones with the latest Weave Net version.
In case of issues during the rolling upgrade, please refer to Kubernetes’ troubleshooting page
For more details about the Weave Net Kubernetes addon, see: https://weave.works/docs/net/latest/kube-addon/
Published by bboreham over 7 years ago
You can now get all your Weave Net peers to find each other via the Weave Cloud service, instead of maintaining a list of peers at startup. #2799,#2827
See the docs page for more details
Docker has a new plugin system which improves the installation UX and solves some issues around startup. This means Weave Net 2.0 can now run with Docker in "swarm mode" and supports the docker service
command. #2396,#2397,#2651,#2727,#2805,#2816,#2905, #2906,#2929,#2932,#2945,#2950,#2956,#2963,#2964,#2966
The previous Docker Plugin is still available and can be installed as before.
Previously we had three separate containers for routing, Docker API
proxy and Docker plugin. Running everything in one simplifies start-up and removes the need to detect various error conditions. #1642,#2897,#2936,#2945,#2946,#2951,#2960
The individual commands ‘weave launch-router’, ‘weave launch-plugin’, etc., have been removed. You can turn off the plugin and proxy with new command-line options. In keeping with Semantic Versioning, we have changed the major version number for this release.
weave-kube
now stores data about IP allocation in /var/lib/weave
on the host instead of in a Kubernetes volume. This means that the data will persist across pod deletion and re-creation, e.g. during an upgrade of Weave Net, which makes restarts more reliable. #2610,#2967weave-kube
turned on rolling updates, so careful manual handling of updates is no longer required. #3024weave run
has been removed. This was the original method provided to start containers with Weave Net, but it always required care over timing of start-up, and we now provide three alternative, better, ways. You can replicate the effect by calling docker run
then weave attach
. Similarly weave start
and weave restart
were removed. #2353,#2885--iprange
was replaced by --ipalloc-range
#2901,#2909,#2913,#2942,#2989,#2991This enables more precise error-checking and runs a bit faster. It has also enabled us to shrink the size of images downloaded: weave-kube
is 101MB compared to 163MB previously #2953,#2954,#2974
Specific items that moved from shell-script to Go:
weave
bridge #1958,#2975,#2977,#2978--ipalloc-default-subnet
option #2919weave
script now detects and issues an error message ifweave-kube
is running and you attempt to launch again from the script. #2709/#2966weave
bridge using --name
, in case your hosts have identical unique IDs. #2900seLinuxOptions
configuration is now empty by default, to reduce spurious failures on hosts not using seLinux. #3001nsenter
. #2992weave ps
now fetches the list container IDs internally, rather than calling out to docker ps
#2814,#2898ping
so we get a more realistic test that the Weave network is working #2918Follow the installation instructions to install this latest release of weave.
When upgrading from a version earlier than 1.9.0, if your host's network interface has a limit on packet size (the "MTU") smaller than 1496 bytes, you should reboot after upgrading to ensure encrypted fast datapath can work. For instance this applies to Google Cloud Platform, but is not necessary on AWS.
Weave Net 2.0.0's CLI, persistence, and architecture has changed a lot, but the core of Weave Net is compatible with previous versions back to 1.1.0, so it is possible to upgrade clusters incrementally and run mixed versions.
In version 1.6, Kubernetes has increased security, so we need to create a special service account to run Weave Net. This is done in the file weave-daemonset-k8s-1.6.yaml
attached to the release.
Also, the toleration required to let Weave Net run on master nodes has moved from an annotation to a field on the DaemonSet spec object.
The command to apply this new configuration via short URL is:
kubectl apply -f https://cloud.weave.works/k8s/v1.6/net
If you have edited the Weave Net DaemonSet from a previous release, you will need to re-make your changes against the new version.
weave-kube
)Kubernetes 1.6 now supports rolling upgrades of DaemonSets, and we have added this setting to the YAML. To upgrade, simply run:
kubectl apply -f https://cloud.weave.works/k8s/v1.6/net
Kubernetes will then delete the existing Weave Net pods one by one, and create new ones with the latest Weave Net version.
In case of issues during the rolling upgrade, please refer to Kubernetes’ troubleshooting page
For more details about the Weave Net Kubernetes addon, see: https://weave.works/docs/net/latest/kube-addon/
Thanks to the following who contributed changes during this release:
@bjhaid
@dlmiddlecote
@mattjtodd
@mgalgs
@mikebryant
@Shimi
@stuart-warren
@unitymind
Published by bboreham over 7 years ago
Bug fixes and minor improvements
Follow the installation instructions to install this latest release of weave.
When upgrading from a version earlier than 1.9.0, if your host's network interface has a limit on packet size (the "MTU") smaller than 1496 bytes, you should reboot after upgrading to ensure encrypted fast datapath can work. For instance this applies to Google Cloud Platform, but is not necessary on AWS.
Weave Net 1.9.8 is fully compatible with all previous versions back to 1.1.0, so it is possible to upgrade clusters incrementally and run mixed versions.
In version 1.6, Kubernetes has increased security, so we need to create a special service account to run Weave Net. This is done in the file weave-daemonset-k8s-1.6.yaml
attached to the release.
Also, the toleration required to let Weave Net run on master nodes has moved from an annotation to a field on the DaemonSet spec object.
The command to apply this new configuration via short URL is:
kubectl apply -f https://git.io/weave-kube-1.6
If you have edited the Weave Net DaemonSet from a previous release, you will need to re-make your changes against the new version.
weave-kube
)Although Kubernetes 1.6 now supports rolling upgrades of daemonsets, we have not tested this or changed the configuration for it, so we still recommend you perform the procedure manually - see https://weave.works/docs/net/latest/kube-addon/ for details.
Published by bboreham over 7 years ago
This is identical to 1.9.6 with one additional bug-fix:
kubelet --hostname-override
was used #2995,#2996Thanks to @bregor for the fix!
Published by bboreham over 7 years ago
weave-npc
) now checks local addresses only, so it doesn't interfere with cross-cluster traffic. It should be more efficient too #2622,#2973,#2979weave-npc
couldn't start because one ipset
was referring to another one and could not be destroyed #2915,#2949ipset
#2934,#2935weave-npc
now creates ipsets with only valid xml characters in the name #2958,#2959shfmt
so the set of things it checks is stable #2987Follow the installation instructions to install this latest release of weave.
When upgrading from a version earlier than 1.9.0, if your host's network interface has a limit on packet size (the "MTU") smaller than 1496 bytes, you should reboot after upgrading to ensure encrypted fast datapath can work. For instance this applies to Google Cloud Platform, but is not necessary on AWS.
Weave Net 1.9.6 is fully compatible with all previous versions back to 1.1.0, so it is possible to upgrade clusters incrementally and run mixed versions.
In version 1.6, Kubernetes has increased security, so we need to create a special service account to run Weave Net. This is done in the file weave-daemonset-k8s-1.6.yaml
attached to the release.
Also, the toleration required to let Weave Net run on master nodes has moved from an annotation to a field on the DaemonSet spec object.
The command to apply this new configuration via short URL is:
kubectl apply -f https://git.io/weave-kube-1.6
If you have edited the Weave Net DaemonSet from a previous release, you will need to re-make your changes against the new version.
weave-kube
)Kubernetes does not currently support rolling upgrades of daemon sets, so you will need to perform the procedure manually - see https://weave.works/docs/net/latest/kube-addon/ for details.
Thanks to the following who contributed changes during this release:
@deitch
@mikebryant
@stuart-warren
Published by bboreham over 7 years ago
Follow the installation instructions to install this latest release of weave.
When upgrading from a version earlier than 1.9.0, if your host's network interface has a limit on packet size (the "MTU") smaller than 1496 bytes, you should reboot after upgrading to ensure encrypted fast datapath can work. For instance this applies to Google Cloud Platform, but is not necessary on AWS.
Weave Net 1.9.5 is fully compatible with all previous versions back to 1.1.0, so it is possible to upgrade clusters incrementally and run mixed versions.
Note a bug in Kubernetes 1.6.0 and 1.6.1 (#44041) means that Weave Net will not pick up existing pod IP addresses on a restart. We recommend you upgrade to Kubernetes 1.6.2, but if you are unable to do so then please reboot instead of individually deleting the Weave Net pods.
In version 1.6, Kubernetes has increased security, so we need to create a special service account to run Weave Net. This is done in the file weave-daemonset-k8s-1.6.yaml
attached to the release.
Also, the toleration required to let Weave Net run on master nodes has moved from an annotation to a field on the DaemonSet spec object.
The command to apply this new configuration via short URL is:
kubectl apply -f https://git.io/weave-kube-1.6
If you have edited the Weave Net DaemonSet from a previous release, you will need to re-make your changes against the new version.
weave-kube
)Kubernetes does not currently support rolling upgrades of daemon sets, so you will need to perform the procedure manually - see https://weave.works/docs/net/latest/kube-addon/ for details.
Thanks to the following who contributed changes during this release:
keontang
mikebryant
nhlfr
roberth
tobowers
Published by bboreham over 7 years ago
Follow the installation instructions to install this latest release of weave.
When upgrading from a version earlier than 1.9.0, if your host's network interface has a limit on packet size (the "MTU") smaller than 1496 bytes, you should reboot after upgrading to ensure encrypted fast datapath can work. For instance this applies to Google Cloud Platform, but is not necessary on AWS.
Weave Net 1.9.4 is fully compatible with all previous versions back to 1.1.0, so it is possible to upgrade clusters incrementally and run mixed versions.
Note a bug in Kubernetes 1.6 (#44041) means that Weave Net will not pick up existing pod IP addresses on a restart. Until this is fixed we recommend you reboot instead of individually deleting the Weave Net pod.
In version 1.6, Kubernetes has increased security, so we need to create a special service account to run Weave Net. This is done in the file weave-daemonset-k8s-1.6.yaml
attached to the release.
Also, the toleration required to let Weave Net run on master nodes has moved from an annotation to a field on the DaemonSet spec object.
The command to apply this new configuration via short URL is:
kubectl apply -f https://git.io/weave-kube-1.6
If you have edited the Weave Net DaemonSet from a previous release, you will need to re-make your changes against the new version.
weave-kube
)Kubernetes does not currently support rolling upgrades of daemon sets, so you will need to perform the procedure manually - see https://weave.works/docs/net/latest/kube-addon/ for details.
Thanks to the following who contributed changes during this release:
stephan2012
Published by marccarre over 7 years ago
Follow the installation instructions to install this latest release of weave.
When upgrading from a version earlier than 1.9.0, if your host's network interface has a limit on packet size (the "MTU") smaller than 1496 bytes, you should reboot after upgrading to ensure encrypted fast datapath can work. For instance this applies to Google Cloud Platform, but is not necessary on AWS.
Weave Net 1.9.3 is fully compatible with all previous versions back to 1.1.0, so it is possible to upgrade clusters incrementally and run mixed versions.
weave-kube
)Kubernetes does not currently support rolling upgrades of daemon sets, so you will need to perform the procedure manually - see https://weave.works/docs/net/latest/kube-addon/ for details.
Published by brb over 7 years ago
br_netfilter
or xt_set
module is compiled into kernel #2820/#2821xt_set
kernel module #2821Follow the installation instructions to install this latest release of weave.
When upgrading from a version earlier than 1.9.0, if your host's network interface has a limit on packet size (the "MTU") smaller than 1496 bytes, you should reboot after upgrading to ensure encrypted fast datapath can work. For instance this applies to Google Cloud Platform, but is not necessary on AWS.
Weave Net 1.9.2 is fully compatible with all previous versions back to 1.1.0, so it is possible to upgrade clusters incrementally and run mixed versions.
weave-kube
)Kubernetes does not currently support rolling upgrades of daemon sets, so you will need to perform the procedure manually - see https://weave.works/docs/net/latest/kube-addon/ for details.
Published by bboreham over 7 years ago
dockerd --iptables=false
#2726Follow the installation instructions to install this latest release of weave.
If your host's network interface has a limit on packet size (the "MTU") smaller than 1496 bytes, you should reboot after upgrading to ensure encrypted fast datapath can work. For instance this applies to Google Cloud Platform, but is not necessary on AWS.
Weave Net 1.9.1 is fully compatible with all previous versions back to 1.1.0, so it is possible to upgrade clusters incrementally and run mixed versions.
weave-kube
)Kubernetes does not currently support rolling upgrades of daemon sets, so you will need to perform the procedure manually - see https://weave.works/docs/net/latest/kube-addon/ for details.
NOTE: The mount points for host directories moved in version 1.9.0, and were extended in 1.9.1. If you are running a modified version of the DaemonSet specification, please update it to match the new release.
Published by bboreham over 7 years ago
NOTE: The move to multi-architecture required that we update the embedded Docker client, and this has the effect that this release of Weave Net will not work with Docker installations older than 1.10. We apologise for any inconvenience.
weave status connections
now shows the MTU, the largest packetFollow the installation instructions to install this latest release of weave.
If your host's network interface has a limit on packet size (the "MTU") smaller than 1496 bytes, you should reboot after upgrading to ensure encrypted fast datapath can work. For instance this applies to Google Cloud Platform, but is not necessary on AWS.
Weave Net 1.9.0 is fully compatible with all previous versions back to 1.1.0, so it is possible to upgrade clusters incrementally and run mixed versions.
weave-kube
)Kubernetes does not currently support rolling upgrades of daemon sets, so you will need to perform the procedure manually - see https://weave.works/docs/net/latest/kube-addon/ for details.
NOTE: The mount points for host directories have moved. If you are running a modified version of the DaemonSet specification, please update it to match the new release.
weave expose
or weave-kube
. Docker versions prior to 1.13 will set a policy that allows this, but as of 1.13 we have to. #2758,#2762weave-npc
is in use #2689,#2747weave-npc
#2633,#2666,#2692,#2695Weave Cloud provides monitoring and visualisation of Weave Net application and containers. |
---|
Sign-up for a free trial at https://cloud.weave.works |
Published by brb almost 8 years ago
Kubernetes does not currently support rolling upgrades of daemon sets, so you will need to perform the procedure manually - see https://weave.works/docs/net/latest/kube-addon/ for details.
Published by awh almost 8 years ago
jq
tool in our build VM configuration #2656Kubernetes does not currently support rolling upgrades of daemon sets, so you will need to perform the procedure manually - see https://weave.works/docs/net/latest/kube-addon/ for details.
Published by awh almost 8 years ago
weave reset
did not clean up policy controller DROP rule #2591DOCKERHUB_USER
was not honoured #2552, #2564