Bot releases are hidden (Show)
LoadBalancerIPMode
in AntreaProxy to implement K8s KEP-1860. (#6102, @hongliangl)sameLabels
field support for Antrea ClusterNetworkPolicy peer Namespace selection to allow users to create ACNPs that isolate Namespaces based on their label values. (#4537, @Dyanngg)NetworkPolicyEvaluation
and a new antctl sub-command for querying the effective policy rule applied to particular traffic. (#5740 #6112, @qiyueyao)Tier
, ClusterNetworkPolicy
, NetworkPolicy
, Traceflow
and ExternalEntity
. (#6162 #6177 #6238, @luolanzone @hjiajing @antoninbas)ClusterGroups
, ExternalIPPool
, ClusterGroup
and Group
. (#6049 #6239, @luolanzone @antoninbas)ServiceAccount
field in ClusterSet
type for Antrea Multi-cluster. (#6134, @luolanzone)enableIPSecTunnel
,multicastInterfaces
, multicluster.enable
and legacyCRDMirroring
. (#5158, @luolanzone)nplPortRange
config. (#5943, @luolanzone)IPPool
and ExternalIPPool
CRDs. (#6183, @antoninbas)egressNodeName
in flow records for Antrea Flow Aggregator. (#6012, @Atish-iaf)EgressNode
field in the Traceflow Egress observation to include the name of the Egress Node. (#5949, @Atish-iaf)IPPool
CRD to v1beta1 and make the subnet definition consistent with the one in ExternalIPPool
CRD. (#6036, @mengdie-song)projects.registry.vmware.com
for user-facing images. (#6073, @antoninbas)openvswitch
kernel module if it's already built-in. (#5979, @antoninbas)ExternalIPPool
CRD to improve robustness. (#5898, @aroradaman)allowed
HTTP traffic. (#6014, @qiyueyao)antctl get ovsflows --table-names-only
. (#5895 #6100, @luolanzone)rancher-wins
when collecting antrea-agent logs on Windows. (#6223, @wenyingd)ClusterGroup
/Group
is used in NetworkPolicy controller. (#6077, @tnqn)libcapng
to make logrotate run as root in UBI images to fix an OVS crash issue. (#6052, @xliuxu)Traceflow
CRD. (#6050, @gran-vmv)encap
mode to account for the MTU automatically configured by OVS on tunnel ports, and avoid packet drops on some clusters. (#5997, @antoninbas)proxyAll
is disabled. (#6242, @antoninbas)antrea-controller --version
outside of K8s. (#5993, @prakrit55)networkPolicyOnly
mode. (#6251, @hongliangl)ofport
mismatch issue. (#6202, @antoninbas)Published by tnqn 6 months ago
projects.registry.vmware.com
for user-facing images. (#6073, @antoninbas)libcapng
to make logrotate run as root in UBI images to fix an OVS crash issue. (#6052, @xliuxu)Published by tnqn 7 months ago
projects.registry.vmware.com
for user-facing images. (#6073, @antoninbas)libcapng
to make logrotate run as root in UBI images to fix an OVS crash issue. (#6052, @xliuxu)Published by tnqn 7 months ago
projects.registry.vmware.com
for user-facing images. (#6073, @antoninbas)libcapng
to make logrotate run as root in UBI images to fix an OVS crash issue. (#6052, @xliuxu)Published by tnqn 9 months ago
NodeNetworkPolicy
that allows users to apply ClusterNetworkPolicy
to Kubernetes Nodes. (#5658 #5716, @hongliangl @Atish-iaf)
NetworkAttachmentDefinition
does not include IPAM configuration. (#5762, @jianjuns)encap
mode in AKS. (#5901, @antoninbas)antctl traceflow
. (#5689, @Atish-iaf)net.IP
with netip.Addr
in FlowExporter which optimizes the memory usage and improves the performance of the FlowExporter. (#5532, @antoninbas)antrea-ipam.md
. (#5339, @gran-vmv)TrafficControl
to avoid a potential issue that a TrafficControl
CR with a redirect action to the same Pod could bypass the L7 engine. (#5768, @hongliangl)antctl trace-packet
command failure which is caused by missing arguments. (#5838, @luolanzone)net.ipv4.conf.antrea-gw0.arp_announce
to 1 to fix an ARP request leak when a Node or hostNetwork Pod accesses a local Pod and AntreaIPAM is enabled. (#5657, @gran-vmv)fillPodInfo
/fillServiceInfo
to fix log flood issue, and update DestinationServiceAddress
for deny connections. (#5592 #5704, @yuntanghsu)PrepareHNSNetwork
to fix potential IP retrieving failure. (#5819, @XinShuYang)antctl mc deploy
to support Antrea Multi-cluster deployment update when the manifests are changed. (#5257, @luolanzone)Published by tnqn 9 months ago
antctl trace-packet
command failure which is caused by arguments missing issue. (#5838, @luolanzone)Published by tnqn 9 months ago
Install-WindowsCNI-Containerd.ps1
script to make it compatible with containerd 1.7. (#5528, @NamanAg30)antctl trace-packet
command failure which is caused by arguments missing issue. (#5838, @luolanzone)Published by tnqn 9 months ago
Install-WindowsCNI-Containerd.ps1
script to make it compatible with containerd 1.7. (#5528, @NamanAg30)antctl tf
CLI failure when the Traceflow is using an IPv6 address. (#5588, @Atish-iaf)Published by tnqn 11 months ago
Published by tnqn 12 months ago
antctl tf
CLI failure when the Traceflow is using an IPv6 address. (#5588, @Atish-iaf)Published by tnqn 12 months ago
IPAllocated
and IPAssigned
conditions to Egress status to improve Egress visibility. (#5282, @AJPL88 @tnqn)SupportBundle
for both Antrea Agent and Antrea Controller. (#5538, @aniketraj1947)Install-WindowsCNI-Containerd.ps1
script to make it compatible with containerd 1.7. (#5528, @NamanAg30)antreaProxy.enable
to allow users to disable this feature. (#5401, @hongliangl)antctl get featuregates
output. (#5314, @cr7258)PacketInMeter
and the size of PacketInQueue
. (#5460, @GraysonWu)hostAliases
to Helm values for Flow Aggregator. (#5386, @yuntanghsu)/bin/sh
and invoke the binary directly for OVS commands in Antrea Agent. (#5364, @antoninbas)EndpointDNAT
only when Antrea Multi-cluster is enabled. (#5411, @hongliangl)drop
in ARPSpoofGuardTable
to effectively prevent ARP spoofing. (#5378, @hongliangl)kubectl get multicastgroups
even when the Multicast is enabled. (#5367, @ceclinux)antctl tf
CLI failure when the Traceflow is using an IPv6 address. (#5588, @Atish-iaf)PacketInQueue
to reduce the DNS response delay when a Pod has any FQDN policy applied. (#5456, @tnqn)ovs_meter_packet_dropped_count
metrics to fix a bug that the metrics are not showing up if OVS Meter is not supported on the system. (#5413, @tnqn)Published by tnqn about 1 year ago
Published by tnqn about 1 year ago
drop
in ARPSpoofGuardTable to effectively prevent ARP spoofing. (#5378, @hongliangl)/bin/sh
and invoke the binary directly for OVS commands in Antrea Agent. (#5364, @antoninbas)PacketInMeter
and the size of PacketInQueue
. (#5460, @GraysonWu)enableStretchedNetworkPolicy
is enabled for Antrea Multi-cluster. (#5404 #5449, @Dyanngg)kubectl get multicastgroups
even when the Multicast is enabled. (#5367, @ceclinux)PacketInQueue
to reduce the DNS response delay when a Pod has any FQDN policy applied. (#5456, @tnqn)Published by tnqn about 1 year ago
drop
in ARPSpoofGuardTable to effectively prevent ARP spoofing. (#5378, @hongliangl)/bin/sh
and invoke the binary directly for OVS commands in Antrea Agent. (#5364, @antoninbas)PacketInMeter
and the size of PacketInQueue
. (#5460, @GraysonWu)enableStretchedNetworkPolicy
is enabled for Antrea Multi-cluster. (#5404 #5449, @Dyanngg)kubectl get multicastgroups
even when the Multicast is enabled. (#5367, @ceclinux)ovs_meter_packet_dropped_count
metrics to fix a bug that the metrics are not showing up if OVS Meter is not supported on the system. (#5413, @tnqn)PacketInQueue
to reduce the DNS response delay when a Pod has any FQDN policy applied. (#5456, @tnqn)Published by tnqn about 1 year ago
drop
in ARPSpoofGuardTable to effectively prevent ARP spoofing. (#5378, @hongliangl)/bin/sh
and invoke the binary directly for OVS commands in Antrea Agent. (#5364, @antoninbas)PacketInMeter
and the size of PacketInQueue
. (#5460, @GraysonWu)kubectl get multicastgroups
even when the Multicast is enabled. (#5367, @ceclinux)enableStretchedNetworkPolicy
is enabled for Antrea Multi-cluster. (#5404 #5449, @Dyanngg)PacketInQueue
to reduce the DNS response delay when a Pod has any FQDN policy applied. (#5456, @tnqn)Published by tnqn about 1 year ago
ContainerRuntime
to allow users to configure the container runtime while using the script Prepare-Node.ps1
on K8s Windows Node. (#5071, @NamanAg30)antctl upgrade api-storage
in antctl to support resource storage version migration for Antrea CRDs. (#5198, @hongliangl)service.kubernetes.io/topology-mode
in AntreaProxy since the old service.kubernetes.io/topology-aware-hints
annotation has been deprecated in Kubernetes 1.27. (#5241, @mengdie-song)service.kubernetes.io/service-proxy-name
in AntreaProxy to align with KEP 2447. (#4973, @hongliangl)sort-by
flag in more antctl get
commands for more fields. (#4346, @jainpulkit22)kubeAPIServerOverride
option to allow users to override the kube-apiserver address for antrea-controller. (#5056, @tnqn)proxyAll
by default for AntreaProxy on Windows because the kube-proxy userspace datapath has been removed since Kubernetes 1.26. (#4980, @XinShuYang)40000-41000
to avoid conflicts with the Windows default dynamic port range. (#5107, @XinShuYang)--insecure
option to support both secure and insecure connections. (#5135, @antoninbas)<Namespace>/<Name>
) to which the NP rule is applied. (#5101, @antoninbas)libOpenflow
and ofnet
library versions to fix a PacketIn2 response parse error. (#5154, @wenyingd)libOpenflow
library to v0.12.1 to fix an antrea-agent crash issue when marshaling the IGMPv3 query packet. (#5320, @ceclinux)antctl mc
codes to fix a rollback failure. (#5138, @luolanzone)Published by tnqn over 1 year ago
modifyFlows
function of the OpenFlow client to avoid unexpected flow error. (#5125, @Dyanngg)Published by tnqn over 1 year ago
Published by tnqn over 1 year ago
Published by tnqn over 1 year ago
The Multicast, TopologyAwareHints, and NodeIPAM features are graduated from Alpha to Beta. The TopologyAwareHints, NodeIPAM features are enabled by default. Multicast can be enabled with a new Antrea Agent configuration parameter: multicast.enable
.
sourcePort
and sourceEndPort
in Antrea-native policy API to match traffic initiated from specific ports. (#4687, @Dyanngg)logLabel
to Antrea-native policy CRDs; the user-provided label is added to audit logs. (#4748, @qiyueyao)clientCAFile
to allow user to specify client CA. (#4664, @wenyingd)status.egressIP
field for Egress to represent the effective Egress IP. (#4603, @tnqn)Failed
phase in ANP status for the case when all Agents have reported the status and at least one failure is received. (#4608, @wenyingd)ovs_flow_count
Prometheus metrics. (#4893, @cr7258)