kube-ovn

Bugfix

• fix: wrong vpc-nat-gateway arm image
• add delete ovs pods after restore nb db
• delete monitor noexecute toleration
• masquerade packets from Pods to service IP
• modify init ipam by ip crd only for sts pod
• modify webhook img to independent image
• fix adding key to delete Pod queue
• fix IPAM initialization
• ignore all link local unicast addresses/routes
• fix error handling for netlink.AddrDel
• replace pod name when create ip crd
• fix provider-networks status
• recover ips CR on IPAM initialization
• fix: do not recreate port for terminating pods
• avoid frequent ipset update
• fix: The underlay physical gateway config by external-gw-addr when use snat&eip
• add reset for kube-ovn-monitor metrics
• check the cidr format whether is correct
• fix external egress gateway
• add missing link scope routes in vpc-nat-gateway

New Feature

• add env-check
• add kube-ovn-controller switch for EIP and SNAT
• add routed check in circulation
• log: show the reason if get gw node failed
• support keep-vm-ip and live-migrate at the same time
• support alloc static ip from any subnet after ns supports multi subnets
• create ip crd in kube-ovn-controller
• add condition for triggering the deletion of redundant chassises in sbdb

Bugfix

• fix provider network range loop
• increase memory limit of ovn-central
• add missing link scope routes in vpc-nat-gateway
• update ip assigned check
• fix external egress gateway
• update nodeips for restore cmd in ko plugin
• append vm deletion check
• check the cidr format whether is correct
• add reset for kube-ovn-monitor metrics
• The underlay physical gateway config by external-gw-addr when use snat&eip
• avoid frequent ipset update
• do not recreate port for terminating pods
• create ip crd in kube-ovn-controller

New Feature

• Add new arg to configure ns of ExternalGatewayConfig
• add dnsutils for base image
• kubectl-ko: support trace Pods being created
• Add args to configure port ln-ovn-external
• add back centralized subnet active-standby mode
• add metric for ovn nb/sb db status
• update provider network via node annotation
• support to add multiple subnets for a namespace
• append add cidr and excludeIps annotation for namespace
• keep ip for kubevirt pod
• add webhook for subnet update validation

Bugfix

• ignore hostnetwork pod when initipam
• update check for delete statefulset pod
• liveMigration with IPv6
• validate statefulset pod by name
• add gateway check after update subnet
• fix clusterrole in ovn-ha.yaml
• set up tunnel correctly in hybrid mode
• check static route conflict
• transfer IP/route earlier in OVS startup
• only log matched svc with np (#1287)
• fix underlay subnet in custom VPC
• resync provider network status periodically
• fix statefulset Pod deletion
• Fix usage of ovn commands
• continue of deletion for del pod failed when can't found vpc or subnet
• fix OVS bridge with bond port in mode 6
• replace ecmp dp_hash with hash by src_ip (#1289)
• fix ips update
• add check for pod update process
• skip ping gateway for pods during live migration
• modify ipam v6 release ip problem
• fix SNAT/PR on Pod startup
• update networkpolicy port process
• append htbqos para in crd yaml
• update flag parse in webhook

Bugfix

• update check for delete statefulset pod
• update networkpolicy port process
• add back centralized subnet active-standby mode
• add gateway check after update subnet
• fix clusterrole in ovn-ha.yaml
• set up tunnel correctly in hybrid mode
• check static route conflict
• transfer IP/route earlier in OVS startup
• fix only log matched svc with np (#1287)
• fix statefulset Pod deletion
• ignore cilint
• Fix usage of ovn commands
• fix continue of deletion for del pod failed when can't found vpc or subnet
• fix OVS bridge with bond port in mode 6
• fix replace ecmp dp_hash with hash by src_ip (#1289)
• fix cni deepcopy
• fix ips update
• add check for pod update process
• fix SNAT/PR on Pod startup
• optimize log for node port-group

New Feature

• support to add multiple subnets for a namespace
• append add cidr and excludeIps annotation for namespace
• feat optimize log
• resync provider network status periodically
• add metric for ovn nb/sb db status
• feat update provider network via node annotation
• keep ip for kubevirt pod

New Feature

• Policy route support in custom VPC
• VLAN subnet support in custom VPC
• Load balancer support in custom VPC
• Add nodeSelector for vpc-nat-gateway pod
• Add vpc-nat-gateway support for default VPC
• VIP for pod support
• Support to set HTB QoS priority
• Integrate Cilium with Kube-OVN
• Pod can use multiple nic with the same subnet
• Support using logical gateway in underlay subnet
• Add args to configure port ln-ovn-external
• Other CNI can be used as the default network
• Add networkpolicy support for attachment cni
• Add back webhook for subnet and ip validation
• Sync live migration vm port
• Update OVN to 21.06
• Add macvlan CNI binary into image
• Add kubectl-ko plugin into image

Performance

• switch's router port's addresses to "router"
• do not diagnose external access
• increase ovn-nb timeout
• add stt section and update benchmark
• add fastpath module for 4.x kernel
• reduce qos query with ovs-vsctl cmd
• use logical router policy for accessing node
• do not send multicast packets to conntrack
• add db compact for nb and sb db
• do not send traffic to ct if not designate to svc
• jemalloc and ISA optimization
• change nbctl args 'wait=sb' to 'no-wait'

Security

• security: update base ubuntu image

Monitoring & Troubleshooting

• kubectl-ko: support trace Pods being created
• add dnsutils for base image

Test

• add e2e testing for dual stack underlay
• add ovn-ic e2e
• add cilium e2e
• support running ovn-ic e2e on macOS

Refactor

• remove ovn ipam option
• mute ovn0 ping log and add ping details
• refactor: reuse waitNetworkReady to check ovn0 and slightly improve the installation speed
• cleanup command flags
• update klog to v2 which embed log rotation
• update Go modules
• delete frequently log
• add healthcheck cmd to probe live and ready

Bugfix

• fix nat-outgoing/policy-routing on pod startup
• fix variable reference
• fix e2e testing
• fix gc lsp statistic for multiple subnet
• re-check ns annotation to avoid annotations lost
• append externalIds for pod and node when upgrade
• fix IPAM for StatefulSet
• wrong link for iptables
• fix StatefulSet down scale
• fix getting LSP UUID by name
• fix installation scripts
• init node with wrong ipamkey and lead conflict
• modify kube-ovn as multus-cni problem
• In netpol egress rules, except rule should be set to "!=" and should not be "=="
• replace api for get lsp id by name
• fix trace command in dual stack underlay networking
• fix pinger and monitor in underlay networking
• fix pinger in dual stack cluster
• fix kubectl-ko diagnose
• fix cleanup.sh and uninstall.sh
• fix: check and load ip_tables module
• add inspection
• change inspection logic from manually adding lsp to just reading pod queue
• fix: serialize pod add/delete order
• fix: delete vpc-nat-gw deployment
• remove node chassis annotation on cleanup
• fix: ensure all kube-ovn components deleted before annotate pods
• fix bug: logical switch ts not ready
• fix: check allocated annotation in update handler
• fix LB in dual stack cluster
• fix: multus-cni subnet allocation
• fix: trace in custom vpc
• fix read-only pointer in vlan and provider-network
• fix ko trace
• fix: no need to set address for ls to lr port
• add sg acl check when init
• add pod in default vpc to node port-group
• fix LB: skip service without cluster IP
• fix pinger's compatibility for k8s v1.16
• deleting all chassises which are not nodes
• add vendor param for fix list LR
• fix: add kube-ovn-cni prob timeout
• update delete operation for statefulset pod
• fix: add back the leader check
• when update subnet's except ip,we should filter repeat ip
• when netpol is added to a workload, the workload's POD can be accessed using service
• fix: check np switch
• filter used qos when delete qos
• add protocol check when subnet is dual-stack
• pinger: fix getting empty PodIPs
• delete frequently log
• fix: do not reuse released ip after subnet updated
• use multus-cni as default cni to assign ip
• use different ip crd with provider suffix for pod multus nic
• move chassis judge to the end of node processing
• append check for centralized subnet nat process
• fix installation script
• fix pod tolerations
• modify pod's process of update for use multus cni as default cni
• fix iptables rules and service e2e
• update check for delete statefulset pod
• ignore hostnetwork pod when initipam

Bugfix

• modify kube-ovn as multus-cni problem
• In netpol egress rules, except rule should be set to "!=" and should not be "=="
• replace api for get lsp id by name
• fix trace command in dual stack underlay networking
• fix pinger and monitor in underlay networking
• fix pinger in dual stack cluster
• fix kubectl-ko diagnose
• fix cleanup.sh and uninstall.sh
• fix: check and load ip_tables module
• add inspection
• change inspection logic from manually adding lsp to just reading pod queue
• fix: serialize pod add/delete order
• fix: delete vpc-nat-gw deployment
• remove node chassis annotation on cleanup
• fix: ensure all kube-ovn components deleted before annotate pods
• fix bug: logical switch ts not ready
• fix: check allocated annotation in update handler
• fix LB in dual stack cluster
• fix: multus-cni subnet allocation
• fix: trace in custom vpc
• fix read-only pointer in vlan and provider-network
• fix ko trace
• fix: no need to set address for ls to lr port
• add sg acl check when init
• add pod in default vpc to node port-group
• fix LB: skip service without cluster IP
• fix pinger's compatibility for k8s v1.16
• deleting all chassises which are not nodes
• add vendor param for fix list LR
• fix: add kube-ovn-cni prob timeout
• update delete operation for statefulset pod
• fix: add back the leader check
• when update subnet's except ip,we should filter repeat ip
• when netpol is added to a workload, the workload's POD can be accessed using service
• fix: check np switch
• filter used qos when delete qos
• add protocol check when subnet is dual-stack
• pinger: fix getting empty PodIPs
• delete frequently log
• fix: do not reuse released ip after subnet updated
• use multus-cni as default cni to assign ip
• use different ip crd with provider suffix for pod multus nic
• move chassis judge to the end of node processing
• append check for centralized subnet nat process
• fix installation script
• fix pod tolerations

Security

• security: update base ubuntu image

Test

• add e2e testing for dual stack underlay

Performance

• add db compact for nb and sb db
• change nbctl args 'wait=sb' to 'no-wait'

Performance

• switch's router port's addresses to "router"
• do not diagnose external access
• increase ovn-nb timeout

Bugfix

• fix nat-outgoing/policy-routing on pod startup
• fix variable reference
• fix e2e testing
• fix gc lsp statistic for multiple subnet
• re-check ns annotation to avoid annotations lost
• append externalIds for pod and node when upgrade
• fix IPAM for StatefulSet
• wrong link for iptables
• fix StatefulSet down scale
• fix getting LSP UUID by name
• fix installation scripts
• init node with wrong ipamkey and lead conflict
• serialize pod add/delete order
• kubeclient timeout
• update base image

Refactor

• remove ovn ipam option
• mute ovn0 ping log and add ping details

Performance

• switch's router port's addresses to "router"
• do not diagnose external access
• increase ovn-nb timeout

Bugfix

• fix nat-outgoing/policy-routing on pod startup
• fix variable reference
• fix e2e testing
• fix gc lsp statistic for multiple subnet
• re-check ns annotation to avoid annotations lost
• append externalIds for pod and node when upgrade
• fix IPAM for StatefulSet
• wrong link for iptables
• fix StatefulSet down scale
• fix getting LSP UUID by name
• fix installation scripts
• init node with wrong ipamkey and lead conflict

Refactor

• remove ovn ipam option
• mute ovn0 ping log and add ping details

New Feature

• Underlay/Vlan network refactoring to adapt more complicate network infrastructure
• Share same OVN infrastructure with OpenStack and run Pods in OpenStack VPC
• Support SecurityGroup in VPCs
• Support Service in VPCs
• Adapt to vfio-pci driver type device
• Use annotation to dynamic change tunnel interface
• Pod level annotation to control traffic mirror
• Kube-OVN ipam supports custom routes
• Switch to enable/disable OVN network policy support
• Switch to enable/disable OVN LB
• Switch to enable/disable gateway connectivity check

Performance

• New fastpath module which can reduce about 40% latency and cpu usage
• New performance tuning guide to boost the performance and comparison for different network
• Enable tx offload again as fix for double nat kernel issue

Monitoring

• Diagnose command 'kubectl ko' support trace in underlay networking
• Diagnose command 'kubectl ko' support cluster operations status/kick/backup

Security

• fix CVE-2021-33910
• Add go build security options
• Fix CVE-2021-3121
• fix CVE-2021-3538
• Update base image to ubuntu:21.04

Mics

• update kind to v0.11.1
• fix gofmt lint
• ci: use stable golang version
• update ovn to 21.03

Test

• update underlay e2e testing
• fix subnet e2e
• fix dual stack cluster created by kind
• Correct vlan e2e testing
• Remove dpdk ci

Bugfix

• fix CRD provider-networks.kubeovn.io
• fix ipsets, subnets using underlay networking should not be included in ipsets
• update qos ingress_policing_burst
• match chassis until timeout
• delete overlapped var subnet
• fix: if nftables not exists do no exit
• delete ecmp route when node is deleted
• fix cleanup.sh
• fix image version
• fix iptables
• ignore empty strings when counting lbs
• fix external_ids:pod_netns
• delete attachment ips
• update qos process
• fix: panic when node has nil annotations
• append pod/exec resource for vpc nat gw
• fix underlay networking on node reboot
• fix default bind socket of cni server
• if the string of ip is empty,program will die
• fix uninstall.sh
• ensure provider nic is up
• fix: bad udp checksum when access nodeport
• fix IPv6-related issues
• fix issues in underlay networking
• avoid Pod IP to be the same with node internal IP
• fix subnet conflict check for node address
• fix ipset on pod creation/deletion
• delete subnet AvailableIPs and UsingIPs para
• fix: ovn-northd svc flip flop
• delete residual ovs internal ports
• initialize ipsets on cni server startup
• Fix acl overlay issues
• Fix available ips count of subnet
• Fix lsp may lost when server pressure is high
• Cleanup kube-ovn-monitor resource
• Remove wait ovn sb
• Remove kube-ovn-controller rollout check
• Delete process of ip crd delete in cni delete request
• Delete ecmp route when node is not ready
• Ignore update pod nic annotation when not nil
• Clean up gateway chassis list for external gw
• Node route should filter out 'vpc'
• Do not delete statefulset pod when update pod
• Add master check when a node adding to a cluster and config sb/nb address
• Fix IP/route transfer on node reboot
• Fix uninstall.sh execution in OVS pods
• Add node internal ip into ovn-ic advertise blacklist
• Fix bug for deleting ovn-ic lrp failed
• Keep subnet's vlan empty if not specified
• Add field defaultNetworkType in configmap ovn-config

This release mainly fix bugs found in 1.7.1

Feature

• update encap ip by node annotation periodic
• update node labels and provider network's status.readyNodes when provider network is not initialized successfully in a node
• add ready status for provider network

Bugfix

• fix CRD provider-networks.kubeovn.io
• fix ipsets, subnets using underlay networking should not be included in ipsets
• update qos ingress_policing_burst
• match chassis until timeout
• delete overlapped var subnet
• fix: if nftables not exists do no exit
• delete ecmp route when node is deleted
• fix cleanup.sh
• fix image version
• fix iptables
• ignore empty strings when counting lbs
• fix external_ids:pod_netns
• delete attachment ips
• update qos process
• fix: panic when node has nil annotations
• append pod/exec resource for vpc nat gw
• fix underlay networking on node reboot
• fix default bind socket of cni server
• if the string of ip is empty,program will die
• fix uninstall.sh
• ensure provider nic is up
• fix: bad udp checksum when access nodeport
• fix IPv6-related issues
• fix issues in underlay networking
• avoid Pod IP to be the same with node internal IP
• fix subnet conflict check for node address
• fix ipset on pod creation/deletion
• delete subnet AvailableIPs and UsingIPs para
• fix: ovn-northd svc flip flop
• delete residual ovs internal ports
• initialize ipsets on cni server startup

Test

• update underlay e2e testing
• fix subnet e2e
• fix dual stack cluster created by kind

Security

• fix CVE-2021-33910

Chore

• update kind to v0.11.1
• fix gofmt lint
• ci: use stable golang version

New Feature

• Underlay/Vlan network refactoring
• Diagnose command 'kubectl ko' support trace in underlay networking
• Diagnose command 'kubectl ko' support cluster operations status/kick/backup
• Support to specify node nic name

Bugfix

• Fix acl overlay issues
• Fix available ips count of subnet
• Fix lsp may lost when server pressure is high
• Cleanup kube-ovn-monitor resource
• Remove wait ovn sb
• Remove kube-ovn-controller rollout check
• Delete process of ip crd delete in cni delete request
• Delete ecmp route when node is not ready
• Ignore update pod nic annotation when not nil
• Clean up gateway chassis list for external gw
• Node route should filter out 'vpc'
• Do not delete statefulset pod when update pod
• Add master check when a node adding to a cluster and config sb/nb address
• Fix IP/route transfer on node reboot
• Fix uninstall.sh execution in OVS pods
• Add node internal ip into ovn-ic advertise blacklist
• Fix bug for deleting ovn-ic lrp failed
• Keep subnet's vlan empty if not specified
• Add field defaultNetworkType in configmap ovn-config

Performance

• Enable tx offload again as upstream already fix it

Test

• Correct vlan e2e testing
• Remove dpdk ci

Security

• Add go build security options
• Fix CVE-2021-3121

This release mainly fix bugs found in 1.6.2

Bugfix

• fix: do not nat route traffic
• fix: release ip addresses even if pods not found
• security: fix crypto CVE
• fix: add address_set to avoid error message
• fix: add node to pod allow acl
• Handler the parse config error before used
• fix: del might panic if duplicate delete
• fix: do not re-generate ts port
• fix: get_leader_ip always return fist node ip
• fix: do not gc learned routes
• fix: remove tty error notification
• fix ovn nb reconnect
• perf: reclaim heap memory after compaction
• fix: leader may change during startup, use cluster connection to set options
• fix SNAT on pod startup

Release for v1.7.0

New Feature

• Support configuration for cni-bin-dir and cni-conf-dir
• Support for vpc nat gateway
• Support for multus ovn nic
• Support ecmp static route for centralized gateway
• Support vxlan tunnel encapsulation
• Support hybrid mode for geneve and vlan
• Support external egress gateway
• Support underlay mode with single nic
• Support kube-ovn-speaker announce service ip
• Support kube-ovn-speaker graceful restart
• Support interconnection between OpenStack and Kubernetes

Bugfix

• Restart when init ping failed
• Make sure northd leader change
• Wrong split in FindLoadbalancer function
• Ip6tables check error
• Reset ovn0 addr
• Masq traffic to ovn0 from other nodes
• Add missing ovn-ic-db schema
• Update ipam cidr when subnet changes
• Disable offload for genev_sys_6081
• Configure nic failed when ifname empty
• Udp checksum offload error
• Restart ovn-controller to force ovn-ic flows update
• Update usingips check when update finalizer for subnet
• Livenessprobe fail if ovn nb/ovn sb not running
• Release norhtd lock when power off
• Fix chassis check for node
• Pod terminating not recycle ip when controller not ready

Monitoring

• Split ovn-monitor from ovn-central as an independent deployment
• Optimization for ovn/ovs status metric
• Add more command to diagnose results, such as ovs-dpctl, ovs-ofctl, ovs-appctl and so on

Performance

• Support use ovs internal-port instead of veth pair to implement pod nic

Test

• Add e2e for ofctl/dpctl/appctl
• Add service e2e
• Add single node e2e
• Add e2e tests for external egress gateway

Mics

• Update ovn to 20.12 and ovs to 2.15
• Update Go to 1.16

This release mainly fix bugs found in 1.6.1

Bugfix

• udp checksum offload error
• restart ovn-controller to force ovn-ic flows update
• update usingips check when update finalizer for subnet
• add node address allocate check when init
• livenessprobe fail if ovn nb/ovn sb not running
• ignore ip6tabels check for v4 hostIP
• release norhtd lock when power off
• fix chassis check for node
• configure nic failed when ifname empty

This release mainly fix bugs found in 1.6.0

Bugfix

• DualStack error logs
• IP count error in DualStack mode
• ip6tables check error
• Update ipam cidr when subnet changes
• When address is empty, skip route/nat deletion
• Waiting pod network ready takes too long
• Add new iptables clean up commands
• Pod terminating not recycle ip when controller not ready
• Restart when init ping failed
• Make sure northd leader change
• Check required module before start
• Underlay gateway flood logs
• Wrong split in FindLoadbalancer function
• Reset ovn0 addr
• Set default db addr same with leader node to fix nb and sb error 'bind: Address already in use'
• Masq traffic to ovn0 from other nodes

Misc

• Update ovn to 20.12 and ovs to 2.15

New Feature

• Basic support for custom VPC
• DualStack support
• Overlay to underlay gateway through BGP
• Support binding pod to subnet
• Support distributed eip
• Support disable interconnection for specific subnet
• Iface now support regex
• install.sh supports DPDK resource configuration
• Remove cluster ip dependency for ovn/ovs components
• Change base image to ubuntu
• Update OVN to 20.09

Monitoring

• Add OVN/OVS monitor
• Add ovs client latency metrics
• Add ping total count metric
• Add ovs-vsctl show to diagnose results
• Add kubectl describe no to diagnose results
• Add ovs-vsctl show to diagnose results
• Add available IP metrics
• Add more dashboard

Mics

• CI: change to official docker buildx action
• Perf: remove default acl rules
• ci: add github code scan
• Add version info
• Reduce image size
• Perf: accelerate ic and ex gw update
• Refactor iptable logs
• Tolerate all taints
• OVN/OVS log rotation
• Update Go to 1.15
• Multi arch image

Bugfix

• Remove not alive pod in networkpolicy portGroup
• Delete Pod when marked with deletionTimestamp
• Use the internal IP when node try to connect to pod
• Do not advertise node switch cidr when enable ovn-ic
• Wrong proto str for udp diagnose
• IPv6 len mismatch
• Add default SSL var for compatibility
• Wrong ipv6 network format when update subnet
• Broken RPM link
• Default SSL var for compatibility
• Wrong iptable order
• Check multicast and loopback subnet
• CodeQL scan warnings
• Fix cleanup scripts
• Check ipv6 requirement before start
• Check if ovn-central ip exists in NODE_IPS before start
• Fix the problem of confusion between old and new versions of crd
• Fix external-address config description
• Add resources limits to avoid eviction
• NAT rules can be modified
• Masquerade other nodes to local pod to avoid NodePort triangle traffic
• OVN-IC support SSL
• Pod static ip validation
• Multiple rule networkpolicy issues
• Modify service vip parse error
• CNIServer default encap ip use node ip

New Feature

• Iface now support regex
• install.sh supports DPDK resource configuration
• Masquerade other nodes to local pod to avoid NodePort triangle traffic

Monitoring

• Add ping total count metric
• Add ovs-vsctl show to diagnose results
• Add kubectl describe no to diagnose results

Bugfix

• Fix cleanup scripts
• Update Go to 1.15
• Check ipv6 requirement before start
• Check if ovn-central ip exists in NODE_IPS before start
• Fix external-address config description
• Fix the problem of confusion between old and new versions of crd
• Add resources limits to avoid eviction
• NAT rules can be modified

Mics

• Refactor iptable logs
• Tolerate all taints
• OVN/OVS log rotation

This release mainly fix bugs found in v1.5.0 and add function of binding pod to specified subnet

New Feature

• Support binding pod to subnet

Bugfix

• Remove not alive pod in networkpolicy portGroup
• Delete Pod when marked with deletionTimestamp
• Use internal IP when node try to connect to pod
• Do not advertise node switch cidr when enable ovn-ic
• Wrong proto str for udp diagnose
• Wrong ipv6 network format when update subnet
• Broken RPM link
• Default SSL var for compatibility
• Wrong iptable order
• Check multicast and loopback subnet
• CodeQL scan warnings

Mics

• CI: change to official docker buildx action
• Perf: remove default acl rules
• Perf: accelerate ic and ex gw update

From v1.5.0 Kube-OVN takes use of OVN distributed gateway router to implement SNAT and EIP functions. Users now can controller the external IP of a groups of pods. SFC functions is also integrated into OVN to further extend the capability of OVN. In this version, users can also enabled the TLS connection between Kube-OVN components to secure the communication. We also enhance the monitoring and diagnose tools, more metrics and Grafana dashboards are added to better expose the internal stats of the network.

New Feature

• Pod level SNAT and EIP support, please check the Guide
• Integrate SFC function into OVN
• OVN-Controller graceful stop
• Mirror config can be updated dynamically
• Set more metadata to interface external-ids

Security

• Support TLS connection between components
• Change DB file access mode

Monitoring

• Add more metrics to pinger dashboard
• Add more metrics to kube-ovn-cni and a new Grafana dashboard
• Diagnose show ovn-nb and ovn-sb overview

Mics

• Update CI k8s to 1.19
• Change kube-ovn-cni updateStrategy
• Move CNI conf when kube-ovn-cni ready

Bugfix

• Use NodeName as OVN chassis name
• Stop OVN-IC if disabled
• Uninstall scripts will clean up ipv6 iptables and ipset
• Bridging-mapping may conflict, if enable vlan and external gateway
• Pinger ipv6 mode fetch portmaping failed
• Pinger diagnose should reuse cmd args

From 1.4, Kube-OVN can connect multiple cluster into one network. Pods in different cluster can communicate with others by Pod IP directly. This version also add ACL log function that can record when and why a packet is dropped by NetworkPolicy. We also enhance many dependency and improve the performance. Please look the changelog for more detail.

New Feature

• Integrate OVN-IC to support multi-cluster networking, Multi-Cluster Networking Steps
• Enable ACL log to record networkpolicy drop packets
• Reserve source ip for NodePort service to local pod
• Support vlan subnet switch to underlay gateway

Bugfix

• Add forward accept rules
• kubectl-ko cannot find nic
• Prevent vlan/subnet init error logs
• Subnet ACL might conflict if allSubnets and subnet cidr overlap
• Missing session lb

Misc

• Update ovs to 2.14
• Update golang to 1.15
• Suppress logs
• Add psp rules
• Remove juju log dependency