Skip to content

Release v0.5.0

Pre-release
Pre-release
Compare
Choose a tag to compare
@antoninbas antoninbas released this 26 Mar 03:07
· 6 commits to release-0.5 since this release
v0.5.0
02dc8b3

Added

  • Add "networkPolicyOnly" as a new "encapsulation mode": in this mode Antrea enforces NetworkPolicies with OVS, but is not in charge of forwarding.
  • Support for running Antrea in EKS and GKE clusters; refer to the documentation.
  • New antctl "get" commands:
    • in "agent mode": addressgroup, agentinfo, appliedtogroup, networkpolicy, podinterface
    • in "controller mode": addressgroup, appliedtogroup, controllerinfo, networkpolicy
  • Support for a user-friendly "table" output format for antctl "get" commands.
  • Add health checks to Antrea components by leveraging the apiserver /healthz endpoint (both the Antrea Agent and Controller are running an apiserver).
  • Add documentation for connecting to the Antrea Agent or Controller apiserver, in order to check the resources created by Antrea.
  • Ship antctl binaries as part of each release for different OS / CPU combinations: antctl-linux-x86_64, antctl-linux-arm, antctl-linux-arm64, antctl-windows-x86_64.exe, antctl-darwin-x86_64.
  • Add documentation for antctl installation and usage.

Changed

  • Refactor antctl: most notable change is that the Antrea Agent now runs its own apiserver which the antctl CLI can connect to.
  • Improve NetworkPolicy logging; in particular an Agent now logs (by default) a message when it receives a new NetworkPolicy that needs to be implemented locally.
  • Upgrade OVS to version 2.13.0, which comes with userspace datapath improvements useful when running Antrea in Kind.
  • Use ipset in iptables to match Pod-to-external traffic, which improves performance.
  • Replace "beta.kubernetes.io/os" annotation (no longer supported in K8s 1.18) with "kubernetes.io/os".
  • Enable running antctl from within the Antrea Controller Pod (by binding the antctl ClusterRrole to the antrea-controller ServiceAccount).

Fixed

  • Cancel ongoing OpenFlow bundle if switch disconnects, to prevent deadlock when replaying flows after a restart of the antrea-ovs container.
  • Keep trying to reconnect to OVS switch indefinitely after a disconnection, instead of giving up after 5 seconds.
  • Backport post-2.13 patch to OVS to avoid tunnel port deletion when the antrea-ovs container exits gracefully.
  • Reduce memory usage of Antrea Controller when an Agent establishes a connection.
  • Clean-up the appropriate iptables rules when a Node leaves the cluster.
Assets 12
Loading