From a55a047ee72efef336c3e0954001113366f9fb66 Mon Sep 17 00:00:00 2001 From: emanic Date: Fri, 22 Dec 2017 13:15:05 -0800 Subject: [PATCH] v3.0.1 and v2.6.5 RN also incorporates feedback on v3.0.0 RN --- _data/versions.yml | 364 +++++++++++++++++++++++++++++++++++++-------- 1 file changed, 299 insertions(+), 65 deletions(-) diff --git a/_data/versions.yml b/_data/versions.yml index 7b75cf646e0..39c7dc6e24b 100644 --- a/_data/versions.yml +++ b/_data/versions.yml @@ -1,7 +1,195 @@ v3.0: +- title: v3.0.1 + note: | + 22 December 2017 + + > **Important**: This release includes breaking changes to the data and + > resource model. [Review the documentation](https://docs.projectcalico.org/v3.0/getting-started/kubernetes/upgrade/) carefully before attempting an upgrade. + > Some highlights include: + > - You must upgrade to Calico v2.6.5 before you can upgrade to v3.0.1. + > - Calico deployments that access the etcd datastore directly must complete + a one-time migration. + > - You must convert any customized Calico manifests via `calicoctl convert` + before you can use them with v3.0.1. + {: .alert .alert-danger} + + #### What's new + + ##### Support for etcdv3 + + - Calico now stores its data in [etcd version 3](https://coreos.com/blog/etcd3-a-new-etcd.html). + + ##### Support for Windows in policy-only mode + + - Felix now compiles and runs on Windows in policy-only mode. [felix #1638](https://github.com/projectcalico/felix/pull/1638) (@nwoodmsft) + + ##### Migration and upgrade from v2.6.5 + + - This version of Calico supports [migration and upgrade](/v3.0/getting-started/kubernetes/upgrade/) from Calico v2.6.5. + + ##### calicoctl enhancements + + - Those using the Kubernetes API datastore can now use `calicoctl` to + create, read, update, and delete Calico policies. + + - `calicoctl` features two new resources: [BGP Configuration](https://docs.projectcalico.org/v3.0/reference/calicoctl/resources/bgpconfig) + and [Felix Configuration](https://docs.projectcalico.org/v3.0/reference/calicoctl/resources/felixconfig). + + - The `calicoctl` policy resource has been split into new [network policy](https://docs.projectcalico.org/v3.0/reference/calicoctl/resources/networkpolicy) + and [global network policy](https://docs.projectcalico.org/v3.0/reference/calicoctl/resources/globalnetworkpolicy) resources. + + - [Network policy](https://docs.projectcalico.org/v3.0/reference/calicoctl/resources/networkpolicy) + resources can include a `namespace` value, allowing you to create policies that + only apply to [workload endpoint resources](https://docs.projectcalico.org/v3.0/reference/calicoctl/resources/workloadendpoint) + in the same namespace. + + - You can now specify `namespaceSelector` expressions in + [network policy](https://docs.projectcalico.org/v3.0/reference/calicoctl/resources/networkpolicy) + and [global network policy](https://docs.projectcalico.org/v3.0/reference/calicoctl/resources/globalnetworkpolicy) rules to select one or more namespaces in their entirety. + + - The `get`, `apply`, `create`, `delete`, and `replace` commands of `calicoctl` + now include an optional `--namespace=` flag. Refer to the `calicoctl` + [Command reference](https://docs.projectcalico.org/v3.0/reference/calicoctl/commands/) section for more details. + + - The `get` command of `calicoctl` now includes optional `--all-namespaces` + and `--export` flags. Refer to the [calicoctl get](https://docs.projectcalico.org/v3.0/reference/calicoctl/commands/get) + section for more information. + + - `calicoctl` no longer accepts the following flags in `get` commands: + `--node=`, `--orchestrator=`, `--workload=`, and + `--scope=`. These options are now a part of the individual resources. + + - `calicoctl` no longer includes a `config` command. To achieve the equivalent + functionality, refer to [Modifying low-level component configurations](https://docs.projectcalico.org/v3.0/reference/calicoctl/commands/#modifying-low-level-component-configurations). + + - You can now name [host](https://docs.projectcalico.org/v3.0/reference/calicoctl/resources/hostendpoint#endpointport) + and [workload](https://docs.projectcalico.org/v3.0/reference/calicoctl/resources/workloadendpoint#endpointport) + endpoint ports and reference them by name in your [policy rules](https://docs.projectcalico.org/v3.0/reference/calicoctl/resources/networkpolicy#ports). + + - `calicoctl` now allows a `0` value for ICMP entries in policy resources, + enabling `ping` responses. In addition, it now rejects `255` values in the + `type` field due to lack of kernel support. Refer to the reference documentation + of the [network policy](https://docs.projectcalico.org/v3.0/reference/calicoctl/resources/networkpolicy#icmp) + and [global network policy](https://docs.projectcalico.org/v3.0/reference/calicoctl/resources/globalnetworkpolicy#icmp) + resources for more information. + + - `calicoctl` now offers a new `convert` command, allowing 2.6.x manifests stored under + version control to be converted to the v3.x format. [calicoctl #1782](https://github.com/projectcalico/calicoctl/pull/1782) (@gunjan5) + + ##### Host endpoint policies can be applied to forwarded traffic + + - The new `ApplyOnForward` flag allows you to specify if a host endpoint policy should + apply to forwarded traffic or not. Forwarded traffic includes traffic forwarded between + host endpoints and traffic forwarded between a host endpoint and a workload endpoint on + the same host. Refer to [Using Calico to secure host interfaces](https://docs.projectcalico.org/v3.0/getting-started/bare-metal/bare-metal) + for more details. + + ##### CNI plugin changes + + - Calico now assigns the host side of veth pairs a MAC address of `ee:ee:ee:ee:ee:ee`. + If this fails, it uses a kernel-generated MAC address as before. For more information, + refer to the [Troubleshooting FAQ](https://docs.projectcalico.org/v2.6/usage/troubleshooting/). [cni-plugin #436](https://github.com/projectcalico/cni-plugin/pull/436) (@tmjd) + + - The CNI plugin now offers an optional environment variable called `CNI_OLD_CONF_NAME`. + If set, the CNI plug-in cleans up old configuration data during an upgrade, making it + easier to migrate to a new `CNI_CONF_NAME` value. [cni-plugin #392](https://github.com/projectcalico/cni-plugin/pull/392)(@weikinhuang) + + - The CNI plugin no longer throws a `file exists` message when programming routes. + [cni-plugin #406](https://github.com/projectcalico/cni-plugin/pull/406) (@gunjan5) + + - After a period of deprecation, this release removes support for the `ETCD_AUTHORITY` + and `ETCD_SCHEME` environment variables. Calico no longer reads these values. If you have + not transitioned to `ETCD_ENDPOINTS`, you must do so as of v3.0. Refer to + [Configuring `calicoctl` - etcdv3 datastore](https://docs.projectcalico.org/v3.0/reference/calicoctl/setup/etcdv3) for more information. + + - A new node controller for Kubernetes deployments clears data associated with deleted + nodes from the Calico datastore, preventing conflicts that can lead to crash loops. Refer + to [Configuring the Calico Kubernetes controllers](https://docs.projectcalico.org/v3.0/reference/kube-controllers/configuration) for more information. + + ##### Other changes + + - Calico now works with Kubernetes network services proxy with IPVS/LVS. Calico enforces + network policies with kube-proxy running in IPVS mode for Kubernetes clusters. Currently + only workload ingress policy is supported. + + - Rolling update is now enabled by default in the Kubernetes self-hosted manifests. + [calico #1506](https://github.com/projectcalico/calico/pull/1506) (@caseydavenport) + + - The CoreOS version used for the Kubernetes Vagrant tutorial has been updated, resolving + an issue causing `kubectl` to hang. [calico #1487](https://github.com/projectcalico/calico/pull/1487) (@2ffs2nns) + + - Typha no longer sends incorrect `updateTypes` to Felix, increasing the accuracy of + Felix statistics. [typha #70](https://github.com/projectcalico/typha/pull/70) (@fasaxc) + + - The CNI plugin now offers an optional environment variable called `CNI_OLD_CONF_NAME`. + If set, the CNI plug-in cleans up old configuration data during an upgrade, making it + easier to migrate to a new `CNI_CONF_NAME` value. [cni-plugin #392](https://github.com/projectcalico/cni-plugin/pull/392)(@weikinhuang) + + #### Limitations + + - **Offers only Kubernetes, OpenShift, and host endpoint integrations**: the + OpenStack, Mesos, DC/OS, rkt, and Docker orchestrators have not been tested + and are not supported. (Calico still supports Docker and rkt containers.) + We plan to resume support for the OpenStack, Mesos, DC/OS, and Docker + orchestrators in a future release. + + - **GoBGP not supported**: Setting the `CALICO_NETWORKING_BACKEND` environment + variable to `gobgp` is not supported. See [Configuring calico/node](https://docs.projectcalico.org/v3.0/reference/node/configuration) + for more information. We plan to resume support for GoBPG in a future release. + + - **Route reflectors cannot be clustered**: We plan to resume support for + this in a future release. + + components: + felix: + version: 3.0.1 + url: https://github.com/projectcalico/felix/releases/tag/3.0.1 + typha: + version: v0.6.0 + url: https://github.com/projectcalico/typha/releases/tag/v0.6.0 + calicoctl: + version: v2.0.0 + url: https://github.com/projectcalico/calicoctl/releases/tag/v2.0.0 + download_url: https://github.com/projectcalico/calicoctl/releases/download/v2.0.0/calicoctl + calico/node: + version: v3.0.1 + url: https://github.com/projectcalico/calico/releases/tag/v3.0.1 + calico/cni: + version: v2.0.0 + url: https://github.com/projectcalico/cni-plugin/releases/tag/v2.0.0 + download_calico_url: https://github.com/projectcalico/cni-plugin/releases/download/v2.0.0/calico + download_calico_ipam_url: https://github.com/projectcalico/cni-plugin/releases/download/v2.0.0/calico-ipam + calico/kube-controllers: + version: v2.0.0 + url: https://github.com/projectcalico/k8s-policy/releases/tag/v2.0.0 + confd: + version: v1.0.0 + url: https://github.com/projectcalico/confd/releases/tag/v1.0.0 + calico-bird: + version: v0.3.1 + url: https://github.com/projectcalico/calico-bird/releases/tag/v0.3.1 + calico/routereflector: + version: v0.5.0 + url: https://github.com/projectcalico/routereflector/releases/tag/v0.5.0 + calico-bgp-daemon: + version: v0.2.1 + url: https://github.com/projectcalico/calico-bgp-daemon/releases/tag/v0.2.1 + libnetwork-plugin: + version: v1.1.0 + url: https://github.com/projectcalico/libnetwork-plugin/releases/tag/v1.1.0 + networking-calico: + version: 1.4.3 + url: http://git.openstack.org/cgit/openstack/networking-calico/commit/?h=1.4.3 + - title: v3.0.0 note: | 21 December 2017 + + > **Important**: Due to a known issue in this release that can cause potential + > brief losses of connectivity after upgrading from v2.6.4, this release is + > deprecated. Use v3.0.1 instead. This issue does not affect those using the + > Kubernetes API datastore or running in policy-only mode. + {: .alert .alert-danger} #### What's new @@ -156,6 +344,7 @@ v3.0: version: v0.5.0 url: https://github.com/projectcalico/routereflector/releases/tag/v0.5.0 + - title: v3.0.0-beta1 note: | 17 November 2017 @@ -385,74 +574,73 @@ v3.0: version: v0.4.0 url: "" -# The master release stream is used to generate the master version of the docs, -# as well as for builds of `calico/node:master` via CI. Submit PRs to update the -# versions when a component changes. -master: -- title: master - note: "" - components: - felix: - version: master - url: "" - typha: - version: master - url: "" - calicoctl: - version: master - url: "https://www.projectcalico.org/builds/calicoctl" - download_url: "https://www.projectcalico.org/builds/calicoctl" - calico/node: - version: master - url: "" - calico/cni: - version: master - url: "" - download_calico_url: https://github.com/projectcalico/cni-plugin/releases/download/v2.0.0/calico - download_calico_ipam_url: https://github.com/projectcalico/cni-plugin/releases/download/v2.0.0/calico-ipam - calico-bird: - version: v0.3.1 - url: https://github.com/projectcalico/calico-bird/releases/tag/v0.3.1 - confd: - version: master - calico-bgp-daemon: - version: v0.2.2 - url: https://github.com/projectcalico/calico-bgp-daemon/releases/tag/v0.2.2 - libnetwork-plugin: - version: master - url: "" - calico/kube-controllers: - version: master - url: "" - networking-calico: - version: master - url: "" - calico/routereflector: - version: v0.5.0 - url: "" - v2.6: -- title: v2.6.4 +- title: v2.6.5 note: | - 20 December 2017 + 22 December 2017 + + - Resolves an issue which led to very brief loss of connectivity + after upgrading to v3.0.0 from v2.6.4 when using an etcd datastore. + [https://github.com/projectcalico/felix/pull/1676] + - Certain configuration changes no longer cause Felix to restart, allowing - upgrades to Calico v3.0.0. You must be on v2.6.4 before you can upgrade - to v3.0.0. [felix #1631](https://github.com/projectcalico/felix/pull/1631) (@fasaxc) - + upgrades to Calico v3.0.0. [felix #1631](https://github.com/projectcalico/felix/pull/1631) (@fasaxc) + - Calico now assigns the host side of veth pairs a MAC address of `ee:ee:ee:ee:ee:ee`. - If this fails, it uses a kernel-generated MAC address as before. For more information, + If this fails, it uses a kernel-generated MAC address as before. For more information, refer to the [Troubleshooting FAQ](https://docs.projectcalico.org/v2.6/usage/troubleshooting/). [cni-plugin #436](https://github.com/projectcalico/cni-plugin/pull/436) (@tmjd) - - - The CNI plugin now offers an optional environment variable called `CNI_OLD_CONF_NAME`. - If set, the CNI plug-in cleans up old configuration data during an upgrade, making it - easier to migrate to a new `CNI_CONF_NAME` value. [cni-plugin #392](https://github.com/projectcalico/cni-plugin/pull/392)(@weikinhuang) - `calicoctl` now includes a new environment variable called `CALICO_LIBNETWORK_VETH_MTU` that allows you to configure the MTU of veth endpoints when using the Docker orchestrator. [libnetwork-plugin #164](https://github.com/projectcalico/libnetwork-plugin/pull/164) (@ti-mo) - - + components: + felix: + version: 2.6.4 + url: https://github.com/projectcalico/felix/releases/tag/2.6.4 + typha: + version: v0.5.4 + url: https://github.com/projectcalico/typha/releases/tag/v0.5.4 + calicoctl: + version: v1.6.3 + url: https://github.com/projectcalico/calicoctl/releases/tag/v1.6.3 + download_url: https://github.com/projectcalico/calicoctl/releases/download/v1.6.3/calicoctl + calico/node: + version: v2.6.5 + url: https://github.com/projectcalico/calico/releases/tag/v2.6.5 + calico/cni: + version: v1.11.2 + url: https://github.com/projectcalico/cni-plugin/releases/tag/v1.11.2 + download_calico_url: https://github.com/projectcalico/cni-plugin/releases/download/v1.11.2/calico + download_calico_ipam_url: https://github.com/projectcalico/cni-plugin/releases/download/v1.11.2/calico-ipam + confd: + version: v0.12.1-calico-0.4.3 + url: https://github.com/projectcalico/confd/releases/tag/v0.12.1-calico-0.4.3 + libnetwork-plugin: + version: v1.1.2 + url: https://github.com/projectcalico/libnetwork-plugin/releases/tag/v1.1.2 + calico/kube-controllers: + version: v1.0.2 + url: https://github.com/projectcalico/k8s-policy/releases/tag/v1.0.2 + calico-bird: + version: v0.3.1 + url: https://github.com/projectcalico/calico-bird/releases/tag/v0.3.1 + calico-bgp-daemon: + version: v0.2.1 + url: https://github.com/projectcalico/calico-bgp-daemon/releases/tag/v0.2.1 + networking-calico: + version: 1.4.3 + url: http://git.openstack.org/cgit/openstack/networking-calico/commit/?h=1.4.3 + calico/routereflector: + version: v0.4.2 + url: "" + +- title: v2.6.4 + note: | + 20 December 2017 + + - This release has an issue which causes rolling upgrades to not work properly. We + recommend that you use v2.6.5 instead. components: felix: version: 2.6.3 @@ -493,17 +681,17 @@ v2.6: calico/routereflector: version: v0.4.1 url: "" - + - title: v2.6.3 note: | 28 November 2017 - - Addresses several outstanding common vulnerabilities and exposures (CVE). + + Calico v2.6.3 addresses several outstanding common vulnerabilities and exposures (CVE). + - A new node controller for Kubernetes deployments clears data associated with deleted nodes from the Calico datastore, preventing conflicts that can lead to crash loops. - - Reduces default confd log level from `debug` to `info`. - - [#418](https://github.com/projectcalico/cni-plugin/pull/418): If the [CNI-plugin](https://github.com/projectcalico/cni-plugin) fails to re-network an existing endpoint, it no longer releases the IP allocations to the pool that are still attached to the endpoint. (@fasaxc) - - [#408](https://github.com/projectcalico/cni-plugin/pull/408): The [CNI-plugin](https://github.com/projectcalico/cni-plugin) no longer throws file exists while programming route (@gunjan5) + components: felix: version: 2.6.2 @@ -545,7 +733,6 @@ v2.6: version: v0.4.1 url: "" - - title: v2.6.2 note: | 16 October 2017 @@ -1894,5 +2081,52 @@ v2.1: url: http://git.openstack.org/cgit/openstack/networking-calico/commit/?h=1.4.1 +# The master release stream is used to generate the master version of the docs, +# as well as for builds of `calico/node:master` via CI. Submit PRs to update the +# versions when a component changes. +master: +- title: master + note: "" + components: + felix: + version: master + url: "" + typha: + version: master + url: "" + calicoctl: + version: master + url: "https://www.projectcalico.org/builds/calicoctl" + download_url: "https://www.projectcalico.org/builds/calicoctl" + calico/node: + version: master + url: "" + calico/cni: + version: master + url: "" + download_calico_url: https://github.com/projectcalico/cni-plugin/releases/download/v2.0.0/calico + download_calico_ipam_url: https://github.com/projectcalico/cni-plugin/releases/download/v2.0.0/calico-ipam + calico-bird: + version: v0.3.1 + url: https://github.com/projectcalico/calico-bird/releases/tag/v0.3.1 + confd: + version: master + calico-bgp-daemon: + version: v0.2.2 + url: https://github.com/projectcalico/calico-bgp-daemon/releases/tag/v0.2.2 + libnetwork-plugin: + version: master + url: "" + calico/kube-controllers: + version: master + url: "" + networking-calico: + version: master + url: "" + calico/routereflector: + version: v0.5.0 + url: "" + + # Local directories to ignore when checking external links -htmlProoferLocalDirIgnore: /v1.5/,/v1.6/,/v2.0/,/v2.1/,/v2.2/,/v2.3/ +htmlProoferLocalDirIgnore: /v1.5/,/v1.6/,/v2.0/,/v2.1/,/v2.2/,/v2.3/ \ No newline at end of file