Skip to content

Release v0.8

Pre-release
Pre-release
Compare
Choose a tag to compare
@vinaykul vinaykul released this 07 Jun 21:49
· 87 commits to dev-next since this release
v0.8
0a5f14d
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.

This release brings the following:

  1. Mizar deployment for Kubernetes via single yaml.
  2. Major stability improvements/upgrades and bug fixes.
  3. Label-based Network Policy for K8s for efficient Network Policy enforcement.
  4. Bandwidth & QoS for Pod network traffic using Earliest Departure Time (EDT) algorithm.

  • Mizar can now be deployed in a K8s cluster via deploy.mizar.yaml

  • Mizar stabilization fixes include:

    • Add CLI support for XDP program offload to capable NICs.
    • Bootstrap install latest kind and kubectl.
    • Fix daemon gRPC issue.
    • Fix config map creation issue.
    • Fix for non-main interface droplets.
    • Fix CNI "node not ready" error.
    • Fix “no interface found” CNI error.
    • Fix endpoint droplet mismatch.
    • Extend delay for retries.
    • Fix for bootstrap of nodes.
    • Initialize RPC class with correct interface.
    • Add additional XDP tools.
    • Fix multiple clusters bring-up issues with NoneType Error.
    • Fix for load transit CLI unit tests.
    • Add CI via GitHub Actions and remove Travis CI.
    • Add starter code for additional validation of operator errors in E2E tests.

  • Label-based Network Policy feature:

    • Add new BPF map to store packet metadata that holds Pod & Namespace labels for outgoing packets.
    • Translation of Pod & Namespace string labels into integer value labels.
    • CLI mechanism to configure integer label values for outgoing packets.
    • Definition of Pod & Namespace label GENEVE option types.
    • Update transit agent XDP packet encapsulation code to carry integer labels in GENEVE options.
    • CLI mechanism to configure Pod & Namespace Network Policy labels list for policy enforcement at ingress.
    • Update ingress packet processing transit XDP code to read labels in GENEVE options and enforce Network Policy via labels.

  • Pod network traffic bandwidth rate-limiting and QoS feature:

    • New Linux Traffic Control (TC) eBPF program that implements EDT (Earliest Departure Time) rate-limiting.
    • New BPF map entry to hold config-specified egress bandwidth value used by TC eBPF program.
    • Create Mizar linux bridge and use it for routing low-priority egress traffic from Pod veth pairs to TC eBFP hook.
    • CLI changes to read kubernetes.io/egress-bandwidth annotation and plumb it to BPF map.
    • Transit & agent XDP program modifications to classify Pod network traffic and route via TC eBPF program.

  • Bug fixes:

    • EDT eBPF Bandwidth QoS feature breaks SSH connectivity (issue #501)
    • Remove existing host_ep in baremetal & VM deployments (issue #475)
    • Fix pod creation failure in droplets without main interface (issue #474)
    • Deployment failure when operator comes up before daemon (issue #473)
    • Kind deployment issue with mizar daemon stuck due to image pull failure (issue #439)
    • Pod stuck in ContainerCreating state (issue #436)
Assets 3
Loading