Releases: aws/amazon-vpc-cni-k8s
v1.7.9 Release Candidate 1
v1.7.9 Release Candidate 1
Changes since v1.7.8:
- Improvement - Adds http timeout to aws sessions (#1370 by couralex6)
- Improvement - Switch calico to be deployed with the Tigera operator (#1297 by tmjd)
- Improvement - Update calico to v3.17.1 (#1328 by lwr20)
- Improvement - update plugins to v0.9.0 (#1362 by fr0stbyte)
- Improvement - update github.com/containernetworking/plugins to v0.9.0 (#1350 by fr0stbyte)
- Bug - Fix regex match for getting primary interface (#1311 by Jayanthvn)
- Bug - Output to stderr when no log file path is passed (#1275 by couralex6)
- Bug - Fix deletion of hostVeth rule for pods using security group (#1376 by SaranBalaji90)
To apply this release:
kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/release-1.7/config/v1.7/release-candidate/aws-k8s-cni.yaml
Verify the update:
$ kubectl describe daemonset aws-node -n kube-system | grep Image | cut -d "/" -f 2
amazon-k8s-cni-init:v1.7.9-rc1
amazon-k8s-cni:v1.7.9-rc1
v1.7.8 Release
This is a patch release to make EC2 DescribeNetworkInterfaces calls paginated and avoid EC2 API call latency in some cases.
Changes since v1.7.7 -
- Improvement - Replace DescribeNetworkInterfaces with paginated version (#1333, @haouc)
If you want to apply this config to one of your clusters:
kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/v1.7.8/config/v1.7/aws-k8s-cni.yaml
Verify the update:
kubectl describe daemonset aws-node -n kube-system | grep Image | cut -d "/" -f 2
amazon-k8s-cni-init:v1.7.8
amazon-k8s-cni:v1.7.8
To use version v1.7.8 of the cni-metrics-helper in a cluster:
kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/v1.7.8/config/v1.7/cni-metrics-helper.yaml
v1.7.7 Release
This is a patch release to cleanly delete regular pods with PPSG enabled with force delete.
Changes since v1.7.6 -
Thanks to @SaranBalaji90 for the fix.
If you want to apply this config to one of your clusters:
kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/v1.7.7/config/v1.7/aws-k8s-cni.yaml
Verify the update:
kubectl describe daemonset aws-node -n kube-system | grep Image | cut -d "/" -f 2
amazon-k8s-cni-init:v1.7.7
amazon-k8s-cni:v1.7.7
To use version v1.7.7 of the cni-metrics-helper in a cluster:
kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/v1.7.7/config/v1.7/cni-metrics-helper.yaml
v1.7.6 Release
This is a patch release to support instances with EFA ENIs (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/efa.html).
Changes since v1.7.5
- Improvement - Avoid detaching EFA ENIs (#1237 , @mogren)
- Improvement - Add t4g instance type (#1219 , @mogren)
- Improvement - Add p4d.24xlarge instance type (#1238 , @mogren)
- Improvement - Update calico to v3.16.2 (#1235 , @lwr20)
- Improvement - Update readme on stdout support for plugin log file (#1251 , @jayanthvn)
- Bug - Make p3dn.24xlarge examples more realistic (#1263 , @mogren)
- Bug - Make sure we have space for a trunk ENI (#1210 , @mogren)
- Bug - Update README for DISABLE_TCP_EARLY_DEMUX (#1273 , @SaranBalaji90)
- Bug - Update p4 instance limits (#1289 , @jayanthvn)
Thanks to all the contributors!!!
If you want to apply this config to one of your clusters:
kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/v1.7.6/config/v1.7/aws-k8s-cni.yaml
Verify the update:
kubectl describe daemonset aws-node -n kube-system | grep Image | cut -d "/" -f 2
amazon-k8s-cni-init:v1.7.6
amazon-k8s-cni:v1.7.6
To use version v1.7.6 of the cni-metrics-helper in a cluster:
kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/v1.7.6/config/v1.7/cni-metrics-helper.yaml
v1.7.5 Release
This is a patch release to address issue #1246, #1250.
The issue is caused by init.sh script tries to grep host IP and could match more than one ENIs. The consequence is the CNI starting up will be failed.
Changes since v1.7.4
- Bug - Match primary ENI IP correctly (#1247 , @mogren)
If you want to apply this config to one of your clusters:
kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/v1.7.5/config/v1.7/aws-k8s-cni.yaml
Verify the update:
kubectl describe daemonset aws-node -n kube-system | grep Image | cut -d "/" -f 2
amazon-k8s-cni-init:v1.7.5
amazon-k8s-cni:v1.7.5
To use version v1.7.5 of the cni-metrics-helper in a cluster:
kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/v1.7.5/config/v1.7/cni-metrics-helper.yaml
v1.7.4 Release
This is a patch release to address issue #1241 where the CNI will fail to start on kernels older than 4.6.
The issue is caused by the init container assuming that the net.ipv4.tcp_early_demux key will be present. The early TCP demux change that breaks TCP connections from kubelet to pods using per pod security groups was added in kernel 3.6, but the flag to disable it was not added until 4.6. This means using TCP health checks for per pod security groups requires at least Linux kernel 4.6.
Changes since v1.7.3
If you want to apply this config to one of your clusters:
kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/v1.7.4/config/v1.7/aws-k8s-cni.yaml
Verify the update:
kubectl describe daemonset aws-node -n kube-system | grep Image | cut -d "/" -f 2
amazon-k8s-cni-init:v1.7.4
amazon-k8s-cni:v1.7.4
To use version v1.7.4 of the cni-metrics-helper in a cluster:
kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/v1.7.4/config/v1.7/cni-metrics-helper.yaml
v1.7.3 Release
This is a patch release to address issue #1212 which affects clusters that use the AWS EKS Per Pod Security Group feature.
The only reason to use this version over v1.7.2 is to be able to turn off tcp_early_demux to unblock host TCP communication to pods on the same node using Per Pod SG, such as liveness/readiness checks. Using this version and setting DISABLE_TCP_EARLY_DEMUX to true in the initContainer config will slightly increase the latency for node local TCP connections.
This fix does NOT turn off tcp_early_demux by default since it is only needed when you need local TCP connectivity to pods using the security groups for pods on the same node.
Changes since v1.7.2
If you want to apply this config to one of your clusters:
kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/v1.7.3/config/v1.7/aws-k8s-cni.yaml
Verify the update:
kubectl describe daemonset aws-node -n kube-system | grep Image | cut -d "/" -f 2
amazon-k8s-cni-init:v1.7.3
amazon-k8s-cni:v1.7.3
To use version v1.7.3 of the cni-metrics-helper in a cluster:
kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/v1.7.3/config/v1.7/cni-metrics-helper.yaml
v1.7.2 Release
This is a patch release to address issues #737, #964, #989, #1070, #1094, #1100, #1101, and #1148. This also includes a version bump of Calico to v3.15.1 and some minor cleanups.
Changes since v1.7.1
- Bug - Avoid deleting ENIs being created by older CNI versions (#1109, @jayanthvn)
- Bug - Handle stale IMDS metadata for secondary IPs (#1177, @mogren)
- Bug - Mount /run/xtables.lock to prevent unwanted race conditions (#1186, @kgtw)
- Bug - Make a deep copy for introspection (#1179, @mogren)
- Bug - Wait for ENI and secondary IPs (#1174, @mogren)
- Improvement - Update Calico images to v3.15.1 & set routeSource=WorkloadIPs for v1.7 (#1182, @realgaurav)
- Improvement - Update Calico to v3.15.1 & set routeSource=WorkloadIPs (#1165, @realgaurav)
- Improvement - Clean up go lint warnings (#1162, @mogren)
- Improvement - Update SG on secondary ENIs (#1098, @jayanthvn)
- Improvement - Fix device number and update table name the device index (#1071, @mogren)
If you want to apply this config to one of your clusters:
kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/v1.7.2/config/v1.7/aws-k8s-cni.yaml
Verify the update:
kubectl describe daemonset aws-node -n kube-system | grep Image | cut -d "/" -f 2
amazon-k8s-cni-init:v1.7.2
amazon-k8s-cni:v1.7.2
To use version v1.7.2 of the cni-metrics-helper in a cluster:
kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/v1.7.2/config/v1.7/cni-metrics-helper.yaml
v1.7.2 Release Candidate 1
This is a patch release to address issues #737, #964, #989, #1070, #1094, #1100, #1101, and #1148. This also includes a version bump of Calico to v3.15.1 and some minor cleanups.
Changes since v1.7.1
- Bug - Avoid deleting ENIs being created by older CNI versions (#1109, @jayanthvn)
- Bug - Handle stale IMDS metadata for secondary IPs (#1177, @mogren)
- Bug - Mount /run/xtables.lock to prevent unwanted race conditions (#1186, @kgtw)
- Bug - Make a deep copy for introspection (#1179, @mogren)
- Bug - Wait for ENI and secondary IPs (#1174, @mogren)
- Improvement - Update Calico images to v3.15.1 & set routeSource=WorkloadIPs for v1.7 (#1182, @realgaurav)
- Improvement - Update Calico to v3.15.1 & set routeSource=WorkloadIPs (#1165, @realgaurav)
- Improvement - Clean up go lint warnings (#1162, @mogren)
- Improvement - Update SG on secondary ENIs (#1098, @jayanthvn)
- Improvement - Fix device number and update table name the device index (#1071, @mogren)
If you want to apply this config to one of your clusters:
kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/release-1.7/config/v1.7/release-candidate/aws-k8s-cni.yaml
Verify the update:
kubectl describe daemonset aws-node -n kube-system | grep Image | cut -d "/" -f 2
amazon-k8s-cni-init:v1.7.2-rc1
amazon-k8s-cni:v1.7.2-rc1
To use version v1.7.2-rc1 of the cni-metrics-helper in a cluster:
kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/release-1.7/config/v1.7/release-candidate/cni-metrics-helper.yaml
v1.7.1 Release
This is a patch release to address issue #1159, Calico deletes routes with v1.7.0. This was fixed in PR #1166 .
Changes since v1.7.0
- Bug - Calico deletes routes when using CNI v1.7.0 (#1166, @jayanthvn)
- Improvement - enable manual override for VERSION in images (#1156, @nprab428)
If you want to apply this config to one of your clusters:
kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/v1.7.1/config/v1.7/aws-k8s-cni.yaml
Verify the update:
kubectl describe daemonset aws-node -n kube-system | grep Image | cut -d "/" -f 2
amazon-k8s-cni:v1.7.1
To use version v1.7.1 of the cni-metrics-helper in a cluster:
kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/v1.7.1/config/v1.7/cni-metrics-helper.yaml