v1.23.0

[gardener-extension-networking-cilium]

✨ New Features

• [OPERATOR] The networking-cilium's gardener-extension-networking-cilium Service can now be topology-aware (depending on the Seed setting and the Shoot HA failure tolerance type). For more details, see the Topology-aware Traffic Routing documentation. (gardener/gardener-extension-networking-cilium#172, @ialidzhikov)

🐛 Bug Fixes

• [OPERATOR] The cilium operator now only runs with multiple replicas if the shoot cluster has multiple nodes (gardener/gardener-extension-networking-cilium#166, @Wieneo)
• [OPERATOR] The stale healthcheck conditions from the network extension are now properly cleaned up. (gardener/gardener-extension-networking-cilium#170, @shafeeqes)

🏃 Others

• [OPERATOR] Bump builder image from golang:1.19.4 to golang:1.20.2 (gardener/gardener-extension-networking-cilium#168, @DockToFuture)
• [OPERATOR] Update cilium to v1.13.1. (gardener/gardener-extension-networking-cilium#169, @DockToFuture)
• [OPERATOR] E2E tests are added which create a new cilium shoot cluster, run the connectivity tests and clean afterwards everything up. (gardener/gardener-extension-networking-cilium#174, @DockToFuture)
• [DEPENDENCY] The following dependency is updated: (gardener/gardener-extension-networking-cilium#170, @shafeeqes)
  • github.com/gardener/gardener: v1.66.0 -> v1.66.1

v1.22.1

[gardener-extension-networking-cilium]

🐛 Bug Fixes

• [OPERATOR] The stale healthcheck conditions from the network extension are now properly cleaned up. (gardener/gardener-extension-networking-cilium#171, @shafeeqes)

🏃 Others

• [DEPENDENCY] The following dependency is updated: (gardener/gardener-extension-networking-cilium#171, @shafeeqes)
  • github.com/gardener/gardener: v1.66.0 -> v1.66.1

v1.22.0

[gardener-extension-networking-cilium]

✨ New Features

• [USER] cilium is marked as a node-critical component. With this, workload pods are only scheduled to a Node if it runs a ready cilium pod. (gardener/gardener-extension-networking-cilium#152, @dergeberl)

🏃 Others

• [OPERATOR] Removed minAllowed.cpu from all VPA objects (gardener/gardener-extension-networking-cilium#160, @voelzmo)
• [OPERATOR] Dashboard for cilium agent, cilium operator and hubble is updated and deprecated http metric is replaced. (gardener/gardener-extension-networking-cilium#161, @DockToFuture)
• [OPERATOR] Adapted extension components to support the FullNetworkPoliciesInRuntimeCluster feature gate introduced by gardener/gardener v1.66, see here and #7352 for more information. (gardener/gardener-extension-networking-cilium#162, @ScheererJ)
• [OPERATOR] Extension networking calico is scraped for metrics per default on the seed. (gardener/gardener-extension-networking-cilium#163, @ScheererJ)
• [OPERATOR] Update cilium to v1.13.0. (gardener/gardener-extension-networking-cilium#154, @DockToFuture)
• [OPERATOR] Enforcement of overlay network for cilium shoot clusters is now disabled. (gardener/gardener-extension-networking-cilium#159, @DockToFuture)
  • For clusters without overlay network SNAT is now disabled in node CIDR range and pod CIDR range.
• [DEPENDENCY] The following dependency is updated: (gardener/gardener-extension-networking-cilium#155, @shafeeqes)
  • github.com/gardener/gardener: v1.59.0 -> v1.64.0
  • k8s.io/* : v0.25.0 -> v0.26.1
  • sigs.k8s.io/controller-runtime: v0.13.0-> v0.14.4
• [DEPENDENCY] The following dependency is updated: (gardener/gardener-extension-networking-cilium#158, @shafeeqes)
  • github.com/gardener/gardener: v1.64.0 -> v1.65.0

v1.21.0

[gardener-extension-networking-cilium]

🏃 Others

• [OPERATOR] Cleanup unneeded container images etcd-operator, node-init and preflight. (gardener/gardener-extension-networking-cilium#146, @axel7born)
• [OPERATOR] Disable native routing mode for cilium. (gardener/gardener-extension-networking-cilium#151, @DockToFuture)

v1.20.1

no release notes available

v1.20.0

[gardener-extension-networking-cilium]

✨ New Features

• [USER] This release adds HA support for Ciliums's operator when extension is deployed along with Gardener >= v1.60. Please see this document for more information about HA settings in shoot clusters. (gardener/gardener-extension-networking-cilium#138, @timuthy)
• [OPERATOR] Extension and control-plane components have been adjusted to the high availability configuration supported by Gardener as of release v1.60. See this document for more information about HA in gardener. (gardener/gardener-extension-networking-cilium#138, @timuthy)

🏃 Others

• [OPERATOR] hubble-generate-certs job can now use image overwrites. (gardener/gardener-extension-networking-cilium#144, @ScheererJ)
• [OPERATOR] Cilium networking no longer supports Shoots with Кubernetes version < 1.20. (gardener/gardener-extension-networking-cilium#145, @dimitar-kostadinov)
• [OPERATOR] Masquerading to the upstream dns server can now be configured. This is needed on some infrastructures where traffic to the dns server with the pod CIDR range is blocked. (gardener/gardener-extension-networking-cilium#147, @DockToFuture)

v1.19.0

[gardener-extension-networking-cilium]

🏃 Others

• [OPERATOR] Update cilium to v1.12.4. (gardener/gardener-extension-networking-cilium#140, @DockToFuture)
• [OPERATOR] Updated portmap-copier to v0.2.0 (gardener/gardener-extension-networking-cilium#141, @ScheererJ)
• [OPERATOR] Update hubble to v0.9.2 (gardener/gardener-extension-networking-cilium#142, @ScheererJ)
• [OPERATOR] PodSecurityPolicy for hubble-relay is now correctly allowing seccomp profiles to be used (gardener/gardener-extension-networking-cilium#143, @ScheererJ)

v1.18.0

[gardener-extension-networking-cilium]

🏃 Others

• [OPERATOR] Shoot pods created by this extension now have their seccomp profiles set to "RuntimeDefault". (gardener/gardener-extension-networking-cilium#129, @AleksandarSavchev)
• [OPERATOR] Update go version to v1.19.2. (gardener/gardener-extension-networking-cilium#132, @DockToFuture)
• [OPERATOR] Adds a heartbeat controller that creates and renews a Lease resource named gardener-extension-heartbeat in the namespace where the extension controller is deployed. This Lease resource can be used by other controllers to check if the networking-cilium extension controller is running. (gardener/gardener-extension-networking-cilium#133, @AleksandarSavchev)
• [OPERATOR] Update cilium to v1.12.3. (gardener/gardener-extension-networking-cilium#134, @DockToFuture)
• [OPERATOR] The cilium extension supports switching between overlay and non-overlay mode. In overlay mode vxlan is used as default network overlay. (gardener/gardener-extension-networking-cilium#135, @DockToFuture)
• [OPERATOR] IPAM mode is changed to kubernetes for new shoot cluster. cluster-pool mode is preserved for existing ones. (gardener/gardener-extension-networking-cilium#137, @DockToFuture)
  • BPF masquerading is enabled.
• [DEPENDENCY] Dependency github.com/gardener/gardener is updated v1.54.0 -> v1.59.0. (gardener/gardener-extension-networking-cilium#133, @AleksandarSavchev)

v1.17.0

[gardener-extension-networking-cilium]

⚠️ Breaking Changes

• [OPERATOR] Please make sure you're running [email protected] or above before upgrading to this version. (gardener/gardener-extension-networking-cilium#120, @shafeeqes)

🏃 Others

• [OPERATOR] Kubernetes conform hostPort/hostIP handling with cilium clusters. (gardener/gardener-extension-networking-cilium#128, @ScheererJ)
• [OPERATOR] Ensure that the kubernetes api server host is always set when running cilium without kube-proxy. (gardener/gardener-extension-networking-cilium#116, @ScheererJ)
• [OPERATOR] The following dependency is updated: (gardener/gardener-extension-networking-cilium#117, @shafeeqes)
  • github.com/gardener/gardener: v1.50.1 -> v1.52.2
• [OPERATOR] Networking provider cilium works again with allowPrivilegedContainers=false. (gardener/gardener-extension-networking-cilium#119, @ScheererJ)
• [OPERATOR] Cilium works again with node-local-dns after change of default health check port to 8099. (gardener/gardener-extension-networking-cilium#121, @ScheererJ)
• [OPERATOR] The cilium/cilium-kube-proxy-clean-up init container no longer runs in privileged mode. (gardener/gardener-extension-networking-cilium#123, @ialidzhikov)
• [OPERATOR] The following dependency is updated: (gardener/gardener-extension-networking-cilium#126, @shafeeqes)
  • github.com/gardener/gardener: v1.52.2 -> v1.54.0
  • k8s.io/* : v0.24.3 -> v0.24.4
• [OPERATOR] Removed support for kubernetes < 1.17 from cilium networking provider. (gardener/gardener-extension-networking-cilium#127, @ScheererJ)
• [DEPENDENCY] The following dependency is updated: (gardener/gardener-extension-networking-cilium#118, @shafeeqes)
  • k8s.io/* : v0.24.2 -> v0.24.3

v1.16.3

no release notes available