Releases: liqotech/liqo
Releases · liqotech/liqo
v0.10.1
Contributors
cheina97
Assets 13
v0.10.0
What's Changed
Version 0.10.0 marks a step forward in inter-cluster security.
This release introduces an inter-cluster traffic segregation optional mode that prevents remote workloads from accessing local not-offloaded services. Additionally, the local cluster will only be able to contact its offloaded pods and not other pods running remotely.
Another feature makes it possible to configure a per-resource allow-based or deny-based reflection mechanism. Two different reflection mechanisms can be selected for each resource at install time:
- DenyList: reflects all the resources available in the liqo-enabled namespaces, excluding the ones with the
liqo.io/skip-reflectionannotation. - AllowList: do not reflect any resource in the liqo-enabled namespaces, but the ones with the
liqo.io/allow-reflectionannotation.
Other minor improvements and bug fixes have been introduced.
Thank you to everyone who tested our previous release, gave us hints to improve the project's usability, and contributed to this release!
🚀 New Features
- Enable Gateway leader election only if replicate gt 1 by @Sharathmk99 in #2029
- Force NodePort's port from Helm Values by @cheina97 in #2037
- Security Mode: traffic segregation by @francescodanzi in #1695
- Telemetry: security mode by @cheina97 in #2083
- AllowList-based and DenyList-based Resource Reflection by @fra98 in #1961
🐛 Bug Fixes
- Fix bug endpoints not reflected by @fra98 in #2032
- Overlay Operator test timeout by @cheina97 in #2034
- Fix nil pointer deference in pod Ready condition by @fra98 in #2039
- Endpointslices reflection fix by @fra98 in #2043
- Makefile: Improved MacOS compatibility by @cannarelladev in #2047
- Always reflect kube-root-ca.crt configmap in offloaded namespaces by @fra98 in #2044
- Fix - Liqo Gateway & Auth Loadbalancer Typo by @Sharathmk99 in #2052
- Metric Agent: cache fix by @cheina97 in #2080
- CI: Increased flannel wait by @cheina97 in #2090
- Security Mode: E2E tests by @cheina97 in #2084
🧹 Code Refactoring
- CI: added proxy by @cheina97 in #2041
- Liqo Proxy by @cheina97 in #2040
- Bump golangci-lint and gci by @fra98 in #2064
- Liqonet: connchecker refactoring by @cheina97 in #2076
- Liqonet: IPSet by @cheina97 in #2109
- Added pre-commit hook configuration by @cheina97 in #2117
📝 Documentation
- Docs: supported kubernetes versions by @cheina97 in #2063
- Docs: security modes by @francescodanzi in #2060
- Clarified the use of custom installation options by @frisso in #2086
- Docs: add warning for api server when security mode is enabled by @aleoli in #2111
Other Changes
New Contributors
- @francescodanzi made their first contribution in #1695
Full Changelog: v0.9.4...v0.10.0
Contributors
Sharathmk99, frisso, and 5 other contributors
Assets 13
v0.9.4
What's Changed
🚀 New Features
- AllowList-based and DenyList-based Resource Reflection by @fra98 in #1961
- Liqo-route: liqo.host forward by @cheina97 in #1979
- Controller client timeout by @cheina97 in #1991
- Helm values files for CLI by @scottboring in #1974
- AKS Private Link by @scottboring in #1985
🐛 Bug Fixes
- Liqo-route: iptables-nft by @cheina97 in #1978
- Liqoctl: check --dump-values-path install flag by @fra98 in #1975
- Telemetry service-account permissions by @cheina97 in #1995
🧹 Code Refactoring
- Issues template refactoring by @cheina97 in #1983
- chore: chunks slice loop append replace by @testwill in #1986
- VirtualNode: namespacemap virtualnode selector by @cheina97 in #1977
- Fix go version in go.mod by @aleoli in #1996
- fix dependabot docker updater by @aleoli in #2002
- VirtualNode: deletion-routine refactoring by @cheina97 in #1984
Other Changes
- liqoctl: add create VirtualNode command by @aleoli in #1944
- liqo-route: mac annotation fix by @cheina97 in #2014
- Override default Ingress tls secretName by @Sharathmk99 in #2012
- Bump GCI version to v0.11.0 by @fra98 in #2022
- Adding a reference how to download liqoctl by @frisso in #2024
- Liqo Gateway & Auth Service Loadbalancer Static IP by @Sharathmk99 in #2013
New Contributors
Full Changelog: v0.9.3...v0.9.4
Contributors
Sharathmk99, testwill, and 5 other contributors
Assets 13
v0.9.3
Contributors
aleoli
Assets 13
v0.9.2
What's Changed
🚀 New Features
- E2E: added flannel tests + CNI refactoring by @cheina97 in #1964
- AKS vnet resource group by @scottboring in #1969
- Added possibility to switch to iptables nf_tables by @cheina97 in #1970
🐛 Bug Fixes
📝 Documentation
- Update roadmap for v0.10 release by @aleoli in #1963
- Docs: liqoctl download fix by @cheina97 in #1971
Other Changes
- Bump alpine version from 3.15 to 3.18 by @cheina97 in #1967
- Bump golang version from 1.20 to 1.21 by @cheina97 in #1966
Full Changelog: v0.9.1...v0.9.2
Contributors
cheina97, aleoli, and scottboring
Assets 13
v0.9.1
What's Changed
🚀 New Features
🐛 Bug Fixes
- Docs: tag injection fix by @cheina97 in #1940
- Liqo-route: added static mac to vxlan + device sanity check by @cheina97 in #1945
- Add well known labels/annotations that must not be reflected by @fra98 in #1948
- Telemetry: E2E tests + VirtualNode scheme by @cheina97 in #1960
🧹 Code Refactoring
📝 Documentation
Full Changelog: v0.9.0...v0.9.1
Contributors
cheina97, aleoli, and fra98
Assets 13
v0.9.0
Version 0.9.0 marks another big step forward in the maturity and usability of the project.
This release introduces the possibility of declaratively creating VirtualNodes. Now, Liqo better supports temporary disruptions of peered clusters and/or network unavailability. See Service Continuity for further details. Additionally, you can specify which labels and annotations will not be reflected in remote clusters; this may help in case of conflicting controllers on the two sides.
Other minor improvements and bug fixes have been introduced.
Thank you to all the people who tested our previous release, gave us hints to improve the project's usability, and contributed to this release!
What's Changed
💥 Breaking Change
🚀 New Features
- Extra tolerations for route daemonset by @Sharathmk99 in #1845
- Support caching of local offloaded pods in the controller-manager by @fra98 in #1848
- Liqoctl: confirm by @cheina97 in #1849
- Liqonet: boringtun ARM fix by @cheina97 in #1852
- feature: reflect remote events to the local cluster by @aleoli in #1839
- Added NodeSelector, Toleration and Affinity for CreateSecret Job by @Sharathmk99 in #1843
- Add flag to set images to use during volumes move by @aleoli in #1878
- Liqoctl: added confirm prompt to liqoctl unpeer by @cheina97 in #1891
- Add to "liqoctl status peer" status and URL of the remote API server by @fra98 in #1880
- feature: enable per pod remote APIServer support by @aleoli in #1854
- Disable the reflection of specific labels and annotations by @fra98 in #1907
- Liqoctl: install warnings by @cheina97 in #1936
🐛 Bug Fixes
- Mark local offloaded pods as NotReady when virtual-node is not ready (i.e. remote cluster failure) by @fra98 in #1853
- Liqoctl: install postProviderValues fix by @cheina97 in #1858
- VirtualKubelet: pod nil labels map by @cheina97 in #1938
🧹 Code Refactoring
- FIeldSelector indexer by @cheina97 in #1840
- Bump controller runtime to version 0.15 by @aleoli in #1857
- Pull Calico from docker proxy to avoid DockerHub ban by @aleoli in #1875
- remove replacement and use vk v1.10 for port forwarding by @ssoBAekiL in #1876
- Docs: sphinx-autobuild by @cheina97 in #1928
- Lint: disable depguard check by @fra98 in #1933
📝 Documentation
- Update documentation flag for moving a PVC between clusters. by @tom-asmblr in #1868
- Update prometheus-metrics.md by @scottboring in #1869
- Docs: telemetry by @cheina97 in #1929
- Service Continuity documentation by @fra98 in #1881
Other Changes
- E2E tests: increased restart count tollerance by @cheina97 in #1892
- Bump golangci-lint version from 1.52.0 to 1.53.3 by @cheina97 in #1921
- Bump golang version from 1.19 to 1.20 by @cheina97 in #1922
- CI: disable linter cache by @cheina97 in #1934
New Contributors
- @tom-asmblr made their first contribution in #1868
- @scottboring made their first contribution in #1869
Full Changelog: v0.8.3...v0.9.0
Contributors
Sharathmk99, cheina97, and 5 other contributors
Assets 13
v0.8.3
Contributors
cheina97
Assets 13
v0.8.2
What's Changed
🚀 New Features
- Liqoctl: pod status check enhanced by @cheina97 in #1799
- ShadowEndpointSlice controller check for foreign API server status by @fra98 in #1774
- Virtual node checks the status of the API server via the ForeignCluster by @fra98 in #1820
- Liqoctl: flag to set service type by @cheina97 in #1825
- Add virtual-kubelet Grafana dashboard by @damianot98 in #1807
- ShadowPod Status by @Sharathmk99 in #1805
🐛 Bug Fixes
🧹 Code Refactoring
📝 Documentation
- Minor improvements to documentation by @frisso in #1798
- Roadmap v0.9 by @cheina97 in #1801
- Improving docs about Liqo metrics by @frisso in #1809
- Docs: Added supported k8S version by @cheina97 in #1813
- Docs: supported k8s version syntax by @cheina97 in #1817
- Document possibility to use external Prometheus server by @frisso in #1834
Other Changes
Full Changelog: v0.8.1...v0.8.2
Contributors
Sharathmk99, QcFe, and 5 other contributors
Assets 13
v0.8.1
Contributors
cheina97