v0.11.0-rc.1

• E2E test fix

  Francesco Cheinasso - Thu, 9 May 2024 12:02:06 +0200

• Network: fwcfg and rtcfg reque

  Francesco Cheinasso - Wed, 8 May 2024 11:12:20 +0200

• Cleanup old consts and tests

  Francesco Torta - Wed, 8 May 2024 10:59:13 +0200

• Removed old net api

  Francesco Torta - Wed, 8 May 2024 10:51:22 +0200

• bump lint action

  Alessandro Olivero - Mon, 6 May 2024 17:55:36 +0200

• fix unit test

  Alessandro Olivero - Mon, 6 May 2024 17:55:36 +0200

• remove ipam storage and refactor ipam

  Alessandro Olivero - Mon, 6 May 2024 17:55:36 +0200

• old network packages cleanup

  Alessandro Olivero - Mon, 6 May 2024 17:55:36 +0200

• Removed liqonet build from CI

  Francesco Torta - Mon, 6 May 2024 11:17:20 +0200

• fix key renque

  Alessandro Olivero - Fri, 26 Apr 2024 15:14:53 +0200

• LiqoMapper fix for namespaced clients

  Francesco Cheinasso - Fri, 26 Apr 2024 09:48:45 +0200

• Renamed flag to enable/disable the Networking module

  Francesco Torta - Wed, 24 Apr 2024 12:06:17 +0200

• Higher verbosity for internalnodes not found

  Francesco Torta - Wed, 24 Apr 2024 11:39:00 +0200

• fix external network logs

  Alessandro Olivero - Wed, 24 Apr 2024 11:39:00 +0200

• Refactoring controller-manager main

  Francesco Torta - Wed, 24 Apr 2024 11:39:00 +0200

• Remove natmapping inflater

  Francesco Torta - Wed, 24 Apr 2024 11:39:00 +0200

• swap gw server and client default configuration

  Alessandro Olivero - Wed, 24 Apr 2024 11:39:00 +0200

• Network: virtualkubelet remapping exceptionfor local pods

  Francesco Cheinasso - Wed, 24 Apr 2024 11:39:00 +0200

• podCIDR remapping exclude eth0

  Francesco Cheinasso - Wed, 24 Apr 2024 11:39:00 +0200

• DNS resolver fix

  Francesco Cheinasso - Wed, 24 Apr 2024 11:39:00 +0200

• Network: remapping controller refactoring

  Francesco Cheinasso - Wed, 24 Apr 2024 11:39:00 +0200

• Offloading: ip mapping (virtualkubelet integration)

  Francesco Cheinasso - Wed, 24 Apr 2024 11:39:00 +0200

• Network: liqoctl pod wait for ready status

  Francesco Cheinasso - Wed, 24 Apr 2024 11:39:00 +0200

• Generate clients for IP resource

  Francesco Cheinasso - Wed, 24 Apr 2024 11:39:00 +0200

• Network: gw restart fix

  Francesco Cheinasso - Wed, 24 Apr 2024 11:39:00 +0200

• Network: geneve tunnel ID fix

  Francesco Cheinasso - Wed, 24 Apr 2024 11:39:00 +0200

• IP resource creation

  Francesco Cheinasso - Wed, 24 Apr 2024 11:39:00 +0200

• Network: ip mapping

  Francesco Cheinasso - Wed, 24 Apr 2024 11:39:00 +0200

• VirtualNode: drain fix

  Francesco Cheinasso - Wed, 24 Apr 2024 11:39:00 +0200

• Handle InternalNodes deletion at uninstall time

  Francesco Torta - Wed, 24 Apr 2024 11:39:00 +0200

• Fix liqoctl build on non-unix system

  Francesco Torta - Wed, 24 Apr 2024 11:39:00 +0200

• Use manager with all pods cached in controller-manager

  Francesco Torta - Wed, 24 Apr 2024 11:39:00 +0200

• WireGuard templates examples

  Francesco Torta - Wed, 24 Apr 2024 11:39:00 +0200

• fix nat address and port override

  Alessandro Olivero - Wed, 24 Apr 2024 11:39:00 +0200

• add documentation on external network configuration

  Alessandro Olivero - Wed, 24 Apr 2024 11:39:00 +0200

• Network: fwmark use all podcidr as src match

  Francesco Cheinasso - Wed, 24 Apr 2024 11:39:00 +0200

• liqoctl: flag --service-type set also new gateway service type

  Francesco Torta - Wed, 24 Apr 2024 11:39:00 +0200

• Network:error check in rt_tables file close

  Francesco Cheinasso - Wed, 24 Apr 2024 11:39:00 +0200

• Network: conntrack internal routing

  Francesco Cheinasso - Wed, 24 Apr 2024 11:39:00 +0200

• Added priorityClassName to new Network pods

  Francesco Torta - Wed, 24 Apr 2024 11:39:00 +0200

• Updated liqoctl status peer

  Francesco Torta - Wed, 24 Apr 2024 11:39:00 +0200

• InternalCIDR network fix

  Francesco Torta - Wed, 24 Apr 2024 11:39:00 +0200

• Bump new images build to use Go 1.22

  Francesco Torta - Wed, 24 Apr 2024 11:39:00 +0200

• fix string formatting

  Alessandro Olivero - Wed, 24 Apr 2024 11:39:00 +0200

• Network: mark + conntrack API

  Francesco Cheinasso - Wed, 24 Apr 2024 11:39:00 +0200

• Network: Fabric IPAM init fix

  Francesco Cheinasso - Wed, 24 Apr 2024 11:39:00 +0200

• Set subnets in ipamStorage

  Francesco Torta - Wed, 24 Apr 2024 11:39:00 +0200

• Network: gateway routes

  Francesco Cheinasso - Wed, 24 Apr 2024 11:39:00 +0200

  Co-authored-by: Alessandro Olivero <aleoli96@gmail.com>

• Refactoring liqoctl status to handle new network

  Francesco Torta - Wed, 24 Apr 2024 11:39:00 +0200

• Network: geneve arp disabled

  Francesco Cheinasso - Wed, 24 Apr 2024 11:39:00 +0200

• Added preuninstall checks for new networking resources

  Francesco Torta - Wed, 24 Apr 2024 11:39:00 +0200

• fabric: node ips

  Francesco Cheinasso - Wed, 24 Apr 2024 11:39:00 +0200

• Customize image version on new networking containers

  Francesco Torta - Wed, 24 Apr 2024 11:39:00 +0200

• geneve package error fix

  Francesco Cheinasso - Wed, 24 Apr 2024 11:38:59 +0200

• Network: daemonset geneve interfaces

  Francesco Cheinasso - Wed, 24 Apr 2024 11:38:59 +0200

• Network: fabric container

  Francesco Cheinasso - Wed, 24 Apr 2024 11:38:59 +0200

• bump copyright year to 2024

  Alessandro Olivero - Wed, 24 Apr 2024 11:38:59 +0200

• Fix assignation of interface name to InternalNodes and InternalFabrics

  Francesco Torta - Wed, 24 Apr 2024 11:38:59 +0200

• geneve tunnel operator

  Alessandro Olivero - Wed, 24 Apr 2024 11:38:59 +0200

• Check all necessary fields to create fabrics

  Francesco Torta - Wed, 24 Apr 2024 11:38:59 +0200

• Network: all random interface names

  Francesco Cheinasso - Wed, 24 Apr 2024 11:38:59 +0200

• Network: added iproute2 in container
  ...

v0.10.3

What's Changed

🐛 Bug Fixes

• [Fix] Eks install by @aleoli in #2478

Other Changes

• Code-generator v0.30.0 by @cheina97 in #2440
• Proposing a new governance model for the Liqo community by @frisso in #2417
• Do not reflect OpenStack LoadBalancer id annotation by @fra98 in #2483

Full Changelog: v0.10.2...v0.10.3

v0.10.2

What's Changed

🚀 New Features

• E2E: metrics-agent tests by @cheina97 in #2134
• Create codeql.yml by @cheina97 in #2149
• Makefile: added nilaway (static analysis tool to detect potential Nil panics in Go code) by @fra98 in #2255
• add net interfaces monitoring by @pucciorenzo in #2259
• Virtual node taints by @aleoli in #2304
• Add liqo runtime class by @aleoli in #2305
• Virtual Node: implementation of OffloadingPatch consumer-side by @fra98 in #2309
• Select remote namespace name when offloading by @aleoli in #2310
• Virtual Node: specify labels/annotations not reflected in API Spec by @fra98 in #2311
• Support priorityClassName in Helm chart by @EladDolev in #2345
• Add Prometheus scraping in Helm chart by @EladDolev in #2366
• liqoctl: add incoming flag to peer and unpeer commands by @hamzalsheikh in #2318

🐛 Bug Fixes

• E2E: fix calico by @cheina97 in #2154
• Fix CodeQL by @cheina97 in #2161
• Fix CodeQL push on branch by @cheina97 in #2164
• CodeQL: fix slack message by @cheina97 in #2179
• Fix liqoctl build ci by @aleoli in #2248
• Fix reflection for Kubernetes 1.29 by @aleoli in #2260
• Helm: Fix extraArgs by @kariya-mitsuru in #2288
• Fix liqoctl install on AzureCNI by @aleoli in #2295

🧹 Code Refactoring

• E2E: CNI wait and retry by @cheina97 in #2133
• Remove old CodeQL action by @cheina97 in #2136
• CI: Helm Lint by @cheina97 in #2180
• Bump terraform providers by @aleoli in #2267
• Liqoctl: get liqo version from controller-manager by @fra98 in #2289

📝 Documentation

• CodeQL Badge by @cheina97 in #2138
• Docs: FAQ page by @fra98 in #1976
• Liqo RuntimeClass docs by @aleoli in #2306
• Kubertnes API access docs by @aleoli in #2308
• Docs: added evaluation priority flags by @fra98 in #2313

Other Changes

• Updated wireguard-go to the latest commit by @MircoBarone in #2167
• Faster build in codeql by @cheina97 in #2168
• Doc: update sphinx packages by @cheina97 in #2210
• Docs: Fix broken link for contributing page by @kariya-mitsuru in #2236
• Reflect Ingress and LB Class to remote clusters by @aleoli in #2209
• Helm: Add SAN to a certificate of liqo-metric-agent by @kariya-mitsuru in #2237
• README: removed old badge by @cheina97 in #2258
• Fix automerge by @aleoli in #2264
• Bump k8s api from 0.28.4 to 0.29.0 by @cheina97 in #2229
• Bump virtual-kubelet to v1.11.0 by @fra98 in #2293
• Updated ROADMAP for the next (0.11) release by @frisso in #2299
• Bump k8s libs to v0.29.2 by @fra98 in #2355
• Bump golang version from 1.21 to 1.22 by @fra98 in #2356
• fix: ServiceMonitor PodMonitor scrape config null values by @shkrid in #2374
• Support getting aws credentials from existing secret instead of clear text in values file by @dennispan in #2395

New Contributors

• @MircoBarone made their first contribution in #2167
• @kariya-mitsuru made their first contribution in #2236
• @pucciorenzo made their first contribution in #2259
• @EladDolev made their first contribution in #2345
• @hamzalsheikh made their first contribution in #2318
• @shkrid made their first contribution in #2374
• @dennispan made their first contribution in #2395

Full Changelog: v0.10.1...v0.10.2

v0.10.1

What's Changed

📝 Documentation

• Docs: cilium by @cheina97 in #2121

Other Changes

• Liqonet: connchecker latency fix by @cheina97 in #2120

Full Changelog: v0.10.0...v0.10.1

v0.10.0

What's Changed

Version 0.10.0 marks a step forward in inter-cluster security.

This release introduces an inter-cluster traffic segregation optional mode that prevents remote workloads from accessing local not-offloaded services. Additionally, the local cluster will only be able to contact its offloaded pods and not other pods running remotely.

Another feature makes it possible to configure a per-resource allow-based or deny-based reflection mechanism. Two different reflection mechanisms can be selected for each resource at install time:

• DenyList: reflects all the resources available in the liqo-enabled namespaces, excluding the ones with the liqo.io/skip-reflection annotation.
• AllowList: do not reflect any resource in the liqo-enabled namespaces, but the ones with the liqo.io/allow-reflection annotation.

Other minor improvements and bug fixes have been introduced.

Thank you to everyone who tested our previous release, gave us hints to improve the project's usability, and contributed to this release!

🚀 New Features

• Enable Gateway leader election only if replicate gt 1 by @Sharathmk99 in #2029
• Force NodePort's port from Helm Values by @cheina97 in #2037
• Security Mode: traffic segregation by @francescodanzi in #1695
• Telemetry: security mode by @cheina97 in #2083
• AllowList-based and DenyList-based Resource Reflection by @fra98 in #1961

🐛 Bug Fixes

• Fix bug endpoints not reflected by @fra98 in #2032
• Overlay Operator test timeout by @cheina97 in #2034
• Fix nil pointer deference in pod Ready condition by @fra98 in #2039
• Endpointslices reflection fix by @fra98 in #2043
• Makefile: Improved MacOS compatibility by @cannarelladev in #2047
• Always reflect kube-root-ca.crt configmap in offloaded namespaces by @fra98 in #2044
• Fix - Liqo Gateway & Auth Loadbalancer Typo by @Sharathmk99 in #2052
• Metric Agent: cache fix by @cheina97 in #2080
• CI: Increased flannel wait by @cheina97 in #2090
• Security Mode: E2E tests by @cheina97 in #2084

🧹 Code Refactoring

• CI: added proxy by @cheina97 in #2041
• Liqo Proxy by @cheina97 in #2040
• Bump golangci-lint and gci by @fra98 in #2064
• Liqonet: connchecker refactoring by @cheina97 in #2076
• Liqonet: IPSet by @cheina97 in #2109
• Added pre-commit hook configuration by @cheina97 in #2117

📝 Documentation

• Docs: supported kubernetes versions by @cheina97 in #2063
• Docs: security modes by @francescodanzi in #2060
• Clarified the use of custom installation options by @frisso in #2086
• Docs: add warning for api server when security mode is enabled by @aleoli in #2111

Other Changes

• Bump controller-gen version from 0.9.2 to 0.13.0 by @cheina97 in #2030

New Contributors

• @francescodanzi made their first contribution in #1695

Full Changelog: v0.9.4...v0.10.0

v0.9.4

What's Changed

🚀 New Features

• AllowList-based and DenyList-based Resource Reflection by @fra98 in #1961
• Liqo-route: liqo.host forward by @cheina97 in #1979
• Controller client timeout by @cheina97 in #1991
• Helm values files for CLI by @scottboring in #1974
• AKS Private Link by @scottboring in #1985

🐛 Bug Fixes

• Liqo-route: iptables-nft by @cheina97 in #1978
• Liqoctl: check --dump-values-path install flag by @fra98 in #1975
• Telemetry service-account permissions by @cheina97 in #1995

🧹 Code Refactoring

• Issues template refactoring by @cheina97 in #1983
• chore: chunks slice loop append replace by @testwill in #1986
• VirtualNode: namespacemap virtualnode selector by @cheina97 in #1977
• Fix go version in go.mod by @aleoli in #1996
• fix dependabot docker updater by @aleoli in #2002
• VirtualNode: deletion-routine refactoring by @cheina97 in #1984

Other Changes

• liqoctl: add create VirtualNode command by @aleoli in #1944
• liqo-route: mac annotation fix by @cheina97 in #2014
• Override default Ingress tls secretName by @Sharathmk99 in #2012
• Bump GCI version to v0.11.0 by @fra98 in #2022
• Adding a reference how to download liqoctl by @frisso in #2024
• Liqo Gateway & Auth Service Loadbalancer Static IP by @Sharathmk99 in #2013

New Contributors

• @testwill made their first contribution in #1986

Full Changelog: v0.9.3...v0.9.4

v0.9.3

What's Changed

📝 Documentation

• Add readthedocs configuration file by @aleoli in #1973

Full Changelog: v0.9.2...v0.9.3

v0.9.2

What's Changed

🚀 New Features

• E2E: added flannel tests + CNI refactoring by @cheina97 in #1964
• AKS vnet resource group by @scottboring in #1969
• Added possibility to switch to iptables nf_tables by @cheina97 in #1970

🐛 Bug Fixes

• E2E: telemetry script fix by @cheina97 in #1965
• E2E: Flannel fix by @cheina97 in #1968

📝 Documentation

• Update roadmap for v0.10 release by @aleoli in #1963
• Docs: liqoctl download fix by @cheina97 in #1971

Other Changes

• Bump alpine version from 3.15 to 3.18 by @cheina97 in #1967
• Bump golang version from 1.20 to 1.21 by @cheina97 in #1966

Full Changelog: v0.9.1...v0.9.2

v0.9.1

What's Changed

🚀 New Features

• Liqonet: wireguard userspace golang by @cheina97 in #1949

🐛 Bug Fixes

• Docs: tag injection fix by @cheina97 in #1940
• Liqo-route: added static mac to vxlan + device sanity check by @cheina97 in #1945
• Add well known labels/annotations that must not be reflected by @fra98 in #1948
• Telemetry: E2E tests + VirtualNode scheme by @cheina97 in #1960

🧹 Code Refactoring

• Use custom k8s images and install Calico using Tigera Operator by @aleoli in #1937

📝 Documentation

• Docs: options not supported on GKE by @fra98 in #1947

Full Changelog: v0.9.0...v0.9.1

v0.9.0

Version 0.9.0 marks another big step forward in the maturity and usability of the project.

This release introduces the possibility of declaratively creating VirtualNodes. Now, Liqo better supports temporary disruptions of peered clusters and/or network unavailability. See Service Continuity for further details. Additionally, you can specify which labels and annotations will not be reflected in remote clusters; this may help in case of conflicting controllers on the two sides.

Other minor improvements and bug fixes have been introduced.

Thank you to all the people who tested our previous release, gave us hints to improve the project's usability, and contributed to this release!

What's Changed

💥 Breaking Change

• Virtual Node by @cheina97 in #1886

🚀 New Features

• Extra tolerations for route daemonset by @Sharathmk99 in #1845
• Support caching of local offloaded pods in the controller-manager by @fra98 in #1848
• Liqoctl: confirm by @cheina97 in #1849
• Liqonet: boringtun ARM fix by @cheina97 in #1852
• feature: reflect remote events to the local cluster by @aleoli in #1839
• Added NodeSelector, Toleration and Affinity for CreateSecret Job by @Sharathmk99 in #1843
• Add flag to set images to use during volumes move by @aleoli in #1878
• Liqoctl: added confirm prompt to liqoctl unpeer by @cheina97 in #1891
• Add to "liqoctl status peer" status and URL of the remote API server by @fra98 in #1880
• feature: enable per pod remote APIServer support by @aleoli in #1854
• Disable the reflection of specific labels and annotations by @fra98 in #1907
• Liqoctl: install warnings by @cheina97 in #1936

🐛 Bug Fixes

• Mark local offloaded pods as NotReady when virtual-node is not ready (i.e. remote cluster failure) by @fra98 in #1853
• Liqoctl: install postProviderValues fix by @cheina97 in #1858
• VirtualKubelet: pod nil labels map by @cheina97 in #1938

🧹 Code Refactoring

• FIeldSelector indexer by @cheina97 in #1840
• Bump controller runtime to version 0.15 by @aleoli in #1857
• Pull Calico from docker proxy to avoid DockerHub ban by @aleoli in #1875
• remove replacement and use vk v1.10 for port forwarding by @ssoBAekiL in #1876
• Docs: sphinx-autobuild by @cheina97 in #1928
• Lint: disable depguard check by @fra98 in #1933

📝 Documentation

• Update documentation flag for moving a PVC between clusters. by @tom-asmblr in #1868
• Update prometheus-metrics.md by @scottboring in #1869
• Docs: telemetry by @cheina97 in #1929
• Service Continuity documentation by @fra98 in #1881

Other Changes

• E2E tests: increased restart count tollerance by @cheina97 in #1892
• Bump golangci-lint version from 1.52.0 to 1.53.3 by @cheina97 in #1921
• Bump golang version from 1.19 to 1.20 by @cheina97 in #1922
• CI: disable linter cache by @cheina97 in #1934

New Contributors

• @tom-asmblr made their first contribution in #1868
• @scottboring made their first contribution in #1869

Full Changelog: v0.8.3...v0.9.0