[release-announce] kuryr-kubernetes 1.1.0 (train)
no-reply at openstack.org
no-reply at openstack.org
Sun Sep 15 19:15:12 UTC 2019
We are stoked to announce the release of:
kuryr-kubernetes 1.1.0: Kubernetes integration with OpenStack
networking
This release is part of the train release series.
The source is available from:
https://opendev.org/openstack/kuryr-kubernetes
Download the package from:
https://tarballs.openstack.org/kuryr-kubernetes/
Please report issues through:
https://bugs.launchpad.net/kuryr-kubernetes/+bugs
For more details, please see below.
1.1.0
^^^^^
New Features
************
* kuryr-cni, that is the executable called by kubelet, is now
rewritten to golang. This enables Kuryr to work containerized in
environments where there is no Python or curl on the hosts running
kubelet. This is the case e.g. in K8s deployed by Magnum.
Upgrade Notes
*************
* kuryr-daemon used to listen on port 50036, but that's a port from
local range (on Ubuntu and RHEL default range is 32768-60999). This
means that there might have been a port conflict ("address already
in use"). To avoid that the default value of
"[cni_daemon]bind_address" option was changed to "127.0.0.1:5036".
* kuryr-cni is now a golang binary. The upgrade should be automatic
and consists of deploying an updated kuryr-cni container. Please
note that if you used a custom listening port for kuryr-daemon, it
is currently hardcoded to 5036. We're planning to pass it through
10-kuryr.conf CNI configuration file in the very near future.
Changes in kuryr-kubernetes 1.0.0..1.1.0
----------------------------------------
4521276 Ensure LBaaS state is updated upon SVC deletion
2ab2fbd Make ChunkedEncodingError less scary
51150ed Timeout connections when watching K8s API
323f01b Fix sensitivity to the initial device driver
d6e5fe9 Ensure conflicts creating subnet from subnetpools are retried
94bb9f8 Remove exit_on_stop from Watcher
ce5551b Improve readability of vif handler on_present skip reason
4c3e338 Reuse utils.get_lbaas_spec in lb handler
ac7a593 Skipping sg rule deletion for pods without annotations
5e0dec6 Avoid Kuryrnet populating pools before namespace handler finishes
d28815a Remove runtime.LockOSThread() call from kuryr-cni
b0dfb4e Ensure Pod IP is retrieved after pod is annoated with the VIF
8c756bd Save logs of previous restart of containers
ae98963 Ensure SG is only deleted in case it's present in the KuryrNet CRD
73cac91 Ensure controller is only restarted after the event timesout
56c8207 Increase loadbalancer timeout
20561a8 DPDK in baremetal containers using SR-IOV
5206717 Provide a proper way to choose VF in CNI
ed10178 Fix for k8s client annotation
a6feca6 Put correct API group for Routes RBAC permissions
492036e Ensure readiness probe waits for sync pools upon controller restart
00470c0 Bump the openstackdocstheme extension to 1.20
a446f05 cni: print different error logs for timeout errors
b3d808f Print uid with log to facilitate log tracking
bfa1acf Ensure namespace network resources are cleaned up
e727a52 Ensure leftover ports are deleted upon kuryr-controller restart
046e4b3 Ensure tags are used to recover/clean ports
8442d47 Add PodResources gRPC API updating guide
6bc7a42 Unset --admission-control when starting K8s API
0421973 Blacklist sphinx 2.1.0 (autodoc bug)
06ca063 Skip listener creation with same port of existing one
dc53a2b Fix wrong exception handled on listener creation
04c25b4 Gets rid of the following IPDB warning
67954fa Delete Kuryr Net CRD in case of k8s exception
3da5398 Change trace pod/pool drivers are incompatible
ca222d4 Use CNI_IFNAME environment variable
1174848 Fix ip address formattig in kuryr-cni
7f90ffc Create lbaas driver instance only when it's needed
5edf3d0 Set the validate CRD enabled flag at tempest.conf
0b7f8fa Add Python 3 Train unit tests
1347e93 Speed up pools prepopulation on namespace creation
37b8e3e Fix fail to recreate namespace when previous KuryrNet CRD is not deleted
2e98c7b Increase admin project quotas
5290e52 Remove subPaths when mounting Kuryr pods volumes
e94e4be Count cni DEL failure as well to mark it unhealthy
4273434 Raise keystoneauth version in lower-constraints
135311f Make SG modifications for LoadBalancers optional
3e3c9b8 Ensure correct exception is catched in case of not found exception
c8d41c0 Raise right exception in case Kubernetes respond with not found
0345cd8 Fix adding pods with host networking to svc in L2 mode
6b58a1b Replace git.openstack.org with opendev.org in URLs
446a73f Support None from Octavia get_api_major_version()
e685d72 Add `yum/dnf clean all` to dockerfiles
a85a7bc Add CRD validation to KuryrNet and KuryrNetPolicy
3aa486d Add release note and docs about golang kuryr-cni
e2e63cf Ensure kuryrnet does not perform multiple repopulations
1904541 Fix network pool deletion method
4230c87 Access Pool.listeners elements like dict
245eb07 Implement kuryr-cni in golang
1ec05b5 Add Tempest gate with lower-constraints
d801e9b Create Kuryr router for devstack deployment
fadcec3 Fix lBaaS sg rules corresponding to the NP rules are being deleted
c8a87bf Use non local port for CNI Daemon
9ddea6e Fix misprints in vif_pool.py
3a5e0ed Add Network Policy devref Spec
ddfa9e6 Update upper-constraints references in Dockerfile
b5823e3 Use constant when calling namespaces K8s endpoint
45be6d6 Update Python 3 containers to Fedora 30
35ae428 Ensure NP Security Group is update on pod events
e897c48 Change openstack security group rule create CLI
8f035cd Fix Pod creation do not triggers affected SVC SG update
e46b74b Update octavia CLI to openstack CLI
91a6221 Move route URL to apis/route.openshift.io
ebe57d3 Improve behaviour of VIFHandler
3f9c80e Populate pools upon namespace creation
e7d95c4 Fix CRD update on SG rule creation
43f169a Add note about 'protoc' compiler version
533ab7c Fix incombatilibity with openstacksdk <= 0.17.2
4f75760 Add py36 to default tox environments
d5a1df3 Fix sphinx requirements due to dropped 2.7 support
f463afa Fix sriov driver leaking resources and exceptions
25b8374 Use proper log type when logging errors in cni
16d14d6 Fix Multiple SG rules created when Pod creation follows a NP creation
c725f82 Fix interval ignoring by exponential sleep
685f4c4 Add PodResources service client
14a685d Update sriov neutron ports with pci info
30e1279 Fix SG rule creation when Pod is created after NP
b0ce301 Annotate nodes with pci info for direct ports
3791b84 Support sriovdp arbitrary resource names
7b0fbcc Fix ingress/egress of UDP traffic on allow to/from everywhere Policy
59e761a Ensure Pod SG is updated on podSelector of NP spec update
004efce Use Octavia endpoint paths from openstacksdk
da76fb1 Update Python 3 containers to use Fedora 29
d2b223f Set MAC address for VF via netlink message to PF
8006da0 Fix pod creation diagram in devref
f59fffa OpenDev Migration Patch
b644083 Add support for text ports on Network Policy Spec
9b3182c Add ipBlock support to NP
d193767 Dropping the py35 testing
5a2d0f6 Ensure LBaaS SG update upon allow from everywhere NP is enforced
7d03fb1 Ensure port_range_min is optional
2a9f5fd Fix conflict exceptions handling in LB creation
559b785 Pin coredns container image to 1.4.0 tag
b653be4 Add support for policyTypes at Network Policies
ae1d1dd Fix LBaaS SG rules update
69a02f6 NP: Create allow-all SG and add it to pod SG's
591d8bc Enable tox to run inside containers
b35b087 Switch to CentOS Amphora
f4d826b Improve logging for event dispatcher
49ca932 Add missing ws separator between words
d29e150 NP: Delete default egress rules
4a3b23d Update master for stable/stein
d977fba Enable debug logs on Kubernetes services
Diffstat (except docs and test files)
-------------------------------------
.gitreview | 2 +-
.zuul.d/base.yaml | 9 +-
.zuul.d/multinode.yaml | 16 +-
.zuul.d/octavia.yaml | 21 +-
.zuul.d/project.yaml | 4 +-
.zuul.d/sdn.yaml | 5 +-
README.rst | 2 +-
cni.Dockerfile | 13 +-
cni_ds_init | 48 +-
cni_py3.Dockerfile | 20 +-
contrib/devstack-heat/hot/node.yaml | 4 +-
contrib/devstack-heat/lib/devstack-heat | 2 +-
contrib/regenerate_pod_resources_api.sh | 88 ++
contrib/vagrant/README.md | 2 +-
controller.Dockerfile | 5 +-
controller_py3.Dockerfile | 12 +-
devstack/lib/kuryr_kubernetes | 38 +-
devstack/local.conf.df.sample | 10 +-
devstack/local.conf.odl.sample | 8 +-
devstack/local.conf.openshift.sample | 8 +-
devstack/local.conf.ovn.sample | 12 +-
devstack/local.conf.pod-in-vm.overcloud.sample | 4 +-
devstack/local.conf.pod-in-vm.undercloud.df.sample | 8 +-
.../local.conf.pod-in-vm.undercloud.odl.sample | 4 +-
.../local.conf.pod-in-vm.undercloud.ovn.sample | 8 +-
devstack/local.conf.pod-in-vm.undercloud.sample | 4 +-
devstack/local.conf.sample | 15 +-
devstack/local.conf.worker.sample | 4 +-
devstack/plugin.sh | 78 +-
devstack/settings | 4 +
.../update_network_policy_on_pod_creation.svg | 2 +
.../installation/devstack/dragonflow_support.rst | 6 +-
.../installation/testing_nested_connectivity.rst | 2 +-
kubernetes_crds/kuryrnet.yaml | 30 +
kubernetes_crds/kuryrnetpolicy.yaml | 104 ++
kuryr_cni/Gopkg.lock | 37 +
kuryr_cni/Gopkg.toml | 34 +
kuryr_cni/README | 2 +
kuryr_cni/main.go | 188 ++++
kuryr_cni/ovo.go | 120 +++
.../github.com/containernetworking/cni/LICENSE | 202 ++++
.../containernetworking/cni/pkg/skel/skel.go | 307 ++++++
.../containernetworking/cni/pkg/types/020/types.go | 140 +++
.../containernetworking/cni/pkg/types/args.go | 112 ++
.../cni/pkg/types/current/types.go | 293 +++++
.../containernetworking/cni/pkg/types/types.go | 199 ++++
.../containernetworking/cni/pkg/version/conf.go | 37 +
.../containernetworking/cni/pkg/version/plugin.go | 144 +++
.../cni/pkg/version/reconcile.go | 49 +
.../containernetworking/cni/pkg/version/version.go | 83 ++
kuryr_cni/vendor/github.com/pkg/errors/.gitignore | 24 +
kuryr_cni/vendor/github.com/pkg/errors/.travis.yml | 15 +
kuryr_cni/vendor/github.com/pkg/errors/LICENSE | 23 +
kuryr_cni/vendor/github.com/pkg/errors/README.md | 52 +
.../vendor/github.com/pkg/errors/appveyor.yml | 32 +
kuryr_cni/vendor/github.com/pkg/errors/errors.go | 282 +++++
kuryr_cni/vendor/github.com/pkg/errors/stack.go | 147 +++
kuryr_kubernetes/clients.py | 11 +
kuryr_kubernetes/cmd/status.py | 34 +-
kuryr_kubernetes/cni/api.py | 2 +-
kuryr_kubernetes/cni/binding/base.py | 30 +-
kuryr_kubernetes/cni/binding/sriov.py | 346 ++++--
kuryr_kubernetes/cni/daemon/service.py | 19 +-
kuryr_kubernetes/cni/health.py | 10 +-
kuryr_kubernetes/cni/plugins/k8s_cni_registry.py | 3 +
kuryr_kubernetes/config.py | 43 +-
kuryr_kubernetes/constants.py | 12 +-
kuryr_kubernetes/controller/drivers/base.py | 11 +
kuryr_kubernetes/controller/drivers/lbaasv2.py | 173 +--
.../controller/drivers/namespace_subnet.py | 102 +-
.../controller/drivers/network_policy.py | 327 ++++--
.../drivers/network_policy_security_groups.py | 369 +++++--
kuryr_kubernetes/controller/drivers/sriov.py | 81 +-
kuryr_kubernetes/controller/drivers/utils.py | 155 ++-
kuryr_kubernetes/controller/drivers/vif_pool.py | 135 ++-
.../controller/handlers/ingress_lbaas.py | 3 +-
kuryr_kubernetes/controller/handlers/kuryrnet.py | 88 ++
kuryr_kubernetes/controller/handlers/lbaas.py | 99 +-
kuryr_kubernetes/controller/handlers/namespace.py | 65 +-
kuryr_kubernetes/controller/handlers/pod_label.py | 7 +-
kuryr_kubernetes/controller/handlers/policy.py | 22 +-
kuryr_kubernetes/controller/handlers/vif.py | 90 +-
kuryr_kubernetes/controller/service.py | 2 +-
kuryr_kubernetes/handlers/dispatch.py | 9 +-
kuryr_kubernetes/k8s_client.py | 106 +-
kuryr_kubernetes/objects/vif.py | 7 +-
kuryr_kubernetes/platform/constants.py | 2 +-
kuryr_kubernetes/pod_resources/__init__.py | 0
kuryr_kubernetes/pod_resources/api.proto | 40 +
kuryr_kubernetes/pod_resources/api_pb2.py | 273 +++++
kuryr_kubernetes/pod_resources/api_pb2_grpc.py | 48 +
kuryr_kubernetes/pod_resources/client.py | 43 +
.../controller/drivers/test_namespace_subnet.py | 67 +-
.../unit/controller/drivers/test_network_policy.py | 172 ++-
.../drivers/test_network_policy_security_groups.py | 60 +-
.../unit/controller/handlers/test_ingress_lbaas.py | 5 +-
.../unit/controller/handlers/test_kuryrnet.py | 101 ++
.../unit/controller/handlers/test_namespace.py | 36 +-
.../platform/ocp/controller/handlers/test_route.py | 3 +-
kuryr_kubernetes/utils.py | 94 +-
kuryr_kubernetes/watcher.py | 11 +-
lower-constraints.txt | 10 +-
playbooks/get_amphora_tarball.yaml | 4 +-
...e-cni-daemon-default-port-e968a83fa1bf30b5.yaml | 8 +
.../notes/golang-kuryr-cni-aab144831d4dc9dd.yaml | 14 +
releasenotes/source/conf.py | 19 -
releasenotes/source/index.rst | 1 +
releasenotes/source/stein.rst | 6 +
requirements.txt | 7 +-
setup.cfg | 4 +-
tools/gate/copy_k8s_logs.sh | 1 +
tools/generate_k8s_resource_definitions.sh | 48 +-
tox.ini | 14 +-
143 files changed, 7120 insertions(+), 2273 deletions(-)
Requirements updates
--------------------
diff --git a/requirements.txt b/requirements.txt
index 070e827..00aa883 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -5 +5 @@
-cotyledon>=1.3.0 # Apache-2.0
+cotyledon>=1.5.0 # Apache-2.0
@@ -10,0 +11 @@ eventlet!=0.18.3,!=0.20.1,!=0.21.0,>=0.18.2 # MIT
+netaddr>=0.7.19 # BSD
@@ -21 +22 @@ PrettyTable<0.8,>=0.7.2 # BSD
-pyroute2>=0.5.1;sys_platform!='win32' # Apache-2.0 (+ dual licensed GPL2)
+pyroute2>=0.5.3;sys_platform!='win32' # Apache-2.0 (+ dual licensed GPL2)
@@ -24,0 +26,2 @@ stevedore>=1.20.0 # Apache-2.0
+grpcio>=1.12.0 # Apache-2.0
+protobuf>=3.6.0 # 3-Clause BSD
More information about the Release-announce
mailing list