We are overjoyed to announce the release of: kuryr-kubernetes 0.4.2: Kubernetes integration with OpenStack networking This release is part of the queens stable release series. The source is available from: https://git.openstack.org/cgit/openstack/kuryr-kubernetes Download the package from: https://tarballs.openstack.org/kuryr-kubernetes/ Please report issues through launchpad: https://bugs.launchpad.net/kuryr-kubernetes For more details, please see below. 0.4.2 ^^^^^ Upgrade Notes ************* * For the kuryr kubernetes watcher, a new option 'watch_retry_timeout' has been added. The following should be modified at kuryr.conf: [kubernetes] # 'watch_retry_timeout' field is optional, # default = 60 if not set. watch_retry_timeout = <Time in seconds> * As the openstack performance differs in production environments, fixed timeout of LBaaS activation might create the kuryr-kubernetes error. In order to adapt to the environment, a new option "[neutron_defaults]lbaas_activation_timeout" was added. Bug Fixes ********* * K8s api server is often temporarily down and restored soon in production environment. Since kuryr-kubernetes watches k8s resources by connecting k8s api server, watcher fails to watch the resources if k8s api server is down. In order to fix it, we made watcher retry connecting to k8s api server for specific time duration when an exception is raised. Changes in kuryr-kubernetes 0.4.1..0.4.2 ---------------------------------------- 50f588f dockerfile: Fix controller upper constraints 5b9b4fc Add `privileged` SCC to SA in OpenShift DevStack 7bb9250 Create CNI bin dir in OpenShift DevStack plugin c31680e Make Neutron LBaaS Activation Timeout configurable 83d3e09 Add HTTPS support to K8s API healthchecks e5ff398 Apply UC to Dockerfiles 85c898a Disable voting on octavia gate c0455e9 lbaasv2: Fix for deployments missing the proxy 54bbe7d Execute kuryr-cni as `docker exec` 044d7db Fix K8s API access through LBaaS on gates d5eb1d1 devstack: add kubelet iface to openshift nodes 87ae602 devstack: Make service subnet routable c7528a1 Services: update service's status after LB completely provisioned. 985c387 Services: Add support for K8S service's port edit use case 138c253 Watcher restarts watching resources in failure acb62b0 Add network id to pools keys 4d3edad Create lockfiles directory in CNI Dockerfile 2b1b53f Services: Rollback openstack resources in case of annotation failure 29821a6 Services: Gracefully ignore exposed UDP ports 109040f NestedMacvlanPodVIFDriver gets host port before request vif 2575a52 Ensure pools recovery creates the right pool key. ae04fb9 Revert commits to use UID instead of SelfLink Diffstat (except docs and test files) ------------------------------------- .zuul.yaml | 1 + cni.Dockerfile | 16 +- cni_ds_init | 39 +++-- controller.Dockerfile | 4 +- devstack/lib/kuryr_kubernetes | 192 ++++++++++++++++++++- devstack/local.conf.df.sample | 5 - devstack/local.conf.openshift.sample | 5 - devstack/local.conf.sample | 5 - devstack/plugin.sh | 111 ++++++------ kuryr_kubernetes/clients.py | 25 +++ kuryr_kubernetes/config.py | 7 + kuryr_kubernetes/controller/drivers/lbaasv2.py | 76 ++++---- .../controller/drivers/nested_macvlan_vif.py | 2 +- kuryr_kubernetes/controller/drivers/vif_pool.py | 38 +++- kuryr_kubernetes/controller/handlers/lbaas.py | 63 +++++-- kuryr_kubernetes/controller/handlers/pipeline.py | 2 +- kuryr_kubernetes/controller/managers/health.py | 29 ++-- kuryr_kubernetes/exceptions.py | 6 + kuryr_kubernetes/handlers/asynchronous.py | 2 +- kuryr_kubernetes/handlers/k8s_base.py | 4 +- kuryr_kubernetes/handlers/retry.py | 37 ++-- kuryr_kubernetes/k8s_client.py | 13 +- .../controller/drivers/test_nested_macvlan_vif.py | 2 +- .../unit/controller/handlers/test_pipeline.py | 2 +- kuryr_kubernetes/utils.py | 38 ++++ kuryr_kubernetes/watcher.py | 61 +++++-- playbooks/tempest-kuryr-kubernetes-base/run.yaml | 8 +- .../fault-tolerable-watcher-24c51dbccabf5f17.yaml | 21 +++ ...baas-timeout-configurable-8624ea32971c0cbe.yaml | 7 + 38 files changed, 1028 insertions(+), 375 deletions(-)