Releases: aws/aws-network-policy-agent
Releases · aws/aws-network-policy-agent
v1.1.4
What's Changed
- Bump golang.org/x/sys from 0.24.0 to 0.25.0 by @dependabot in #315
- Bump github.com/onsi/gomega from 1.33.1 to 1.34.2 by @dependabot in #314
- Bump google.golang.org/grpc from 1.65.0 to 1.67.1 by @dependabot in #313
- Bump github.com/aws/amazon-vpc-cni-k8s from 1.18.3 to 1.18.5 by @dependabot in #312
- Bump github.com/vishvananda/netlink from 1.2.1-beta.2 to 1.3.0 by @dependabot in #311
- Skip v4 rules on v6 cluster and vice versa by @Pavani-Panakanti in #321
- Fix race condition in strict mode and annotate_pod_ip=true by @Pavani-Panakanti in #322
- Merge main to release 1.1 by @orsenthil in #324
Full Changelog: v1.1.3...v1.1.4
To manually apply this release:
kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/v1.18.6/config/master/aws-k8s-cni.yaml
Note that the following regions use different manifests:
us-gov-east-1:
kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/v1.18.6/config/master/aws-k8s-cni-us-gov-east-1.yaml
us-gov-west-1:
kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/v1.18.6/config/master/aws-k8s-cni-us-gov-west-1.yaml
cn:
kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/v1.18.6/config/master/aws-k8s-cni-cn.yaml
To apply this release using helm:
Follow the installation instructions in https://github.com/aws/amazon-vpc-cni-k8s/blob/v1.18.6/charts/aws-vpc-cni/README.md#installing-the-chart
Verify the update:
$ kubectl describe daemonset aws-node -n kube-system | grep Image | cut -d "/" -f 2-3
amazon-k8s-cni-init:v1.18.6
amazon-k8s-cni:v1.18.6
amazon/aws-network-policy-agent:v1.1.4
Contributors
orsenthil, dependabot, and Pavani-Panakanti
Assets 2
v1.1.3
What's Changed
- Bump github.com/onsi/ginkgo/v2 from 2.17.2 to 2.19.0 by @dependabot in #274
- Configure conntrack cache table size by @jayanthvn in #280
- Rule sorting/Strict mode fix by @jchen6585 in #289
- docs: Fix typo arg name for conntrack-cache-table-size by @younsl in #287
- Bump github.com/aws/aws-sdk-go from 1.50.30 to 1.55.3 by @dependabot in #291
- Update SDK and pass byte array by @jayanthvn in #299
- Fix race condition in strict mode by @Pavani-Panakanti in #306
- Bump k8s.io/apimachinery from 0.29.3 to 0.31.0 by @dependabot in #300
- Bump github.com/aws/amazon-vpc-cni-k8s from 1.18.1 to 1.18.3 by @dependabot in #295
- Bump k8s.io/client-go from 0.31.0 to 0.31.1 by @dependabot in #309
Full Changelog: v1.1.2...v1.1.3
To manually apply this release:
kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/v1.18.4/config/master/aws-k8s-cni.yaml
Note that the following regions use different manifests:
us-gov-east-1:
kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/v1.18.4/config/master/aws-k8s-cni-us-gov-east-1.yaml
us-gov-west-1:
kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/v1.18.4/config/master/aws-k8s-cni-us-gov-west-1.yaml
cn:
kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/v1.18.4/config/master/aws-k8s-cni-cn.yaml
To apply this release using helm:
Follow the installation instructions in https://github.com/aws/amazon-vpc-cni-k8s/blob/v1.18.4/charts/aws-vpc-cni/README.md#installing-the-chart
Verify the update:
$ kubectl describe daemonset aws-node -n kube-system | grep Image | cut -d "/" -f 2-3
amazon-k8s-cni-init:v1.18.4
amazon-k8s-cni:v1.18.4
amazon/aws-network-policy-agent:v1.1.3
Contributors
jayanthvn, dependabot, and 3 other contributors
Assets 2
v1.1.2
v1.1.2
Release Notes
None
Major Changes since v1.1.1
- Fix - Refactor conntrack cleanup for v4 and v6 (@jayanthvn)
- Fix - Remove callSkip to prevent Logger.check error(@ryota-sakamoto)
- Fix - Allow pods with
.in it's name to be reconciled by network policy (@zachdorame ) - Fix - Handle PolicyEndpoint slice deletion gracefully (@achevuru)
- Dependency - Update ebpf SDK to v1.0.8(@jayanthvn)
- Dependency - Update ginkgo to 2.17.2 (@dependabot)
- Dependency - Update amazon-vpc-cni-k8s from 1.18.0 to 1.18.1 (@dependabot)
- Dependency - Update gomega to 1.33.0 (@dependabot)
- Dependency - Bump golang/x/sys from 1.18.0 to 1.19.0 (@dependabot)
To manually apply this release:
kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/v1.18.2/config/master/aws-k8s-cni.yaml
Note that the following regions use different manifests:
us-gov-east-1:
kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/v1.18.2/config/master/aws-k8s-cni-us-gov-east-1.yaml
us-gov-west-1:
kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/v1.18.2/config/master/aws-k8s-cni-us-gov-west-1.yaml
cn:
kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/v1.18.2/config/master/aws-k8s-cni-cn.yaml
To apply this release using helm:
Follow the installation instructions in https://github.com/aws/amazon-vpc-cni-k8s/blob/v1.18.2/charts/aws-vpc-cni/README.md#installing-the-chart
Verify the update:
$ kubectl describe daemonset aws-node -n kube-system | grep Image | cut -d "/" -f 2-3
amazon-k8s-cni-init:v1.18.2
amazon-k8s-cni:v1.18.2
amazon/aws-network-policy-agent:v1.1.2
Contributors
jayanthvn, ryota-sakamoto, and 3 other contributors
Assets 2
v1.1.1
v1.1.1
Release Notes
None
Major Changes since v1.1.0
- Testing - Verify test results from all retries instead of just the last one (@jaydeokar)
- Dependency - update golang protobuf to 1.33.0 (@haouc)
- Dependency - Bump k8s.io/apimachinery from 0.29.1 to 0.29.3 (@dependabot)
- Dependency - Update env variable to enable strict mode for Network Policy (@jaydeokar)
- Dependency - Update env variable for kube config path (@jaydeokar)
- Dependency - Bump github.com/stretchr/testify from 1.8.4 to 1.9.0 (@dependabot)
- Dependency - Bump github.com/google/uuid from 1.4.0 to 1.6.0 (@dependabot)
- Dependency - Bump github.com/aws/aws-sdk-go from 1.50.9 to 1.50.30 (@dependabot)
- Dependency - Bump go.uber.org/zap from 1.26.0 to 1.27.0 (@dependabot)
- Dependency - Bump sigs.k8s.io/controller-runtime from 0.17.0 to 0.17.2 (@dependabot)
- Dependency - Update golang to 1.21.9 (@jchen6585)
- Enhancement - Repo controlled build go version (@xdu31)
To manually apply this release:
kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/v1.18.1/config/master/aws-k8s-cni.yaml
Note that the following regions use different manifests:
us-gov-east-1:
kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/v1.18.1/config/master/aws-k8s-cni-us-gov-east-1.yaml
us-gov-west-1:
kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/v1.18.1/config/master/aws-k8s-cni-us-gov-west-1.yaml
cn:
kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/v1.18.1/config/master/aws-k8s-cni-cn.yaml
To apply this release using helm:
Follow the installation instructions in https://github.com/aws/amazon-vpc-cni-k8s/blob/v1.18.1/charts/aws-vpc-cni/README.md#installing-the-chart
Verify the update:
$ kubectl describe daemonset aws-node -n kube-system | grep Image | cut -d "/" -f 2-3
amazon-k8s-cni-init:v1.18.1
amazon-k8s-cni:v1.18.1
amazon/aws-network-policy-agent:v1.1.1
Contributors
haouc, jaydeokar, and 3 other contributors
Assets 2
v1.1.0
v1.1.0
Release Notes
Network Policy agent now supports a strict mode for network policy enforcement.
Major Changes since v1.0.8
- Enhancement - Network Policy Strict mode support (@achevuru)
- Enhancement - Use Minimal base image for Network Policy Agent & golang version update (@jdn5126 )
- Testing - [Updates to testing infra and E2E] (@jaydeokar)
To manually apply this release:
kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/v1.17.1/config/master/aws-k8s-cni.yaml
Note that the following regions use different manifests:
us-gov-east-1:
kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/v1.17.1/config/master/aws-k8s-cni-us-gov-east-1.yaml
us-gov-west-1:
kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/v1.17.1/config/master/aws-k8s-cni-us-gov-west-1.yaml
cn:
kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/v1.17.1/config/master/aws-k8s-cni-cn.yaml
To apply this release using helm:
Follow the installation instructions in https://github.com/aws/amazon-vpc-cni-k8s/blob/v1.17.1/charts/aws-vpc-cni/README.md#installing-the-chart
Verify the update:
$ kubectl describe daemonset aws-node -n kube-system | grep Image | cut -d "/" -f 2-3
amazon-k8s-cni-init:v1.17.1
amazon-k8s-cni:v1.17.1
amazon/aws-network-policy-agent:v1.1.0
Contributors
jdn5126, jaydeokar, and achevuru
Assets 2
v1.0.8
v1.0.8
Major Changes since v1.0.7
- Bug - Fix metrics logging error; Remove version log (@jdn5126)
- Bug - Add prefix to identify log stream for network policy events (@jaydeokar)
- Bug - Conntrack table enhancements and replica race conditions (@jayanthvn)
- Bug - Handle PE split cleanup and duplicate l4info (@jayanthvn)
- Enhancement - eBPF SDK upgrade (@jayanthvn)
- Testing - [Updates to testing infra and E2E] (@jaydeokar)
To manually apply this release:
kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/v1.16.3/config/master/aws-k8s-cni.yaml
Note that the following regions use different manifests:
us-gov-east-1:
kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/v1.16.3/config/master/aws-k8s-cni-us-gov-east-1.yaml
us-gov-west-1:
kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/v1.16.3/config/master/aws-k8s-cni-us-gov-west-1.yaml
cn:
kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/v1.16.3/config/master/aws-k8s-cni-cn.yaml
To apply this release using helm:
Follow the installation instructions in https://github.com/aws/amazon-vpc-cni-k8s/blob/v1.16.3/charts/aws-vpc-cni/README.md#installing-the-chart
Verify the update:
$ kubectl describe daemonset aws-node -n kube-system | grep Image | cut -d "/" -f 2-3
amazon-k8s-cni-init:v1.16.3
amazon-k8s-cni:v1.16.3
amazon/aws-network-policy-agent:v1.0.8
Contributors
jayanthvn, jdn5126, and jaydeokar
Assets 2
v1.0.7
v1.0.7
Major Changes since v1.0.6
- Bug - Ignore PE slices tied to same NP during clean up flow (@achevuru )
- Bug - Fixes an issue where under certain scenarios cidrs values are overwritten (@jayanthvn )
- Bug - Fixes the issue with
aws-eks-na-cliwhere it fails to get loaded-ebpfdata (@jayanthvn ) - Enhancement - Added a flag which defines the conntrack cache cleanup duration (@jayanthvn)
- Improvement - Updates golang version from v1.21.4 to v1.21.5 (@jaydeokar )
To manually upgrade to this release:
kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/v1.15.5/config/master/aws-k8s-cni.yaml
Note that the following regions use different manifests:
us-gov-east-1:
kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/v1.15.5/config/master/aws-k8s-cni-us-gov-east-1.yaml
us-gov-west-1:
kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/v1.15.5/config/master/aws-k8s-cni-us-gov-west-1.yaml
cn:
kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/v1.15.5/config/master/aws-k8s-cni-cn.yaml
To apply this release using helm:
Follow the installation instructions in https://github.com/aws/amazon-vpc-cni-k8s/blob/v1.15.5/charts/aws-vpc-cni/README.md#installing-the-chart
Verify the update:
$ kubectl describe daemonset aws-node -n kube-system | grep Image | cut -d "/" -f 2-3
amazon-k8s-cni-init:v1.15.5
amazon-k8s-cni:v1.15.5
amazon/aws-network-policy-agent:v1.0.7
Contributors
jayanthvn, jaydeokar, and achevuru
Assets 2
v1.0.6
v1.0.6
Major Changes since v1.0.5
To manually upgrade to this release:
kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/v1.15.4/config/master/aws-k8s-cni.yaml
Note that the following regions use different manifests:
us-gov-east-1:
kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/v1.15.4/config/master/aws-k8s-cni-us-gov-east-1.yaml
us-gov-west-1:
kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/v1.15.4/config/master/aws-k8s-cni-us-gov-west-1.yaml
cn:
kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/v1.15.4/config/master/aws-k8s-cni-cn.yaml
To apply this release using helm:
Follow the installation instructions in https://github.com/aws/amazon-vpc-cni-k8s/blob/v1.15.4/charts/aws-vpc-cni/README.md#installing-the-chart
Verify the update:
$ kubectl describe daemonset aws-node -n kube-system | grep Image | cut -d "/" -f 2-3
amazon-k8s-cni-init:v1.15.4
amazon-k8s-cni:v1.15.4
amazon/aws-network-policy-agent:v1.0.6
Contributors
jayanthvn
Assets 2
v1.0.5
v1.0.5
Major Changes since v1.0.4
- Bug - Fix conntrack issue and increase supported port/protocol (@jayanthvn)
- Bug - Handle PolicyEndpoint split scenario when the target pods are paired (@achevuru)
- Bug - inherit firewall rules from larger cidrs(@jayanthvn)
- Enhancement - upgrade Go to 1.21.3 and upgrade dependencies (@jdn5126 )
- Enhancement - Handle for controller not adding prefix lens (@jayanthvn)
- Testing - Enhancements for testing packages and GitHub actions (@jaydeokar )
Please Note -
As part of this release, we have increased the number of supported unique ports and protocol combination from 8 in IPv4 and 4 in IPv6 to 24 for both IPv4 and IPv6.
To manually upgrade to this release:
kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/v1.15.3/config/master/aws-k8s-cni.yaml
Note that the following regions use different manifests:
us-gov-east-1:
kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/v1.15.3/config/master/aws-k8s-cni-us-gov-east-1.yaml
us-gov-west-1:
kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/v1.15.3/config/master/aws-k8s-cni-us-gov-west-1.yaml
cn:
kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/v1.15.3/config/master/aws-k8s-cni-cn.yaml
To apply this release using helm:
Follow the installation instructions in https://github.com/aws/amazon-vpc-cni-k8s/blob/v1.15.3/charts/aws-vpc-cni/README.md#installing-the-chart
Verify the update:
$ kubectl describe daemonset aws-node -n kube-system | grep Image | cut -d "/" -f 2-3
amazon-k8s-cni-init:v1.15.3
amazon-k8s-cni:v1.15.3
amazon/aws-network-policy-agent:v1.0.5
Thanks to all our contributors! 😊
Contributors
jayanthvn, jdn5126, and 2 other contributors
Assets 2
v1.0.4
v1.0.4
Major Changes since v1.0.2
- Bug - Ignore policy restrictions against Node IP (@achevuru )
- Bug - With catchALL honor "except" (@jayanthvn )
- Bug - Race condition with init and cw setup (@jayanthvn )
- Enhancement - V6 Optimizations(@jayanthvn )
- Enhancement - Add flag enable-policy-event-logs (@mycrEEpy )
- Enhancement - Modified Default Metrics Bind Port (@kareem-rady )
- Enhancement - Log rotate support (@achevuru )
- Testing - Enhancements for testing packages and GitHub actions (@jaydeokar )
Please Note -
- A new command line flag for the Network Policy Agent,
enable-policy-event-logs, has been added: https://github.com/aws/aws-network-policy-agent#enable-policy-event-logs. This flag is set to "false" by default i.e, if you need access logs then it has to be turned on (set to "true").
To manually upgrade to this release:
kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/v1.15.1/config/master/aws-k8s-cni.yaml
Note that the following regions use different manifests:
us-gov-east-1:
kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/v1.15.1/config/master/aws-k8s-cni-us-gov-east-1.yaml
us-gov-west-1:
kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/v1.15.1/config/master/aws-k8s-cni-us-gov-west-1.yaml
cn:
kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/v1.15.1/config/master/aws-k8s-cni-cn.yaml
To apply this release using helm:
Follow the installation instructions in https://github.com/aws/amazon-vpc-cni-k8s/blob/v1.15.1/charts/aws-vpc-cni/README.md#installing-the-chart
Verify the update:
$ kubectl describe daemonset aws-node -n kube-system | grep Image | cut -d "/" -f 2-3
amazon-k8s-cni-init:v1.15.1
amazon-k8s-cni:v1.15.1
amazon/aws-network-policy-agent:v1.0.4
Thanks to all our contributors! 😊
Contributors
jayanthvn, mycrEEpy, and 3 other contributors