Releases: aws/amazon-vpc-cni-k8s
v1.10.3
This release addresses the IP leak Issue caused by empty NetNS in certain scenarios along with few other important changes
- Upgrade AWS SDK GO (Thanks @jayanthvn ) #1944
- Fix dependabot high sev issue caused by GoGo protobuf (Thanks @jayanthvn ) #1942
- Fixed empty netns bug (Thanks @cgchinmay ) #1941
- C7g instances support (Thanks @jayanthvn ) #1940
- Enable Prefix Delegation on Bare metal instances (Thanks @achevuru ) #1937
To apply this release:
kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/v1.10.3/config/master/aws-k8s-cni.yaml
Verify the update:
$ kubectl describe daemonset aws-node -n kube-system | grep Image | cut -d "/" -f 2
amazon-k8s-cni-init:v1.10.3
amazon-k8s-cni:v1.10.3
v1.12.1
v1.12.1
Changes since v1.12.0:
- Bug - Cleanup pod networking resources when IPAMD is unreachable to prevent rule leaking. (@jdn5126 )
- Bug - Skip add-on installation when an add-on information is not available (@sushrk )
- Bug - Add missing rules when NodePort support is disabled(@antoninbas )
- Bug - Fix logging in publisher package (@jdn5126 )
- Bug - Fix Crypto package vulnerability (@jaydeokar )
- Bug - Fix Crypto package vulnerability (@jaydeokar )
- Cleanup - Merging makefile and go.mod from test directory to root directory (@jerryhe1999 )
- Documentation - Update troubleshooting docs for node operating system (@jdn5126 )
- Feature - Reporting EC2 API calls metrics through CNI metrics helper (@jaydeokar )
- Feature - Added resources block to cni-metrics-helper helm chart (@jcogilvie )
- Feature - CLUSTER_ENDPOINT can now be specified to allow the VPC CNI to initialize before kube-proxy has finished setting up cluster IP routes (@bwagner5)
- Improvement - Move VPC CNI and VPC CNI init images to use EKS minimal base image. (@jdn5126 )
- Improvement - Updating helm chart as per helm v3 standard (@jaydeokar )
- Improvement - Update golang to 1.19.2 (@jayanthvn )
- Testing - Fixes to automation runs (@jdn5126 )
- Testing - Fix environment variable name in update-cni-image script (@sushrk )
To manually apply this release:
kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/v1.12.1/config/master/aws-k8s-cni.yaml
Note that the following regions use different manifests:
us-gov-east-1:
kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/v1.12.1/config/master/aws-k8s-cni-us-gov-east-1.yaml
us-gov-west-1:
kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/v1.12.1/config/master/aws-k8s-cni-us-gov-west-1.yaml
cn:
kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/v1.12.1/config/master/aws-k8s-cni-cn.yaml
To apply this release using helm:
Follow the installation instructions in https://github.com/aws/amazon-vpc-cni-k8s/blob/v1.12.1/charts/aws-vpc-cni/README.md#installing-the-chart
Verify the update:
$ kubectl describe daemonset aws-node -n kube-system | grep Image | cut -d "/" -f 2
amazon-k8s-cni-init:v1.12.1
amazon-k8s-cni:v1.12.1
To manually apply this release for CNI Metrics Helper:
kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/v1.12.1/config/master/cni-metrics-helper.yaml
Note that the following regions use different manifests:
us-gov-east-1:
kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/v1.12.1/config/master/cni-metrics-helper-us-gov-east-1.yaml
us-gov-west-1:
kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/v1.12.1/config/master/cni-metrics-helper-us-gov-west-1.yaml
cn:
kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/v1.12.1/config/master/cni-metrics-helper-cn.yaml
Verify the update for CNI Metrics Helper:
$ kubectl describe deployment cni-metrics-helper -n kube-system | grep Image | cut -d "/" -f 2
cni-metrics-helper:v1.12.1
v1.12.1-rc3 Release
v1.12.1-rc3
Changes since v1.12.1-rc1:
- Bug - Fix Crypto package vulnerability (@jaydeokar )
- Bug - Fix Crypto package vulnerability (@jaydeokar )
To apply this release:
kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/v1.12.1-rc3/config/master/aws-k8s-cni.yaml
Verify the update:
$ kubectl describe daemonset aws-node -n kube-system | grep Image | cut -d "/" -f 2
amazon-k8s-cni-init:v1.12.1-rc3
amazon-k8s-cni:v1.12.1-rc3
v1.12.1-rc1 Release
v1.12.1-rc1
Changes since v1.12.0:
- Bug - Cleanup pod networking resources when IPAMD is unreachable to prevent rule leaking.
(@jdn5126 ) - Improvement - Move VPC CNI and VPC CNI init images to use EKS minimal base image.
(@jdn5126 ) - Improvement - Updating helm chart as per helm v3 standard (@jaydeokar )
- Improvement - Update golang to 1.19.2 (@jayanthvn )
- Testing - Fixes to automation runs (@jdn5126 )
- Feature - Reporting EC2 API calls metrics through CNI metrics helper (@jaydeokar)
- Feature - Added
resources
block tocni-metrics-helper
helm chart (@jcogilvie ) - Feature - CLUSTER_ENDPOINT can now be specified to allow the VPC CNI to initialize before kube-proxy has finished setting up cluster IP routes (@bwagner5 )
- Testing - Fix environment variable name in update-cni-image script @sushrk
- Documentation - Update troubleshooting docs for node operating system(@jdn5126 )
- Cleanup - Merging makefile and go.mod from test directory to root directory (@jerryhe1999 )
- Bug - Skip add-on installation when an add-on information is not available(@sushrk )
- Bug - Add missing rules when NodePort support is disabled(@antoninbas )
- Bug - Fix logging in publisher package (@jdn5126 )
To apply this release:
kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/v1.12.1-rc1/config/master/aws-k8s-cni.yaml
Verify the update:
$ kubectl describe daemonset aws-node -n kube-system | grep Image | cut -d "/" -f 2
amazon-k8s-cni-init:v1.12.1-rc1
amazon-k8s-cni:v1.12.1-rc1
v1.12.0
v1.12.0
This new version removes dependency on CRI socket(e.g. dockershim.sock).
🚨 🚨 🚨 Action Required For Upgrading
- To upgrade to VPC CNI >=v1.12.0, you must upgrade to VPC CNI >=v1.7.x first. We recommend that you update one minor version at a time.
aws-vpc-cni
Helm chart v1.2.0 is released with VPC CNI v1.12.0, thus no longer supports thecri.hostPath.path
. If you need to install a VPC CNI <v1.12.0 with helm chart, aaws-vpc-cni
Helm chart with version <v1.2.0 should be used.
Changes since v1.11.4:
- Improvement - switch to use state file for IP allocation pool management (@M00nF1sh )
- Improvement - explicitly request NET_RAW capabilities in CNI manifests (@JingmingGuo )
- Improvement - Reduce startup latency by removing some unneeded sleeps (@bwagner5 )
- Bug - Remove extra decrement of totalIP count (@jayanthvn )
- New Instance Support - Add trn1 limits (@cartermckinnon )
- Documentation - Update readme with slack channel (@jayanthvn )
- Documentation - Fix ENIConfig keys in values.yaml (@chotiwat )
- Testing - fix metrics-helper test to detach role policy early (@sushrk )
- Testing - Use GetNodes in metrics-helper; explicitly install latest addon (@jdn5126 )
- Testing - refine all github workflows (@M00nF1sh )
- Testing - Resolve flakiness in IPAMD warm target tests (@jdn5126 )
- Testing - VPC CNI Integration Test Fixes (@jdn5126 )
- Testing - Update CNI canary integration test and cleanup for ginkgo v2 (@jdn5126 )
To apply this release:
kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/v1.12.0/config/master/aws-k8s-cni.yaml
Verify the update:
$ kubectl describe daemonset aws-node -n kube-system | grep Image | cut -d "/" -f 2
amazon-k8s-cni-init:v1.12.0
amazon-k8s-cni:v1.12.0
v1.11.4
v1.11.4
Changes since v1.11.3:
- Improvement - update aws-node clusterrole permissions (@sushrk)
- Improvement - IPAMD optimizations and makefile changes (@jayanthvn)
- Documentation - Fix minor typo on documentation (@guikcd)
- Documentation - Fixing prefixes per ENI value in example (@mkarakas)
- New release - multus manifest for release v3.9.0-eksbuild.2 (@sushrk)
- Bug - Setting AWS_VPC_K8S_CNI_RANDOMIZESNAT to the default value (@vgunapati)
- New instance support - Updated new instances (@jayanthvn)
To apply this release:
kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/v1.11.4/config/master/aws-k8s-cni.yaml
Verify the update:
$ kubectl describe daemonset aws-node -n kube-system | grep Image | cut -d "/" -f 2
amazon-k8s-cni-init:v1.11.4
amazon-k8s-cni:v1.11.4
v1.11.4 Release Candidate 1
v1.11.4-rc1
Changes since v1.11.3:
- Improvement - update aws-node clusterrole permissions (@sushrk)
- Improvement - IPAMD optimizations and makefile changes (@jayanthvn)
- Documentation - Fix minor typo on documentation (@guikcd)
- Documentation - Fixing prefixes per ENI value in example (@mkarakas)
- New release - multus manifest for release v3.9.0-eksbuild.2 (@sushrk)
- Bug - Setting AWS_VPC_K8S_CNI_RANDOMIZESNAT to the default value (@vgunapati)
- New instance support - Updated new instances (@jayanthvn)
To apply this release:
kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/v1.11.4-rc1/config/master/aws-k8s-cni.yaml
Verify the update:
$ kubectl describe daemonset aws-node -n kube-system | grep Image | cut -d "/" -f 2
amazon-k8s-cni-init:v1.11.4-rc1
amazon-k8s-cni:v1.11.4-rc1
v1.11.3
This is a patch release containing improvements and bug-fixes.
What's Changed
Changelog for 1.11.3
- Improvement - Increase cpu requests limit (@vikasmb)
- Improvement - Add event recorder utils to raise aws-node pod events (@sushrk)
- Improvement - chart: Add extraVolumes and extraVolumeMounts (@jkroepke)
- Improvement - Prevent allocate/free ENIs when node is marked noSchedule (@jayanthvn)
- Bug - Fix cni panic due to pod.Annotations is a nil map (@Downager)
- Bug - Re-use logger instance (@vikasmb)
Thanks to all the contributors - @sushrk, @Downager, @jkroepke, @vikasmb , @jayanthvn
To apply this release:
kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/v1.11.3/config/master/aws-k8s-cni.yaml
Verify the update:
$ kubectl describe daemonset aws-node -n kube-system | grep Image | cut -d "/" -f 2
amazon-k8s-cni-init:v1.11.3
amazon-k8s-cni:v1.11.3
v1.11.2
This release updates Golang to 1.18, and updates containernetworking cni version to 0.8.1 and containernetworking CNI plugin binaries to v1.1.1
v1.11.2
- Improvement - Updated golang to Go 1.18 (@orsenthil)
- Improvement - Updated containernetworking/cni version to 0.8.1 to address CVE-2021-20206 (@orsenthil)
- Improvement - Updated CNI Plugins to v1.1.1 (@orsenthil)
To apply this release:
kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/v1.11.2/config/master/aws-k8s-cni.yaml
Verify the update:
$ kubectl describe daemonset aws-node -n kube-system | grep Image | cut -d "/" -f 2
amazon-k8s-cni-init:v1.11.2
amazon-k8s-cni:v1.11.2
v1.11.0
This release introduces an optional new mode for Security groups for pods feature along with other improvements.
EKS documentation suggests to add the ENIConfig label for identifying your worker nodes with "ENI_CONFIG_LABEL_DEF=failure-domain.beta.kubernetes.io/zone". This is to select an ENIConfig based upon availability zone and would need to create an ENIConfig custom resource for each availability zone (e.g. us-east-1a). But the sample default ENIConfig generated by helm used to build the ENIConfig by default using the format REGION + USER-SUPPLIED-NAME which is not inline with the documentation. PR #1918 is included in this release to keep the documentation inline with the sample configs and also provide flexibility if there is no need to follow AZ naming recommendation.
Changes since v1.10.3:
- Feature - Support new SGPP standard mode (@M00nF1sh )
- Feature - IPv4 Randomize SNAT support for IPv6 pods (@achevuru)
- Feature - Respect existing ENIConfig label if set on node (@backjo)
- Improvement - Timeout and reconcile when checking API server connectivity
(@prateekgogia) - Improvement - Improve startup performance of IPAMD (@backjo)
- Improvement - Record pod metadata and allocationTime in IP allocation state file (@M00nF1sh )
- Bug - Fixes node label error handling & revert to use update for node label update (@jayanthvn, @M00nF1sh )
(#1959) - Bug - IPAMD throw an error on configuration validation failure (@veshij)
- Cleanup - refactoring DataStore.GetStats to simplify adding new fields (@veshij)
To apply this release:
kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/v1.11.0/config/master/aws-k8s-cni.yaml
Verify the update:
$ kubectl describe daemonset aws-node -n kube-system | grep Image | cut -d "/" -f 2
amazon-k8s-cni-init:v1.11.0
amazon-k8s-cni:v1.11.0