v1.4.0 Release

We are happy to note that this release includes community contributions from @mikkeloscar, @rickardrosen, @nak3, @pdbogen, @ikatson, @sftim, @etopeter, @ankon, @tustvold, @ewbankkit, @errordeveloper, @rudoi, @max-rocket-internet, @2ffs2nns, @peterbroadhurst and @StevenACoffman.

Notable changes in release v1.4.0

• Feature - Add an environment variable to limit the number of ENIs (#251, @pdbogen)
  • Makes it possible to limit how many ENIs that are allocated per node.
• Feature - Randomize outgoing port for connections in the SNAT iptables rule (#246, @taylorb-syd)
  • To avoid a race condition when using SNAT, select ports randomly instead of sequentially.
• Feature - ENIConfig set by custom annotation or label names (#280, @etopeter)
  • Enables users to set a custom annotation or label key to define ENIConfig name.
• Improvement - Update Calico to 3.3.6 (#368, @2ffs2nns)
• Improvement - Add new instance types (#366, @mogren)
  • Adds m5ad and r5ad families.
• Improvement - Actually enable prometheus metrics (#361, @mogren)
• Improvement - Retry LinkByMac when link not found (#360, @peterbroadhurst)
  • Sometimes it takes a few seconds for a new ENI to be available, so we retry 5 times.
• Improvement - Run yum clean all to reduce image size (#351, @mogren)
• Improvement - Renaming Prometheus metrics with "awscni_" prefix (#348, @max-rocket-internet)
• Improvement - Allow configuring docker image when running make (#178, @mikkeloscar)
• Improvement - Add support for stdout logging (#342, @rudoi)
  • Adds environment variable AWS_VPC_K8S_CNI_LOG_FILE that can be set to stdout or a file path.
• Improvement - Some cleanups related to #234 (#244, @mogren)
• Improvement - Use apps/v1 for DaemonSet (#341, @errordeveloper)
• Improvement - Clean up aws-cni-support.sh and update the documentation (#320, @mogren)
• Improvement - Fix tiny typo in log message (#323, #324, @ankon)
• Improvement - Collect rp_filter from all network interface in aws-cni-support.sh (#338, @nak3)
• Improvement - Use device number 0 for primary device in unit test (#247, @nak3)
• Improvement - Collect iptables -nvL -t mangle in support script (#304, @nak3)
• Improvement - Return the err from f.Close() (#249, @mogren)
• Improvement - Explicitly set the IP on secondary ENIs (#271, @ewbankkit)
  • Fixes IP bug on older kernels.
• Improvement - Update instance ENI and IP mapping table (#275, @hmizuma)
  • Adds a1 and c5n instances. (Already included in v1.3.2)
• Improvement - Add ENI entries for p3dn.24xlarge instance (#274, @hmizuma)
  • p3dn.24xlarge was already included in v1.3.2
• Improvement - Use InClusterConfig when CreateKubeClient() was called without args (#293, @nak3)
• Improvement - Expose configuration variables via ipamD to make it debug friendly (#287, @nak3)
• Improvement - Allow cross compile on different platform (#292, @nak3)
• Improvement - Add changes to support multiple platform build (#286, @mbartsch)
  • arm64 build support
• Improvement - Improve setup advice in README around ENI / IP (#276 @sftim)
• Improvement - Use unix.RT_TABLE_MAIN for main routing table number (#269, @nak3)
• Improvement - Detect if mockgen and goimports are in the path (#278, @nak3)
• Improvement - Increment IP address safely (#258, @nak3)
  • Calculate the gateway IP in a safe way.
• Improvement - Remove unused options from rpc.proto (#252, @nak3)
• Improvement - Add missing unit tests execution to Makefile (#253, @nak3)
• Improvement - Bump TravisCI to use 1.11 (#243, @mogren)
• Bug fix - Fix typos in json types for ENIConfig (#393, @tiffanyfay)
• Bug fix - Avoid unbound variable error in aws-cni-support.sh (#382, @StevenACoffman)
• Bug fix - Output CIDR in correct format (#267, @nak3)
• Bug fix - Use replace when adding host route (#367, @mogren)
• Bug fix - Update k8sapi to use operator-framework inClusterConfig (#364, @tiffanyfay)
  • If the environment variables are missing, fall back to DNS lookup.
• Bug fix - Set mainENIRule mask (#340, @tustvold)
  • In order to match the connmark correctly, we need to mask it out when checking.
• Bug fix - Use primary interface to add iptables for connmark entry (#305, @nak3)
• Bug fix - Stop wrapping and returning nil (#245, @nak3)
• Bug fix - Fix return path of NodePort traffic when using Calico network policy (#263, @ikatson)
• Bug fix - Remove scope: Cluster from spec.names (#199, @rickardrosen)
• Bug fix - Remove unneeded spec entry in v1.3 manifest (#262, @hmizuma)
• Bug fix - Add formatter to errors.Wrapf in driver (#241, @nak3)

For running this in your own cluster:

kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/release-1.4/config/v1.4/aws-k8s-cni.yaml

Note! If you are still running a Kubernetes 1.10 or older, you need to use the old CRD configuration:

kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/release-1.4/config/v1.4/aws-k8s-cni-1.10.yaml

Check that the CNI version got updated:

kubectl describe daemonset aws-node -n kube-system | grep Image | cut -d "/" -f 2
amazon-k8s-cni:v1.4.0

v1.4.0 Release Candidate 2

Second release candidate for the v1.4.0 branch. Note! This release is not approved for production use, it is still being tested.

Changes compared to RC 1

• Fixed variable error in logging script #382
• Fixed typos in json types for ENIConfig #394

For running this in your own cluster:

kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/release-1.4/config/v1.4/aws-k8s-cni.yaml

Check that the CNI version got updated:

kubectl describe daemonset aws-node -n kube-system | grep Image | cut -d "/" -f 2
amazon-k8s-cni:v1.4.0-rc2

v1.4.0 Release Candidate 1

First release candidate for the v1.4.0 branch. Note! This release is not meant for production use, it is still being tested.

For running this in your own cluster:

kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/release-1.4/config/v1.4/aws-k8s-cni.yaml

Check that the CNI version got updated:

kubectl describe daemonset aws-node -n kube-system | grep Image | cut -d "/" -f 2
amazon-k8s-cni:v1.4.0-rc1

v1.3.3 Release

• Add support for a1 and c5n instance families: PR #349
• Updated changelog and aws-k8s-cni.yaml: PR #350

v1.3.2 Release

• Corrects number of IPs/ENI for p3dn.24xlarge instances

1.3.1

• Add ENI entries for p3dn.24xlarge
• Restrict p3dn.24xlarge to 31 IPs/ENI

1.3.0 release

• Add logic to handle multiple VPC CIDRs
• Update instance types
• cleanup the host route when perform CNI delete
• Add retry for plumbing route entry
• Update vpc_ip_resource_limit.go
• Add support for g3s.xlarge machines
• Update containerPort in the spec
• Fixing t3.xl and t3.2xl eni numbers
• Configure MTU of ENI and veths to 9001

1.2.1 release

• Bug Fix - Add missing calico.yaml to 1.2
• Bug Fix - Do not watch eniconfig CRD if cni is not configured to use pod config
• Bug Fix - Fixed typo in aws-k8s-cni.yaml
• Bug Fix - Add logic to dynamically discover primary interface name

v1.2.0

Changelog

• Feature - Add hostPort support #153
• Feature - Add a configuration knob to allow Pod to use different VPC SecurityGroups and Subnet #165
• Feature - Fix return path of NodePort traffic #130
• Improvement - Add more error messages during initialization #174
• Improvement - Check to make it is a Pod object #170
• Improvement - Maintain the right number of ENIs and its IP addresses in WARM-IP pool #169
• Improvement - Add support for more instance types: r5, r5d, z1d, t3 #145

v1.1.0

Changelog

• Feature — Versioning with git SHA #106
• Feature — Ability to configure secondary IP preallocation (#125)
• Feature — Allow pods communicate with outside VPC without NAT#81
• Improvement — Added travis CI support #116, #117, #118
• Improvement — Modify toleration to make aws-node schedule-able on all nodes #128
• Improvement — Move from TagResources to CreateTags for ENI Tagging #129
• Improvement — Updated troubleshooting guidelines
• Bug Fix — Release IP to datastore upon failure #127