mirrors/kube-router
1
0
Fork 0
mirror of https://github.com/cloudnativelabs/kube-router.git synced 2025-12-08 05:11:06 +01:00
Code Issues Packages Projects Releases Wiki Activity
693 Commits 26 Branches 103 Tags
Commit Graph

693 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Manuel Rüger
f8214ef8de .github/workflows: Fix yaml error 2021-07-05 23:03:37 +02:00
Manuel Rüger
8697d81d88 .github: Fix tag workflow 2021-07-05 23:03:37 +02:00
Manuel Rüger
36e1de9a56 go.mod: Update dependencies 2021-07-05 23:03:37 +02:00
Manuel Rüger
fc4ddef2d0 .github: Fix tag workflow 2021-07-05 23:03:37 +02:00
Manuel Rüger
9b7f98e0df .github: Fix Tag/Push workflow 2021-07-05 23:03:37 +02:00
Manuel Rüger
4a3940f590 .github/workflows: Small fix v1.3.0-rc2 v1.3.0-rc6 2021-07-05 20:06:20 +02:00
Manuel Rüger
e433f0ef2c Apply review feedback 2021-07-05 20:04:37 +02:00
Manuel Rüger
0914305d30 Build binaries via Dockerfile, migrate to Github Actions 
* Removes Travis Integration and migrates to Github Actions
* Builds binaries in Dockerfile via MultiArch
* Adds a Release Process
* Drops support for ppc64le, s390x container builds (as golang-alpine3.14 does not
  contain builds for them)
 2021-07-05 20:04:37 +02:00
dependabot[bot]
366b95f25f build(deps): bump github.com/prometheus/client_golang 
Bumps [github.com/prometheus/client_golang](https://github.com/prometheus/client_golang) from 1.10.0 to 1.11.0.
- [Release notes](https://github.com/prometheus/client_golang/releases)
- [Changelog](https://github.com/prometheus/client_golang/blob/master/CHANGELOG.md)
- [Commits](https://github.com/prometheus/client_golang/compare/v1.10.0...v1.11.0)

---
updated-dependencies:
- dependency-name: github.com/prometheus/client_golang
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2021-07-01 16:20:33 +02:00
dependabot[bot]
cef7f47e89 build(deps): bump k8s.io/cri-api from 0.21.0 to 0.21.2 
Bumps [k8s.io/cri-api](https://github.com/kubernetes/cri-api) from 0.21.0 to 0.21.2.
- [Release notes](https://github.com/kubernetes/cri-api/releases)
- [Commits](https://github.com/kubernetes/cri-api/compare/v0.21.0...v0.21.2)

---
updated-dependencies:
- dependency-name: k8s.io/cri-api
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2021-07-01 15:53:44 +02:00
Manuel Rüger
2521525a83 gobgp: Version bump to 2.29.0 2021-07-01 15:53:29 +02:00
dependabot[bot]
59b2c44725 build(deps): bump google.golang.org/grpc from 1.38.0 to 1.39.0 
Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.38.0 to 1.39.0.
- [Release notes](https://github.com/grpc/grpc-go/releases)
- [Commits](https://github.com/grpc/grpc-go/compare/v1.38.0...v1.39.0)

---
updated-dependencies:
- dependency-name: google.golang.org/grpc
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2021-07-01 15:34:04 +02:00
dependabot[bot]
039f87d37c build(deps): bump github.com/aws/aws-sdk-go from 1.38.55 to 1.38.70 
Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.38.55 to 1.38.70.
- [Release notes](https://github.com/aws/aws-sdk-go/releases)
- [Changelog](https://github.com/aws/aws-sdk-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-go/compare/v1.38.55...v1.38.70)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2021-07-01 09:26:33 +02:00
dependabot[bot]
7f6115dde4 build(deps): bump k8s.io/client-go from 0.21.1 to 0.21.2 
Bumps [k8s.io/client-go](https://github.com/kubernetes/client-go) from 0.21.1 to 0.21.2.
- [Release notes](https://github.com/kubernetes/client-go/releases)
- [Changelog](https://github.com/kubernetes/client-go/blob/master/CHANGELOG.md)
- [Commits](https://github.com/kubernetes/client-go/compare/v0.21.1...v0.21.2)

---
updated-dependencies:
- dependency-name: k8s.io/client-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2021-07-01 09:25:42 +02:00
Murali Reddy
73b1b03b32 cache the check of wait option support in iptables-restore 2021-06-29 18:26:58 -05:00
Murali Reddy
751981c318 update alpine image to 3.14 for latest iptables-restore command 
with --wait option, and use wait where its available
 2021-06-29 18:26:58 -05:00
Manuel Rüger
468670bebb go.mod: Update to gobgp 2.28.0 2021-06-28 20:24:30 +02:00
Murali Reddy
c8f7daf7ce fix lint errors 2021-06-28 12:45:43 -05:00
Murali Reddy
2c4dd7d584 addressing review comments 2021-06-28 12:45:43 -05:00
Murali Reddy
4c8cfc9c27 bug fix 2021-06-28 12:45:43 -05:00
Murali Reddy
93fe004ce6 bug fixes 2021-06-28 12:45:43 -05:00
Murali Reddy
3d407dc451 make rules to ACCPET related/established traffic as first entry in pod firewall chain 2021-06-28 12:45:43 -05:00
Murali Reddy
d684ec0c65 add logic to explicitly ACCEPT traffic from/to the pod if its 
permitted by applicable network policies. If there are no network
policies then by default ACCEPT the pod traffic
 2021-06-28 12:45:43 -05:00
Ricardo Katz
21473edf05
Add support for kubernetes endport field (#1080) 2021-06-17 21:44:32 +05:30
Manuel Rüger
91a1b3740c
.github: Add Go Releaser Step (#1100) v1.3.0-rc1 2021-06-16 23:31:22 +05:30
yeya24
011b7aa12a fix typo Gracefule -> Graceful 
Signed-off-by: yeya24 <yb532204897@gmail.com>
 2021-06-08 13:19:52 -05:00
dependabot[bot]
b39923a816 build(deps): bump google.golang.org/grpc from 1.37.0 to 1.38.0 
Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.37.0 to 1.38.0.
- [Release notes](https://github.com/grpc/grpc-go/releases)
- [Commits](https://github.com/grpc/grpc-go/compare/v1.37.0...v1.38.0)

Signed-off-by: dependabot[bot] <support@github.com>
 2021-06-07 13:57:50 +02:00
dependabot[bot]
5ed68d4a12 build(deps): bump github.com/aws/aws-sdk-go from 1.38.30 to 1.38.55 
Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.38.30 to 1.38.55.
- [Release notes](https://github.com/aws/aws-sdk-go/releases)
- [Changelog](https://github.com/aws/aws-sdk-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-go/compare/v1.38.30...v1.38.55)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2021-06-07 13:36:17 +02:00
dependabot[bot]
ea1605e1ed build(deps): bump github.com/onsi/ginkgo from 1.16.1 to 1.16.4 
Bumps [github.com/onsi/ginkgo](https://github.com/onsi/ginkgo) from 1.16.1 to 1.16.4.
- [Release notes](https://github.com/onsi/ginkgo/releases)
- [Changelog](https://github.com/onsi/ginkgo/blob/master/CHANGELOG.md)
- [Commits](https://github.com/onsi/ginkgo/compare/v1.16.1...v1.16.4)

---
updated-dependencies:
- dependency-name: github.com/onsi/ginkgo
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2021-06-07 13:32:32 +02:00
dependabot[bot]
863bd4d7b9 build(deps): bump k8s.io/klog/v2 from 2.8.0 to 2.9.0 
Bumps [k8s.io/klog/v2](https://github.com/kubernetes/klog) from 2.8.0 to 2.9.0.
- [Release notes](https://github.com/kubernetes/klog/releases)
- [Changelog](https://github.com/kubernetes/klog/blob/main/RELEASE.md)
- [Commits](https://github.com/kubernetes/klog/compare/v2.8.0...v2.9.0)

---
updated-dependencies:
- dependency-name: k8s.io/klog/v2
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2021-06-07 13:20:07 +02:00
dependabot[bot]
2a56d3c23e build(deps): bump github.com/docker/docker 
Bumps [github.com/docker/docker](https://github.com/docker/docker) from 20.10.6+incompatible to 20.10.7+incompatible.
- [Release notes](https://github.com/docker/docker/releases)
- [Changelog](https://github.com/moby/moby/blob/master/CHANGELOG.md)
- [Commits](https://github.com/docker/docker/compare/v20.10.6...v20.10.7)

---
updated-dependencies:
- dependency-name: github.com/docker/docker
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2021-06-07 13:19:52 +02:00
dependabot[bot]
cf08cf5d95 build(deps): bump github.com/stretchr/testify from 1.6.1 to 1.7.0 
Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify) from 1.6.1 to 1.7.0.
- [Release notes](https://github.com/stretchr/testify/releases)
- [Commits](https://github.com/stretchr/testify/compare/v1.6.1...v1.7.0)

Signed-off-by: dependabot[bot] <support@github.com>
 2021-06-07 13:12:40 +02:00
dependabot[bot]
abd4eea6b7 build(deps): bump k8s.io/client-go from 0.21.0 to 0.21.1 
Bumps [k8s.io/client-go](https://github.com/kubernetes/client-go) from 0.21.0 to 0.21.1.
- [Release notes](https://github.com/kubernetes/client-go/releases)
- [Changelog](https://github.com/kubernetes/client-go/blob/master/CHANGELOG.md)
- [Commits](https://github.com/kubernetes/client-go/compare/v0.21.0...v0.21.1)

Signed-off-by: dependabot[bot] <support@github.com>
 2021-06-07 13:12:09 +02:00
Aaron U'Ren
7e92ad9ba3 fix(goreleaser): add version and date to published binaries 2021-06-01 23:38:45 +02:00
Aaron U'Ren
d90c753286 fact(NPC): refactor isPodUpdateNetPolRelevant 
Refactor this logic so that it can be more easily tested and expanded
without cluttering the pod.go file. Additionally, add some safe guards
around the pod cast to ensure that we're working with pods before we
pass them.
 2021-06-01 10:42:42 -05:00
Aaron U'Ren
1a82db7500 fix(NPC): check if new pod is actionable 
Previously, kube-router would do a full sync on a new pod whether or not
the pod was in an actionable state. This led to needless syncs as many
pods were missing PodIP addresses or other items necessary to apply
policy.

If a pod is missing these items it is better to wait for the next
message that comes via the UpdateFunc below so that we know that the pod
has all of the necessary items to apply policy to it.
 2021-06-01 10:42:42 -05:00
Aaron U'Ren
3dc5c3fbcd fix(NPC): remove HostNetwork check from OnPodUpdate 
With the previous logic, if a pod changed from having HostNetwork =
False to HostNetwork = True, NPC would not trigger a refresh to clear
out the rules that once applied. Now this check has been moved lower in
the fullPolicySync() logic so that it accounts for these pods naturally.
 2021-06-01 10:42:42 -05:00
Aaron U'Ren
13e0a39800 fix(NPC): check if pod is actionable 
Check if the Pod is actionable before taking NetworkPolicy actions which
includes both adding KUBE-POD-FW and KUBE-NWPLCY chains for it.

Checks have now been consolidated to a single isNetPolActionable()
function which checks for pod phases that we don't want NetworkPolicy
for like: Failed, Completed, and Succeeded, missing pod IP addresses,
and pods with HostNetwork enabled.

fixes #1056
 2021-06-01 10:42:42 -05:00
Aaron U'Ren
fa8d69edd8 fix: add locking around ipset invocations 2021-06-01 10:42:08 -05:00
Manuel Rüger
e8a81f3136 .github: Enable dependabot to manage dependencies 
See also: https://docs.github.com/en/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/configuration-options-for-dependency-updates
 2021-05-31 15:26:10 +02:00
Aaron U'Ren
21c52909d5 feat(iptables): add upstream wrapper script 2021-05-18 18:12:49 +02:00
Manuel Rüger
295c8620b9 travis-deploy: Log into docker 2021-05-18 10:23:37 -05:00
Manuel Rüger
612d9a39d5 Update Build and Test Procedures 
* Move lintand test jobs to Github Actions

* Integrate the gofmt check into Makefile

* Extract version for gobgp, gorelease, gomoq
 2021-05-18 10:23:37 -05:00
Manuel Rüger
c38c3acf4c build-image: Remove outdated script 2021-05-18 10:23:37 -05:00
Aaron U'Ren
4306e5d47c feat(DSR): make TCPMSS based on primary link MTU 2021-05-17 16:33:15 -05:00
Aaron U'Ren
a610596277 fact(GetMTUFromNodeIP): move up a layer of abstraction 
This function is useful for more than just the NRC, move it up a layer
into the global utils so it can be used from multiple controllers.
 2021-05-17 16:33:15 -05:00
icefed
e223ea80a1 Fix DSR(tunneling) mode mtu limit 
https://github.com/cloudnativelabs/kube-router/issues/630
 2021-05-17 16:33:15 -05:00
Aaron U'Ren
45b7fd1d94 fix(NPC): parse NodePorts as unsigned ints 
Also separates logic so that it can be tested more easily, and adds unit
tests to make sure there is no regression.

Fixes #1083
 2021-05-17 15:33:13 -05:00
Aaron U'Ren
14a03a624c fix(bgp.md): misspellings and doc conformance 2021-05-17 12:08:36 -05:00
Aaron U'Ren
9cbc3763b3 feat(bgp): add BGP communities support via node annotation 2021-05-17 12:08:36 -05:00