ready for release v1.7.1

kubeovn · Jul 15, 2021 · 1b289a2 · 1b289a2
1 parent 795fbdf
commit 1b289a2
Show file tree

Hide file tree

Showing 14 changed files with 58 additions and 18 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,5 +1,45 @@
 # CHANGELOG
 
+## 1.7.1 -- 2021/07/15
+
+### New Feature
+- Underlay/Vlan network refactoring
+- Diagnose command 'kubectl ko' support trace in underlay networking
+- Diagnose command 'kubectl ko' support cluster operations status/kick/backup
+- Support to specify node nic name
+
+### Bugfix
+- Fix acl overlay issues
+- Fix available ips count of subnet
+- Fix lsp may lost when server pressure is high
+- Cleanup kube-ovn-monitor resource
+- Remove wait ovn sb
+- Remove kube-ovn-controller rollout check
+- Delete process of ip crd delete in cni delete request
+- Delete ecmp route when node is not ready
+- Ignore update pod nic annotation when not nil
+- Clean up gateway chassis list for external gw
+- Node route should filter out 'vpc'
+- Do not delete statefulset pod when update pod
+- Add master check when a node adding to a cluster and config sb/nb address
+- Fix IP/route transfer on node reboot
+- Fix uninstall.sh execution in OVS pods
+- Add node internal ip into ovn-ic advertise blacklist
+- Fix bug for deleting ovn-ic lrp failed
+- Keep subnet's vlan empty if not specified
+- Add field defaultNetworkType in configmap ovn-config
+
+### Performance
+- Enable tx offload again as upstream already fix it
+
+### Test
+- Correct vlan e2e testing
+- Remove dpdk ci
+
+### Security
+- Add go build security options
+- Fix CVE-2021-3121
+
 ## 1.7.0 -- 2021/06/03
 
 ### New Feature

diff --git a/VERSION b/VERSION
@@ -1 +1 @@
-v1.7.0
+v1.7.1
diff --git a/dist/images/generate-ssl-docker.sh b/dist/images/generate-ssl-docker.sh
@@ -2,7 +2,7 @@
 set -euo pipefail
 exist=$(kubectl get secret -n kube-system kube-ovn-tls --ignore-not-found)
 if [[ $exist == "" ]];then
-  docker run --rm -v $PWD:/etc/ovn kubeovn/kube-ovn:v1.7.0 bash generate-ssl.sh
+  docker run --rm -v $PWD:/etc/ovn kubeovn/kube-ovn:v1.7.1 bash generate-ssl.sh
   kubectl create secret generic -n kube-system kube-ovn-tls --from-file=cacert=cacert.pem --from-file=cert=ovn-cert.pem --from-file=key=ovn-privkey.pem
   rm -rf cacert.pem ovn-cert.pem ovn-privkey.pem ovn-req.pem
 fi
diff --git a/dist/images/install-pre-1.16.sh b/dist/images/install-pre-1.16.sh
@@ -11,7 +11,7 @@ CNI_CONF_DIR="/etc/cni/net.d"
 CNI_BIN_DIR="/opt/cni/bin"
 
 REGISTRY="kubeovn"
-VERSION="v1.7.0"
+VERSION="v1.7.1"
 IMAGE_PULL_POLICY="IfNotPresent"
 POD_CIDR="10.16.0.0/16"                # Do NOT overlap with NODE/SVC/JOIN CIDR
 POD_GATEWAY="10.16.0.1"

diff --git a/dist/images/install.sh b/dist/images/install.sh
@@ -14,7 +14,7 @@ CNI_CONF_DIR="/etc/cni/net.d"
 CNI_BIN_DIR="/opt/cni/bin"
 
 REGISTRY="kubeovn"
-VERSION="v1.7.0"
+VERSION="v1.7.1"
 IMAGE_PULL_POLICY="IfNotPresent"
 POD_CIDR="10.16.0.0/16"                # Do NOT overlap with NODE/SVC/JOIN CIDR
 POD_GATEWAY="10.16.0.1"

diff --git a/dist/images/ovn-ic-db-docker.sh b/dist/images/ovn-ic-db-docker.sh
@@ -1 +1 @@
-docker run -d --network=host -v /etc/ovn/:/etc/ovn -v /var/run/ovn:/var/run/ovn -v /var/log/ovn:/var/log/ovn kubeovn/kube-ovn:v1.7.0 bash start-ic-db.sh
+docker run -d --network=host -v /etc/ovn/:/etc/ovn -v /var/run/ovn:/var/run/ovn -v /var/log/ovn:/var/log/ovn kubeovn/kube-ovn:v1.7.1 bash start-ic-db.sh
diff --git a/docs/OpenStackK8sInterconnection.md b/docs/OpenStackK8sInterconnection.md
@@ -17,7 +17,7 @@ This document is based on Openstack *Victoria* and Kube-OVN *1.7*
 #### 1. Run Interconnection Controller in a Kubernetes node which can be accessed by an Openstack gateway node.
 
 ```shell
-$ docker run --name=ovn-ic-db -d --network=host -v /etc/ovn/:/etc/ovn -v /var/run/ovn:/var/run/ovn -v /var/log/ovn:/var/log/ovn kubeovn/kube-ovn:v1.7.0 bash start-ic-db.sh
+$ docker run --name=ovn-ic-db -d --network=host -v /etc/ovn/:/etc/ovn -v /var/run/ovn:/var/run/ovn -v /var/log/ovn:/var/log/ovn kubeovn/kube-ovn:v1.7.1 bash start-ic-db.sh
 ```
 
 #### 2. Create `ovn-ic-config` for kubernetes cluster in `kube-system` namespace.

diff --git a/docs/cluster-interconnection.md b/docs/cluster-interconnection.md
@@ -13,7 +13,7 @@ only L3 connectivity for gateway nodes is required.
 ## Auto Route Step
 1. Run Interconnection Controller in a region that can be accessed by other cluster
 ```bash
-docker run --name=ovn-ic-db -d --network=host -v /etc/ovn/:/etc/ovn -v /var/run/ovn:/var/run/ovn -v /var/log/ovn:/var/log/ovn kubeovn/kube-ovn:v1.7.0 bash start-ic-db.sh
+docker run --name=ovn-ic-db -d --network=host -v /etc/ovn/:/etc/ovn -v /var/run/ovn:/var/run/ovn -v /var/log/ovn:/var/log/ovn kubeovn/kube-ovn:v1.7.1 bash start-ic-db.sh
 ```
 2. Create `ovn-ic-config` ConfigMap in each cluster `kube-system` namespace. Edit and apply the yaml below in each cluster.
 ```yaml
@@ -85,7 +85,7 @@ For manually adding routes, you need to find the
 ## Manually Route Step
 1. Same as AutoRoute step 1,run Interconnection Controller in a region that can be accessed by other cluster
 ```bash
-docker run --name=ovn-ic-db -d --network=host -v /etc/ovn/:/etc/ovn -v /var/run/ovn:/var/run/ovn -v /var/log/ovn:/var/log/ovn kubeovn/kube-ovn:v1.7.0 bash start-ic-db.sh
+docker run --name=ovn-ic-db -d --network=host -v /etc/ovn/:/etc/ovn -v /var/run/ovn:/var/run/ovn -v /var/log/ovn:/var/log/ovn kubeovn/kube-ovn:v1.7.1 bash start-ic-db.sh
 ```
 2. Create `ic-config` ConfigMap in each cluster. Edit and apply the yaml below in each cluster. Note that `auto-route` is set to `false`
 ```yaml

diff --git a/docs/high-available.md b/docs/high-available.md
@@ -8,7 +8,7 @@ Change the replicas to 3, and add NODE_IPS environment var points to node that h
       replicas: 3
       containers:
         - name: ovn-central
-          image: "kubeovn/kube-ovn:v1.7.0"
+          image: "kubeovn/kube-ovn:v1.7.1"
           imagePullPolicy: Always
           env:
             - name: POD_IP

diff --git a/docs/install.md b/docs/install.md
@@ -41,7 +41,7 @@ If you want to try the latest developing Kube-OVN, try the script below
  JOIN_CIDR="100.64.0.0/16"              # Do NOT overlap with NODE/POD/SVC CIDR
  LABEL="node-role.kubernetes.io/master" # The node label to deploy OVN DB
  IFACE=""                               # The nic to support container network can be a nic name or a group of regex separated by comma, if empty will use the nic that the default route use
- VERSION="v1.7.0"
+ VERSION="v1.7.1"
 ```
 
 After v1.6.0 `IFACE` support regex, e.g. `IFACE=enp6s0f0,eth.*`

diff --git a/yamls/kube-ovn-ipv6.yaml b/yamls/kube-ovn-ipv6.yaml
@@ -38,7 +38,7 @@ spec:
       hostNetwork: true
       containers:
         - name: kube-ovn-controller
-          image: "kubeovn/kube-ovn:v1.7.0"
+          image: "kubeovn/kube-ovn:v1.7.1"
           imagePullPolicy: IfNotPresent
           command:
             - /kube-ovn/start-controller.sh
@@ -117,7 +117,7 @@ spec:
       hostPID: true
       initContainers:
         - name: install-cni
-          image: "kubeovn/kube-ovn:v1.7.0"
+          image: "kubeovn/kube-ovn:v1.7.1"
           imagePullPolicy: IfNotPresent
           command: ["/kube-ovn/install-cni.sh"]
           securityContext:
@@ -128,7 +128,7 @@ spec:
               name: cni-bin
       containers:
         - name: cni-server
-          image: "kubeovn/kube-ovn:v1.7.0"
+          image: "kubeovn/kube-ovn:v1.7.1"
           imagePullPolicy: IfNotPresent
           command:
             - bash
@@ -236,7 +236,7 @@ spec:
       hostPID: true
       containers:
         - name: pinger
-          image: "kubeovn/kube-ovn:v1.7.0"
+          image: "kubeovn/kube-ovn:v1.7.1"
           command: ["/kube-ovn/kube-ovn-pinger", "--external-address=114.114.114.114", "--external-dns=alauda.cn"]
           imagePullPolicy: IfNotPresent
           securityContext:

diff --git a/yamls/ovn-dpdk.yaml b/yamls/ovn-dpdk.yaml
@@ -193,7 +193,7 @@ spec:
       hostNetwork: true
       containers:
         - name: ovn-central
-          image: "kubeovn/kube-ovn:v1.7.0"
+          image: "kubeovn/kube-ovn:v1.7.1"
           imagePullPolicy: IfNotPresent
           command: ["/kube-ovn/start-db.sh"]
           securityContext:

diff --git a/yamls/ovn-ha.yaml b/yamls/ovn-ha.yaml
@@ -208,7 +208,7 @@ spec:
       hostNetwork: true
       containers:
         - name: ovn-central
-          image: "kubeovn/kube-ovn:v1.7.0"
+          image: "kubeovn/kube-ovn:v1.7.1"
           imagePullPolicy: IfNotPresent
           command: ["/kube-ovn/start-db.sh"]
           securityContext:
@@ -331,7 +331,7 @@ spec:
       hostPID: true
       containers:
         - name: openvswitch
-          image: "kubeovn/kube-ovn:v1.7.0"
+          image: "kubeovn/kube-ovn:v1.7.1"
           imagePullPolicy: IfNotPresent
           command: ["/kube-ovn/start-ovs.sh"]
           securityContext:

diff --git a/yamls/speaker.yaml b/yamls/speaker.yaml
@@ -29,7 +29,7 @@ spec:
       hostNetwork: true
       containers:
         - name: ovn-central
-          image: "kubeovn/kube-ovn:v1.7.0"
+          image: "kubeovn/kube-ovn:v1.7.1"
           imagePullPolicy: IfNotPresent
           command:
             - /kube-ovn/kube-ovn-speaker