Commit 315831aa authored by MengxinLiu's avatar MengxinLiu Committed by oilbeater
Browse files

docs: prepare docs for 1.6.0 release

parent caa2ad63
master acl acl-doc add_unknown_to_lsp allow-subnet bandwidth base/enable-dbg centralized-policy-route centralized_nat chore/show-gw-error chore/size ci/base ci/base-update ci/retry ci/trivy ci/update-kind cni crd-print db-monitor debug delete-qos delete-qos-queue delete_ip doc/custom-kubeconfig doc/optimization doc/vip docs/corigine docs/dpdk-pod-name docs/internal-port-vlan docs/optimize docs/optimize-cilium dualstack ecmp ecmp_static_route encap-ip env-check fdb feat/add-lint feat/dev-image feat/disable-ping-check feat/keep-chassis-name feat/ko feat/log feat/mcast feat/multicast feat/update-ovn feat/vlan-geneve feat/vlan-regex feat/vpc-lb fix-base fix-dnat fix-resubmit-limit fix/acl fix/avx512 fix/check-crd fix/cleanup fix/ecmp-hash fix/gw-del fix/ic-restart fix/init-ping fix/iptables fix/ipv6-svc fix/metrics-name fix/node-acl fix/np-log fix/ovn-healthcheck fix/ovn-northd-flipflop fix/pod-del fix/provider-check fix/reset-ovn0 fix/src-priority fix/subnet-without-protocol fix/udp-checksum fix/uninstall fix_make_kind_reload gc-vm-lsp internal-port internal_port internal_tcpdump ip join klog/v2 log/rotate ls-dnat-mod-dl-dst lsp-address lsp-ipam mahz-master monitor/metrics monitor_db_con multus multus-cni-update namespace nat-gw nbctl networkpolicy nodeport np_master ns-subnet ovn-controller ovn-db-recover ovs-nonstop ovs-win64-ci perf/4.18 perf/alias perf/libovsdb perf/optimization perf/route-port-address perf/stt perf/tuning-guide poc policy-route policy-route-1.8 port-group push-img qos qos-e2e qos-query refactor/other_config reflactor_note release-1.10 release-1.6 release-1.7 release-1.8 release-1.8-kubevirt release-1.8-lint release-1.8-monitor release-1.9 release-1.9-monitor release/prepare-1.9 remove_no_need_parms_svcAsName restore revert-1094-vpc-lb revert-1264-yd-master revert-1309-fixcni security/ubuntu-update security/update-ubuntu sg-acl stspod subnet subnet_ips svc sync-ovn-db test/fix-flaky testing update-ovs update/1.7-1.8 update/1.8.2 update_version upgrade-ovs vm-migrate vm-static-ip vpc-nat-gw webhook v1.10.7 v1.10.6 v1.10.5 v1.10.4 v1.10.3 v1.10.2 v1.10.1 v1.10.0 v1.9.14 v1.9.13 v1.9.12 v1.9.10 v1.9.9 v1.9.8 v1.9.7 v1.9.6 v1.9.5 v1.9.4 v1.9.3 v1.9.2 v1.9.1 v1.9.0 v1.8.14 v1.8.12 v1.8.11 v1.8.9 v1.8.8 v1.8.7 v1.8.6 v1.8.5 v1.8.4 v1.8.3 v1.8.2 v1.8.1 v1.8.0 v1.7.3 v1.7.2 v1.7.1 v1.7.0 v1.6.3 v1.6.2 v1.6.1 v1.6.0
Showing with 72 additions and 11 deletions
+72 -11
# CHANGELOG
## 1.6.0 -- TODO
### New Feature
* Basic support for custom VPC
* DualStack support
* Overlay to underlay gateway through BGP
* Support binding pod to subnet
* Support disable interconnection for specific subnet
* Iface now support regex
* `install.sh` supports DPDK resource configuration
* Remove cluster ip dependency for ovn/ovs components
* Change base image to ubuntu
### Monitoring
* Add OVN/OVS monitor
* Add ovs client latency metrics
* Add ping total count metric
* Add `ovs-vsctl` show to diagnose results
* Add `kubectl describe no` to diagnose results
* Add ovs-vsctl show to diagnose results
* Add available IP metrics
* Add more dashboard
### Mics
* CI: change to official docker buildx action
* Perf: remove default acl rules
* ci: add github code scan
* Add version info
* Reduce image size
* Perf: accelerate ic and ex gw update
* Refactor iptable logs
* Tolerate all taints
* OVN/OVS log rotation
* Update Go to 1.15
### Bugfix
* Remove not alive pod in networkpolicy portGroup
* Delete Pod when marked with deletionTimestamp
* Use the internal IP when node try to connect to pod
* Do not advertise node switch cidr when enable ovn-ic
* Wrong proto str for udp diagnose
* IPv6 len mismatch
* Add default SSL var for compatibility
* Wrong ipv6 network format when update subnet
* Broken RPM link
* Default SSL var for compatibility
* Wrong iptable order
* Check multicast and loopback subnet
* CodeQL scan warnings
* Fix cleanup scripts
* Check ipv6 requirement before start
* Check if ovn-central ip exists in `NODE_IPS` before start
* Fix the problem of confusion between old and new versions of crd
* Fix external-address config description
* Add resources limits to avoid eviction
* NAT rules can be modified
* Masquerade other nodes to local pod to avoid NodePort triangle traffic
* OVN-IC support SSL
* Pod static ip validation
* Multiple rule networkpolicy issues
## 1.5.2 -- 2020/12/01
### New Feature
......@@ -35,7 +96,7 @@
### Bugfix
* Remove not alive pod in networkpolicy portGroup
* Delete Pod when marked with deletionTimestamp
* Use internal IP when node try to connect to pod
* Use the internal IP when node try to connect to pod
* Do not advertise node switch cidr when enable ovn-ic
* Wrong proto str for udp diagnose
* Wrong ipv6 network format when update subnet
......@@ -115,7 +176,7 @@
### Security
* Use gosec to audit code security
* Use trivy to scan and fix image CVEs
* Use trivy to scan and fix the image CVEs
* Update loopback plugin to fix CVEs
### Bugfix
......@@ -161,7 +222,7 @@ From this version, subnet CIDR can be changed after creation, and routes will be
* Kube—OVN now supports using BGP to announce Pod IP routes to external network
* Subnet validator will check if subnet CIDR conflicts with svc or node CIDR
* Subnet CIDR can be changed after creation
* When subnet gateway changed, routes will aromatically changed
* When subnet gateway changed, routes will aromatically be changed
### Monitoring
......@@ -290,7 +351,7 @@ It's time to run Kube-OVN in production!
* Modify upstream ovn to reduce memory footprint
* CniServer filter pod in the informer list-watch and disable resync
* Skip evicted pod when enqueueAddPod and enqueueUpdatePod
* When controller restart skip pod already create lsp
* When controller restart, skip pod already create lsp
* As lr-route-add with --may-exist will replace exist route, no need for another delete
### Monitoring
......@@ -306,7 +367,7 @@ It's time to run Kube-OVN in production!
* Block subnet deletion when there is any ip in use
* IP conflict when use ippool
* GC logical_switch_port form listing pods and nodes
* Do not add unallocated pod to port-group
* Do not add the unallocated pod to port-group
* PodSelector in networkpolicy should only consider pods in the same ns
### Mics
......@@ -344,7 +405,7 @@ This release is mainly about controller performance, stability and bugfix
### Stability and Bugfix
* LB init conflict when use multiple kube-ovn-controller
* Static Route might lost during leader election
* If pod have not a status.PodIP skip add/del static route
* When a pod doesn't have a `status.PodIP`, skip add/del static route
* Add keepalive to ovn-controller
* Add qlen when set egress QoS
* Add ingress_policing_burst to accurate limit ingress bandwidth
......@@ -454,7 +515,7 @@ This is a bugfix version
* Use ovs-ctl and ovn-ctl to do health check
### Bug Fixes
* Check subnet cidr conflict
* Validate namespace and pod annotations
* Validate the namespace and pod annotations
* Daemon wait for node annotations ready
* Reuse node annotations when kube-ovn-controller restart
......
......@@ -22,6 +22,7 @@ The Kube-OVN community is waiting for you participation!
- **Subnet Isolation**: Can configure a Subnet to deny any traffic from source IP addresses not within the same Subnet. Can whitelist specific IP addresses and IP ranges.
- **Network Policy**: Implementing networking.k8s.io/NetworkPolicy API by high performance ovn ACL.
- **Static IP Addresses for Workloads**: Allocate random or static IP addresses to workloads.
- **DualStack IP Support**: Pod can run in IPv4-Only/IPv6-Only/DualStack mode.
- **Pod NAT and EIP**: Manage the pod external traffic and external ip like tradition VM.
- **Multi-Cluster Network**: Connect different clusters into one L3 network.
- **IPAM for Multi NIC**: A cluster-wide IPAM for CNI plugins other than Kube-OVN, such as macvlan/vlan/host-device to take advantage of subnet and static ip allocation functions in Kube-OVN.
......@@ -30,18 +31,16 @@ The Kube-OVN community is waiting for you participation!
- **Distributed Gateways**: Every Node can act as a Gateway to provide external network connectivity.
- **Namespaced Gateways**: Every Namespace can have a dedicated Gateway for Egress traffic.
- **Direct External Connectivity**:Pod IP can be exposed to external network directly.
- **BGP Support**: Pod IP can be exposed to external by BGP router protocol.
- **BGP Support**: Pod/Subnet IP can be exposed to external by BGP router protocol.
- **Traffic Mirror**: Duplicated container network traffic for monitoring, diagnosing and replay.
- **Hardware Offload**: Boost network performance and save CPU resource by offloading OVS flow table to hardware.
- **Vlan Support**: Kube-OVN also support underlay Vlan mode network for better performance and throughput.
- **DPDK Support**: DPDK application now can run in Pod with OVS-DPDK.
- **IPv6 Support**: Kube-OVN supports ipv6-only mode pod network.
- **ARM Support**: Kube-OVN can run on x86_64 and arm64 platforms.
- **TroubleShooting Tools**: Handy tools to diagnose, trace, monitor and dump container network traffic to help troubleshooting complicate network issues.
- **Prometheus & Grafana Integration**: Exposing network quality metrics like pod/node/service/dns connectivity/latency in Prometheus format.
## Planned Future Work
- Multi-Cluster Network
- Policy-based QoS
- More Metrics and Traffic Graph
- More Diagnosis and Tracing Tools
......@@ -80,6 +79,7 @@ If you want to install Kubernetes from scratch, you can try [kubespray](https://
- [Traffic Mirror](docs/mirror.md)
- [Webhook](docs/webhook.md)
- [IPv6](docs/ipv6.md)
- [DualStack](docs/dual-stack.md)
- [Tracing/Diagnose/Dump Traffic with Kubectl Plugin](docs/kubectl-plugin.md)
- [Prometheus Integration](docs/prometheus.md)
- [Metrics](docs/ovn-ovs-monitor.md)
......@@ -124,4 +124,4 @@ From the function set, Kube-OVN can offer some more abilities like static ip, Qo
## License
[![FOSSA Status](https://app.fossa.com/api/projects/git%2Bgithub.com%2Falauda%2Fkube-ovn.svg?type=large)](https://app.fossa.com/projects/git%2Bgithub.com%2Falauda%2Fkube-ovn?ref=badge_large)
\ No newline at end of file
[![FOSSA Status](https://app.fossa.com/api/projects/git%2Bgithub.com%2Falauda%2Fkube-ovn.svg?type=large)](https://app.fossa.com/projects/git%2Bgithub.com%2Falauda%2Fkube-ovn?ref=badge_large)
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment