rpm/cni-plugins
SHA256
1
0
Fork 0
forked from pool/cni-plugins
Code Pull Requests Activity
88a7256085
cni-plugins/cni-plugins.changes

385 lines
17 KiB
Plaintext
Raw Blame History

-------------------------------------------------------------------
Tue Mar 29 10:08:13 UTC 2022 - fvogt@suse.com
- Update to version 1.1.1:
* ipam/dhcp: Fix client id in renew/release
* call ipam.ExceDel after clean up device in netns fix #666
* portmap: fix checkPorts result when chain does not exist
* portmap: fix bug that new udp connection deletes all existing conntrack entries
* Enhanced dad set to 1
* Add boolean to enable/disable dad
* Disable DAD for container side veth
* firewall: support ingressPolicy=(open|same-bridge) for isolating bridges as in Docker
* Fix host-device gofmt
* host-device: Bring interfaces up after moving into container
* pkg/ns: use file system magic numbers from golang.org/x/sys/unix
* gofmt
* go mod tidy
* build: bump to go 1.17
* Remove arp notify setting per comment
* plugins: replace arping package with arp_notify
* fix #685
* Ran go fmt so tests would pass
* Fixed DHCP problem that broke when fast retry was added.
* dhcp ipam: adjust retry mechanism
* add ipam tests for dpdk device
* add ipam support for dpdk device
* ipvlan: Send Gratuitous ARP after IPs are set
* dhcp ipam: fix client id
* dhcp ipam: rename inconsistent options among files
* dhcp ipam: add more options capable for sending
* dhcp ipam: add fast retry
* dhcp ipam: support customizing dhcp options
* dhcp ipam: truncate client id to 254 bytes
* dhcp ipam: print error correctly without format string
* dhcp ipam: using full config to regular the code
* Allow setting sysctls on a particular interface
* dhcp: remove implemented TODO
* Don't redundantly filepath.Clean the output of filepath.Join
* Use crypto/rand.Read, not crypto.Reader.Read
* bridge: Add macspoofchk support
* plugins: fix bug where support for CNI version 0.4.0 or 1.0.0 was dropped
* vendor: bump to libcni v1.0.1
* static ipam: do not parse the CIDR twice
* static ipam: improve error msgs when provisioning invalid CIDR
* bump go to 1.16, other misc fixes
* vendor: bump all direct dependencies
* vendor: bump to libcni v1.0
* docs: Update the CI badge from Travis CI to GitHub Actions
* bridge: Fix typo in error message for promiscuous mode
* ip: place veth peer in host namspace directly
* bridge: Add mac field to specify container iface mac
* static ipam: decide wrong cidr error msg
* static ipam: stop wrapping net.ParseCIDR errors
* static ipam: show confusing error msg
* utils, hwaddr: Remove unused package
* ip, link_linux: Remove unused SetHWAddrByIP function
* plugins: remove flannel
* refactor(win-bridge): netconf
* refactor(win-bridge): hcn api processing
* refactor(win-bridge): hns api processing
* chore(win-bridge): location related
* chore(win-bridge): text related
* Remove Bryan Boreham as maintainer
* host-local: support ip/prefix in env args and CNI args
* [sbr]: Use different tableID for every ipCfg Check tableID not in use for every ipCfg
* Small typo improves in README.md
* Allow multiple routes to be added for the same prefix. Enables ECMP
* Update to lastest vendor/github.com/vishvananda/netlink
* tuning: always update MAC in CNI result
* vendor: bump to libcni v1.0-rc1
* tuning: Add support of altering the allmulticast flag
* [sbr]: Use different tableID for every ipCfg Move default table routes which match the ipCfg config
* Fix nil-pointer check
* host-local: support custom IPs allocation through runtime configuration
* pkg/ip: introduce a new type `IP` to support formated <ip>[/<prefix>]
* go.mod: github.com/j-keck/arping v1.0.1
* go.mod: github.com/buger/jsonparser v1.1.1
* go.mod: github.com/alexflint/go-filemutex v1.1.0
* go.mod github.com/Microsoft/hcsshim v0.8.16
* go.mod: godbus/dbus/v5 v5.0.3, coreos/go-systemd v22.2.0
* go.mod: github.com/mattn/go-shellwords v1.0.11
* go.mod: github.com/sirupsen/logrus v1.8.1
* CI: Install linux-modules-extra for VRF module
* Fix broken links to online docs in plugin READMEs
* gha: update actions/setup-go@v2
* remove redundant startRange in RangeIter due to overlap check on multi ranges
* fix(win-bridge): panic while calling HNS api
* portmap: use slashes in sysctl template to support interface names which separated by dots
* pkg/ipam: use slash as sysctl separator so interface name can have dot
* [macvlan] Stop setting proxy-arp on macvlan interface
* tuning: increase test coverage to 1.0.0 and older spec versions
* portmap: increase test coverage to 1.0.0 and older spec versions
* flannel: increase test coverage to 1.0.0 and older spec versions
* firewall: increase test coverage to 1.0.0 and older spec versions
* bandwidth: increase test coverage to 1.0.0 and older spec versions
* host-local: increase test coverage to 1.0.0 and older spec versions
* static: increase test coverage to 1.0.0 and older spec versions
* dhcp: increase test coverage to 1.0.0 and older spec versions
* dhcp: add -resendmax option to limit lease acquisition time for testcases
* vlan: increase test coverage to 1.0.0 and older spec versions
* ptp: increase test coverage to 1.0.0 and older spec versions
* macvlan: increase test coverage to 1.0.0 and older spec versions
* loopback: increase test coverage to 1.0.0 and older spec versions
* ipvlan: increase test coverage to 1.0.0 and older spec versions
* host-device: increase test coverage to 1.0.0 and older spec versions
* bridge: increase test coverage to 1.0.0 and older spec versions
* bridge: simplify version-based testcase code
* testutils: add test utilities for spec version features
* plugins: update to spec version 1.0.0
* vendor: bump CNI to 1.0.0-pre @ 62e54113 (fixes bsc#1181961 aka CVE-2021-20206)
- Drop %go_nostrip
-------------------------------------------------------------------
Mon Apr 26 17:17:41 UTC 2021 - rpm@fthiessen.de
- Update to version 0.9.1:
* ipam/dhcp: Add broadcast flag
* add flannel to support dual stack ip
* bandwidth: fix panic in tests
* host-device: Add support for DPDK device
* [main/vlan] Fix error handling for delegate IPAM plugin
* dhcp: default dhcp clien timeout is 10s
* vlan: fix error message text by removing ptp references
* dhcp: daemon dhcp client timeout is configurable
* dhcp: timeout value is set in DHCP daemon
* remove unused function
* deps: go mod tidy coreos/go-iptables
* deps: bump coreos/go-iptables
-------------------------------------------------------------------
Fri Jan 08 12:16:37 UTC 2021 - rbrown@suse.com
- Update to version 0.9.0:
* tuning: revert values on delete (#540)
* go mod tidy
* bump to go 1.15
* Add ability to trigger retests via comments
* pkg/ns: fix test case to tolerate pids going away.
* Add github build & test actions
* bridge: fix testcase to check addresses we care about
* Remove travis.
* vendor: bump ginkgo, gover
* portmap plugin should flush previous udp connections
* Updating plugin README.md files (#549)
* update netlink dependencies
* Xdhcp: fix example configuration
* VRF: extend supported version to 0.3.1 too.
* VRF CNI: Add an optional table parameter.
* Add more tests for the vrf cni plugin.
* Update github.com/vishvananda/netlink to v1.1.0
* Introduce a new VRF CNI meta plugin.
* Travis: run tests on arm64
* Replace nc with the local echo client.
* Add an echo client to be used instead of nc.
* Bump up the ubuntu version used in CI to bionic.
* flannel: allow input ipam parameters as basis for delegate
* ipvlan: make master config as optional
* Remove extraneous test file in Windows plugin
-------------------------------------------------------------------
Mon Aug 31 09:15:35 UTC 2020 - dmueller@suse.com
- Update to version 0.8.7:
* Fix race condition in GetCurrentNS
* lo: CNI_IFNAME is no longer ignored
* cni: bump to 0.8.0
* Bump Go version to 1.13 and 1.14
* Add contact info
* Update firewall README.md CNI-ADMIN
* firewall: fix some typos in docs
* portmap DEL noop if no portMappings present
* flannel: remove net conf file after DEL succeed
-------------------------------------------------------------------
Wed Jun 17 08:38:27 UTC 2020 - John Paul Adrian Glaubitz <adrian.glaubitz@suse.com>
- Update to version 0.8.6 (bsc#1172410 CVE-2020-10749)
* New features
* Support device id in host device plugin (#471).
* win-bridge: add support for portMappings capability (#475).
* Make host-device to work with virtio net device (#453).
* Small improvements
* ptp, bridge: disable accept_ra on the host-side interface (#484).
* modify the error url of windowscontainer (#460).
* portmap: Apply the DNAT hairpin to the whole subnet (#469). The DNAT hairpin
rule only allow the * container itself to access the ports it is exposing thru
the host IP. Other containers in the same subnet might also want to access this
service via the host IP, so apply this rule to the whole subnet instead of just
for the container.
* Unlock OS thread after netns is restored (#455).
* Bugfixes
* plugins/meta/sbr: Adjusted ipv6 address mask to /128 (#479). A /64 mask was used
which routed an entire cidr based on source, not only the bound address.
* check bridge's port state (#468). fix #463
* Reset the route flag before moving the rule (#472).
* replace juju/errors because of CNCF license scan (#458). ref to #457
* loopback: Fix ipv6 address checks (#442). Fixes a minor bug in loopback plugin.
The IPv6 address check loops over IPv4 addresses.
- from version 0.8.5
* Bugfixes
* bridge: Fix for the case where kernel doesn't have CONFIG_BRIDGE_VLAN_FILTERING
(#434) fixes #370.
* vlan: Fix vlan plugin returning error when device is already removed (#438).
* Improvements
* sysctl: Improve support of sysctl name separators (#437).
-------------------------------------------------------------------
Thu Jan 9 13:24:41 UTC 2020 - Sascha Grunert <sgrunert@suse.com>
- Update to version 0.8.4 (bsc#1160460):
* add support for mips64le
* Add missing cniVersion in README example
* bump go-iptables module to v0.4.5
* iptables: add idempotent functions
* portmap doesn't fail if chain doesn't exist
* fix portmap port forward flakiness
* Add Bruce Ma and Piotr Skarmuk as owners
-------------------------------------------------------------------
Mon Nov 11 14:53:55 UTC 2019 - sgrunert@suse.com
- Update to version 0.8.3:
* Enhancements:
* static: prioritize the input sources for IPs (#400).
* tuning: send gratuitous ARP in case of MAC address update (#403).
* bandwidth: use uint64 for Bandwidth value (#389).
* ptp: only override DNS conf if DNS settings provided (#388).
* loopback: When prevResults are not supplied to loopback plugin, create results to return (#383).
* loopback support CNI CHECK and result cache (#374).
* Better input validation:
* vlan: add MTU validation to loadNetConf (#405).
* macvlan: add MTU validation to loadNetConf (#404).
* bridge: check vlan id when loading net conf (#394).
* Bugfixes:
* bugfix: defer after err check, or it may panic (#391).
* portmap: Fix dual-stack support (#379).
* firewall: don't return error in DEL if prevResult is not found (#390).
* bump up libcni back to v0.7.1 (#377).
* Tests:
* integration: fix ip address collision in integration tests (#409).
* testutils: newNS() works in a rootless user namespace (#401).
* Bump Go version (#386).
* Cleanup netns after test suite (#375).
* Docs:
* contributing doc: revise test script name to run (#396).
* contributing doc: describe cnitool installation (#397).
-------------------------------------------------------------------
Fri Aug 16 12:18:36 UTC 2019 - John Paul Adrian Glaubitz <adrian.glaubitz@suse.com>
- Update plugins to v0.8.2
+ New features:
* Support "args" in static and tuning
* Add Loopback DSR support, allow l2tunnel networks
to be used with the l2bridge plugin
* host-local: return error if same ADD request is seen twice
* bandwidth: fix collisions
* Support ips capability in static and mac capability in tuning
* pkg/veth: Make host-side veth name configurable
+ Bug fixes:
* Fix: failed to set bridge addr: could not add IP address to "cni0": file exists
* host-device: revert name setting to make retries idempotent (#357).
* Vendor update go-iptables. Vendor update go-iptables to
obtain commit f1d0510cabcb710d5c5dd284096f81444b9d8d10
* Update go.mod & go.sub
* Remove link Down/Up in MAC address change to prevent route flush (#364).
* pkg/ip unit test: be agnostic of Linux version, on Linux 4.4 the syscall
error message is "invalid argument" not "file exists"
* bump containernetworking/cni to v0.7.1
-------------------------------------------------------------------
Thu Jun 6 12:36:17 UTC 2019 - John Paul Adrian Glaubitz <adrian.glaubitz@suse.com>
- Updated plugins to v0.8.1:
+ Bugs:
* bridge: fix ipMasq setup to use correct source address
* fix compilation error on 386
* bandwidth: get bandwidth interface in host ns through
container interface
+ Improvements:
* Release: bump go to v1.12
* host-device: add pciBusID property
- Drop patches merged upstream:
+ 0001_use_Go_facilities_to_get_a_socket.patch
-------------------------------------------------------------------
Mon May 20 09:41:05 UTC 2019 - John Paul Adrian Glaubitz <adrian.glaubitz@suse.com>
- Updated plugins to v0.8.0:
+ New plugins:
* bandwidth - limit incoming and outgoing bandwidth
* firewall - add containers to firewall rules
* sbr - convert container routes to source-based routes
* static - assign a fixed IP address
* win-bridge, win-overlay: Windows plugins
+ Plugin features / changelog:
* CHECK Support
* macvlan:
- Allow to configure empty ipam for macvlan
- Make master config optional
* bridge:
- Add vlan tag to the bridge cni plugin
- Allow the user to assign VLAN tag
- L2 bridge Implementation.
* dhcp:
- Include Subnet Mask option parameter in DHCPREQUEST
- Add systemd unit file to activate socket with systemd
- Add container ifName to the dhcp clientID, making the
clientID value
* flannel:
- Pass through runtimeConfig to delegate
* host-local:
- host-local: add ifname to file tracking IP address used
* host-device:
- Support the IPAM in the host-device
- Handle empty netns in DEL for loopback and host-device
* tuning:
- adds 'ip link' command related feature into tuning
+ Bug fixes & minor changes
* Correctly DEL on ipam failure for all plugins
* Fix bug on ip revert if cmdAdd fails on macvlan and host-device
* host-device: Ensure device is down before rename
* Fix -hostprefix option
* some DHCP servers expect to request for explicit router options
* bridge: release IP in case of error
* change source of ipmasq rule from ipn to ip
+ Build fixes:
* test: add coveralls support
* plugins: correctly output build version, cosmetic cleanups
* Move Windows tests to Travis
- from version v0.7.5:
+ This release takes a minor change to the portmap plugin:
* Portmap: append, rather than prepend, entry rules
+ This fixes a potential issue where firewall rules may
be bypassed by port mapping
- Include patch to fix the build on i586:
+ 0001_use_Go_facilities_to_get_a_socket.patch
- Use new build_linux.sh script instead of removed build.sh
-------------------------------------------------------------------
Fri Jan 25 10:44:20 UTC 2019 - Sascha Grunert <sgrunert@suse.com>
- Updated plugins to v0.7.4:
- Add host-device plugin, which simply moves a device from the
host network namespace
- Portmap now uses a more efficient rule structure
- host-local can receive ranges as a RuntimeArgument
- DHCP daemon can be containerized
- DHCP now correctly parses routes
- Various Windows build fixes
- Waiting for DAD is skipped when possible
- Bridge now uses a stable mac
- Fix a regression where the interface's MAC address was no
longer populated in the return type.
-------------------------------------------------------------------
Wed Dec 12 15:53:32 UTC 2018 - alvaro.saurin@suse.com
- Updated to a supported version of Go (due to security reasons)
-------------------------------------------------------------------
Tue Jun 5 08:22:45 UTC 2018 - dcassany@suse.com
- Refactor %license usage to a simpler form
-------------------------------------------------------------------
Mon Jun 4 13:40:36 UTC 2018 - dcassany@suse.com
- Make use of %license macro
-------------------------------------------------------------------
Tue Dec 19 13:08:33 UTC 2017 - alvaro.saurin@suse.com
- Require cni
-------------------------------------------------------------------
Mon Aug 28 18:15:00 UTC 2017 - alvaro.saurin@suse.com
- Install docs in the cni-plugins dir
-------------------------------------------------------------------
Mon Aug 28 15:13:37 UTC 2017 - alvaro.saurin@suse.com
- Initial version from CNI plugins v0.6.0
View Git Blame Copy Permalink