4.6.0-0.okd-2023-03-17-195916

New features since version 4.5.0-0.okd-2022-08-24-073429

Download installer and client with:

oc adm release extract --tools registry.ci.openshift.org/origin/release:4.6.0-0.okd-2023-03-17-195916

No tests for this release

Loading changelog, this may take a while ...

Changes from 4.6.0-0.okd-2023-03-17-185916

Created: 2023-03-17 20:02:56 +0000 UTC

Image Digest: sha256:93e77f07fbb64b0a9614a596b006ea1fdeced096ada2be83312f4c3e24fb2c70

Components

Kubernetes 1.19.16

ovn-kubernetes

EIP: remove downstream’s duplicate node delete test #1358
SDN-3589: downstream merge 11-02-2022 #1355
Adapt ovnkube-trace to work with external controlplane #3224
Egress Services: Fix nodeSelector parsing #3248
Add e2e test to simulate control plane node reboot #2936
vendor: bump libovsdb to 8f21d188c3a50d0ce378bd66ec68215967aaad77 #3256
Validate node subnet annotations against cluster networks #2825
egressip: fix test data race accessing podAssignment cache #3250
OCPBUGS-2545: Adjust ovs bundle timeout #3249
refactor retry to close watchFactory #3226
Update namespace_test to match master_test changes #3236
OCPBUGS-1427: Ignore non-ready endpoints when processing endpointslices #3245
Allow empty nexthop in L3GatewayConfig annotation #3231
ovnkube-trace: Fix some linter issues #3242
Fix priority handler factory unit test #3243
Prioritize adding events to handlers for shared resources #3219
ovnkube-trace: Fix ofproto/trace for IPv6 #3241
EIP: Fixes SNAT-ing logic #3175
Allocate Hybrid Overlay IP on node updates too #3229
Update libovsdbops to use Where().List() instead of Get() #3142
Refactor retry into its own pkg #3171
Separate multicast, refactor policy_test #3214
Support proper parsing of IPs with leading zeros #3138
Add logging verbosity to configuring OVN logs #3166
DOCS: Add Egress Service docs #3189
Fix netpol internal locking #3205
Update comment formatting for Go 1.19 #3207
Add support of HW backed devices in the full mode #3160
Bump node-notifier and jest in /.github/actions/cleanup-action #3217
Bump jsdom and jest in /.github/actions/cleanup-action #3215
OVN-K 1.25.0 Kube Bump #3210
Improve netpol naming, unify BuildACL #3146
Pass old object when doing deleteRetry #3212
Fix mac address not set in SRIOV container interface #3186
Silence error logs for IPv6 #3204
fedora Dockerfile: Use OVN 22.09. #3192
Add e2e tests for egressIP health check #3195
Don’t use ACL names ever! #3197
OCPBUGS-1996: Update mockery binary to latest version and fix input argument #3199
Check errors egressgw tests #3206
Fixes incorrect GR hairpin flows #3201
Add egress-ip doc #3196
egress IP: fix log when gRPC connection fails #3202
Separate network policies from namespaceInfo #3191
Add endpointSlice informer in master process #3184
Prepare for ovn-k8s multi-home pods support - MR1 #3048
Improve default deny port groups logic for network policy #3161
OCPBUGS-2770: Allow empty nexthop in L3GatewayConfig node annotation #1337
OCPBUGS-2569: Fix netpol races #1323
OCPBUGS-1427: Ignore non-ready endpoints when processing endpointslices #1330
OCPBUGS-2826: ovnkube-trace: Fix ofproto/trace for IPv6 #1338
OCPBUGS-1520: Fixes SNAT-ing Logic for EgressIPs #1331
OCPBUGS-1520: Prioritize adding events to handlers for shared resources #1333
OCPBUGS-1643: Add logging verbosity to configuring OVN logs #1324
OCPBUGS-2175: Allocate Hybrid Overlay IP on node updates too #1319
OCPBUGS-2004: egress IP: fix log when gRPC connection fails #1304
OCPBUGS-2176: add endpointSlice informer in master process #1302
OCPBUGS-2085: CARRY: Dockerfile.base: bump to openvswitch2.17.0-37.4.el8fdp #1298
OCPBUGS-1705: Don’t use ACL names ever! #1300
Dockerfile: bump to ovn22.09-22.09.0-5.el8fdp #1284
9-23-22 b - dualstack fixed #1289
Fix lock issue in ensureNamespaceLocked #3187
remove the requirement that hybrid overlay needs subnet .3 address #3152
Fix flakiness in DNS tests #3180
Trim ACL names according to RFC1123 #3181
Don’t assume policy type when evaluating isolation #3162
fix duplicate case value #3153
pods: deleteLogicalPort should not fail when ls is gone #3177
Fix UpdateService healthport checks #3164
ovn node, gw router: set node masquerade IP on br-ex #3136
Add DPU support documentation #2404
Modification of kind.md document #3133
e2e, external gw test: remove duplicate funcs #3167
E2E (exgw): create ns for the serving gw pods instead of using default #3172
remove networkPolicy.created field #3145
getDefaultGatewayInterfaceByFamily: custom filter for MultiHop #3170
newOvnAddressSet: log mid-air collisions #3155
Add retry logic to Namespace resources #3143
BZ2117255 append instead of overwrite logicalSwitch other-config #3148
e2e tests, services: assert endpoints were created #3163
Lock the cdr global variable #3156
OCPBUGS-1705: Trim ACL names according to RFC1123 #1281
OCPBUGS-1553: Dockerfile: bump to openvswitch2.17.0-37.4.el8fdp #1273
Use iptables-restore to add MCS/metadata blocking in the pod #1262
9-12-22 merge #1267
BZ2111362: ACL logging: rename and rewrite oc.aclLoggingCanEnable #3104
E2E: fix tests stuck waiting on a channel #3149
Implement Egress Services #3135
9-7-22 merge #1264
Use a custom dialer for GRPC to allow connectivity over a socks proxy #3144
correct hybrid overlay tests #3147
Bump containernetworking #3137
take advantage of ginkgo framework to make master_test.go simpler #3121
External gateways E2E on host network #2791
policy: fix log message and clarify comment #3139
9-2-22 merge #1263
Egress IP health monitoring over GRPC #3100
Add libovsdb metrics #3125
contrib: add validation for kubectl #3012
cni: don’t settle addresses or set IPv6 parameters for IPv4 #3134
run testing for logical switch manager #3132
Move hybridoverlay master into the master controller #3101
Remove hybrid routes in pods for nodes hybrid overlay interface addr #3120
OCPBUGS-165: [DownstreamMerge] 8-29-2022 merge #1255
Bumps libovsdb to pick up fixes for optional values #3123
8-25-2022 #1253
Delete stale egress ip before assigning new ip #3105
pods: deleteLogicalPort should not fail when port is already gone #3129
OCPBUGS-417: Fix informer selector for endpointslices #3126
Remove default ACL severity #3093
egressip: add metrics #3058
Bump @actions/core from 1.2.6 to 1.9.1 in /.github/actions/cleanup-action #3124
fedora Dockerfile : Switch to f36 and OVN 22.06. #3075
Revert EndpointSlice commits #3122
Remove stale chassis for hosts that run ovnkube-node on DPU #3098
OVN-K metrics: Add OVN controller southbound database connection #3117
OVN-K Metrics: Ensure stopwatch metrics are reported in seconds #3118
Bump libovsdb to include https://github.com/ovn-org/libovsdb/pull/321 #3111
revert endpoints #1248
8-8-2022 #1237
BZ2117310: Fix race when adding and removing pod with same name #3114
Followup to EndpointSlices PR for ovn-k node #3112
On update, delete objects in terminal state that no longer exist in the informer cache #3071
Add EgressQoS DstCIDR kubebuilder validation #3043
kube: pass ResourceVersion:“0” for direct List() calls #3107
Fix retry_obj retryMutex vs retryEntry.Mutex deadlocks #3097
Fix ovn version in Dockerfile.base #1236
Introduce ovn-kubernetes-{base|singlenode} images #1213
Bug 2109945: [Downstream Merge: 04-08-2022] #1231
Bug 2105706: EgressIP: Merge ops into pendingCloudPrivateIPConfigsOps on add #3066
Revert “Remove stale chassis for hosts that run ovnkube-node on DPU” #3103
Enable CNCC in OVNK #3099
Bug 2111534: Downstream Merge: 27-07-2022 #1214
Forward routes for link-local addresses to vNIC in Windows #3074
Fix possible retryEntry deadlock in iterateRetryResources #3095
master: don’t list node pods on add/update unless necessary #3085
Fix egressip test that skips populating egress node data #3089
Remove conntrack entries after rules #3090
Cleanup ACL UUID references from switch or port group when deleting ACL #3084
Parametrized golang #3096
e2e: Prefer “ovs-appctl dpctl/dump-conntrack” over ovs-dpctl. #3077
node tests: add missing error checking #3086
Unwire OVNKubernetes before scheduling CloudPrivateIPConfig deletion #3065
Updating ose-ovn-kubernetes images to be consistent with ART #1174
Bug 2111733: Bump OVN to 22.06.0-27 #1222
OCPBUGSM-45393: Bug 2078691: [Downstream Merge] 22-07-2022 #1210
EgressIP node handle create errs followed by update in < 30s #3073
syncNetworkPolicies: Remove ACLs from PGs before deleting #3076
fedora Dockerfile : Update OVN to 22.06. #3082
iterateRetryResources: Lock the entry in the loop #3081
Build all ovnk binaries with cgo disabled #3061
e2e: Fix checking of mac entries embedded in conntrack labels. #3079
Change rp_filter value for ovn-k8s-mp0 #3006
4.12 initial merge from upstream: 7-18-22 #1205
Append the SNAT rule in management chain #3069
Fix pod retries #3057
Share eventRecorder when both master & node specified #3060
EGW: Delete Stale Conntrack Entries #3040
Remove stale chassis for hosts that run ovnkube-node on DPU #3026
General hybrid overlay fixes #3063
ovnkube-trace improvements and refactor #2971
Fix flaky egress IP test #3062
Reconcile node lbs on node deletion #3039
Cleanup stale acls as part of syncNetworkPolicies on startup #3038
bump k8s to 1.24.0 #3001
EIP: Fix stateful set pods recreated with same name #3050
Improve memory efficiency when checking stale VF representor #3054
Fix deleteMulticastAllowPolicy: don’t cleanup ACLs for port group #3055
Release Leader election lock on errors #3052
Avoid holding map mutex accross iterateRetryResources() #3017
Fix Panic in network policy deletion #3034
Remove arping #3014
Populate sock address for ovndb connection in unix mode #3013
EgressIP add retry for EgressIP node’s mgmtIP reachability check #2996
Fixes handing terminal pods during update event + test case fixes #3045
Metrics docs: Add removal and renaming of OVS metrics #3041
Remove redundant log lines in obj_retry.go #3044
Add no host subnets unit test #3016
Remove EgressIP test which checks if we ignore status updates #3035
Add support for enabling UDP packet aggregation on veth interfaces #3033
Partial Revert of onModelUpdatesAll #3020
Update logging for specific policy when creating it #3011
Fix egressIP object deletion if the node is deleted first #3008
Bug 2082599: add upper bound to number of retries #2970
Auto detect hybrid overlay node subnets #2951
Remove metric ovs_vswitchd_dp_if due to high number of time series #3022
Reduce cardinality of OVS interface metrics #3032
Metrics: init metric change log documentation #3000
cni: print a bit more pod info in ConfigureOVS() #3029
contrib: fix generated yaml file in gitignore #3023
egressIP: node retrieval failure is not respected, causes panic #3019
Don’t add ITP specific gw setup for DPU mode #2975
Remove node-tainting for too-small MTU #3004
pods: deleteLogicalPort should not fail if port is already deleted #2974
Use ovs-appctl dpctl/* instead of ovs-dpctl #3007
Fix lflow-cache-limit-kb ovs external-id #3005
Timers fixes #2979
update all egress ACLs’ direction to “from-lport” #2997
Bump KIND version to 0.14.0 to prepare for k8s 1.24.0 bump #3003
OVNDBManager: Retry migrations #2983
Perf: Combine perPodSNAT add and LSP add into same transact #2769
pods: don’t look up LSP twice #2999
Add node name into egress ip status for the removal #2998
fix make check error #2995
EgressFirewall: Enable OVN-Kubernetes logging for egress firewall #2927
Add wait for logical router policies #2822
Don’t lookup LBs that don’t exist in cache #2978
libovsdbops: only one wait per txn #2963
Bug 2106862: Append the SNAT rule in management chain #1199
Bug 2095444: EGW: Clean Stale Conntrack Entries #1189
Bug 2106298: populate sock address for ovndb connection in unix mode #1188
Bug 2100507: Remove redundant log lines in obj_retry.go #1162
Bug 2097243: Fix egressips for pods recreated with same name #1169
Bug 2097221: Dockerfile: bump to ovn22.06-22.06.0-7.el8fdp #1170
Bug 2091238: Fix Panic in Network Policy deletion #1166
Bug 2100220: Fix completed pods releasing IP address on update #1158
Bug 2089807: Release Leader election lock on errors #1167
Bug 2100249: Revert “Bug 2082599: add upper bound to number of failed attempts” #1161
Bug 2085089: Add support for enabling UDP packet aggregation on veth interfaces #1129
Bug 2099755: Add new EgressIP config option “egressip-reachability-total-timeout” #1156
Bug 2073378: Add node name into egress ip status for the removal #1114
Bug 2079012: Fix egressIP object deletion if the node is deleted first #1143
Bug 2089392: Update logging for specific policy when creating it #1145
Bug 2082599: add upper bound to number of failed attempts #1147
Bug 2094088: Fixes Updating non-default columns as well as libovsdb fixes for empty values #1146
[release 4.11] Bug 2092579: pods: deleteLogicalPort should not fail if port is already deleted #1123
Bug 2092889: update all egress ACLs’ direction to “from-lport” #1128
Bug 2089716: Downstream fix for OVN-Kube node cardinality #1135
Bug 2095113: Dockerfile: bump to openvswitch2.17-2.17.0-22.el8fdp #1117
Bug 2094039: egressIP: node retrieval failure is not respected, causes panic #1130
Bug 2093396: Remove node-tainting for too-small MTU #1127
Bug 2091634: Use ovs-appctl dpctl/* instead of ovs-dpctl #1118
Bug 2091990: fix lflow-cache-limit-kb ovs external-id #1116
Bug 2070674: improve performance of service sync #1110
Bug 2092473: libovsdb perf backports #1119
Bug 2089930: Dockerfile: bump OVN to ovn22.06 #1102
Bug 2090843: addLogicalPort() optimization cherry-picks #1109
Bug 2090537: OVNDBManager: Retry migrations #1108
Bug 2081069: Bumps OVN to 22.03.0-37.el8fdp #1100
Bug 2086851: enable exportloopref linter and fix violations #1092
Bug 2084249: [DownstreamMerge] 5-12-22 #1090
Add retry logic to EgressIP resources #2965
Add nosprintfhostport linter config #2977
Add EgressQoS documentation #2966
Fix a crash on service update check #2980
Reduce EgressQoS logs #2972
Bug 2077357: Bump OVN to ovn22.03-22.03.0-24 #1052
5-4-22 #1081
Retry sdn2837 rebased #2930
test flake: Fix e2e for egressIPs #2968
Metrics: add config duration recorder #2878
cni pod deployment performance imrovements #2952
Bug 2070929: Downstream Merge: 04-05-2022 #1078
Bump PodDisruptionBudget and EndpointSlice to v1 #2961
delete SNAT2NIP if pod.node == egressNodeServingPod #2945
Don’t warn on failure to create pod when it isn’t scheduled #2935
Delete invalid egress ip from cloudprivateipconfig #2946
Fix pod recorder and improve it #2960
Add Egress QoS E2E and fix panic #2958
Bug 2079439: [DownstreamMerge] 4-29-22 #1064
Bump github.com/containernetworking/cni from 0.8.0 to 0.8.1 in /go-controller #2915
duplicated IPs can be assigned to multiple Pods #2928
Fixes various issues with completed pods #2957
ovn-sbctl: always pass –no-leader-only #2954
Add retry logic to egress firewall and update unit-test #2908
call clearInitialNodeNetworkUnavailableCondition for noHostSubnet nodes #2955
Add the EgressQoS controller #2876
Downstream Merge 25-04-2022 #1050
Dump OVN databases on e2e-control-plane failure #2947
policy: Fix multicast allow policy type. #2948
Use explicit include list for test cases of E2E matrix #2920
Don’t addRetryPods during node updates #2943
NodePort services DualStack tests refactor and failure toleration #2934
Fix nodePort service backed by pods on hybrid overlay nodes #2862
Allow make check without root #2932
use generic watcher and retry logic #2909
Bug 2023691: Downstream merge 2022-04-22 #1049
Fixes handler locking #2886
ovn_db_cluster metrics improvements #2890
metrics: add option to expose OVS metrics on the node #2924
Set bulk ops to false when not using predicate for deleting LSPs #2941
Bump OVN version to 22.03 in schema and CI #2929
Implement InternalTrafficPolicy=Local #2836
libovsdb: cleanup ModelClient usage #2800
Fixes adding nohostsubnets nodes (i.e. windows) #2937
Bug 2072134: [DownstreamMerge] 4-18-22 #1040
incorrect last-policy check when network policy is deleted #2896
Fix ETP=local for host->svc traffic #2918
config: split metrics out into its own section #2923
Fix hybrid routes policy not deleted on pod deletion #2893
Fix secondary bridge #2895
Fix egress IP reassignment on cloud #2897
templates: switch dnsPolicy to Default for hostNetwork pods #2906
Don’t run CI on push #2916
update the linter used for local testing so it matches the ci version #2891
Delete stale conntrack entries for services #2829
Fixes node retry test and updating nodes next hop #2921
Remove nbctl daemon and fix upgrade tests #2707
Fix bug with pointers #2904
remove a call to clearInitialNodeNetworkUnavailable() #2903
gateway/shared: snat hairpin traffic to other node addresses #2877
Adds retry mechanism for Node resource #2870
policy deletion retry could results in incorrect default deny portgroups #2894
Dockerfile: bump to OVS 2.17 #1031
Fix gofmt for downstream files #1028
Bug 2026461: 4-4-22 merge #1010
change networkpolicy ACLs to use “apply-after-lb” for egress network policy #2881
Fix lgw flows for ingress-svc traffic #2849
Update linter version to 1.45.2 #2889
Retest failed command improvements and /retest-failed action #2867
Bump ansi-regex from 3.0.0 to 3.0.1 in /.github/actions/cleanup-action #2883
Bump minimist from 1.2.5 to 1.2.6 in /.github/actions/cleanup-action #2875
Metrics: dont prematurely reset metrics #2879
Use libovsdb API for Wait operation #2871
vendor: bump libovsdb to 2cbe2d093e1247d42050306dd5c9a2d6c11f2460 #2882
Fix some rebase glitches #2874
Add a way to provide API token file #2872
pods: Support hybrid clusters by skipping non-ovnk nodes #2873
Scalability: Delete logical ports for completed pods #1121
Bug 1996128: Remove test “should have ipv4 and ipv6 node podCIDRs” from disabled tests #2758
Retry delete logical port on failures #2787
Bug 2047710: Bump OVS version to 2.16.0-57.el8fdp #980
Bug 2037647: support new egress pipeline option for ACLs #1
Downstream merge 2022-03-22 #1006
node, master: don’t use Node objects for coordinating topology version #2837
Bug 2063321: [DownstreamMerge] Downstream merge 17-03-2022 #1000
Metrics: Use a queue instead of spawning go routines to add events #2850
EgressIp sync needs to account for stale nexthops #2860
Issue2700 e2e #2815
Fix issue with stack traces for gateway localnet linux #2856
TRIVIAL: Enable info logging for successful assignment of egress IP #2838
Bug 2060549: Downstream merge 3-8-22 #989
Fixes improper validation of gw cache on pod add #2851
Bug 2052975: Downstream merge 07-03-2022 #988
Stop sending GARPs for LB VIPs on GR #2835
Merge 3-4-22 #987
NP Retry: return error for ensureAddrSet #2847
Refactor OVN-Kube master metrics #2839
Add more debug logs to addLogicalPort #2840
Fix cleaning VF representor ports #2845
Metrics: Remove stale label metric entries #2834
kube: bump kube API QPS to 50 #2844
vendor: bump libovsdb to c8b4494412b1a0ba1396dd162a9a2d497c80f2b0 #2843
Upstream Submariner kind hacks, setup automatic build and storage of ovn-k images #2747
egressgw cleanups and code consolidation #2658
Move memory-trimming-on-compaction out of dbchecker to nbdb/sbdb init #2830
Add metric to record gateway modes #2833
gateway: fix test teardown order to really prevent nodeIP manager flake #2832
Bug 2052975: Bump OVN to ovn-2021-21.12.0-30.el8fdp #982
Bug 2052398: [DownstreamMerge] 2-25-22 #975
sbdb model: Re-run libovsdb modelgen on SB OVN schema #2831
Re-sync unassigned egress IPs for CloudPrivateIPConfig deletes #2776
Enable use of dns name as ovn db server address #2828
Bump OVS to 2.16.0-53.el8fdp #968
Bug 2048538: [DownstreamMerge] 2-22-22 #966
Fixes delete retry on network policy recreation #2826
node: wait for nodeIP and OpenFlow manager to stop before next test #2827
Fix router err msgs + linter update #2820
Fixes thread safety with LB healthcheck #2821
Fixes race for namespace logging level update #2823
Bug 2045577: Bump OVN to ovn-2021-21.12.0-15.el8fdp #958
Bug 2048538: [DownstreamMerge] 2-14-22 #956
Adds retry mechanism for Network Policy #2809
Bump ajv from 6.12.2 to 6.12.6 in /.github/actions/cleanup-action #2819
actions: make job name match logfile names #2818
Fixes dualstack clusterIPs for network policy svc handler #2811
Fix GetPodsBySelector/GetNamespacesBySelector #2814
Bug 2011525: [DownstreamMerge] Downstream merge 08-02-2022 #947
ovnkube master: Reflect changes to acl-logging-rate-limit in ovn db #2806
Makefile: update go version #2810
simplify the buildOps() method for the NotFound case #2803
Use 0o prefixes for octal constants #2808
some OVN NB Table’s Name field is a pointer type since its optional #2805
Bump k8s version #2784
cni: fix logspam suppression for non-existing OVS port #2802
Fix cache building used for removing stale egress IPs #2783
fix error check in findPortGroup() #2801
Fixes handling errors for getting IPs for pods #2792
Add COPP to gateway routers for rate limiting pkts #2752
Duplicates in addrsets #2794
Metrics: Fix incorrectly logged error when searching for ovnkube master pod #2796
Use node IP in ParsedNodeEgressIPConfiguration #2779
Edited README_MANUAL.md to Fix this issue: flag provided but not defi… #2789
dist: Update Dockerfile.fedora.dev to obtain smaller images. #2756
Fixes finding default gateway for configured GW interface #2782
Update project owners #950
Downstream merge 2-1-22 #940
Make sync failures fatal after retries #2773
fedora: Bump OVN version to 21.12.0 and fedora version to 35. #2770
Adds wait method for ovsdb operations that created named objects #2764
pods: delete ports by UUID if available #2762
Bump node-fetch from 2.6.1 to 2.6.7 in /.github/actions/cleanup-action #2771
Docs/go-controller: update minimum go version to v1.16 #2772
Add Public Links #2763
Documentation: Document OVN ExternalIP and LoadBalancer.Ingress ARP #2755
EgressIP: Fix update of CloudPrivateIPConfig #2766
vendor: bump libovsdb #2767
Fix pod-creation-retry #2765
libovsdb: give reconnects more time to process than normal transactions #2754
Shared gateway: Modification of ClusterIPs shall trigger svc update #2759
Bug 2039253: avoid passing duplicate Flow endpoints to ovs-vsctl #2745
EgressIP: miscellaneous fixes #2734
metrics: enable host OVS process metrics collection #2723
deletePerPodGRSNAT should match on externalIP #2725
Combine address-set-addips into single transaction #2733
Makefile: Fix bad example for disabling optimizations #2753
Add logical switch UUID to the logical switch manager struct #2741
Pull up switch names from cache while creating ACLs #2749
Set l3GWConfig.mode correctly #2746
ETP=local, SGW: Add DNAT rule towards masquerade #2737
Update nbdb and sbdb with modelgen supporting copy/equal #2738
LogicalSwitchManager: Refactor reserveJoinLRPIPs #2743
Metrics: Increase log level for CP recorder #2744
Do not rely on empty finalizers during CloudPrivateIPConfig deletion #2748
egressip: fix usage of clientModel doAfter #2735
Multiple ExGW cache validation/improvements #2722
Move nb/sbctl metrics to master #2718
kind.sh: Use absolute paths instead of relative paths #2695
ovndbmanager: Implement unit tests for missing functions #2582
CI: Wait on namespace deletion for host networked test pods #2731
Create iptables NAT rules also for loadbalancer services #2705
CI: Fix log message for failed commands in pokeEndpointHostname #2729
Fix Hybrid Overlay #2720
Check if pod exists before re-adding SNAT #2721
Bug 2040357: Dockerfile: bump OVN to ovn-2021-21.12.0-11.el8fdp #902
Bug 2039253: avoid passing duplicate Flow endpoints to ovs-vsctl #930
Bug 2031926: Shared gateway: Modification of ClusterIPs shall trigger svc update #924
Bug 2042001: Adds wait method for ovsdb operations that created named objects #934
Bug 2044303: Fix update of CloudPrivateIPConfig #923
Bug 2046297: libovsdb: give connects more time to process than normal transactions #931
Bug 2044680: libovsdb performance and resource consumption fixes #927
Bug 2017650: EF: Pull up switch names from cache #908
Bug 2025467: ETP=local,SGW: Add DNAT rule towards 169.254.169.3 #907
Bug 2043961: Fix pod-creation-retry #926
Bug 2040540: Fix String formatting error #904
Clean up OWNERS a bit #919
Bug 2039880: Metrics: Increase log level for CP recorder #899
Bug 2039099: EgressIP fixes for 4.10 #917
Bug 2032998: perf/scale backports #911
Bug 2034577: Set l3GWConfig.mode correctly #909
Bug 2034155: Make egressIPs compatible with ICNI #915
Bug 2029742: egressip: fix usage of clientModel doAfter #910
Bug 2041830: Fix panic in Hybrid Overlay #913
Bug 2039698: Hacky way of doing ITP:preferLocal for openshift-dns:default #896
Bug 2039516: Dockerfile: bump OVN to ovn21.12-21.12.0-25 #883
Bug 2022536: Validate ExGW Cache and fix cache keys #895
Bug 2031012: Create iptables NAT rules also for loadbalancer services #888
Bug 2033728: Dockerfile: bump OVS to 2.16.0-33.el8fdp #833
Merge 21-12-16 #875
vendor/libovsdb: bump to ab69150b65ee937622385e60f360f6f6664de33f #2719
Metrics: Enable OVN DB size metric only if OVN DBs found #2717
Fix the node deletion cleanup. #2712
[Egress IP]: Fix spurious error logs #2716
Bump libovsdb version to fix connection leak. #2715
Set the OVS port as transient #2710
Flow targets: use Node IP on empty host and add performance tuning parameters #2649
Remove all legacy 501 hybrid route policies in sync #2709
Remove lingering nb/sb ctl calls from the code base #2697
libovsdb: fill in uuid of matched row #2704
Metrics: Add control plane metrics recorder #2683
Register OVN components metrics with OVN Prometheus registery #2671
cni: match default kubelet CRI operation timeout for CNI operations #2645
Use libovsdb in unidling controller #2262
Block access to metadata service based on platform type #873
Downstream merge 2021-12-10 #871
Idempotent egress IP setup + cloud egress IP implementation #2691
21-12-9 #869
Fixes getPortAddresses being space separated value #2698
Fix iptables log #2701
Implement ETP=local on LGW #2651
Merge 21-12-7 #867
Fix Netpol with stateful-sets #2615
Use Load Balancer Groups to improve NB scalability. #2533
ovn-dbchecker: upgrade DB schema #2694
egressgw: fix deadlock due to behavior of RWLock #2659
Add routable-mtu config setting #2654
Support migrations between LGW and SGW #2669
ovn: bump to ovn21.12-21.12.0-24.el8fdp #818
03-12-2021 #863
exit 0 instead of 1 #2689
fedora: Bump ovn version to 21.09.0-4. #2690
Refactor LGW #2663
CI: Run full e2e tests on upgrade jobs #2644
Make container OVS interfaces Transient, Batch Periodic interface scrubbing #2665
Metrics: convert metrics to base prometheus units #2681
Metrics: remove “_total” suffix from non-counter metrics #2680
port missing in the network policy port_groups #2667
Fixup FindSBGlobal and monitor sb_global #2688
Make egressIPs compatible with externalgws #2686
Fix getting router port MAC address #2687
Two unrelated CI cleanups #2652
Bug 2019809: [DownstreamMerge] 11-29-21 #851
Fixes race between node handler and pod sync #2684
Remove ebay-go bindings from OVN package #2662
addressManager should not call sync() from ErrorCallback #2668
Minor documentation and spelling cleanup #2643
Metrics: Add additional label to refer to ovnkube master #2676
Exec gofmt v1.17 which adds //go:build to existing // +build #2677
NATs not getting deleted on GWR #2673
add support for multiple flow monitoring protocols and for IPv6 endpoint in existing netflow test #2592
Fix sbdb.MacBinding model #2670
Bump libovsdb to fix monitor deadlock #2666
Ensure node host address annotations are in sync with api server #2657
Fixes incorrect meter configuration for ACL #2656
Bug 2009873: [4.10.0] Avoid stale annotations by re-subscribing to netlink #843
Revert revert #834
Fixes unnecessary loadbalancer OVN transactions #2650
Fix find ACLs by priority #2646
Log all nbdb txns via libovsdb #2648
logging: make sure we use klog v2 #2647
Improve ACL egress firewall nbdb ops #2624
Revert “[DownstreamMerge] Fix previous downstream merge” #831
Fix previous downstream merge #812
Fix libovsdb reconnection logic #2640
Bug 2018398: findLegacyLBs to also include idling LBs #2638
Remove redundant LRP removal in upgrade path #2629
Libovsdb fixes for lgw upgrades #2631
fix hybrid overlay communication through services #2639
Remove fatal check for port groups #2637
Fix logging invalid errors on ingress IP #2636
Bump libovsdb #2630
Remove generating test report #2633
remove calls to RunOVNbctl from egressip.go #2612
Make config parsing more resilient for unknown config fields #2579
Dont log errors for endpointSlices missing services #2628
Metric: Egress firewall count #2623
Scale: Don’t trigger updateNode unless needed #2602
run RunDBChecker as goroutine #2611
Only monitor speicfic tables for sbdb #2627
Metric: IPsec #2543
Add default 10s timeout for monitor command #2625
egressgw: only return unique elements from getRouteInfosForGateway() #2626
Recreate existing service routes on startup to allow for MTU changes #2600
Fix panic on node object deletion #2597
Fix panic on nil NB client deleting legacy LBs #2622
pods: don’t try to delete unscheduled pods #2613
CI/CD: Ajust e2e timeouts in github action workflow #2617
Bug 2018276: Avoid stale annotations by re-subscribing to netlink #2614
Don’t return the error when annotation cannot be unmarshalled #2551
Removes unused nbctl find lb function #2621
: Fix host network to service backed by egress IP pods #2580
Use libovsdb for lrp-add and gateway_chassis #2581
Fix pod handlers for egress IP and removal of old data on node reboot #2572
Dont Add NodePort related iptable rules on the DPU #2619
vendor: bump libovsdb #2618
Fixes incorrect syntax for pod addresses #2616
Add doc links to README.md and remove trailing whitespace from external traffic policy docs #2610
e2e test to validate multicast IGMP query from OVN #2150
pods_test: add test for existing lsp creation workflow #2606
Don’t start svcFactory until after leader-election #2608
ovn-db-checker: don’t use ovsdb-tool for sid #2554
Libovsdb logical switch conversion #2567
Node wait for Controller before initializing Gateway #2523
fix IPv6 support in ovndbmanager and re-enable corresponding HA test in IPv6 #2563
validate the MTU check on the right interface #2504
Metric: Add egress firewall rules metric #2538
Bug 2017909: EgressGW: only return unique elements from getRouteInfosForGateway() #816
Revert #796 and #807 #810
fixup: reduce delta from upstream #807
Merge 2021-10-13 #796
CARRY: go-ovn: prevent deadlock processing Updates during initial DB dump #800
Bug 2016479: Update iface-id-ver for existing ports #802
bump libovsdb #2601
nat operations #2421
Add metrics from ovn-appctl stopwatch/show #2443
Bump Libovsdb #2577
Restricting ovn service account to access configmaps in ovn-k8s namespace #2595
install-kind.sh: Compare kind binary against hardcoded checksum #2585
Update iface-id-ver for existing ports #2591
Fixes race with namespace acl logging updates #2578
cni: Use POD from cache, if available. #2570
Bump ovn version #2569
acl-logging, tests: assert new policies log level #2549
Remove waitForNamespaceLocked #2389
bump libovsdb #2539
Scale/Perf: LGW: LRP 501: Reconstruct the policy using address sets #2424
Change default OVN_BRANCH name to ‘main’. #2566
Embed mutex into allocator struct #2562
Fix cleanExGwECMPRoutes on startup #2564
acl-logging, tests: fix default deny all race #2561
Shared GW: Fix neighbor advertisement flaps for ExternalIP #2540
LGW: Fix duplicate route policy addition #2557
EgressIP: Ignore order when comparing NextHops to GR IPs #2558
Metric: Add Egress IP count metric #2537
libovsdb logical switch port in hybrid-overlay and GetPortAddresses #2527
Set iface-id-ver LSP option only for newly created LSP #2548
reorganization of libovsdb code #2550
Logical router operations #2535
Support configurable ovn-monitor-all. #2547
Update acl logging severity #2526
Ovn fedora update #2542
Bug 2009873: Stale annotations for a given node #2534
Nit-Fix: Remove debug statements from LSPDel #2541
pods: shorten pod retry timer and include backoff #2525
Bug 1998515: ovn-kubernetes repeatedly updates host-addresses annotation on ipv6/dual-stack hosts #2521
Update API version for e2e Tests #2529
remove go-ovn southbound client from hybrid overlay #2528
Upstream unprivileged mode #2508
Use libovsdb for logical switch port operations #2515
Add IPv6 support for “Should validate ingress connectivity from an external gateway” e2e test #2524
Reduce nsInfo contention on external gateway ops #2516
Bump ovnver to fix multicast relay issue when DGP are configured #2522
libovsdb: tweak timeout #2517
CI: Fix ovn-ci-periodic job #2501
Annotators rework #2510
Fix IPv6 e2e tests #2518
libovsdb: Use libovsdb for load balancer operations #2468
libovsdb: Use libovsdb for ACLs and port groups #2415
Fix E2E IPv6 tests: adapt addresses and subnets #2505
Remove CNI CMD Check #2511
Bump tmpl from 1.0.4 to 1.0.5 in /.github/actions/cleanup-action #2509
Set always_learn_from_arp_request to false for cluster router. #2496
Bug 2002657: ovn-kube egress IP monitoring is using a random port over the node network #2495
Generate client with monitor for SB and NB DB #2494
Bug 1999261: filter out KubeAPIAuth when logging CNI requests (improved) #2486
Bug 2000057: panic after EgressFirewall deletion and DNS record expiration #2471
Bump k8s.io/kubernetes from 1.20.2 to 1.20.7 in /test/e2e #2474
setup fake iptables helpers to avoid random failures in make check #2489
kind.sh: Ignore missing key when disabling ipv6 #2480
Fixes skipping pods accidentally in retry #2472
fixes as it relates to node addition/update handling #2482
Fix collector #2462
Fix LGW Node SyncServices #2386
Ensure host veths are cleaned up properly #2481
Update libovsdb, connect only to masters #2464
Fixes misuse of pod annotations during update event #2477
Bug 1999261: filter out KubeAPIAuth when logging CNI requests #2479
kind.sh: Make kind image configurable #2449
fix golangci-lint related issues #2475
Add “iface-id-ver=${POD_UID}” tuple to the external-ids of logical and OVS ports #2455
Fix ginkgo argument for unit test case specification #2473
lsm: remove duplicate wording in error message #2470
master: give leader election an event recorder #2465
Revert “Taint node with NoSchedule effect when ovnkube pod is down” #2459
Make ensureJoinLRPIPs thread-safe #2463
Bug 1997438: egressfirewall not set after upgrade #2460
master: don’t fail trying to cache same GW LRP IPs as already exist #2456
Fix lb delete during node deletion #2457
Get rid of address sets lock and ips cache #2444
Shared GW: Fix wrong action for IPv6 incoming Geneve packets #2454
factory: split watcher creation and start #2431
Documentation: Update installation documentation #2446
Documentation: Improve CI documentation #2452
Fix ensurePod to call addPodExternalGW only for annotation updates #2453
Fixes backwards values for election timer #2447
Bump to main: optional field value fix for in-mem DB #2448
Use DGP to connect logical switches to the cluster router. #2388
Dockerfile.fedora: Update ovn build to ovn-21.06.0-15.fc33. #2440
Modify matchers to take into account optional field values #2445
Fixes ensure address set #2438
Update test matcher for libovsdb #2437
Succesor for PR 2331 [fix reserve joinSwitch LRP IPs] #2434
Add quotes around nexthop and dst-ip fields #2435
bump libovsdb #2433
Fix errors during delete for get object meta #2432
Bump path-parse from 1.0.6 to 1.0.7 in /.github/actions/cleanup-action #2413
Readiness Probe improvements for ovn-northd and ovn-controller containers #2430
Egress IP: fix failing test #2428
Scale Improvement: nsinfo RW Mutex #2429
factory: remove duplicate include #2427
Update vendor libraries to kubernetes 1.22 #2423
fix RunOVNNbctlUnix() to access OVN NBDB through unix domain socket #2425
Scale fixes #2385
Documentation: Update ovnkube-trace documentation #2420
Documentation: Improve CI documentation #2422
Shared gateway use ct_mark to classify host/ovn traffic #2330
vendor: bump libovsdb #2417
Sync exgw routes on startup #2348
Per-service loadbalancers, session affinity #2294
vendor: bump go-ovn #2412
Sync egress IP for pod and namespace changes on restart #2300
changing addressset to use libovsdb and testing in CI #2372
ovnkube-trace: Auto determine SSL status for OVN #2310
attempting to reduce cardinality in the interest of memory performance #2384
DBChecker: reconcile the election timeouts when specified #2356
ci: Periodic job remove redundant booleans and use names #2405
ci: fix running e2e tests #2403
Dockerfile: make Tim the maintainer #2401
fix typo in test-go.sh #2396
CI: Remove redundant booleans and use names for all of the features. #2398
test: fix ExpectNoError() message formatting #2390
Tests: fix ipv6 conversion flake #2399
Fix NodePort #2393
test: fix flake where tainted nodes cause other tests to fail #2370
HBO: Make GetPortAddresses return portMAC even if portIP is nil #2395
kind.sh: Add dependency check for required binaries #2382
hybrid-overlay: ensure that named networks are valid for Windows #2374
Add the default cluster name to upgrade.sh #2378
libovsdb: matcher compare slices as sets #2383
fix unnamed uuids in test harness #2377
Implement externalTrafficPolicy Feature #2136
Remove some CI jobs #2376
Kind: Make SGW as default #2349
Run libovsdb modelgen on latest OVN NB schema #2373
Support named uuids in libovsdb test harness #2369
quit retrying pod setup if the pod is already gone from informers cache #2342
pods: log when pod setup starts #2368
Bump ovn version to 21.06.0-12.fc33 #2287
Smart-NIC support phase2 #2042
Additional pod handler race #2359
kind.sh: Check for pod object creation #2354
Enable external gateway tests to support second bridge and enable CI #2289
Add v6 management interface address for host network policy #2358
Taint node with NoSchedule effect when ovnkube pod is down #2183
Fix node handler stepping on pod handler #2355
Bump glob-parent from 5.1.1 to 5.1.2 in /.github/actions/cleanup-action #2253
Bump ws from 5.2.2 to 5.2.3 in /.github/actions/cleanup-action #2252
Bug 1987445: Fix gateway routers answer ARP/NDP requests for LoadBalancer/ExternalIP services #793
Bug 2011386: pods: fix overwriting returned error from defer() #787
Bug 2007443: bump OVN to ovn21.09-21.09.0-20.el8fdp #784
pods: remove unnecessary LSPGet() calls #781
Bug 1959352: phase 2 scale improvements #750
ovs: bump to 2.16.0-15.el8fdp #775
Bug 2006325: Bump OVN to ovn21.09-21.09.0-19.el8fdp #768
Updating ose-ovn-kubernetes images to be consistent with ART #744
Bug 1999261: filter out KubeAPIAuth when logging CNI requests #742
Bug 2002010: Fixes skipping pods accidentally in retry #739
Bug 2000057: panic after EgressFirewall deletion and DNS record expiration #741
Bug 2003195: Ensure host interfaces are deleted by CNI #738
Fix bad merge on egressip test #732
Bug 2002372: Fixes misuse of pod annotations during update event #735
Bug 1995335: Add “iface-id-ver=${POD_UID}” tuple to the external-ids of logical and OVS ports #729
Bug 1903408: Merge externalTrafficPolicy ONLY #663
Bug 1976399: DBChecker: reconcile the election timeouts when specified #647
Bug 1998614: Ensure client handling of canceled/dropped OVSDB monitor #717
Bug 1997438: egressfirewall not set after upgrade #716
Bug 1998423: kube master don’t fail trying to cache same GW LRP IPs as already exist #705
Bug 1986946: Fix ensurePod to call addPodExternalGW only for annotation updates #691
Bug 2000721: bump OVS userland to openvswitch2.16-2.16.0-6.el8fdp #714
Bug 1999852: bump OVN to ovn21.09-21.09.0-18.el8fdp #704
Bug 1999138: Revert “Taint node with NoSchedule effect when ovnkube pod is down” #708
README: Add doc links #669
Bug 1998146: Fix lb delete during node deletion #698
Bug 1962344: Use DGP to connect logical switches to the cluster router. #688
Bug 1997270: bump OVN to ovn21.09-21.09.0-15.el8fdp #685
Bug 1995816: [4.9] backport “attempting to reduce cardinality in the interest of memory performance” #672
Bug 1997114: Fixes ensure address set #684
Bug 1994647: Add quotes around nexthop and dst-ip fields #677
Bug 1973215: fix reserve joinSwitch LRP IPs #679
Bug 1989615: Fix GetPortAddresses for HBO #670
Bug 1943334: Taint node with NoSchedule when ovnkube pod is down #671
Bug 1995330: Cherry-pick of per-service loadbalancers #666
Bug 1959352: scale fixes 1 #667
Bug 1978797: Sync exgw routes on startup #658
Bug 1994069: bump OVN to ovn21.09-21.09.0-13.el8fdp #659
Bug 1976215: Fix: sync egress IP for missed events on start-up #655
Bug 1991793: [4.9] bump OVN to ovn21.09-21.09.0-12.el8fdp #652
Bug 1989694: Bump OVN to ovn21.09-21.09.0-10.el8fdp #643
Bug 1986440: Bump OVN to ovn21.09-21.09.0-9.el8fdp #630
Bug 1986443: Fix pod handler race downstream #628
Bump OVN to ovn21.09-21.09.0-8.el8fdp #621
Bump OVS to openvswitch2.15-2.15.0-28.el8fdp #622
Bug 1985512: Add v6 management interface address for host network policy #623
Merge 2021-07-21 2nd #619
Move Geneve header length constants into types package #2352
ovnkube-trace: Refactor get linkIndex from /sys interface #2308
Dont print pod retries if not scheduled #2350
Taint nodes with a too small MTU #2326
Kind: add an option to create a second interface in all nodes #2273
ECMP for Egress IP #2212
Kind doc: simplify instructions with podman (minor) #2346
Enable an optional second bridge for external gw traffic #2318
Merge 2021-07-18 #609
cni: pass Kube API auth via cnishim response, not CNI config file #2345
ovnkube-trace: Autodetermine ovnNamespace #2306
addGWRoutesForPod: don’t fail if the routes are already added #2343
Fix lgw external ip #2244
Kind script: add support for podman #2315
Fix namespace locking and waiting #2337
Infer subnet for node /128 IPv6 addresses #2338
Delete per pod nat when adding gw routes to namespace #2272
Idling: check existing loadbalancer before moving the vip to the idling #2325
cni: cancel old pod sandbox add requests if the pod’s UID or MAC changes #2275
docs: Add multicast information #2319
Fix duplicate incrementing of subnet allocation metric #2333
services: batch LoadBalancer VIP deletions when possible #2329
Add hbo-lr-policy only if config.HybridOverlay.ClusterSubnets is set #2314
namespace: track how long namespace addition takes #2328
services: log errors and don’t panic if the service doesn’t exist any more #2327
Add libovsdb clients to controllers & test harness #2274
Add unit test for Kube.SetAnnotationsOnPod #2291
nicstobridge.go: Improve logging message when address move fails #2324
Check /sys/class/net for ifindex when ip command is not available inside Pod #1975
Bug 1973286: Merge 2021-07-06 #600
Fix bug #2316 mixed up flow targets #2317
Enable IPv6 e2e tests for control-plane #2276
Add routes for pod: fail only after checking all the gw addresses / ips #2293
ovnkube-trace: Only install deps with pip3 if deps are not met #2312
avoid prometheus cardinality explosion #2279
docs: Improve kind documentation #2304
Fixes stale routes after external gateway pods delete/update #2302
Upgrade to kind 0.11.1 #2292
Fix some warnings at make clean #2283
Remove namespaces after the tests #2284
Adds back logical ports for pods during node add #2281
Bug 1962387: Update existing policy ACLs on start #2236
Bug 1965074: return an error for empty openflow patch and/or phy ports. #2245
Adding upgrade testing as part of e2e tests #2186
policy: fix gressPolicy data race on delete #2259
remove egressFirewalls dependency on the namespace object. #2230
Add generated code using libovsdb #2217
Bug 1973813: 6-21-2021 merge #582
docs: Export KUBECONFIG in Run KIND deployment section #2263
Remove GCE from skipped tests #1902
Bug 1961757: Add ovn-controller logical flow cache options #2247
Declare a maximum line length for batching #2266
Detect if OVS supports check pkt length #2267
Updating ose-ovn-kubernetes images to be consistent with ART #578
Bug 1972287: 6-17-21 merge #579
Minor egress IP fixes #2264
Shared Gateway Node Port Skip commit to CT-Zone 64000 #2261
bump version of go used for building images is CI testing #2258
Minor fix to allocating slice for gress policy #2255
Fix connectivity for egress firewall matching pods to cluster services #2256
Avoid recursion when calculating max supported args #2254
Batching: Fixes finding maximum bash arguments #2246
NetworkPolicy: bulk-add pods to new policies (or on restart) #2249
cni: wait up to 1 second for pods to appear in the API #2251
Fixes getNodeIPs assuming dualstack #2250
Fix compatibility of multiple ipBlock NetworkPolicies #2248
Fix ipv4/localgw/NonHA CI #2239
fix data race in tests: ovn mock: deep-copy return values #2242
Refactoring e2e test - fixing waiting period when delete db files #2188
healthcheck: distinguish ofport check error messages #2234
Increase timeouts for ttl egressFirewall DNS tests #2237
policy: remove incorrect deletion from lsp cache #2227
Smart-NIC Remove VF Representor port on OVS failure #2240
Fix error message #2241
Fixes handling large packets towards OVN #2225
Remove GetAclByName() #2231
Batch ovn commands for Egress firewall #2223
Fix ovn-controller log level var name #2233
policy: reduce lock contention on policy object #2228
Fix services node add #2208
Split large nbctl transactions #2221
properly sync EgressFirewall on startup #2213
annotator: remove unused failure handling callback #2174
Adds back checking OF flows for CNI #2220
Extend gateway tests to validate connectivity from gateway to pod #2210
address_set: fix test suite file name and suite name #2218
NewAddressSet: return nil in case of error #2216
ovn: fix some concurrency issues in fakeAddressSet #2222
Bump lodash from 4.17.19 to 4.17.21 in /.github/actions/cleanup-action #2211
Bump hosted-git-info from 2.8.8 to 2.8.9 in /.github/actions/cleanup-action #2214
Dockerfile.fedora: bump to ovn-21.03.0-32.fc33 #2219
Reduces number of OVN operations in services #2201
Fix go-fmt errors #2209
Add FakeExec call validation to node smart-nic tests #2203
Add Namespace and rule Number to gress policy ACL name #2207
pkg/factory: more complete handle metrics #2200
Stale ports: use ovnNBClient to delete them. #2190
policy: release LSP lock before adding pods to default-deny portgroups. #2205
Bump the go-ovn version to f0122836cc35fcadf72de8698b26157c5a42a9f8 #2206
pods: suppress expected “object not found” error getting LSP options #2195
Fix pod -> svc -> host LGW flow #2202
change egressFirewall to be enabled with a cli flag #2192
Remove improper checks for pod routes #2197
CNI cmdCheck: treat ingress_policing_rate=0 as not found #2182
policy: handle NetworkPolicies single “from” multiple “ipBlock” #2191
Fixes data race in hybrid overlay tests #2196
pods: make LSPGetOptions error more descriptive #2193
Fixes statically linking CNI binary #2189
Purge only the lprs with nexthops of the same family of new nexthop #2185
Go 1.16 + CI fixes #2178
fix deadlock in EgressFirewall DNS code #2169
Fix typo in error log message #2176
Should allow shared and local gateway dns resolution #2125
pods: bind pod logical switch ports to the node’s chassis with requested-chassis #2163
Fix routes for node ips #2159
master: Delay deleting Namespace’s address set for 20 seconds #2168
Fix mockery test #2175
Implement LRSR functionalities for Mocks Testing #2158
Remove node-side egress IP clients #2167
add JacobTanenbaum to the list of approvers #544
Bug 1958375: Bump OVN to 20.12.0-140.el8fdp #580
Updating .ci-operator.yaml build_root_image from openshift/release #574
Bug 1956955: Batching: Fixes finding maximum bash arguments #567
Bug 1970068: Fixes getNodeIPs assuming dualstack #568
Bug 1958972: Fixes adding nodes to use new Services controller #554
Bug 1927047: Handling packet sizes greater than pod MTU #559
Bug 1955783: Add Namespace and rule Number to ACL name #532
Bug 1961852: policy: reduce lock contention on policy object #560
Bug 1960757: CARRY: block MCS for shared-gateway mode. #542
Bug 1954773: adding cli flag for egressfirewall and removing CRD watcher #541
Bug 1962392: CARRY: fix missed learn for hybrid exgw #551
Bug 1956955: Reduces number of OVN operations in services #2201 #545
Bug 1958958: NewAddressSet: return nil in case of error #540
Bug 1952819: Bump the go-ovn version to f0122836cc35fcadf72de8698b26157c5a42a9f8 #537
Bug 1953680: policy: handle NetworkPolicies single “from” multiple “ipBlock” #530
Bug 1952819: handle nbdb deletes on reconnect / delete stale ports using goovn client #528
Bug 1957039: Fix pod -> svc -> host LGW flow #531
Bug 1959058: policy: release LSP lock before adding pods to default-deny portgroups. #529
Bug 1949582: CNI cmdCheck: treat ingress_policing_rate=0 as not found #522
Bug 1950471: Purge only the lprs with nexthops of the same family of new nexthop #516
Bug 1952262: Revert “removing the hybrid overlay externalGW code” #511
Bug 1953169: endpoint slice controller doesn’t handle services target port correctly #515
Bug 1944121: master: Delay deleting Namespace’s address set for 20 seconds #499
Bug 1947917: fix deadlock in EgressFirewall DNS code #502
Bug 1950159: Fix linter errors in OCP Hacks #495
Bug 1947712: pods: bind pod logical switch ports to the node’s chassis with requested-chassis #500
Bug 1945948: Fixes local node IP reachability in shared gateway mode #498
Bug 1930248: Sync management port for an existing node #497
Sync management port correctly if it changes for an existing node #2164
4-9-21 merge #496
Set the default value of host network namespace to empty string #2165
netpol: Changes to support network policy for host network traffic #2093
Wait one second between checking the last event and generating a new one #2161
ovnkube-trace support for IPv6 #2111
Bypass conntrack for Geneve pod to pod traffic #2160
Smart-NIC Support Phase1 #2005
Bugfix/sync management port v2 #2115
Unidling: make the wait shorter / check for longer time #2155
Fix: egress IP route health check detection state on restart #2153
Dockerfile: bump OVS to openvswitch2.15-2.15.0-9 #492
Bug 1944180: 3-30-21 merge #480
Ensure no SNAT on GR for DisableSNATMultipleGws #2146
Bug 1940233: setting max offset for IPv6 CIR to prevent overflow #2134
Use go-ovn bindings for port group commands #2030
Makefile: Allow CTRL+C when running in container #2135
services: don’t assume Status.LoadBalancer.Ingress IPs are populated #2145
Adding docutext and fixing usage of target #2127
Adding openvswitch-test package so that ovs-tcpdump is available in all pods #2142
Replace ACL reject rules with a reject=true loadbalancer for services without endpoints #2124
master: cancel leader election on exit #2140
Improvements to unit test scripts #2137
FakeExec: don’t panic when a cmd does not match #2126
don’t exit on config changes #2133
Dockerfile: bump OVS to openvswitch2.15-2.15.0-2 #461
Add wait to iptables commands for OCP Hacks #476
3-24-21 merge #475
cni: Use new port-up OVN notification mechanism (when possible). #1996
Support go-ovn Logical Switch functions in mock infrastructure #2070
Add NetFlow/SFlow/IPFIX support #2082
kind: script restructuring #2084
3-22-21 merge #472
Re-work egress firewall to use ACLs + miscellaneous fixes #1971
Change naming conventions for network policy ACL’s #2064
unidling controller must process cache events #2122
modify CGO build flag for ovn-k8s-cni-overlay binary #2112
More hybrid overlay fixes #2121
Fixes Hybrid Overlay for services with hybrid endpoints #2100
Fix dead link for k8s test binaries #2113
Properly log when hybrid overlay errors out #2110
Fixes adding duplicate ECMP routes #2106
External gateway namespace tests: Cover BFD #2091
BZ 1927845: Bump OVS version to 2.13.0-79.5.el8fdp #434
Remove valadas from owners #469
Bump OVN to ovn2.13-20.12.0-25.el8fdp #470
Bug 1934643: Downstream merge 3-10-21 #458
External gateway pod tests: Cover BFD #2090
Update Network Policy Documentation #1866
E2E: Expand the coverage of the gateway pod test #2029
Enable support for BFD on external gateway routes #2077
Downstream merge 3-4-21 #440
Fixes incorrect services in KIND CI and DGP MAC #2092
RetryOnConflict() is meant for resource update and expects unchanged err #2087
Fix multicast querier. #2088
enable new endpoint slice controller (and fix service idling) #2001
Refactor iptables rules for NodePort and ExternalIP services #2002
Resync node management port on subnet change #2083
don’t compare endpoints on nodes #2081
changed EventuallyExpectEmptyAddressSet() to do what it says #2069
Remove focusing on table #2080
master: enable logical datapath groups for OVN >= 20.12 #2074
Bump OVN to latest from advisory #2078
Fix ACL syntax for dual-stack #2076
need changes to adapt to the new cluster/status output #2073
E2E tests: extend the gw test to cover ipv6 / multiple protocols #2014
OVN convert from single to dualstack #2013
avoid updating address sets if the pod is not scheduled to a node yet #2052
Change assignmentRetry for egress IP to a proper map + mutex #2056
Temporarily downgrade OVN #2065
Bump OVN to ovn2.13-20.12.0-24.el8fdp #447
Downstream merge 2-22-21 #438
Fix typo: delete -> update #2063
use ‘-mod vendor’ in all of the go test invocations #2059
util goovn TLS connection need to use the latest rotated certificates #2054
E2E tests: test ingress for externalip services #1991
De-flake unit test #2053
detect if the cluster has endpoint slices #2049
remove ovnkube workaround for single-stack ipv4 #2043
Enable DB memory trimming on compaction #1920
E2E: Add a nodeport connectivity test #1985
EgressIP: cleanup stale e2e test data + wait for setup #2037
Fix reject acl for dualstack #2047
Skip all sig-api-machinery tests #2044
ovnkube-node Pod restart will break external nw connectivity for pods #2039
Bump up the api version used by e2e tests to 0.20.0. #1990
refactor ovn gateway package #2036
Revert to fedora33 and skip disruptive tests #2032
refactor: using goovn bindings for adding ACL in addAllowACLFromNode() #1884
Skip AdmissionWebhook confformance tests #2026
Fix CI stability #2018
deflake e2e test for egressip #2022
Add OVN logLevel parameters to kind.sh #1982
bump kind to 0.10.0 #1997
Move e2e_test.go to e2e.go #1998
Set –num-nodes in e2e-kind.sh #2004
Allow for linter to run with podman as a runtime #1999
Swap ns and podName args in WaitForPodNotPending() #1993
[fixes BZ #1916872] Handle Multus network-status annotations on pod update #1970
switch to newer fedora:34 so to enable ovn 20.12 #1956
images: ignore ovnkube-trace #1980
Manage and update the gateway OpenFlow rules using flow cache #1915
add option to enable empty events in KIND #1966
Import ginkgo and gomega using pacagename on pkg/util and pkg/ovn #1819
metrics: Add Workqueue Metrics #1942
unit test example with fake client-go #1919
Fixes flakes in egress gw unit test #1923
use kubernetes v1.20.0 in kind #1955
fix service controller repair function race #1945
Configure GARP for egress IP re-assignment #1939
refactor ovn events code #1927
Check IP family for exgws #1944
db: Handle pruning of unhealthy db files on disk #1930
Add IPv6 multicast support. #1705
Expose Ovn db metrics for Prometheus #1882
[BZ #1903651] Add clusterIP to ingress policy AS for SNAT-ed hairpin Traffic #1921
Fix egressFirewall segfault caused by restarting #1936
fix for the linter #1935
moving the address_set to its own package #1798
bump kubernetes to 1.20 #1904
Adds OFPort to CNI OVS check #1917
Bug 1918442: Fix idling and rejects for 4.7 #433
Create a podman image to use with CI so linter/utests can be run #431
Updating ose-ovn-kubernetes builder & base images to be consistent with ART #432
Bug 1892472: Allow for linter to run with podman as a runtime #430
Bug 1892472: Run linter, utests, and gofmt in container #428
Dockerfile: yum ‘==’ operator deprecated #405
Bug 1915295: fix service controller repair loop race #418
Bug 1910533: Configure GARP for egress IP re-assignment #422
Bug 1917605: Fixes deleting exgw pod #420
Bug 1914250: support multipath to detect default gateway #419
Bug 1915027: Fix MCS-blocking iptables rules #400
Bug 1917911: Add ovnkube-trace binary to image #416
Bug 1903651: Add clusterIP to ingress policy AS for SNAT-ed hairpin Traffic Cherry Pick #408
Updating ose-ovn-kubernetes builder & base images to be consistent with ART #404
Bug 1908888: Check IP family for exgws #407
Bug 1908762: Cherry-pick commits for multicast support for v4 and v6 #403
Bug 1915981: Dockerfile: add ethtool & conntrack, and change maintainer email to Tim #396
Bug 1909911: Fix egressFirewall segfault caused by restarting #398
Bug 1903660: Handle pruning of unhealthy db files on disk #406
Bug 1908789: Dockerfile: bump OVS to 2.13.0-79 #402
Bug 1908231: Assign readyFunc during local gateway init #393
Bug 1885761: Adds OFPort to CNI OVS check #386
Bug 1907328: add iproute-tc package #383
Bug 1906986: 12-11-20 merge #384
Adds reconciliation for hanging pod adds #1910
Remove dead rpm advisory for OVN #1911
Add support to the CNI CHECK command #1862
shared-gateway: ignore empty Ingress IPs #1909
12-9-20 merge #376
node: Fix gateway start ordering #1905
don’t run etcd in memory #1871
Dualstack Services with Endpoint Slices #1898
config: Make v4 and v6 join subnets configurable #1868
metrics: Add metrics for total and available subnets for nodes #1861
enable e2e test UDP Nodeport service #1889
Bump kubernetes version to 1.20 #1894
Dockerfile: bump OVN to 20.09.0-21 #375
2020-12-05 upstream merge (ovnkube trace, gateway ingress CI, misc fixes) #371
Fixes Ingress Load Balancer ACL #1893
Add CI e2e for ingress gateway #1836
node: Run gateway after wait #1886
Fix shadowed error variable #1883
Initial commit ovnkube-trace #1810
12-03-2020 merge with Ingress ACL fix #370
Fix lb ingress shared gw and fixes endpoint deletion #1845
implement dns names in egressfirewall #1597
Dockerfile: Add required packages to enable IPsec #344
12-01-2020 merge #366
removing the hybrid overlay externalGW code #1858
refactor boilerplate mock object processing code in UT into its own struct/function #1849
Add address family checks to the external gateway feature #1855
fixing few raft db startup script issues #1863
have to use the kube interface during windows initialization #1877
Increase QPS and Burst setting #1878
Make GR SNAT using host CT zone in shared GW mode #1875
Small fixes for external GW #1815
Enable debug logging for unit test runs #1820
egressIP defaulting to true causes the wrong behavior. #1852
expose Kubernetes clientset in the OVN controller #1864
Changes klog to klog v2 consistent with upstream kubernetes. #1817
bump k8s CI version to 1.19.4 #1865
Bump OVN to 20.09.0-20 #365
Add missing python3-pyOpenSSL library #323
Bug 1897480: Bump OVS to >= 2.13.0-72.fdp8 for lldpd CVE fix #358
Bug 1887456: 11-20-2020 merge #357
Fixes parsing quotes on OVS iface ID #1860
factory: Fix informer inital adds and subsequent updates test #1840
fix network policy when the namespace label changes #1850
Adds pod subnet flows on shared gw bridge #1844
Fixes ICMPv6 flooding behavior #1851
cni: fix up logging after PR#1830 #1841
Changes local gateway flows to NORMAL action #1843
Added unit test for RunOVSDBTool() #1814
Fix mistake in ovn-ci crontab #1847
Add e2e-periodic workflow #1813
Bug 1888827: 11-13-2020 merge #317
cni: cancel sandbox ADD when the pod is deleted #1830
Various service fixes #1839
Improve kind cleanup #1833
Fix panic during upgrade #1838
fix SIGSEGV when gw init error #1837
Fix lb ingress service iptables rules for local gw #1834
CNI: quit waiting for pod flows for obsoleted ADD #1831
Fix egress IP re-assignment for network failing node + minor fixes #1784
decouple ovn gateway commands from controller #1811
test: Set GOMAXPROCS to 1 #1824
Directly load balance traffic to cloud load balancers #1818
Bump Fedora 32 OVN build #1823
egress network policies should have OVN acls with allow-related action #1775
Add CI for multiple ecmp external gateways #1769
Fix race in informers_test #1804
Fix arm build DPDK version and source #1808
Fix Reject ACLs and improve logging #1785
Fix default deny port removal issue #1800
Fix shared gateway flood/normal behavior #1774
Remove shared gw check in e2e ci #1803
move const decleration for the ovn_cluster_router to a types package #1797
Use the ovn-db-pod label to identify db pods running on the node #1777
gw: add default connection tracking rules even when NodePort is disabled #1799
Refactor Local/Shared Gateway code to simplify watches #1586
modify the periodic job to run dual-stack against k8s master #1779
Replacement of the “in-house” listening port creation, by one from k8… #1771
config: fix dual-stack config parsing #1787
scale: revert back to one single join switch #1547
Fixes External IP with local gateway mode #1772
Enable race detector for unit testing #1640
Miscellaneous cleanups and unification #1735
pkg/factory: let nodes watch less #1313
Add missing python3-openvswitch and pyOpenSSL #1770
Add e2e for the pod gateway feature #1732
Added e2e for egress firewall #1629
.github: Replace usage of set-env #1773
Add unit tests for functions in pkg/kube/kube.go #1734
Add e2e test for egress IP #1709
Guard against nil address set usage #1764
Adds CNI check for table ls_out_port_security flows #1760
Cleanup a switch with the same operation in 2 cases #1762
Closes #1619: write up to explain mocks organization and generation #1631
Fix egress IP test SIGSEGV #1768
util: Fix incorrect mock import #1767
Pod IPs could be leaked in some cases #1737
Add unit tests for functions in cni/bandwidth.go #1611
script to regenerate mocks for interfaces in vendor directory #1675
dist: bump OVN to ovn-20.09.0-1.fc31 #1745
Cleanup egress* clientset code #1589
Move service reject ACLs to a cluster port group #1711
On node deletion restore the NORMAL action and not FLOOD action #1761
Correct egress IP assignment for egress node IPs #1668
README: use correct modern syntax for cluster subnets arg #1722
Fix pollimmediate for pod readiness in e2e test #1725
Fix testcase pod vs. namespace watch ordering #1643
Bump OVN to 20.09.0-7 #327
Owners: Remove Phil from reviewers #322
Add missing python3-openvswitch library #316
Updating ose-ovn-kubernetes builder & base images to be consistent with ART #303
10 14 2020 merge #311
Avoid restarting ovn-dbchecker if the local db check-cluster fails #1751
10-8-2020 merge #306
Fix service sync reject ACL name matching #1749
Consider changed configuration when kicking out raft members #1747
Gate on dual stack job #1742
remove requeing of hostnetwork pods causing spurious errors #1746
Bump @actions/core from 1.2.4 to 1.2.6 in /.github/actions/cleanup-action #1743
Full changelog

thanos

Bump openshift/thanos to v0.28.1 #91
Bump openshift/thanos to v0.28.0 #90
Add fpetkovski to triage list #5481
Endpoint: Refactor get clients methods #5468
*: Merge release 0.27 to main #5479
OWNERS: Add Joao and myself, and move former team members to emeritus #88
Bump openshift/thanos to v0.27.0 #85
Merge release 0.26 to main #5334
Bug 2067877: [bot] Bump openshift/thanos to v0.26.0 #83
makefile: Fix Makefile support for arm64 #5236
Bump openshift/thanos to v0.25.2 #80
*: Cut release 0.25.2 #5253
Bump openshift/thanos to v0.25.1 #79
Bump openshift/thanos to v0.25.0 #78
Docs: Add mixin design doc again #5129
Merge release 0.24 to main #5018
Merge release 0.23 to main #5017
Bump openshift/thanos to v0.24.0 #76
Updating thanos images to be consistent with ART #77
Bump openshift/thanos to v0.23.1 #75
Updating thanos images to be consistent with ART #74
OWNERS: cleanup #73
Updating thanos images to be consistent with ART #72
Updating thanos images to be consistent with ART #71
openshift: Add script to generate rh-manifest.txt #65
Bug 1973576: Bump thanos to v0.22.0 #63
Checking sampled traces to create exemplar #4190
Updated receive-split proposal for spelling and nitpicks #4198
Merge release-0.20 to main #4115
Updating thanos images to be consistent with ART #61
Update OWNERS file to reflect new maintainers #59
Updating .ci-operator.yaml build_root_image from openshift/release #60
Bug 1945500: Bump downstream thanos to v0.20.2 #58
Add Truphone as an adopters #4031
Add POST method for exemplars API #3980
Implement federated exemplar API #3846
Added matchers support to TSDB store #3897
Bug 1953518: cmd/thanos: use miekgdns resolver as default #55
Bug 1934325: bump to v0.19.0 #54
Api: Add flag to set default step #3740
stalebot: Add an exempt label to ignore issue that has a PR #3789
Update prometheus and cortex #3804
Query-frontend: use detailed text description for cmd #3655
Lints: Remove UnixSocket not used and use right comment #3685
scripts/quickstart: add external label for Thanos Rule #3664
mixin: Reintroduce thanos_objstore_bucket_operation_failures_total alert #3567
Replicate can specify blocks to copy #3388
Use direct cache in index reader for symbol values #3557
Bug 1926598: pkg/rules: fix deduplication of equal alerts with different labels #51
Updating thanos builder & base images to be consistent with ART #50
Updating thanos builder & base images to be consistent with ART #48
Bug 1929540: update golang.org/x/text #49
Updating thanos builder & base images to be consistent with ART #45
Bug 1906496: pkg/rules/proxy: fix hotlooping when receiving client errors #46
MON-1302: Bump Thanos to v0.17.2 #43
Bug 1897252: CARRY: cmd/thanos: fix DNS resolution when ctx is canceled #42
Bug 1897252: CARRY: cmd/thanos/query.go: Timeout DNS resolution with refresh inter… #41
Bug 1883765: bump Thanos to v0.16.0 #40
docs: Incorrect rule type in thanos rules federation proposal #3078
Updating thanos builder & base images to be consistent with ART #39
Bug 1870287: pkg/query: eventually update rules client #37
Full changelog

View changelog in Markdown or change previous release:

Source code for this page located on github