eBPF-based Networking, Security, and Observability
Minor Changes:
cilium-dbg bgp routes advertised
command without specifying a peer (Backport PR #30230, Upstream PR #30033, @rastislavs)Bugfixes:
resource.Store
in Start()
hive hooks of BGP CP to ensure proper BGP CP initialization. (Backport PR #30079, Upstream PR #29954, @rastislavs)CI Changes:
Misc Changes:
Other Changes:
quay.io/cilium/cilium:v1.15.0-rc.1@sha256:53e4473bc10a04ffe86e8de5b3e2b5cce6a72954b29ae50f329753820f46261b
quay.io/cilium/clustermesh-apiserver:v1.15.0-rc.1@sha256:dede7d9d56156f284d0a993e18b3a97901aa19b8ea63898b0c26cda46f0593fb
quay.io/cilium/docker-plugin:v1.15.0-rc.1@sha256:3993c08f20bfb441223122f80a94fc5f940119cc70226ca279888673ae0ff3f7
quay.io/cilium/hubble-relay:v1.15.0-rc.1@sha256:137fc854260d59127d10234ec8ed2c389382bdd0c62911398e083cd7d0cdabec
quay.io/cilium/operator-alibabacloud:v1.15.0-rc.1@sha256:ddefe38b20d9f352685b486897a77787202b9f855d0679496792864c4fa59500
quay.io/cilium/operator-aws:v1.15.0-rc.1@sha256:7d4b7b931d15a14048cbcdf4ff9fdd432dbc03d12128e5c0e12d215631cade28
quay.io/cilium/operator-azure:v1.15.0-rc.1@sha256:fcffa96ffcd271419933b127cfccd51c45a3d5ecbc92858f505a2b4e2d84c0f7
quay.io/cilium/operator-generic:v1.15.0-rc.1@sha256:a85e9ce2ca1c337050f4a2eab60255aaaeb386415de8a3810298a4a88dedf7b8
quay.io/cilium/operator:v1.15.0-rc.1@sha256:c7f989c98b0be42a993d5ad425f1346d1f7d671edcc502b88ecd20a979d8db33
Minor Changes:
Bugfixes:
CI Changes:
Misc Changes:
netip.Addr
to net.IP
and back (#29625, @tklauser)Resource[T]
(#29414, @pippolo84)quay.io/cilium/cilium:v1.15.0-rc.0@sha256:dfd696fb4325e996098607224cf379ccdbbe969634750fa10082e7ac31d0819a
quay.io/cilium/clustermesh-apiserver:v1.15.0-rc.0@sha256:7a6be505270347b8e4076941b282ecd3c89cbdce68f50a3ba6e0bd5a60553c47
quay.io/cilium/docker-plugin:v1.15.0-rc.0@sha256:fe6325f2268adafa28b0a0a81f5f2254014fc1aa8981c47fce6c688e3879993a
quay.io/cilium/hubble-relay:v1.15.0-rc.0@sha256:eb89a6c12bef00f62f393630958f58d769f0add5ba6fa914180ec21d845034ae
quay.io/cilium/operator-alibabacloud:v1.15.0-rc.0@sha256:9f34a4d32c87f7dfb7fff45c2660e58113a036dca06e75ea20b5bd46856c20fa
quay.io/cilium/operator-aws:v1.15.0-rc.0@sha256:d28d947653bff9ad9a010bdc4bb75d3f0ce5517b601d768075f11ea32242491c
quay.io/cilium/operator-azure:v1.15.0-rc.0@sha256:0f6828ab7688159e3b7bc259094af6c9643783a48b2fc0630885dcabe9249831
quay.io/cilium/operator-generic:v1.15.0-rc.0@sha256:cc0800697151d9a68c9547c66e9d5f4a67537efd369cb10caf19e79748b24b02
quay.io/cilium/operator:v1.15.0-rc.0@sha256:5e14c97ee92c6eef799b3125ab4b557c3c7c6cfe55d78c8c655bdf7aae4212ab
We are pleased to release Cilium v1.14.5.
This release include expanded credential and resource limit related configuration parameters for the Agent DaemonSet and SPIRE agent, fixes to an issue where stale nodes would appear in the cilium_node_connectivity_* metrics, enhancements to the detail shown by the IPsec CLI subcommands, a fix to a datapath fix for SNAT running behind multiple network interfaces, a fix to NAT entry GC when DSR enabled, a fix for endpoint label changes during the re-init restoration, and a variety of other stability enhancements. Also included are performance enhancements to concurrency techniques used in policy generation and the selectorcache read/write path.
Minor Changes:
Bugfixes:
cilium bpf nat list
that used to display the same values. (Backport PR #29187, Upstream PR #27062, @gentoo-root)cilium encrypt status
. (Backport PR #29641, Upstream PR #29182, @viktor-kurchenko)CI Changes:
Misc Changes:
Other Changes:
We are pleased to release Cilium v1.13.10.
This release include expanded SA credential and resource limit related configuration parameters for the Agent DaemonSet, fixes to an issue where stale nodes would appear in the cilium_node_connectivity_* metrics, enhancements to the detail shown by the IPsec CLI subcommands, a fix to a datapath fix for SNAT running behind multiple network interfaces, and a fix to NAT entry GC when DSR enabled. In addition, there are performance enhancements to concurrency techniques used in policy generation and the selectorcache read/write path.
Minor Changes:
Bugfixes:
cilium encrypt status
. (Backport PR #29640, Upstream PR #29182, @viktor-kurchenko)CI Changes:
Misc Changes:
Other Changes:
We are pleased to release Cilium v1.12.17.
This release include expanded SA credential and resource limit related configuration parameters for the Agent DaemonSet, fixes to an issue where stale nodes would appear in the cilium_node_connectivity_* metrics, enhancements to the detail shown by the IPsec CLI subcommands, and a datapath fix for SNAT running behind multiple network interfaces. In addition, there are performance enhancements to concurrency techniques used in policy generation and the selectorcache read/write path.
Minor Changes:
Bugfixes:
cilium encrypt status
. (Backport PR #29639, Upstream PR #29182, @viktor-kurchenko)CI Changes:
Misc Changes:
Other Changes:
Major Changes:
--max-connected-clusters=511
, a new cluster will be able to connect to a ClusterMesh with up to 511 clusters. If enabled, the number of possible cluster-local identities will be reduced to 32,768. This feature can only be enabled on new clusters, and all clusters in the ClusterMesh must share the same configuration. (#27520, @thorn3r)Minor Changes:
cilium-dbg bgp route-policies
command & include it in the bugtool (#28973, @rastislavs)--single-cluster-route
flag (#29221, @gandro)Bugfixes:
ImplementationSpecific
Ingress paths (which for Cilium Ingress means regex path matches) are now sorted correctly in between Exact
and Prefix
matches. (#29381, @youngnick)cilium bpf nat list
that used to display the same values. (#27062, @gentoo-root)cilium encrypt status
. (#29182, @viktor-kurchenko)CI Changes:
loop not unrolled
error in pktgen (#28942, @dylandreimerink)Misc Changes:
cilium_event_ts metric
description (#29303, @christarazi)pkg/common/ipsec
(#29002, @pchaigno)cilium_host
IP restoration (#28781, @gandro)linuxNodeHandler
IPsec functions to their own file (#28941, @pchaigno)encrypt flush
command (#28795, @pchaigno)cilium-dbg node list
(#29196, @tklauser)docker.io/cilium/cilium:v1.15.0-pre.3@sha256:c09d3fc906f26edbc93494cc46e6616668d7931a05470f02b9f9a266c2cfc279
quay.io/cilium/cilium:v1.15.0-pre.3@sha256:c09d3fc906f26edbc93494cc46e6616668d7931a05470f02b9f9a266c2cfc279
docker.io/cilium/clustermesh-apiserver:v1.15.0-pre.3@sha256:74f30ab524a07ffb3e74e2c0d5c34f7a03f1b090f45e3f4450db3d34800ada4d
quay.io/cilium/clustermesh-apiserver:v1.15.0-pre.3@sha256:74f30ab524a07ffb3e74e2c0d5c34f7a03f1b090f45e3f4450db3d34800ada4d
docker.io/cilium/docker-plugin:v1.15.0-pre.3@sha256:dee40ce43396547b8ef34b005679e207bdc9f8413ac1abdedbc6ce10a58e3ff2
quay.io/cilium/docker-plugin:v1.15.0-pre.3@sha256:dee40ce43396547b8ef34b005679e207bdc9f8413ac1abdedbc6ce10a58e3ff2
docker.io/cilium/hubble-relay:v1.15.0-pre.3@sha256:95833c3375b48cf72d1c122da6ffed2f69bd7c6b76cd373f5a8455c0c527cc4b
quay.io/cilium/hubble-relay:v1.15.0-pre.3@sha256:95833c3375b48cf72d1c122da6ffed2f69bd7c6b76cd373f5a8455c0c527cc4b
docker.io/cilium/operator-alibabacloud:v1.15.0-pre.3@sha256:a4ad0149c6ebfa87692379cd090ee25a41621dcf98af2a910f767ef46df72a51
quay.io/cilium/operator-alibabacloud:v1.15.0-pre.3@sha256:a4ad0149c6ebfa87692379cd090ee25a41621dcf98af2a910f767ef46df72a51
docker.io/cilium/operator-aws:v1.15.0-pre.3@sha256:c99a09adf0be9ec82d6407ad5d8a87c635258a88292417e4feebf83fb90d36f6
quay.io/cilium/operator-aws:v1.15.0-pre.3@sha256:c99a09adf0be9ec82d6407ad5d8a87c635258a88292417e4feebf83fb90d36f6
docker.io/cilium/operator-azure:v1.15.0-pre.3@sha256:136d55f7ad5dbbae6c79f6a4d547f2641c590e37a80d745b9c8135fd5b8b5553
quay.io/cilium/operator-azure:v1.15.0-pre.3@sha256:136d55f7ad5dbbae6c79f6a4d547f2641c590e37a80d745b9c8135fd5b8b5553
docker.io/cilium/operator-generic:v1.15.0-pre.3@sha256:01959fb5e0164fbe3f265f42da4e444d9511f716ac26210fea1080c948d4583e
quay.io/cilium/operator-generic:v1.15.0-pre.3@sha256:01959fb5e0164fbe3f265f42da4e444d9511f716ac26210fea1080c948d4583e
docker.io/cilium/operator:v1.15.0-pre.3@sha256:1df2ea3840ca1c012d86f8e9dd785c3f24ce319915db3e6c99150627dfdc08cb
quay.io/cilium/operator:v1.15.0-pre.3@sha256:1df2ea3840ca1c012d86f8e9dd785c3f24ce319915db3e6c99150627dfdc08cb
We are pleased to release Cilium v1.14.4. This release includes several network policy performance improvements, improvements and fixes for IPSec, and numerous bug fixes and architectural improvements.
Minor Changes:
cilium encrypt status
. (Backport PR #28759, Upstream PR #28640, @pchaigno)Bugfixes:
CI Changes:
Misc Changes:
linuxNodeHandler
IPsec functions to their own file (Backport PR #29030, Upstream PR #28941, @pchaigno)encrypt flush
command (Backport PR #29030, Upstream PR #28795, @pchaigno)Other Changes:
We are pleased to release Cilium v1.13.9. This release includes several network policy performance improvements, improvements and fixes for IPSec, and numerous bug fixes and architectural improvements.
Minor Changes:
cilium encrypt status
. (Backport PR #28761, Upstream PR #28640, @pchaigno)Bugfixes:
CI Changes:
Misc Changes:
linuxNodeHandler
IPsec functions to their own file (Backport PR #29034, Upstream PR #28941, @pchaigno)encrypt flush
command (Backport PR #29034, Upstream PR #28795, @pchaigno)Other Changes:
We are pleased to release Cilium v1.12.16. This release includes several network policy performance improvements, improvements and fixes for IPSec, and numerous bug fixes and architectural improvements.
Minor Changes:
cilium encrypt status
. (Backport PR #28762, Upstream PR #28640, @pchaigno)Bugfixes:
CI Changes:
Misc Changes:
linuxNodeHandler
IPsec functions to their own file (Backport PR #29035, Upstream PR #28941, @pchaigno)encrypt flush
command (Backport PR #29035, Upstream PR #28795, @pchaigno)Other Changes:
Major Changes:
Minor Changes:
ingress.cilium.io/ssl-passthrough
annoation for Ingress objects (#28751, @youngnick)cilium encrypt status
. (#28640, @pchaigno)cilium policy selectors
command by including the policy name and namespace in order to easily understand which selector comes from what policy (#27838, @christarazi)policy_import_errors_total
metric (#28423, @tklauser)Bugfixes:
dashboards.enabled=true
(#28542, @bakito)CI Changes:
Misc Changes:
make dev-doctor
. (#28269, @fujitatomoya)RouteTableInterfacesOffset
in system requirements (#28358, @gandro)docker.io/cilium/cilium:v1.15.0-pre.2@sha256:7f077c49ce091428b04de006d5f4cb01b8e32d63dc1d45fa3e372d624681e836
quay.io/cilium/cilium:v1.15.0-pre.2@sha256:7f077c49ce091428b04de006d5f4cb01b8e32d63dc1d45fa3e372d624681e836
docker.io/cilium/clustermesh-apiserver:v1.15.0-pre.2@sha256:19539c7470f27431ee06e4d4bccad40ca206430e3b5f31c8c86cc96e71d85127
quay.io/cilium/clustermesh-apiserver:v1.15.0-pre.2@sha256:19539c7470f27431ee06e4d4bccad40ca206430e3b5f31c8c86cc96e71d85127
docker.io/cilium/docker-plugin:v1.15.0-pre.2@sha256:033f762410bee062c47df96313ffda60683f682db8b562d81614fa7130d3b643
quay.io/cilium/docker-plugin:v1.15.0-pre.2@sha256:033f762410bee062c47df96313ffda60683f682db8b562d81614fa7130d3b643
docker.io/cilium/hubble-relay:v1.15.0-pre.2@sha256:74b20caf534472e274eb020e8ceaf4abfe8d6540c282cb648eb4e0420bccf782
quay.io/cilium/hubble-relay:v1.15.0-pre.2@sha256:74b20caf534472e274eb020e8ceaf4abfe8d6540c282cb648eb4e0420bccf782
docker.io/cilium/kvstoremesh:v1.15.0-pre.2@sha256:68906ec4ff4577eeaff3a263a68037aae83f6727437e07958c6f7b2cac6b564b
quay.io/cilium/kvstoremesh:v1.15.0-pre.2@sha256:68906ec4ff4577eeaff3a263a68037aae83f6727437e07958c6f7b2cac6b564b
docker.io/cilium/operator-alibabacloud:v1.15.0-pre.2@sha256:a6ff662a0e07a383bc617579ca9ece9c093386a001582bc7588ab1e5b5fdf92e
quay.io/cilium/operator-alibabacloud:v1.15.0-pre.2@sha256:a6ff662a0e07a383bc617579ca9ece9c093386a001582bc7588ab1e5b5fdf92e
docker.io/cilium/operator-aws:v1.15.0-pre.2@sha256:81897d31042f34bac5d0d2a25d6dd64f7f294c5711f39ef47ddcb68ef05c1be0
quay.io/cilium/operator-aws:v1.15.0-pre.2@sha256:81897d31042f34bac5d0d2a25d6dd64f7f294c5711f39ef47ddcb68ef05c1be0
docker.io/cilium/operator-azure:v1.15.0-pre.2@sha256:01b92fc10fa76117f61f40fdd20c25d45ea8c205979423e2afd911523317e3ce
quay.io/cilium/operator-azure:v1.15.0-pre.2@sha256:01b92fc10fa76117f61f40fdd20c25d45ea8c205979423e2afd911523317e3ce
docker.io/cilium/operator-generic:v1.15.0-pre.2@sha256:e5506ddf0665307cf4012a9fbe3f1a51c722b63a12e7abd357119b7c2d1f68af
quay.io/cilium/operator-generic:v1.15.0-pre.2@sha256:e5506ddf0665307cf4012a9fbe3f1a51c722b63a12e7abd357119b7c2d1f68af
docker.io/cilium/operator:v1.15.0-pre.2@sha256:060831c979d9eb636e70a51a1e3e5e6eb9f3297492c35b9c6d502a47c11b901e
quay.io/cilium/operator:v1.15.0-pre.2@sha256:060831c979d9eb636e70a51a1e3e5e6eb9f3297492c35b9c6d502a47c11b901e