Simple, resilient multi-host containers networking and more.
Fixes a problem introduced in 2.8.0 for machines whose unique ID is in /etc/machine-id
#3886
Many thanks to contributor @avestuk for this fix.
Also move Kubernetes API calls out of Weave Net daemon #3885 - this reduces the size of the 'weaver' binary and stops it crashing when run on 32-bit ARM.
This release makes some important changes to trim the "attack surface" of the Kubernetes install, addressing CVE-2020-26278, and improves a couple of reported issues.
Many thanks to contributors @drigz, @KevDBG and @NeonSludge.
This release improves resiliency in a number of areas, and extends the Prometheus metrics exported by Weave Net.
Change in behaviour: on Kubernetes, the client source IP is preserved when calling from a pod to a service.
This feature, introduced in version 2.4.0 and previously turned on by setting NO_MASQ_LOCAL=1
is now on by default. #3389, #3756
type
and encryption
labels to weave_connections
metric #3788, #3789Many thanks to contributors @berlic, @gobomb, @hairyhenderson, @naemono, @nesc58
Note 2.6.4 was created to relax the iptables blocking rule added in this release, because it turned out to be too strict.
This release has a couple of security improvements, and some other fixes. Note that we still recommend to remove CAP_NET_RAW access from untrusted containers.
fixes a regression found in 2.6.1 release and fix to prevent CPU spinning
support for iptables 1.8 and a bug-fix
This release reduces CPU and memory usage in larger clusters, by sending notifications to a smaller set of peers and coalescing updates to reduce topology recalculation. #3715, #3732
The default soft limit on connections has been raised from 100 to 200.
Thanks to contributors @christian-2, @hpdvanwyk, @guirish, @kitt1987, @mmerrill3, @Pensu, @scritchley, @sidharthsurana, @tanishq-dubey