Skip to content

v2.1.3

Compare
Choose a tag to compare
@github-actions github-actions released this 27 May 21:59
· 136 commits to master since this release
f6c45f3

Summary

Another bugfix release. This one fixes an issue with TCP MSS clamping (e.g. packet MTU's not being properly negotiated during TCP handshake) and an issue where iptables wasn't properly identifying that rules existed in chains causing iptables definitions to increase with every call to sync NetworkPolicy ending up in linear growth of iptables rule definitions.

Contributions

Special thanks to @rkojedzinszky for fixing the TCP MSS clamping on DSR services.

Other Notes

The iptables definition growth was seemingly caused by iptables user-space tooling v1.8.10 which means that this likely only affected users of the kube-router container that was updated to alpine 3.19. User's using kube-router as a daemon outside a container runtime, may want to be wary of updating the iptables user-space to that version.

Changelog

  • f6c45f3 - feat(alpine): revert 3.19 -> 3.18 <Aaron U'Ren>
  • e980a17 - fix(nsc): remove previous TCPMSS rules during setting up DSR <Richard Kojedzinszky>
  • defdf64 - fix(nsc): remove previous TCPMSS rules <Aaron U'Ren>
  • b1070f1 - feat(nsc): apply TCPMSS rules on kube-bridge interface only <Richard Kojedzinszky>
  • 5fdde06 - fix(nsc): TCPMSS rules are created per-service and for reply packets only <Richard Kojedzinszky>