Releases: aws/amazon-vpc-cni-k8s
Releases · aws/amazon-vpc-cni-k8s
v1.16.3
v1.16.3
IMPORTANT: v1.16.3 contains a regression (#2807) that may lead to high CPU consumption by the aws-node pod when the maximum number of ENIs have been attached to a node. This bug is being addressed in v1.16.4.
Release Notes
- With this release, the Network Policy agent image is updated to v1.0.8.
- With this release, the VPC CNI now supports IPv4 clusters where only a subset of nodes enable IPv6 egress (instead of all).
Changes since v1.16.2
- Dependency - Dependabot updates (@jdn5126 )
- Dependency - Upgrade Golang version to 1.21.6 (@jdn5126 )
- Improvement - Enable ENABLE_V6_EGRESS on Clusters with Mixed IPv6/IPv4 Subnets (@sergeylanzman )
- Improvement - cni-metrics-helper add podAnnotation value (@prysmakou )
- Improvement - Track max pods, simplify warm IP pool management (@jdn5126 )
- Improvement - Faster eni scaleup (@jchen6585 )
To manually apply this release:
kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/v1.16.3/config/master/aws-k8s-cni.yaml
Note that the following regions use different manifests:
us-gov-east-1:
kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/v1.16.3/config/master/aws-k8s-cni-us-gov-east-1.yaml
us-gov-west-1:
kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/v1.16.3/config/master/aws-k8s-cni-us-gov-west-1.yaml
cn:
kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/v1.16.3/config/master/aws-k8s-cni-cn.yaml
To apply this release using helm:
Follow the installation instructions in https://github.com/aws/amazon-vpc-cni-k8s/blob/v1.16.3/charts/aws-vpc-cni/README.md#installing-the-chart
Verify the update:
$ kubectl describe daemonset aws-node -n kube-system | grep Image | cut -d "/" -f 2-3
amazon-k8s-cni-init:v1.16.3
amazon-k8s-cni:v1.16.3
amazon/aws-network-policy-agent:v1.0.8
Contributors
prysmakou, sergeylanzman, and 2 other contributors
Assets 2
v1.16.2
v1.16.2
Release Notes
- The VPC CNI has reverted the CNI spec to 0.4.0 in order to maintain compatibility with EKS 1.23: https://github.com/aws/amazon-vpc-cni-k8s/blob/v1.16.2/misc/10-aws.conflist
- With this release, the VPC CNI can now support up to 50 CIDRs in nftables mode.
Changes since v1.16.0
- Bug - Refactor IPTable Rules (@jchen6585 )
- Bug - log for DelNetworkReply now differentiates between IPv4 and IPv6 addr… (@zachdorame )
- Dependency - revert CNI spec to 0.4.0 (@jdn5126 )
- Dependency - update crypto to patch CVE-2023-48795 (@haouc )
- Dependency - Dependabot updates: aws-sdk-go, containernetworking/plugins, go-logr, grpc, k8s.io/cli-runtime (@jdn5126 )
- Enhancement - Iptables mock (@jchen6585 )
To manually apply this release:
kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/v1.16.2/config/master/aws-k8s-cni.yaml
Note that the following regions use different manifests:
us-gov-east-1:
kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/v1.16.2/config/master/aws-k8s-cni-us-gov-east-1.yaml
us-gov-west-1:
kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/v1.16.2/config/master/aws-k8s-cni-us-gov-west-1.yaml
cn:
kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/v1.16.2/config/master/aws-k8s-cni-cn.yaml
To apply this release using helm:
Follow the installation instructions in https://github.com/aws/amazon-vpc-cni-k8s/blob/v1.16.2/charts/aws-vpc-cni/README.md#installing-the-chart
Verify the update:
$ kubectl describe daemonset aws-node -n kube-system | grep Image | cut -d "/" -f 2-3
amazon-k8s-cni-init:v1.16.2
amazon-k8s-cni:v1.16.2
amazon/aws-network-policy-agent:v1.0.7
Contributors
haouc, jdn5126, and 2 other contributors
Assets 2
v1.16.0
v1.16.0
Release Notes
- The VPC CNI now uses CNI spec 1.0.0: https://github.com/aws/amazon-vpc-cni-k8s/blob/v1.16.0/misc/10-aws.conflist
- With VPC CNI v1.16.0, Security Groups for Pods is now supported on IPv6 clusters.
- One caveat to be aware of compared to IPv4 is that ICMPv6 Neighbor Discovery must be allowed in EC2 security groups in order for pods to properly resolve IPv6 addresses to MAC addresses.
Changes since v1.15.5
- Bug - check if ipv4Addr or ipv6Addr is empty before calling AnnotatePod() (@zachdorame )
- Bug - Fix enabling of Metrics and Introspection Endpoint (@jdn5126 )
- Cleanup - swicth grpc deprecated method to new method (@Icarus9913 )
- Cleanup - swicth k8s deprecated method to new method (@Icarus9913 )
- Dependency - Update golang.org/x/crypto to v0.17.0 (@jdn5126 )
- Dependency - Bump github.com/containerd/containerd from 1.7.6 to 1.7.11 (@dependabot )
- Dependency - Update upstream CNI plugins to v1.4.0 (@jdn5126 )
- Documentation - Remove hard-coded comment for primary intf (@jdn5126 )
- Documentation - Fix Infof/Debugf/Errors to use correct function names (@dims )
- Feature - Add parameters for tuning revisionHistory and securityContext (@bodgit )
- Feature - Manifest for Multus 4.0.2 thick plugin support (@jdn5126 )
- Feature - IPv6 Security Groups for Pods Support (@jdn5126 )
- Feature - Prometheus metrics scraping from CNI metrics helper (@jayanthvn )
- Improvement - add instance types (@jchen6585 )
- Improvement - Update CHANGELOG, charts, and manifests for v1.15.5 release; update aws-vpc-cni ConfigMap default settings (@jdn5126 )
- Improvement - adding feature flags to configmap charts (@haouc )
- Improvement - No need to set accept_ra or accept_redirects for non-primary interfaces (@jdn5126 )
- Improvement - Simplify IPv6 Gateway Calculation (@jdn5126 )
To manually apply this release:
kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/v1.16.0/config/master/aws-k8s-cni.yaml
Note that the following regions use different manifests:
us-gov-east-1:
kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/v1.16.0/config/master/aws-k8s-cni-us-gov-east-1.yaml
us-gov-west-1:
kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/v1.16.0/config/master/aws-k8s-cni-us-gov-west-1.yaml
cn:
kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/v1.16.0/config/master/aws-k8s-cni-cn.yaml
To apply this release using helm:
Follow the installation instructions in https://github.com/aws/amazon-vpc-cni-k8s/blob/v1.16.0/charts/aws-vpc-cni/README.md#installing-the-chart
Verify the update:
$ kubectl describe daemonset aws-node -n kube-system | grep Image | cut -d "/" -f 2-3
amazon-k8s-cni-init:v1.16.0
amazon-k8s-cni:v1.16.0
amazon/aws-network-policy-agent:v1.0.7
Contributors
dims, bodgit, and 7 other contributors
Assets 2
v1.15.5
v1.15.5
Minor Changes since v1.15.4
- Bug - Add watch permission for CNINode resource (@jdn5126 )
- Improvement - Upgrade go from 1.21.4 to 1.21.5 (@jchen6585 )
- Improvement - Dependabot Golang updates, test agent fix (@jdn5126 )
- Improvement - Bump aws-sdk-go to v1.48.2 (@jchen6585 )
Note
- The bundled Network Policy agent image has been updated to v1.0.7. The
--conntrack-cache-cleanup-periodcommand line arg for the Network Policy agent container has been added to the helm chart. - Pod identity credentials are supported starting in this release.
To manually apply this release:
kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/v1.15.5/config/master/aws-k8s-cni.yaml
Note that the following regions use different manifests:
us-gov-east-1:
kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/v1.15.5/config/master/aws-k8s-cni-us-gov-east-1.yaml
us-gov-west-1:
kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/v1.15.5/config/master/aws-k8s-cni-us-gov-west-1.yaml
cn:
kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/v1.15.5/config/master/aws-k8s-cni-cn.yaml
To apply this release using helm:
Follow the installation instructions in https://github.com/aws/amazon-vpc-cni-k8s/blob/v1.15.5/charts/aws-vpc-cni/README.md#installing-the-chart
Verify the update:
$ kubectl describe daemonset aws-node -n kube-system | grep Image | cut -d "/" -f 2-3
amazon-k8s-cni-init:v1.15.5
amazon-k8s-cni:v1.15.5
amazon/aws-network-policy-agent:v1.0.7
Contributors
jdn5126 and jchen6585
Assets 2
v1.15.4
v1.15.4
Minor Changes since v1.15.3
- Documentation - Update prefix-and-ip-target.md (@nicolajknudsen )
- Feature - Upgrade CNI spec from 0.4.0 to 1.0.0 (@jdn5126 )
- Improvement - Upgrade go from 1.21.3 to 1.21.4 (@jdn5126 )
- Improvement - Refactor AllocENI (#2640) (@jchen6585 )
- Improvement - Update Golang Dependencies (@jdn5126 )
- Improvement - generate-limits (@dougbyrne )
Note
- The bundled Network Policy agent image has been updated to v1.0.6.
- The VPC CNI still uses spec 0.4.0 by default: https://github.com/aws/amazon-vpc-cni-k8s/blob/v1.15.4/misc/10-aws.conflist , but spec 1.0.0 is supported. The default spec version will be updated to 1.0.0 in the v1.16.0 release.
To manually apply this release:
kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/v1.15.4/config/master/aws-k8s-cni.yaml
Note that the following regions use different manifests:
us-gov-east-1:
kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/v1.15.4/config/master/aws-k8s-cni-us-gov-east-1.yaml
us-gov-west-1:
kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/v1.15.4/config/master/aws-k8s-cni-us-gov-west-1.yaml
cn:
kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/v1.15.4/config/master/aws-k8s-cni-cn.yaml
To apply this release using helm:
Follow the installation instructions in https://github.com/aws/amazon-vpc-cni-k8s/blob/v1.15.4/charts/aws-vpc-cni/README.md#installing-the-chart
Verify the update:
$ kubectl describe daemonset aws-node -n kube-system | grep Image | cut -d "/" -f 2-3
amazon-k8s-cni-init:v1.15.4
amazon-k8s-cni:v1.15.4
amazon/aws-network-policy-agent:v1.0.6
Contributors
dougbyrne, jdn5126, and 2 other contributors
Assets 2
v1.15.3
v1.15.3
Major Changes since v1.15.1
- Bug - Fully address CVE-2023-44487 (@jdn5126 )
- Improvement - feat(chart): Made node agent optional (@stevehipwell )
- Improvement - Update Golang to 1.21.3 (@jdn5126 )
- Improvement - Go module updates and Golang builder image update (@jdn5126 )
Note
- The bundled Network Policy agent image has been updated to v1.0.5.
- The Network Policy agent container can now be removed from the Daemonset during helm installation by setting
nodeAgent.enabledtofalse.
To manually apply this release:
kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/v1.15.3/config/master/aws-k8s-cni.yaml
Note that the following regions use different manifests:
us-gov-east-1:
kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/v1.15.3/config/master/aws-k8s-cni-us-gov-east-1.yaml
us-gov-west-1:
kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/v1.15.3/config/master/aws-k8s-cni-us-gov-west-1.yaml
cn:
kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/v1.15.3/config/master/aws-k8s-cni-cn.yaml
To apply this release using helm:
Follow the installation instructions in https://github.com/aws/amazon-vpc-cni-k8s/blob/v1.15.3/charts/aws-vpc-cni/README.md#installing-the-chart
Verify the update:
$ kubectl describe daemonset aws-node -n kube-system | grep Image | cut -d "/" -f 2-3
amazon-k8s-cni-init:v1.15.3
amazon-k8s-cni:v1.15.3
amazon/aws-network-policy-agent:v1.0.5
Contributors
stevehipwell and jdn5126
Assets 2
v1.15.1
v1.15.1
Major Changes since v1.15.0
- Bug - Do not patch CNINode for custom networking unless SGPP is enabled (@jdn5126 )
- Bug - Pass CNINode scheme to k8s client only (@jdn5126 )
- Bug - fix(chart): Switch base64 encoded cniConfig.fileContents to the binaryData (@VLZZZ )
- Cleanup - chore: remove refs to deprecated io/ioutil (@testwill )
- Documentation - Update example table 'Pod per Prefixes' value (@rlaisqls )
- Documentation - Bandwidth plugin with NP is currently unsupported (@jayanthvn )
- Documentation - Update the use of privileged flag in aws-vpc-cni manifest (@jaydeokar )
- Improvement - Dependabot Updates (@jdn5126 )
- Improvement - Update Golang Builder image (@jdn5126 )
- Improvement - Add ENABLE_V4_EGRESS env var to control IPv4 egress in IPv6 clusters (@jdn5126 )
- Improvement - Reduce API calls (@jchen6585 )
- Improvement - Add cni version to userAgent (@jchen6585 )
- Improvement - bump controller runtime to 0.16.1 (@jchen6585 )
- Improvement - Instance limits api pkg (@jchen6585 )
- Improvement - Mimic VPC-RC limit struture (@jchen6585 )
- Metrics - rename warm pool metrics (@lnhanks )
- Metrics - Only metrics (@lnhanks )
- Testing - Remove self-managed node group from custom-networking suite (@jdn5126 )
- Testing - Integration test cleanup: Security Groups for Pods (@jdn5126 )
Note
- A new environment variable,
ENABLE_V4_EGRESS, has been added: https://github.com/aws/amazon-vpc-cni-k8s#enable_v4_egress-v1151 - A new command line flag for the Network Policy Agent,
enable-policy-event-logs, has been added: https://github.com/aws/aws-network-policy-agent#enable-policy-event-logs
To manually apply this release:
kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/v1.15.1/config/master/aws-k8s-cni.yaml
Note that the following regions use different manifests:
us-gov-east-1:
kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/v1.15.1/config/master/aws-k8s-cni-us-gov-east-1.yaml
us-gov-west-1:
kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/v1.15.1/config/master/aws-k8s-cni-us-gov-west-1.yaml
cn:
kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/v1.15.1/config/master/aws-k8s-cni-cn.yaml
To apply this release using helm:
Follow the installation instructions in https://github.com/aws/amazon-vpc-cni-k8s/blob/v1.15.1/charts/aws-vpc-cni/README.md#installing-the-chart
Verify the update:
$ kubectl describe daemonset aws-node -n kube-system | grep Image | cut -d "/" -f 2-3
amazon-k8s-cni-init:v1.15.1
amazon-k8s-cni:v1.15.1
amazon/aws-network-policy-agent:v1.0.4
To manually apply this release for CNI Metrics Helper:
kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/v1.15.1/config/master/cni-metrics-helper.yaml
Note that the following regions use different manifests:
us-gov-east-1:
kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/v1.15.1/config/master/cni-metrics-helper-us-gov-east-1.yaml
us-gov-west-1:
kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/v1.15.1/config/master/cni-metrics-helper-us-gov-west-1.yaml
cn:
kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/v1.15.1/config/master/cni-metrics-helper-cn.yaml
To apply this release using helm for CNI Metrics Helper:
Follow the installation instructions in https://github.com/aws/amazon-vpc-cni-k8s/blob/v1.15.1/charts/cni-metrics-helper/README.md#installing-the-chart
Verify the update for CNI Metrics Helper:
$ kubectl describe deployment cni-metrics-helper -n kube-system | grep Image | cut -d "/" -f 2
cni-metrics-helper:v1.15.1
Contributors
jayanthvn, testwill, and 6 other contributors
Assets 2
v1.15.0
v1.15.0
Major Changes since v1.14.1
- Feature - Add support for VPC Resource Controller's CNINode (reintroduce #2442) (@haouc )
- Feature - Add DISABLE_CONTAINER_V6 to disable IPv6 networking in container network namespaces (@jdn5126 )
- Feature - IP_COOLDOWN_PERIOD environment variable for ip cooldown period configuration (@jchen6585 )
- Improvement - Fix test kubeconfig, upgrade helm (@jdn5126 )
- Improvement - Update instance limits for upcoming vpc-cni release (@jchen6585 )
- Improvement - Upgrade controller-runtime to v0.15.0 (@jdn5126 )
Note
This release modifies the aws-node ClusterRole. It removes update permission for the nodes resources and adds get, list, patch for CNINode resources. When upgrading or downgrading the AWS VPC CNI, make sure to apply the entire manifest, which includes the aws-node ClusterRole. Otherwise, the containers may not start properly.
The VPC CNI now uses the CNINode CRD for enabling Security Groups for Pods. This deprecates the use of the vpc.amazonaws.com/has-trunk-attached label.
To manually apply this release:
kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/v1.15.0/config/master/aws-k8s-cni.yaml
Note that the following regions use different manifests:
us-gov-east-1:
kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/v1.15.0/config/master/aws-k8s-cni-us-gov-east-1.yaml
us-gov-west-1:
kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/v1.15.0/config/master/aws-k8s-cni-us-gov-west-1.yaml
cn:
kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/v1.15.0/config/master/aws-k8s-cni-cn.yaml
To apply this release using helm:
Follow the installation instructions in https://github.com/aws/amazon-vpc-cni-k8s/blob/v1.15.0/charts/aws-vpc-cni/README.md#installing-the-chart
Verify the update:
$ kubectl describe daemonset aws-node -n kube-system | grep Image | cut -d "/" -f 2-3
amazon-k8s-cni-init:v1.15.0
amazon-k8s-cni:v1.15.0
amazon/aws-network-policy-agent:v1.0.2
To manually apply this release for CNI Metrics Helper:
kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/v1.15.0/config/master/cni-metrics-helper.yaml
Note that the following regions use different manifests:
us-gov-east-1:
kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/v1.15.0/config/master/cni-metrics-helper-us-gov-east-1.yaml
us-gov-west-1:
kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/v1.15.0/config/master/cni-metrics-helper-us-gov-west-1.yaml
cn:
kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/v1.15.0/config/master/cni-metrics-helper-cn.yaml
To apply this release using helm for CNI Metrics Helper:
Follow the installation instructions in https://github.com/aws/amazon-vpc-cni-k8s/blob/v1.15.0/charts/cni-metrics-helper/README.md#installing-the-chart
Verify the update for CNI Metrics Helper:
$ kubectl describe deployment cni-metrics-helper -n kube-system | grep Image | cut -d "/" -f 2
cni-metrics-helper:v1.15.0
Contributors
haouc, jdn5126, and jchen6585
Assets 2
v1.14.1
v1.14.1
Major Changes since v1.14.0
- Improvements - This updates the
aws-eks-nodeagentcontainer to address the race condition issue in SDK while generating access logs - Improvements - The helm chart now has two new flags added (
healthProbeBindAddr&metricsBindAddr) to make the metrics port configurable foraws-eks-nodeagent. By default it now binds to port8162and8163
To manually apply this release:
kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/v1.14.1/config/master/aws-k8s-cni.yaml
Note that the following regions use different manifests:
us-gov-east-1:
kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/v1.14.1/config/master/aws-k8s-cni-us-gov-east-1.yaml
us-gov-west-1:
kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/v1.14.1/config/master/aws-k8s-cni-us-gov-west-1.yaml
cn:
kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/v1.14.1/config/master/aws-k8s-cni-cn.yaml
To apply this release using helm:
Follow the installation instructions in https://github.com/aws/amazon-vpc-cni-k8s/blob/v1.14.1/charts/aws-vpc-cni/README.md#installing-the-chart
Verify the update:
$ kubectl describe daemonset aws-node -n kube-system | grep Image | cut -d "/" -f 2-3
amazon-k8s-cni-init:v1.14.1
amazon-k8s-cni:v1.14.1
amazon/aws-network-policy-agent:v1.0.2
To manually apply this release for CNI Metrics Helper:
kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/v1.14.1/config/master/cni-metrics-helper.yaml
Note that the following regions use different manifests:
us-gov-east-1:
kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/v1.14.1/config/master/cni-metrics-helper-us-gov-east-1.yaml
us-gov-west-1:
kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/v1.14.1/config/master/cni-metrics-helper-us-gov-west-1.yaml
cn:
kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/v1.14.1/config/master/cni-metrics-helper-cn.yaml
To apply this release using helm for CNI Metrics Helper:
Follow the installation instructions in https://github.com/aws/amazon-vpc-cni-k8s/blob/v1.14.1/charts/cni-metrics-helper/README.md#installing-the-chart
Verify the update for CNI Metrics Helper:
$ kubectl describe deployment cni-metrics-helper -n kube-system | grep Image | cut -d "/" -f 2
cni-metrics-helper:v1.14.1
v1.14.0 Release
v1.14.0
Major Changes since v1.13.4
- Feature - Kubernetes Network Policy support
- The
aws-nodepod now includes an additional container,aws-eks-nodeagent, in order to support Kubernetes Network Policy.
The Network Policy Agent (aws-eks-nodeagent) is available here - https://github.com/aws/aws-network-policy-agent
Breaking Changes
The aws-eks-nodeagent container listens for metrics on port 8080 by default. This can conflict with other applications that bind to port 8080 in the host network. The metrics port for aws-eks-nodeagent can be changed via the metrics-bind-addr command line argument for the container.
To manually apply this release:
kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/v1.14.0/config/master/aws-k8s-cni.yaml
Note that the following regions use different manifests:
us-gov-east-1:
kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/v1.14.0/config/master/aws-k8s-cni-us-gov-east-1.yaml
us-gov-west-1:
kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/v1.14.0/config/master/aws-k8s-cni-us-gov-west-1.yaml
cn:
kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/v1.14.0/config/master/aws-k8s-cni-cn.yaml
To apply this release using helm:
Follow the installation instructions in https://github.com/aws/amazon-vpc-cni-k8s/blob/v1.14.0/charts/aws-vpc-cni/README.md#installing-the-chart
Verify the update:
$ kubectl describe daemonset aws-node -n kube-system | grep Image | cut -d "/" -f 2-3
amazon-k8s-cni-init:v1.14.0
amazon-k8s-cni:v1.14.0
amazon/aws-network-policy-agent:v1.0.1
To manually apply this release for CNI Metrics Helper:
kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/v1.14.0/config/master/cni-metrics-helper.yaml
Note that the following regions use different manifests:
us-gov-east-1:
kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/v1.14.0/config/master/cni-metrics-helper-us-gov-east-1.yaml
us-gov-west-1:
kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/v1.14.0/config/master/cni-metrics-helper-us-gov-west-1.yaml
cn:
kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/v1.14.0/config/master/cni-metrics-helper-cn.yaml
To apply this release using helm for CNI Metrics Helper:
Follow the installation instructions in https://github.com/aws/amazon-vpc-cni-k8s/blob/v1.14.0/charts/cni-metrics-helper/README.md#installing-the-chart
Verify the update for CNI Metrics Helper:
$ kubectl describe deployment cni-metrics-helper -n kube-system | grep Image | cut -d "/" -f 2
cni-metrics-helper:v1.14.0