Releases: linkerd/linkerd2-proxy-init
proxy-init v2.2.0
iptables idempotence and small fixes * dev: bump to v39 * iptables: When existing chains are found, log at `info` * iptables: converted `nsenter` syntax to use the more moden `--net=%s` argument syntax * iptables: Make iptables rule application idempotent upon init pod restart (thanks @jim-minter!)
validator v0.1.1
Add prescriptive logging messages when validator fails This release adds more logging capabilities to `linkerd-network-validator`. The new failure messages will allow users to know whether the validator has failed as intended (i.e when testing network configuration) or if it has failed due to an error in the environment.
proxy-init v2.1.0
Added the validator to the build process. * Split proxy-init and validator into separate release processes (#115) * Bump actions/cache from 3.0.8 to 3.0.9 (#110) * Bump library/rust from 1.63.0-slim to 1.64.0-slim (#109) * Changing --no-deploy to --disable as per the fatal error warning message (#108) * dev: Update devcontainer to v30 (#105) * Bump actions/cache from 3.0.7 to 3.0.8 (#104) * Add validator to build process (#103) * Update to Rust 1.63 (#102) * Add a container network validation utility (#92) * dev: Update to v28 (#100)
validator v0.1.0
This is the first release of the linkerd-network-validator utility. It will be included as
a part of the proxy container image to validate that iptables is properly configured.
What's Changed
- dev: Update to v28 by @olix0r in #100
- Add validator code by @mateiidavid in #92
- Update to Rust 1.63 by @olix0r in #102
- Add validator to build process by @mateiidavid in #103
- Bump actions/cache from 3.0.7 to 3.0.8 by @dependabot in #104
- dev: Update devcontainer to v30 by @olix0r in #105
- Changing --no-deploy to --disable as per the fatal error warning message by @stevej in #108
- Bump actions/cache from 3.0.8 to 3.0.9 by @dependabot in #110
- Bump library/rust from 1.63.0-slim to 1.64.0-slim by @dependabot in #109
- Bump actions/cache from 3.0.9 to 3.0.10 by @dependabot in #111
- Bump actions/checkout from 3.0.2 to 3.1.0 by @dependabot in #112
- Bump github.com/spf13/cobra from 1.5.0 to 1.6.0 by @dependabot in #116
- Revert "Bump library/rust from 1.63.0-slim to 1.64.0-slim (#109)" by @kleimkuhler in #117
- release: Split proxy-init and validator releases by @olix0r in #115
- Bump docker/setup-qemu-action from 2.0.0 to 2.1.0 by @dependabot in #118
- Bump docker/login-action from 2.0.0 to 2.1.0 by @dependabot in #119
- Bump docker/setup-buildx-action from 2.0.0 to 2.1.0 by @dependabot in #120
- ci: Avoid invoking cargo on non-rust changes by @olix0r in #121
New Contributors
- @stevej made their first contribution in #108
- @kleimkuhler made their first contribution in #117
Full Changelog: v2.0.0...validator/v0.1.0
Contributors
Assets 8
v2.0.0
What's Changed
proxy-init sources have been moved to a new location thereby breaking API compatibility with previous versions. Base images have also been bumped to get new security updates. Lastly, Go has been bumped to v1.18.
- dev: Add a devcontainer, update dependabot
- Bump golang from 1.16.9-alpine3.14 to 1.18.2-alpine3.14
- Bump alpine from 3.14.2 to 3.16.1
- ci: Use devcontainer in workflows
- dev: Update integration test harness
- dev: Update tester to Go 1.18
- dev: Set a timeout when testing failed connections
- Update Go version to v1.18
- Bump alpine from 3.16.1 to 3.16.2
- Move all go code into the
proxy-initdirectory - Enable Go linters
Full Changelog: v1.6.2...v2.0.0
v1.6.2
What's Changed
This release adds system capabilities to xtables-nft-multi binary. Aside from
sys caps, this release also adds a new just recipe to prune cache layers and
bumps several dependencies.
- Bump actions/cache from 3.0.4 to 3.0.5 by @dependabot in #69
- Bump docker/setup-buildx-action from 1.6.0 to 2 by @dependabot in #70
- Bump docker/setup-qemu-action from 1.2.0 to 2 by @dependabot in #71
- Add sys net caps to xtables-nft-multi by @mateiidavid in #72
- Add Docker Cache Prune to just recipe by @mateiidavid in #73
- Bump github.com/sirupsen/logrus from 1.8.1 to 1.9.0 by @dependabot in #74
Contributors
Assets 2
v1.6.1
What's Changed
- Fix issue with
--waitflag where the flag would be applied toiptables-save
resulting in errors when configuring the firewall.
v1.6.0
What's Changed
New linkerd2-proxy-init release adds support for iptables-nft by adding two new CLI flags that specify the binaries for iptables and iptables-save. Both default to the legacy version of iptables on Alpine.
- Added support for
iptables-nft - Bump github.com/spf13/cobra from 1.4.0 to 1.5.0
v1.5.3
What's Changed
- Bump github.com/spf13/cobra from 1.2.1 to 1.3.0
- Lowercase logs and remove redundant lines
v1.5.2
Added --skip-subnets [cidr] option. When used, packets whose source IP
is included in the cidr list will not be redirected to the proxy's inbound port.
This should allow users to run docker-in-docker workloads using linkerd.