Packages changed: cilium (1.5.3 -> 1.5.5) helm (3.0.0alpha.1 -> 3.0.0alpha.2) kernel-default-base pkgconf === Details === ==== cilium ==== Version update (1.5.3 -> 1.5.5) - Update to version 1.5.5: * lbmap: Get rid of bpfService cache lock * retry vm provisioning, increase timeout * daemon: Remove svc-v2 maps when restore is disabled * daemon: Do not remove revNAT if removing svc fails * pkg/k8s: add conversion for DeleteFinalStateUnknown objects * cli: fix panic in cilium bpf sha get command * Retry provisioning vagrant vms in CI * pkg/k8s: hold mutex while adding events to the queue * Change nightly CI job label from fixed to baremetal * test: set 1.15 by default in CI Vagrantfile * daemon: Change loglevel of "ipcache entry owned by kvstore or agent" * pkg/kvstore: add etcd lease information into cilium status * pkg/k8s: do not parse empty annotations * maps/lbmap: protect service cache refcount with concurrent access * operator: add warning message if status returns an error * pkg/kvstore: fix nil pointer in error while doing a transaction in etcd * examples/kubernetes: bump cilium to v1.5.4 * bpf: Remove unneeded debug instructions to stay below instruction limit * bpf: Prohibit encapsulation traffic from pod when running in encapsulation mode * pkg/endpointmanager: protecting endpoints against concurrent access * test: set k8s 1.15 as default k8s version * CI: Clean VMs and reclaim disk in nightly test * allocator: fix race condition when allocating local identities upon bootstrap * identity: Initialize well-known identities before the policy repository. * cilium: docker.go ineffectual assignment * Disable automatic direct node routes test * kubernetes-upstream: add seperate stage to run tests * docs: update documentation with k8s 1.15 support * test: run k8s 1.15.0 by default in all PRs * test: test against 1.15.0 * vendor: update k8s to v1.15.0 * bpf: Set random MAC addrs for cilium interfaces * endpoint: Set random MAC addrs for veth when creating it * vendor: Update vishvananda/netlink * mac: Add function to generate a random MAC addr * test: remove unused function * test: introduce `ExecShort` function * docs: Clarify about legacy services enabled by default * pkg/metrics: re-register newStatusCollector function * CI: Clean workspace when all stages complete * CI: Clean VMs and reclaim disk after jobs complete * CI: Report last seen error in CiliumPreFlightCheck * fqdn: correctly populate Source IP and Port in `notifyOnDNSMsg` * test: do not overwrite context in `GetPodNamesContext` * test: change `GetPodNames` to have a timeout * test: make sure that `GetPodNames` times out after 30 seconds * CI: Ensure k8s execs cancel contexts * test: Fix NodeCleanMetadata by using --overwrite * test: add timeout to `waitToDeleteCilium` helper function * .travis: update travis golang to 1.12.5 * Don't set debug to true in monitor test * pkg/lock: fix RUnlockIgnoreTime * daemon: fix endpoint restore when endpoints are not available * Preload vagrant boxes in k8s upstream jenkinsfile * pkg/health: Fix IPv6 URL format in HTTP probe * test: use context with timeout to ensure that Cilium log gathering takes <= 5 minutes * k8s: Introduce test for multiple From/To selectors * k8s: Fix policies with multiple From/To selectors * test: create session and run commands asynchronously * test: bump to k8s 1.14.3 * test: error out if no-spec policies is allowed in k8s >= 1.15 * test/provision: upgrade k8s 1.15 to 1.15.0-beta.2 * test: have timeout for `Exec` * pkg/kvstore: introduced a dedicated session for locks * pkg/kvstore: implement new *IfLocked methods for etcd * kvstore/allocator: make the allocator aware of kvstore lock holding * pkg/kvstore: add Comparator() to KVLocker * pkg/kvstore: add new *IfLocked methods to perform txns * test: bump k8s 1.13 to 1.13.7 * test: Enable IPv6 forwarding in test VMs * docs: Remove architecture target links * test: add serial ports to CI VMs * *.Jenkinsfile: remove leftover failFast * endpoint: make sure `updateRegenerationStatistics` is called within anonymous function * Prepare for v1.5.3 * test: do not spawn goroutines to wait for canceled context in `RunCommandContext` * node/store: Do not delete node key in kvstore on node registration failure * kvstore/store: Do not remove local key on sync failure * node: Delay handling of node delete events received via kvstore * test/provision: bump k8s 1.12 to 1.12.9 * pkg/kvstore: do not always UpdateIfDifferent with and without lease * Don't overwrite minRequired in WaitforNPods * daemon: Don't log endpoint restore if IP alloc fails * daemon: Refactor individual endpoint restore * test: provide context which will be cancled to `CiliumExecContext` * Jenkinsfile: backport all Jenkinsfile from master * doc: Document regressions in 1.5.0 and 1.5.1 * Prepare for release v1.5.2 * test: Disable unstable K8sDatapathConfig Encapsulation Check connectivity with transparent encryption and VXLAN encapsulation * Add kvstore quorum check to Cilium precheck * pkg/kvstore: acquire a random initlock * kvstore: Wait for kvstore to reach quorum * ipcache: Fix automatic recovery of deleted ipcache entries * tests, k8s: add monitor dump helper for debugging * bugtool: add raw dumps of all lb and lb-related maps * pkg/labels: ignore all labels that match the regex "annotation.*" * docs: Add note about keeping enable-legacy-services * docs: Add note about running preflight-with-rm-svc-v2.yaml * examples: Add preflight DaemonSet for svc-v2 removal * operator: Fix health check API * doc: Add EKS node-init DaemonSet to mount BPF filesystem * pkg/kvstore: perform update if value or lease are different * kvstore/allocator: do not immediately delete master keys if unused * pkg/kvstore: store Modified Revision number KeyValuePairs map * kvstore/allocator: do not re-allocate localKeys * kvstore/allocator: move invalidKey to cache.go * kvstore/allocator: add lookupKey method * allocator: Provide additional info message on key allocation and deletion * allocator: Fix garbage collector to compare prefix * allocator: Make GetNoCache() deterministic * kvstore/allocator: protect concurrent access of slave keys * kvstore/allocator: release ID from idpool on error * kvstore/allocator: do not re-get slave key on allocation * pkg/kvstore: Run GetPrefix with limit of 1 * allocator: Verify locally allocated key * envoy: Prevent resending NACKed resources also when there are no ACK observers. * endpoint: Guard against deleted endpoints in regenerate * service: Reduce backend ID allocation space * cilium: fix up source address selection for cluster ip * CI: Log at INFO and above for all unit tests * bpf: Fix dump parsers of encrypt and sockmap maps * pkg/maps: use pointer in receivers for GetKeyPtr and GetValuePtr * test: fix incorrect deletion statement for policy * proxylib: Fix egress enforcement * Recover from ginkgo fail in WithTimeout helper * docs: move well known identities to the concepts section * docs: update well-known-identities documentation * add support for k8s 1.14.2 * test: add v1.15.0-beta.0 to the CI * cni: Fix incorrect logging in failure case * daemon: Make policymap size configurable * Add jenkins stage for loading vagrant boxes * bpf: Remove several debug messages * Revert "pkg/bpf: add DeepCopyMapKey and DeepCopyMapValue" * Revert "pkg/{bpf,datapath,maps}: use same MapKey and MapValue in map iterations" * Revert "pkg/bpf: add newer LookupElement, GetNextKey and UpdateElement functions" * Revert "pkg/bpf: use own binary which does not require to create buffers" * Revert "maps/ctmap: add ctmap benchmark" * bpf: force recreation of regular ct entry upon service collision * pkg/endpoint: fix assignment in nil map on restore * pkg/ipcache: initialize globalmap at import time * test/provision: bump k8s testing to v1.13.6 * bpf: do propagate backend, and rev nat to new entry * datapath: Redo backend selection if stale CT_SERVICE entry is found * daemon/Makefile: rm -f on make clean for links * CI: Consolidate Vagrant box information into 1 file * cilium: encode table attribute in Route delete * daemon: Remove stale maps only after restoring all endpoints * envoy: Do not use deprecated configuration options. * cilium: IsLocal() needs to compare both Name and Cluster * daemon: Do not restore service if adding to cache fails * daemon: Improve logging of service restoration * doc: Adjust documentation with new dynamic gc interval * ctmap: Introduce variable conntrack gc interval * pkg/envoy: use proto.Equal instead comparing strings * test: replace guestbook test docker image * docs: give better troubleshooting for conntrack-gc-interval * operator: fix concurrent access of variable in cnp garbage collection * Bump vagrant box version for tests to 151 * cni: Fix unexpected end of JSON input on errors * docs: add missing cilium-operator-sa.yaml for k8s 1.14 upgrade guide * maps: Remove disabled svc v2 maps * fqdn: DNSProxy does not fold similar DNS requests * docs: fix architecture images' URL * CI: Consolidate WaitforNPods and WaitForPodsRunning * CI: WaitForNPods uses count of pods * Dockerfile: update golang to 1.12.5 * metrics: add map_ops_total by default * Bump vagrant box versions for tests * Jenkins separate directories for parallel builds ==== helm ==== Version update (3.0.0alpha.1 -> 3.0.0alpha.2) - Update to version 3.0.0alpha.2: * Fix paths in the ingress template and values file written by helm create * docs(CONTRIBUTING): one LGTM for maintainers, remove "always 2 LGTMs" policy * chore(docs): move docs to helm-www * chore(deps): bump kubernetes to v1.15 * Added HorizontalPodAutoscaler to sort order. * feat(template): introduce --validate * fix(kube): remove namespace enforcement * ref(getter): change NewHTTPGetter and NewPluginGetter to return type Getter * ref(downloader): pass in options to ChartDownloader * support writing multiple resources to the same file * chartutil.ReadValues is forced to unmarshal numbers into json.Number refs #1707 [dev-v3] * fix(client): Fixes a timing issue with reading client flags * Add sub-command support to plugin downloader * Replaced ghodss/yaml with sigs.k8s.io/yaml * feat(action): Refactors unit tests with better fakes * feat(*): Adds back --atomic functionality to Helm 3 * chore: add ValueOptions constructor * ref(*): Refactors the history action to return releases instead of formatted output * feat(wait): Adds smarter waiting for DaemonSets and StatefulSets * Fix linter issuers * Helm 3: set custom manifest config media type on chart push (#5719) * fix(pkg/action): Adds back in missing wait functionality * fix(pkg/kube): Fixes wait functionality * ref(getter): introduce Options for passing in getter parameters * Expose the resource types in addition to the api group/version in templates * Redo the same fix with #3915 in dev-v3 branch * Fix linter issues * Updating to newer version of sprig * Restoring the Release.Namespace docs * Updating to the new Ingress group version * Stop Lint from breaking when using required * Remove mention of the execute flag * Fix the build section in the developer doc * fix(resolver): compare hash of lockfile against resolved dependencies * ref(version): catch some edge cases * Add documentation on registries (#5754) * add go version to version cmd output of helm * ref(urlutil): remove stripPort * ref(downloader): remove ResolveChartVersionAndGetRepo * chore(testdata): remove stale test output * fix(circle): only upload packages and checksums, not cross-builds * fix and add test cases * Revert "do not write empty templates to disk" * add test for output-dir * Add dynamic completion for release names * (helm): update Cobra to version 0.0.4 * fix issue 5792 * ref(*): expose klog flags * do not write empty templates to disk * use outputDir instead of hardcoded value * docs(faq): add namespace changes for non existing namespaces * ref(pkg/chartutil): break up chartutil into logical files * support --output-dir option for helm3 template * fix missing package name * ref(pkg/chart): remove unused chart.RawValues * docs(install): fix release links * fix(docs): fix `helm install` usage * fix ByDate sorter to use Time.Unix() * update list tests expected output files * fix test cases for list.AllNamespaces * remove unnecessary setting of list.All flag * add superseded to list filter mask * add more releases to list tests * fix docs for helm list * Remove redundant ByNameAsc enum value. Handled by default sorting * handle default list sort order through enum order * fix test cases for sort list with options * fix sort list with options bug ==== kernel-default-base ==== - Add all netfilter and xfrm modules (boo#1142841) ==== pkgconf ==== Subpackages: libpkgconf3 pkgconf-m4 pkgconf-pkg-config - Add missing -gnu ABI suffix to platform names in pkgconf-pkg-config (boo#1144318)