Merge branch 'master' into disable-cleanup

aws · Jun 4, 2024 · 368c1d3 · 368c1d3
2 parents e4a47dd + 8f9253e
commit 368c1d3
Show file tree

Hide file tree

Showing 17 changed files with 150 additions and 66 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,5 +1,45 @@
 # Changelog
 
+## v1.18.2
+
+* Enhancement - [Improve "cni-metrics-helper" setup experience](https://github.com/aws/amazon-vpc-cni-k8s/pull/2874) (@guessi)
+* Enhancement - [Filter Managed ENI.](https://github.com/aws/amazon-vpc-cni-k8s/pull/2895) (@orsenthil)
+* Enhancement - [Soak Test for CNI.](https://github.com/aws/amazon-vpc-cni-k8s/pull/2915) (@orsenthil)
+* Enhancement - [Switch to counter type metic for awscni_no_available_ip_addresses](https://github.com/aws/amazon-vpc-cni-k8s/pull/2919) (@liptanbiswas)
+* Enhancement - [Expose network policy log file location to be configured using helm](https://github.com/aws/amazon-vpc-cni-k8s/pull/2925) (@orsenthil)
+
+* Bugfix      - [Add correct labels to CNI metrics chart.](https://github.com/aws/amazon-vpc-cni-k8s/pull/2889) (@orsenthil)
+* Bugfix      - [Skip Soak Test while running other tests.](https://github.com/aws/amazon-vpc-cni-k8s/pull/2922) (@orsenthil)
+
+* Cleanup    - [remove unused Dockerfile](https://github.com/aws/amazon-vpc-cni-k8s/pull/2869) (@sushrk)
+* Cleanup    - [CHANGELOG, chart, and manifest changes following VPC CNI v1.18.0 release](https://github.com/aws/amazon-vpc-cni-k8s/pull/2876) (@jchen6585)
+* Cleanup    - [Fix merge conflicts from release-1.18 to master](https://github.com/aws/amazon-vpc-cni-k8s/pull/2881) (@jchen6585)
+* Cleanup     - [Added information on the build troubleshooting.](https://github.com/aws/amazon-vpc-cni-k8s/pull/2890) (@orsenthil)
+* Cleanup     - [Remove unused code in vpc cni init and vpc cni binary](https://github.com/aws/amazon-vpc-cni-k8s/pull/2891) (@orsenthil)
+* Cleanup     - [Merge release-1.18 to master after v1.18.1 release](https://github.com/aws/amazon-vpc-cni-k8s/pull/2914) (@jchen6585)
+
+* Dependency - [Bump github.com/onsi/ginkgo/v2 from 2.14.0 to 2.17.1](https://github.com/aws/amazon-vpc-cni-k8s/pull/2864) (@dependabot)
+* Dependency - [Bump github.com/stretchr/testify from 1.8.4 to 1.9.0](https://github.com/aws/amazon-vpc-cni-k8s/pull/2863) (@dependabot)
+* Dependency-  [Bump github.com/prometheus/common from 0.48.0 to 0.52.2](https://github.com/aws/amazon-vpc-cni-k8s/pull/2866) (@dependabot)i
+* Dependency - [Bump helm.sh/helm/v3 from 3.14.2 to 3.14.3](https://github.com/aws/amazon-vpc-cni-k8s/pull/2862) (@dependabot)
+* Dependency - [Bump golang.org/x/sys from 0.17.0 to 0.18.0 in /test/agent](https://github.com/aws/amazon-vpc-cni-k8s/pull/2859) (@dependabot)
+* Dependency - [Bump github.com/containernetworking/plugins from 1.4.0 to 1.4.1](https://github.com/aws/amazon-vpc-cni-k8s/pull/2860)  (@dependabot)
+* Dependency - [Update Kops test for 1.30](https://github.com/aws/amazon-vpc-cni-k8s/pull/2868) (@jchen6585)
+* Dependency - [Update .go-version to 1.22.2 to fix CVE reports](https://github.com/aws/amazon-vpc-cni-k8s/pull/2870) (@orsenthil)
+* Dependency  - [Bump golang.org/x/sys from 0.18.0 to 0.19.0 in /test/agent](https://github.com/aws/amazon-vpc-cni-k8s/pull/2898) (@dependabot)
+* Dependency  - [Update .go-version to fix GO-2024-2824](https://github.com/aws/amazon-vpc-cni-k8s/pull/2911) (@orsenthil)
+* Dependency  - [Bump github.com/aws/amazon-vpc-resource-controller-k8s from 1.4.1 to 1.5.0](https://github.com/aws/amazon-vpc-cni-k8s/pull/2910) (@dependabot)
+* Dependency  - [Update ENI Limits.](https://github.com/aws/amazon-vpc-cni-k8s/pull/2920) (@orsenthil)
+* Dependency  - [Update golang to go1.22.3](https://github.com/aws/amazon-vpc-cni-k8s/pull/2924) (@orsenthil)
+* Dependency  - [Bump k8s.io/api from 0.29.3 to 0.30.1](https://github.com/aws/amazon-vpc-cni-k8s/pull/2918) (@dependabot)
+
+
+**New Contributors**
+
+* @kwohlfahrt made their first contribution in https://github.com/aws/amazon-vpc-cni-k8s/pull/2841
+* @guessi made their first contribution in https://github.com/aws/amazon-vpc-cni-k8s/pull/2874
+* @liptanbiswas made their first contribution in https://github.com/aws/amazon-vpc-cni-k8s/pull/2919
+
 ## v1.18.1
 
 * Bug - [Mount /run/xtables.lock as FileOrCreate in Helm chart](https://github.com/aws/amazon-vpc-cni-k8s/pull/2841) (@kwohlfahrt)

diff --git a/charts/aws-vpc-cni/Chart.yaml b/charts/aws-vpc-cni/Chart.yaml
@@ -1,7 +1,7 @@
 apiVersion: v1
 name: aws-vpc-cni
-version: 1.18.1
-appVersion: "v1.18.1"
+version: 1.18.2
+appVersion: "v1.18.2"
 description: A Helm chart for the AWS VPC CNI
 icon: https://raw.githubusercontent.com/aws/eks-charts/master/docs/logo/aws.png
 home: https://github.com/aws/amazon-vpc-cni-k8s

diff --git a/charts/aws-vpc-cni/README.md b/charts/aws-vpc-cni/README.md
@@ -48,15 +48,15 @@ The following table lists the configurable parameters for this chart and their d
 | `minimumWindowsIPTarget`| Minimum IP target value for Windows prefix delegation   | `3`                                 |
 | `branchENICooldown`     | Number of seconds that branch ENIs remain in cooldown   | `60`                                |
 | `fullnameOverride`      | Override the fullname of the chart                      | `aws-node`                          |
-| `image.tag`             | Image tag                                               | `v1.18.1`                           |
+| `image.tag`             | Image tag                                               | `v1.18.2`                           |
 | `image.domain`          | ECR repository domain                                   | `amazonaws.com`                     |
 | `image.region`          | ECR repository region to use. Should match your cluster | `us-west-2`                         |
 | `image.endpoint`        | ECR repository endpoint to use.                         | `ecr`                               |
 | `image.account`         | ECR repository account number                           | `602401143452`                      |
 | `image.pullPolicy`      | Container pull policy                                   | `IfNotPresent`                      |
 | `image.override`        | A custom docker image to use                            | `nil`                               |
 | `imagePullSecrets`      | Docker registry pull secret                             | `[]`                                |
-| `init.image.tag`        | Image tag                                               | `v1.18.1`                           |
+| `init.image.tag`        | Image tag                                               | `v1.18.2`                           |
 | `init.image.domain`     | ECR repository domain                                   | `amazonaws.com`                     |
 | `init.image.region`     | ECR repository region to use. Should match your cluster | `us-west-2`                         |
 | `init.image.endpoint`   | ECR repository endpoint to use.                         | `ecr`                               |
@@ -69,7 +69,7 @@ The following table lists the configurable parameters for this chart and their d
 | `originalMatchLabels`   | Use the original daemonset matchLabels                  | `false`                             |
 | `nameOverride`          | Override the name of the chart                          | `aws-node`                          |
 | `nodeAgent.enabled`     | If the Node Agent container should be created           | `true`                              |
-| `nodeAgent.image.tag`   | Image tag for Node Agent                                | `v1.1.1`                            |
+| `nodeAgent.image.tag`   | Image tag for Node Agent                                | `v1.1.2`                            |
 | `nodeAgent.image.domain`| ECR repository domain                                   | `amazonaws.com`                     |
 | `nodeAgent.image.region`| ECR repository region to use. Should match your cluster | `us-west-2`                         |
 | `nodeAgent.image.endpoint`   | ECR repository endpoint to use.                    | `ecr`                               |

diff --git a/charts/aws-vpc-cni/values.yaml b/charts/aws-vpc-cni/values.yaml
@@ -8,7 +8,7 @@ nameOverride: aws-node
 
 init:
   image:
-    tag: v1.18.1
+    tag: v1.18.2
     domain: amazonaws.com
     region: us-west-2
     endpoint: ecr
@@ -27,7 +27,7 @@ init:
 nodeAgent:
   enabled: true
   image:
-    tag: v1.1.1
+    tag: v1.1.2
     domain: amazonaws.com
     region: us-west-2
     endpoint: ecr
@@ -51,7 +51,7 @@ nodeAgent:
   resources: {}
 
 image:
-  tag: v1.18.1
+  tag: v1.18.2
   domain: amazonaws.com
   region: us-west-2
   endpoint: ecr
@@ -85,7 +85,7 @@ env:
   ENABLE_IPv4: "true"
   ENABLE_IPv6: "false"
   ENABLE_SUBNET_DISCOVERY: "true"
-  VPC_CNI_VERSION: "v1.18.1"
+  VPC_CNI_VERSION: "v1.18.2"
   NETWORK_POLICY_ENFORCING_MODE: "standard"
 
 # this flag enables you to use the match label that was present in the original daemonset deployed by EKS

diff --git a/charts/cni-metrics-helper/Chart.yaml b/charts/cni-metrics-helper/Chart.yaml
@@ -1,7 +1,7 @@
 apiVersion: v2
 name: cni-metrics-helper
-version: 1.18.1
-appVersion: v1.18.1
+version: 1.18.2
+appVersion: v1.18.2
 description: A Helm chart for the AWS VPC CNI Metrics Helper
 icon: https://raw.githubusercontent.com/aws/eks-charts/master/docs/logo/aws.png
 home: https://github.com/aws/amazon-vpc-cni-k8s

diff --git a/charts/cni-metrics-helper/README.md b/charts/cni-metrics-helper/README.md
@@ -60,7 +60,7 @@ The following table lists the configurable parameters for this chart and their d
 | -------------------------------|---------------------------------------------------------------|-------------------------------------|
 | `affinity`                     | Map of node/pod affinities                                    | `{}`                                |
 | `fullnameOverride`             | Override the fullname of the chart                            | `cni-metrics-helper`                |
-| `image.tag`                    | Image tag                                                     | `v1.18.1`                           |
+| `image.tag`                    | Image tag                                                     | `v1.18.2`                           |
 | `image.domain`                 | ECR repository domain                                         | `amazonaws.com`                     |
 | `image.region`                 | ECR repository region to use. Should match your cluster       | `us-west-2`                         |
 | `image.account`                | ECR repository account number                                 | `602401143452`                      |

diff --git a/charts/cni-metrics-helper/values.yaml b/charts/cni-metrics-helper/values.yaml
@@ -4,7 +4,7 @@ nameOverride: cni-metrics-helper
 
 image:
   region: us-west-2
-  tag: v1.18.1
+  tag: v1.18.2
   account: "602401143452"
   domain: "amazonaws.com"
   # Set to use custom image

diff --git a/config/master/aws-k8s-cni-cn.yaml b/config/master/aws-k8s-cni-cn.yaml
@@ -266,7 +266,7 @@ metadata:
     app.kubernetes.io/name: aws-node
     app.kubernetes.io/instance: aws-vpc-cni
     k8s-app: aws-node
-    app.kubernetes.io/version: "v1.18.1"
+    app.kubernetes.io/version: "v1.18.2"
 ---
 # Source: aws-vpc-cni/templates/configmap.yaml
 apiVersion: v1
@@ -278,7 +278,7 @@ metadata:
     app.kubernetes.io/name: aws-node
     app.kubernetes.io/instance: aws-vpc-cni
     k8s-app: aws-node
-    app.kubernetes.io/version: "v1.18.1"
+    app.kubernetes.io/version: "v1.18.2"
 data:
   enable-windows-ipam: "false"
   enable-network-policy-controller: "false"
@@ -297,7 +297,7 @@ metadata:
     app.kubernetes.io/name: aws-node
     app.kubernetes.io/instance: aws-vpc-cni
     k8s-app: aws-node
-    app.kubernetes.io/version: "v1.18.1"
+    app.kubernetes.io/version: "v1.18.2"
 rules:
   - apiGroups:
       - crd.k8s.amazonaws.com
@@ -343,7 +343,7 @@ metadata:
     app.kubernetes.io/name: aws-node
     app.kubernetes.io/instance: aws-vpc-cni
     k8s-app: aws-node
-    app.kubernetes.io/version: "v1.18.1"
+    app.kubernetes.io/version: "v1.18.2"
 roleRef:
   apiGroup: rbac.authorization.k8s.io
   kind: ClusterRole
@@ -363,7 +363,7 @@ metadata:
     app.kubernetes.io/name: aws-node
     app.kubernetes.io/instance: aws-vpc-cni
     k8s-app: aws-node
-    app.kubernetes.io/version: "v1.18.1"
+    app.kubernetes.io/version: "v1.18.2"
 spec:
   updateStrategy:
     rollingUpdate:
@@ -384,7 +384,7 @@ spec:
       hostNetwork: true
       initContainers:
       - name: aws-vpc-cni-init
-        image: 961992271922.dkr.ecr.cn-northwest-1.amazonaws.com.cn/amazon-k8s-cni-init:v1.18.1
+        image: 961992271922.dkr.ecr.cn-northwest-1.amazonaws.com.cn/amazon-k8s-cni-init:v1.18.2
         env:
           - name: DISABLE_TCP_EARLY_DEMUX
             value: "false"
@@ -405,7 +405,7 @@ spec:
         {}
       containers:
         - name: aws-node
-          image: 961992271922.dkr.ecr.cn-northwest-1.amazonaws.com.cn/amazon-k8s-cni:v1.18.1
+          image: 961992271922.dkr.ecr.cn-northwest-1.amazonaws.com.cn/amazon-k8s-cni:v1.18.2
           ports:
             - containerPort: 61678
               name: metrics
@@ -469,7 +469,7 @@ spec:
             - name: NETWORK_POLICY_ENFORCING_MODE
               value: "standard"
             - name: VPC_CNI_VERSION
-              value: "v1.18.1"
+              value: "v1.18.2"
             - name: WARM_ENI_TARGET
               value: "1"
             - name: WARM_PREFIX_TARGET
@@ -504,7 +504,7 @@ spec:
           - mountPath: /run/xtables.lock
             name: xtables-lock
         - name: aws-eks-nodeagent
-          image: 961992271922.dkr.ecr.cn-northwest-1.amazonaws.com.cn/amazon/aws-network-policy-agent:v1.1.1
+          image: 961992271922.dkr.ecr.cn-northwest-1.amazonaws.com.cn/amazon/aws-network-policy-agent:v1.1.2
           env:
             - name: MY_NODE_NAME
               valueFrom:
@@ -516,6 +516,7 @@ spec:
             - --enable-network-policy=false
             - --enable-cloudwatch-logs=false
             - --enable-policy-event-logs=false
+            - --log-file=/var/log/aws-routed-eni/network-policy-agent.log
             - --metrics-bind-addr=:8162
             - --health-probe-bind-addr=:8163
             - --conntrack-cache-cleanup-period=300
@@ -557,6 +558,7 @@ spec:
       - name: xtables-lock
         hostPath:
           path: /run/xtables.lock
+          type: FileOrCreate
       affinity:
         nodeAffinity:
           requiredDuringSchedulingIgnoredDuringExecution:

diff --git a/config/master/aws-k8s-cni-us-gov-east-1.yaml b/config/master/aws-k8s-cni-us-gov-east-1.yaml
@@ -266,7 +266,7 @@ metadata:
     app.kubernetes.io/name: aws-node
     app.kubernetes.io/instance: aws-vpc-cni
     k8s-app: aws-node
-    app.kubernetes.io/version: "v1.18.1"
+    app.kubernetes.io/version: "v1.18.2"
 ---
 # Source: aws-vpc-cni/templates/configmap.yaml
 apiVersion: v1
@@ -278,7 +278,7 @@ metadata:
     app.kubernetes.io/name: aws-node
     app.kubernetes.io/instance: aws-vpc-cni
     k8s-app: aws-node
-    app.kubernetes.io/version: "v1.18.1"
+    app.kubernetes.io/version: "v1.18.2"
 data:
   enable-windows-ipam: "false"
   enable-network-policy-controller: "false"
@@ -297,7 +297,7 @@ metadata:
     app.kubernetes.io/name: aws-node
     app.kubernetes.io/instance: aws-vpc-cni
     k8s-app: aws-node
-    app.kubernetes.io/version: "v1.18.1"
+    app.kubernetes.io/version: "v1.18.2"
 rules:
   - apiGroups:
       - crd.k8s.amazonaws.com
@@ -343,7 +343,7 @@ metadata:
     app.kubernetes.io/name: aws-node
     app.kubernetes.io/instance: aws-vpc-cni
     k8s-app: aws-node
-    app.kubernetes.io/version: "v1.18.1"
+    app.kubernetes.io/version: "v1.18.2"
 roleRef:
   apiGroup: rbac.authorization.k8s.io
   kind: ClusterRole
@@ -363,7 +363,7 @@ metadata:
     app.kubernetes.io/name: aws-node
     app.kubernetes.io/instance: aws-vpc-cni
     k8s-app: aws-node
-    app.kubernetes.io/version: "v1.18.1"
+    app.kubernetes.io/version: "v1.18.2"
 spec:
   updateStrategy:
     rollingUpdate:
@@ -384,7 +384,7 @@ spec:
       hostNetwork: true
       initContainers:
       - name: aws-vpc-cni-init
-        image: 151742754352.dkr.ecr.us-gov-east-1.amazonaws.com/amazon-k8s-cni-init:v1.18.1
+        image: 151742754352.dkr.ecr.us-gov-east-1.amazonaws.com/amazon-k8s-cni-init:v1.18.2
         env:
           - name: DISABLE_TCP_EARLY_DEMUX
             value: "false"
@@ -405,7 +405,7 @@ spec:
         {}
       containers:
         - name: aws-node
-          image: 151742754352.dkr.ecr.us-gov-east-1.amazonaws.com/amazon-k8s-cni:v1.18.1
+          image: 151742754352.dkr.ecr.us-gov-east-1.amazonaws.com/amazon-k8s-cni:v1.18.2
           ports:
             - containerPort: 61678
               name: metrics
@@ -469,7 +469,7 @@ spec:
             - name: NETWORK_POLICY_ENFORCING_MODE
               value: "standard"
             - name: VPC_CNI_VERSION
-              value: "v1.18.1"
+              value: "v1.18.2"
             - name: WARM_ENI_TARGET
               value: "1"
             - name: WARM_PREFIX_TARGET
@@ -504,7 +504,7 @@ spec:
           - mountPath: /run/xtables.lock
             name: xtables-lock
         - name: aws-eks-nodeagent
-          image: 151742754352.dkr.ecr.us-gov-east-1.amazonaws.com/amazon/aws-network-policy-agent:v1.1.1
+          image: 151742754352.dkr.ecr.us-gov-east-1.amazonaws.com/amazon/aws-network-policy-agent:v1.1.2
           env:
             - name: MY_NODE_NAME
               valueFrom:
@@ -516,6 +516,7 @@ spec:
             - --enable-network-policy=false
             - --enable-cloudwatch-logs=false
             - --enable-policy-event-logs=false
+            - --log-file=/var/log/aws-routed-eni/network-policy-agent.log
             - --metrics-bind-addr=:8162
             - --health-probe-bind-addr=:8163
             - --conntrack-cache-cleanup-period=300
@@ -557,6 +558,7 @@ spec:
       - name: xtables-lock
         hostPath:
           path: /run/xtables.lock
+          type: FileOrCreate
       affinity:
         nodeAffinity:
           requiredDuringSchedulingIgnoredDuringExecution: