ยซ Changelog History


conduit v22.7.3 Release Notes

  • ๐Ÿš€ This release adds a new nft iptables mode, used by default in proxy-init. ๐Ÿ”ง When used, firewall configuration will be set-up through the iptables-nft ๐Ÿ‘ binary; this should allow hosts that do not support iptables-legacy (such as RHEL based environments) to make use of the init container. The older ๐Ÿ‘ iptables-legacy mode is still supported, but it must be explictly turned on. ๐Ÿš€ Moreover, this release also replaces the HTTPRoute CRD with Linkerd's own ๐Ÿ”– version, and includes a number of fixes and improvements.

    • โž• Added a new iptables-nft mode for proxy-init. When running in this mode, the firewall will be configured with nft kernel API; this should allow users to run the init container on RHEL-family hosts
    • ๐Ÿ›  Fixed an issue where the proxy-injector would break when using nodeAffinity values for the control plane
    • โšก๏ธ Updated healthcheck to ignore Terminated state for pods (thanks @AgrimPrasad!)
    • Replaced HTTRoute CRD version from gateway.networking.k8s.io with a similar version from the policy.linkerd.io API group. While the CRD is similar, it does not support the Gateway type, does not contain the backendRefs fields, and does not support RequestMirror and ExtensionRef filter types.
    • โšก๏ธ Updated the default policy controller log level to info; the controller will now emit INFO level logs for some of its dependencies
    • โž• Added validation to ensure HTTPRoute paths are absolute; relative paths are not supported by the proxy and the policy controller admission server will reject any routes that use paths which do not start with /