cf-networking/1.4.0
You can find the source of this version on GitHub at cloudfoundry-incubator/cf-networking-release. It was created based on the commit cf4d5a7
.
Release Notes¶
CF networking policies now support port ranges in addition to a single port in policy configuration. In addition, the silk controller provides a link for the silk daemon to configure the overlay network for cf-networking.
Try it out and give us your feedback in the #container-networking channel on cloudfoundry.slack.com.
Take a look at known issues for current limitations and known issues. Verified with the following: - CF deployment
Manifest Changes
Links Enabled
The silk-controller
job now provides two properties via links which the silk-daemon
job consumes:
cf_networking.network
cf_networking.subnet_prefix_length
** This means you are able to remove the properties (listed above) from thesilk-daemon
job. **
If your deployment contains more than a single instance group that has the silk-controller
job,
then you will need to explicitly name the cf_network
link. For more information,
see the documentation.
New Properties
- An optional parameter has been added to configure the port of the metron agent for
the iptables_logger. This port will be used to forward metrics. Previously, no such
port existed.
- cf_networking.iptables_logger.metron_port
Significant Changes
Port Ranges
- As an operator I would like to specify a range of ports in policy configuration APIs
- As an operator I would like to specify a range of ports in policy configuration CLI
- As an operator I would like to see a range of ports in policy configuration CLI
- As an operator I would like to remove access for a range of ports in policy configuration CLI
Optimizations
- Operators can configure a single property to change the overlay network
- policy-server and silk-controller work with MySQL 5.6
- Operators should see info on resource consumption of log forwarder in github
Logging Enhancemetns
- Iptables-logger logs a metric for uptime
- fix flaky iptables logger tests
- iptables logger is running in a cf-release deployment
Chores
Usage¶
You can reference this release in your deployment manifest from the releases
section:
- name: "cf-networking" version: "1.4.0" url: "https://bosh.io/d/github.com/cloudfoundry-incubator/cf-networking-release?v=1.4.0" sha1: "3df279a62fe0216284c9e1b47df4bf98b924f0be"
Or upload it to your director with the upload-release
command:
bosh upload-release --sha1 3df279a62fe0216284c9e1b47df4bf98b924f0be \ "https://bosh.io/d/github.com/cloudfoundry-incubator/cf-networking-release?v=1.4.0"
Jobs¶
- cf-networking-acceptance
- garden-cni
- iptables-logger
- netmon
- policy-server
- silk-cni
- silk-controller
- silk-daemon
- vxlan-policy-agent