Felix version 2.1.0
- Port dataplane driver to Golang and move in-process (#1202).
This has a number of benefits and allowed for a number of
bugfixes and enhancements to be worked in:
- Improve dataplane programming performance and decrease
occupancy by having only one process instead of two.
It also simplifies the codebase substantially.
- Simplify deployment (now only one binary needed).
- Use netlink directly for critical-path route programming
operations.
- Move to a synchronization model for route programming.
Allows for monitoring and restoring routes if they are
removed. Allows for clean up of routes that relate to
orphaned endpoints.
- Ensure IPIP tunnel device configuration is maintained;
replace it if it is accidentally removed.
- Retry iptables/ipset updates in more failure cases to work
around transient failures of those commands.
- Switch to a synchronisation model for iptables. Avoid
reprogramming rules that haven't changed. This improves
performance.
- Label our iptables rules with a hash to allow rules to be
identified. Allows for simpler sync and cleanup.
- Limit OpenStack special-case rules to deployments with "tap"
devices (#1020).
- Add support for host endpoint policies that bypass the conntrack
table. Useful for high connection throughput workloads such as
memcacheDB. (#1284)
- Fix that setting LogFilePath doesn't prevent early logging (#803)
- Fix log spam when adding tunl0 device (#1008)
- Retry ipset commands to deal with transient failures (#1181)
- Document deb/RPM release process (#1237)
- Rev libcalico-go to v1.1.3, includes a number of fixes (#1364).