API Version: v1alpha1
This is a patch release of the network-policy-api. It includes two
main resources geared towards cluster admins:
- AdminNetworkPolicy
- BaselineAdminNetworkPolicy
The new aspects of the API being released here that are worth highlighting include:
- A new type of egress peer
networksis supported to be able to express CIDR ranges as peers - An experimental egress peer
nodesis supported to be able to express Kubernetes nodes as peers - An experimental egress peer
domainNamesis supported to be able to express FQDNs as peers - Docs text change around calling out that host-networked pods are not selected as part of subject or peers
- More conformance tests specially for the new fields
Another noteworthy change is the removal of sameLabels and notSameLabels fields from the API.
Originally these fields were added to be able to express a form of tenancy that was relative to
the selected subject of the policy. Given the selection based on sameness and not-sameness of labels
could compound to many possible ways of expressing relations that would exceed cardinality, the
community is working on a better API proposal for tenancy. See NPEP-122 for more details.
Please check out the network-policy-api website for more information.
Many thanks to all of the community members who made contributions that helped make this release 😄
Changes of importance for released code
- NPEP: Add support for egress traffic control by @tssurya in #117
- add release channels and support levels by @astoycos in #131
- Fix BANP's max peer length by @tssurya in #149
- Add conformance profiles NPEP by @tssurya in #138
- Add Conformance Profiles Test Reporting System by @tssurya in #142
- Callout namespaces/pods peers do not include host-net pods by @tssurya in #156
- Create NPEP-122 for Tenancy API update. by @npinaeva in #123
- feat(Policy Assistant): data structures simulating connectivity for (B)ANP by @huntergregory in #159
- Implement Cluster Egress Traffic semantics (ANP&BANP NorthBound Support) - PART1 - Nodes by @tssurya in #143
- Add conformance testcases for AdminNetworkPolicy named port feature by @Dyanngg in #132
- NPEP: FQDN Selector for Egress, User stories by @rahulkjoshi in #134
- NPEP: Iron out Cluster Egress Support API Design by @tssurya in #144
- Add blog post for getting started with ANP by @Dyanngg in #146
- Implement inline CIDR block egress peer by @tssurya in #185
- Add conformance tests for node and cidr selector peers by @tssurya in #193
- Add kubebuilder syntax for status.conditions by @tssurya in #209
- Remove same-not-same-labels by @tssurya in #196
- Add validation for ANP/BANP Enum actions by @tssurya in #213
- Add Missing API Validations by @tssurya in #215
- Ensure we clarify subjects don't include host-net pods by @tssurya in #219
- add ci for conformance tests by @aojea in #224
- Add API spec for FQDN selector by @rahulkjoshi in #200
- Update the text about duplicate priority values by @danwinship in #229
- Update domain selector to domainNames by @rahulkjoshi in #232
- [Policy Assistant] Add support for k8s native workload traffic by @gabrielggg in #227
- Add DomainName field to AdminNetworkPolicyEgressPeer by @rahulkjoshi in #233
- analyze: start parsing anps and banp from kube server or path by @Peac36 in #239
- Disallow empty port list for ANP peers. by @npinaeva in #250
- docs: changelog for v0.0.1-policy-assistant by @huntergregory in #271
- Explicitly explain "fail closed". by @fasaxc in #252
- Clarify API docs about priority conflicts by @danwinship in #293
- Remove extended fields support by @tssurya in #284
- Graduate
networksto standard by @tssurya in #296
New Contributors
- @huntergregory made their first contribution in #157
- @jongwooo made their first contribution in #184
- @gabrielggg made their first contribution in #181
- @Peac36 made their first contribution in #188
- @aojea made their first contribution in #224
- @danwinship made their first contribution in #229
- @frozenprocess made their first contribution in #265
- @fasaxc made their first contribution in #252
Full Changelog: v0.1.1...v0.1.7
