Skip to content

1.17.6
Compare
Choose a tag to compare
@cilium-release-bot cilium-release-bot released this 16 Jul 11:55
· 4047 commits to main since this release
v1.17.6
This tag was signed with the committer’s verified signature.
asauber Andrew Sauber
GPG key ID: 11905A2BE3D1D0CA
Verified
Learn about vigilant mode.
ee3ca4a

Summary of Changes

Minor Changes:

Bugfixes:

  • Deny policies are now synced to Envoy so that they can be enforced for Ingress policies. (Backport PR #40187, Upstream PR #39736, @jrajahalme)
  • Do not fail the agent startup in case IPv6 support is enabled and the node does not have an IPv6 address assigned yet (Backport PR #40205, Upstream PR #40143, @pippolo84)
  • Fix bug preventing a global service from including remote backends, if the local service has no selector, and the remote one gets removed and then added again. (#40361, @giorio94)
  • Fix data race involving DumpReliablyWithCallback map operation. (Backport PR #40094, Upstream PR #38590, @aditighag)
  • Fix IPAM IP release racing condition when IP reassigned back to ENI (Backport PR #40289, Upstream PR #40019, @victorcq)
  • hubble automatically pick the hubble-prefer-ipv6 to true if ipv4 not enabled (Backport PR #40289, Upstream PR #40210, @chengjoey)
  • LBIPAM: Fix deletion of CiliumLoadBalancerIPPool with multiple IP blocks that led to an operator crash (Backport PR #40094, Upstream PR #40013, @pippolo84)
  • pkg/egressgateway: ensure gateway IP is IPv4 (Backport PR #40332, Upstream PR #40209, @rgo3)
  • policy: fix error handling for selector policy resolution (#40404, @fristonio)

CI Changes:

Misc Changes:

  • .github/workflows: remove reviewers if ciliumbot approved PR (Backport PR #40094, Upstream PR #39989, @aanm)
  • auto-approve: add repository as part command (Backport PR #40094, Upstream PR #40050, @aanm)
  • auto-approve: add repository as part command (Backport PR #40332, Upstream PR #40089, @aanm)
  • chore(deps): update all github action dependencies (v1.17) (#40158, @cilium-renovate[bot])
  • chore(deps): update all-dependencies (v1.17) (#40044, @cilium-renovate[bot])
  • chore(deps): update all-dependencies (v1.17) (#40458, @cilium-renovate[bot])
  • chore(deps): update dependency cilium/cilium-cli to v0.18.5 (v1.17) (#39948, @cilium-renovate[bot])
  • chore(deps): update go to v1.24.5 (v1.17) (#40424, @cilium-renovate[bot])
  • chore(deps): update quay.io/cilium/cilium-envoy docker tag to v1.33.4-1752151664-7c2edb0b44cf95f326d628b837fcdd845102ba68 (v1.17) (#40466, @cilium-renovate[bot])
  • chore(deps): update stable lvh-images (v1.17) (patch) (#40157, @cilium-renovate[bot])
  • cilium: fix socket termination for v4-in-v6 clients (Backport PR #40295, Upstream PR #39994, @borkmann)
  • contrib/git: add merge drivers to automate post-merge commands (Backport PR #40289, Upstream PR #40189, @aanm)
  • disk-cleanup: parallelize cleanup process to speed up step (Backport PR #40094, Upstream PR #40054, @aanm)
  • doc:ipsec:kvstore: explicit limitations that could lead to staling XFRM states and no connectivity (Backport PR #40176, Upstream PR #39719, @smagnani96)
  • docs/ipsec: Fix incorrect statement on hostns encryption (Backport PR #40176, Upstream PR #40133, @pchaigno)
  • Makefile: Require API generation commands to succeed (Backport PR #40205, Upstream PR #40199, @joestringer)
  • operator/secretsync: silence reconciliation logs (Backport PR #40289, Upstream PR #40217, @tklauser)
  • proxy: Use upstream envoy control plane API (Backport PR #40216, Upstream PR #39672, @sayboras)
  • v1.17: helm: Restore hostPort.enabled flag (#40480, @brb)

Other Changes:

  • [v1.17] deps: Update cilium-envoy image to 1.33.x (#40088, @sayboras)
  • Backport: kube-proxy-healthz to return 503 if node terminating (#40317, @tamilmani1989)
  • Bpf datapath TCP conntrack entries are (re)created only in the forward direction, solving an issue with freezing proxy connections when backend connection is re-opened. (#40448, @jrajahalme)
  • envoy: Bump cilium-envoy to the latest v1.33.x (#40368, @sayboras)
  • install: Update image digests for v1.17.5 (#40117, @cilium-release-bot[bot])
  • proxy: Bump envoy version to the latest v1.33.x (#40181, @sayboras)
  • v1.17: docs: Document encapsulation options (#40471, @pchaigno)

Docker Manifests

cilium

quay.io/cilium/cilium:v1.17.6@sha256:544de3d4fed7acba72758413812780a4972d47c39035f2a06d6145d8644a3353
quay.io/cilium/cilium:stable@sha256:544de3d4fed7acba72758413812780a4972d47c39035f2a06d6145d8644a3353

clustermesh-apiserver

quay.io/cilium/clustermesh-apiserver:v1.17.6@sha256:f619e97432db427e1511bf91af3be8ded418c53a353a09629e04c5880659d1df
quay.io/cilium/clustermesh-apiserver:stable@sha256:f619e97432db427e1511bf91af3be8ded418c53a353a09629e04c5880659d1df

docker-plugin

quay.io/cilium/docker-plugin:v1.17.6@sha256:2d6175582c036dde241448b2b937353ce304d7a30eec9b66e96279b4b39c4f36
quay.io/cilium/docker-plugin:stable@sha256:2d6175582c036dde241448b2b937353ce304d7a30eec9b66e96279b4b39c4f36

hubble-relay

quay.io/cilium/hubble-relay:v1.17.6@sha256:7d17ec10b3d37341c18ca56165b2f29a715cb8ee81311fd07088d8bf68c01e60
quay.io/cilium/hubble-relay:stable@sha256:7d17ec10b3d37341c18ca56165b2f29a715cb8ee81311fd07088d8bf68c01e60

operator-alibabacloud

quay.io/cilium/operator-alibabacloud:v1.17.6@sha256:5352e670719dc61f059c1e1a04bc0563c2144738386fa7236dc167ff3fef4c64
quay.io/cilium/operator-alibabacloud:stable@sha256:5352e670719dc61f059c1e1a04bc0563c2144738386fa7236dc167ff3fef4c64

operator-aws

quay.io/cilium/operator-aws:v1.17.6@sha256:24db5c811e24e51e7ce166e8e056967875bf3544cc2ead6984f34f705fe71847
quay.io/cilium/operator-aws:stable@sha256:24db5c811e24e51e7ce166e8e056967875bf3544cc2ead6984f34f705fe71847

operator-azure

quay.io/cilium/operator-azure:v1.17.6@sha256:1b7e193ccbc718f723993a0f11eb8fbf16376e822fe8c4dc792d7696701d57c8
quay.io/cilium/operator-azure:stable@sha256:1b7e193ccbc718f723993a0f11eb8fbf16376e822fe8c4dc792d7696701d57c8

operator-generic

quay.io/cilium/operator-generic:v1.17.6@sha256:91ac3bf7be7bed30e90218f219d4f3062a63377689ee7246062fa0cc3839d096
quay.io/cilium/operator-generic:stable@sha256:91ac3bf7be7bed30e90218f219d4f3062a63377689ee7246062fa0cc3839d096

operator

quay.io/cilium/operator:v1.17.6@sha256:e7b41cdba20875f8a6595eca1baf1cff1b8367417cffa99be7b1b9b0a11ab677
quay.io/cilium/operator:stable@sha256:e7b41cdba20875f8a6595eca1baf1cff1b8367417cffa99be7b1b9b0a11ab677

Contributors

brb, tklauser, and 16 other contributors
Assets 2
Loading