C-VEN
Resolved Issue
Permanently delete Kubernetes Workloads after certain period when they are unpaired (E-112362)
Kubernetes Workloads (from a CLAS environment) are pruned from the PCE one day (by default) after they are unpaired. The length of time that elapses (in seconds) before this pruning occurs is configurable with the
vacuum_entities_wait_before_vacuum_secondsparameter, which is set in the PCEagent.ymlfile. The default value for this parameter is 86400 (24 hours).
Known Issues
When C-VEN starts first, a 404 from PCE when getting CLAS token ( E-109259)
When C-VEN is started first, it tries to contact the PCE in order to obtain CLAS token, but receives a 404 error. This is expected behavior for this scenario, which is only momentary. Kubelink eventually starts normally, and C-VEN obtains the CLAS tokens as expected.
Helm install fails with Helm version 3.12.2 but works with 3.10 (E-108128)
When installing with Helm version 3.12.2, the installation fails with a YAML parse error.
Workaround: Use Helm version 3.10, or version 3.12.3 or later.
Re-adding node does not re-pair it (E-98120)
After deleting a node and re-adding the same node, the node does not reappear, and previously established policy disappears from the node.
Workaround: Uninstall and re-install Illumio Core for Kubernetes from scratch with the node present.