Kubelink
Resolved Issues
Helm Chart: etcd storage size limit (E-115417)
Kubelink in CLAS mode uses etcd as a local cache for policy and runtime data. The Helm Chart now accepts a new variable called `storage.sizeGi` to set the size (in GiB not GB) of ephemeral storage. The default value is 1.
Kubelink - Unable to process policy with custom iptables rules (E-115250)
Kubelink in CLAS mode failed to process policy received from the PCE when custom iptables rules were present, producing the error message "json: cannot unmarshal object into Go struct field."
Kubelink to PCE connectivity issues - connection reset by peer (E-115049)
CLAS-enabled Kubelink was entering degraded mode too soon because of PCE connectivity problems. Now Kubelink also retries requests after network and OS errors, which avoids premature degraded mode entry.
C-VEN reporting potentially blocked traffic between worker nodes (E-114691)
CLAS processing of outbound rules to a ClusterIP Service replaced the "All Services" destination in the rule with actual ports from the Kubernetes Service. If a destination label included a Kubernetes Service, this caused a missing iptables rule between nodes.
Max policy message size between Kubelink and C-VEN is too small (E-113714)
The default gRPC message size was set to too small of a value, which caused C-VENs to reject policy messages that were larger than this value. The default gRPC message size is now larger, to avoid this problem.