This is a feature release of Felix, Calico's per-host agent. This Felix release is part of the broader Calico 3.0.0 release, which includes releases of all the other Calico components. Those releases will follow shortly. - Enable Calico-Felix for Windows - https://github.com/projectcalico/felix/pull/1638 - Always return a slice from GetPIDs - https://github.com/projectcalico/felix/pull/1664 - Avoid reconnecting just to check the ready flag - https://github.com/projectcalico/felix/pull/1661 - Report health before datastore is ready - https://github.com/projectcalico/felix/pull/1652 - Fix that felix didn't restart when config was deleted - https://github.com/projectcalico/felix/pull/1645 - Fix config batcher - unset dirty flag after flush: https://github.com/projectcalico/felix/pull/1634 - Explicitly allow IPIP packets from/to Calico hosts - https://github.com/projectcalico/felix/pull/1558 - Make it optional to auto-remove containers and add support for restarting stopped ones - https://github.com/projectcalico/felix/pull/1571 - Fix that the allow action override options didn't apply in all cases - https://github.com/projectcalico/felix/pull/1628 To get this release: - For Kubernetes/Docker/etc, the updated calico/node image will be released shortly. - For Host Protection AKA "bare-metal support" - the calico-felix static binary described in the installation instructions is attached. - the stand-alone calico/felix:2.6.0 container image is available on DockerHub and Quay.io. - For OpenStack (or Host Protection/bare-metal), .debs for Ubuntu Trusty and Xenial are available in our calico-2.6 PPA; there is more information in the installation instructions. - For OpenStack (or Host Protection/bare-metal), .rpms targeting RHEL7 are available in our calico-2.6 repo as described in the installation instructions.

Felix version 3.0.1 - Report ready while waiting for the ready flag. #1677

Felix version 3.0.0-alpha1

This is a feature release of Calico's per-host agent, Felix. By upgrading libcalico-go to v1.7.0, we add support for Kubernetes' v1.8.0 NetworkPolicy with Egress rule and IPBlock functionality. In addition, libcalico-go now supports a new `Types` field which specifies whether a rule should apply to `ingress`, `egress` or both types of traffic. - Allow Policy to explicitly govern ingress and/or egress [#1557](https://github.com/projectcalico/felix/pull/1557) - Add read/write timeout options for Typha connection. [#1538](https://github.com/projectcalico/felix/pull/1538) - Fix OpenStack detection heuristic to ignore 'none'. [#1556](https://github.com/projectcalico/felix/pull/1556) - Adding support for ppc64le. [#1516](https://github.com/projectcalico/felix/pull/1516)

Felix version 2.6.0-rc1 This is a feature release of Calico's per-host agent, Felix. By upgrading libcalico-go to v1.7.0, we add support for Kubernetes' v1.8.0 NetworkPolicy with Egress rule and IPBlock functionality. In addition, libcalico-go now supports a new `Types` field which specifies whether a rule should apply to `ingress`, `egress` or both types of traffic. - Allow Policy to explicitly govern ingress and/or egress [#1557](https://github.com/projectcalico/felix/pull/1557) - Add read/write timeout options for Typha connection. [#1538](https://github.com/projectcalico/felix/pull/1538) - Fix OpenStack detection heuristic to ignore 'none'. [#1556](https://github.com/projectcalico/felix/pull/1556) - Adding support for ppc64le. [#1516](https://github.com/projectcalico/felix/pull/1516)

Felix version 2.6.0-rc2 This is a pre-release of Calico's per-host agent, Felix. By upgrading libcalico-go to v1.7.0, we add support for Kubernetes' v1.8.0 NetworkPolicy with Egress rule and IPBlock functionality. In addition, libcalico-go now supports a new `Types` field which specifies whether a rule should apply to `ingress`, `egress` or both types of traffic. - Allow Policy to explicitly govern ingress and/or egress [#1557](https://github.com/projectcalico/felix/pull/1557) - Add read/write timeout options for Typha connection. [#1538](https://github.com/projectcalico/felix/pull/1538) - Fix OpenStack detection heuristic to ignore 'none'. [#1556](https://github.com/projectcalico/felix/pull/1556) - Adding support for ppc64le. [#1516](https://github.com/projectcalico/felix/pull/1516)

Felix version 2.4.0-rc2 - Only report ready after first apply() completes. - Add a grace period before deleting routes. - Leave interfaces in the route cleanup grace period dirty, and add tests

Felix version 2.4.1 - Update the import for logrus to use lowercasing - Switched log.Printf to log.Infof. - Update libcalico to v1.5.2

Felix version 2.5.0 - Test fix: use local crd manifest file instead of pulling from libcalico-go repository See: #1530 - Fix deb and RPM changelogs to include 2.2.x releases.

Felix version 2.5.0-rc1 - Update to libcalico v1.6.0 and typha v0.4.0. - Update k8sfv to be compatible with k8s 1.7 + CRDs

Felix version 2.5.1 - Record 2.5.0 deb/RPM changelogs. - Add timeouts to Typha/Felix connection to detect silent TCP drops. (#1537, #1538)

Felix version 2.3.0-rc2 - Update libcalico to v1.4.0

Felix version 2.3.0-rc3 - Rev libcalico-go and typha to pick up fixes.

Felix version 2.4.0

Felix version 2.4.0-rc1 - Skip recalculation of selector matches if selector hasn't changed (#1482). - Use updated Typha client API (#1484). - Improve testing and test coverage (#1486, #1494, #1496, #1497). - Make test suites produce junit reports (#1488). - Allow selection of policy allow action (#1492). - Implement liveness and readiness endpoints for Felix (#1489). - Improve Calico version reporting (#1499). - Streamline conntrack state deletions (#1500, #1498). - Add release note to PR template (#1502). - Add support for multiple CIDRs in a match rule (#1483, #1505). - Support using a lock to coordinate iptables programming with other software (#1491, #1504). - Move logutils functionality to libcalico-go (#1503). - Add pre-DNAT policy support (#1506). - Update glide pin for logrus (#1509). - Allow for time fuzziness in route table UT (#1510). - Update to Typha v0.3.0 (#1512).

Felix version 2.2.0-rc4 - Rev go-build to v0.6 to pick up go 1.8.1 (#1446). - Squash duplicate host IP updates to avoid churning dataplane (#1445). - Disable node polling if IPIP is disabled (#1448). - Improvements to Kubernetes-based FV framework.

Felix version 2.2.0-rc5 - Make the Felix log level configurable - Rev go-build to v0.6 to pick up go 1.8.1. - Squash duplicate host IP updates to avoid churning dataplane. - Disable node polling if IPIP is disabled. - Rev libcalico-go to v1.2.1.

Felix version 2.2.1 - Fix that Felix didn't respect IpInIpEnabled flag (#1452).

Felix version 2.2.2 - Pin libcalico-go to v1.2.2 to pick up memory leak fix (#1457).

Felix version 2.3.0 This is a feature release of Felix, Calico's per-host agent. The headline feature in this release is a significant increase in scale when using the Kubernetes datastore driver by introducing support for a new daemon, Typha. Typha connects to the Kubernetes API server and fans out updates to a number of Felixes. By having only a handful of Typha instances connected to the API server instead of many Felixes, we place a lot less load on the API server. In addition, Typha is able to squash unimportant updates form the API server, significantly reducing the number of mesages each Felix has to handle. Typha is disabled by default. The documentation for how to configure Typha and Felix together will follow as part of the wider Calico 2.3.0 meta-release. This release also contains a number of minor enhancements: - Performance: Scan iptables-save output incrementally when calculating hashes. - Performance: Disable WithFields logging in the ipsets resync parse loop. - Performance: Disable some WithField calls in the inner iptables resync loop. - Allow the iptables post-write check interval to be set. - Improve diagnostics around ipset restore failures - Log ip6tables-save stderr if it fails - Convert interval config parameters to time.Duration for increased precision. - Rev libcalico-go to v1.4.4 and Typha to v0.2.2. - Make JUST_A_MINUTE the default, as it's more useful for devs The k8sfv functional tests also got a number of enhancements: - Update imports for recent client-go/apimachinery moves - Check Felix does not die before end of test - mechanism for only running quick tests - fix client authorization to API server 1.6 - Ensure that ip6_tables module is loaded - put Typha in the loop. The DockerHub and Quay.io `calico/felix` images have been updated. The `calico/node` image based on this release will follow shortly. Since we're targetting Kubernetes for this release, we haven't yet updated the OpenStack debs and RPMs, those should follow in a few days.