From c52b0bedbad6ac2a8d0231a0796ce00d2674906b Mon Sep 17 00:00:00 2001 From: Vivek Lohiya Date: Tue, 9 Jul 2024 13:10:31 +0530 Subject: [PATCH] Release note CIS 2.17.1 (#3474) --- docs/RELEASE-NOTES.rst | 23 ++++++++++++------- .../customresourcedefinitions.yml | 10 ++++++++ 2 files changed, 25 insertions(+), 8 deletions(-) diff --git a/docs/RELEASE-NOTES.rst b/docs/RELEASE-NOTES.rst index 90a756fab..612b5063e 100644 --- a/docs/RELEASE-NOTES.rst +++ b/docs/RELEASE-NOTES.rst @@ -1,28 +1,35 @@ Release Notes for Container Ingress Services for Kubernetes & OpenShift ======================================================================= -Next Release +2.17.1 ------------- Added Functionality ``````````````````` **What's new:** * CRD - * `Issue 3378 `_: Support to control ciphers groups and ssl options in TLSProfile CRD + * `Issue 3378 `_: Support to control ciphers groups and ssl options in TLSProfile CRD, See `Example `_ * Improved performance for Hub Mode using the isTenantNameServiceNamespace label in the AS3 configmap, See `Example `_ * Pod Graceful Shutdown support for AS3 ConfigMap using CIS deployment parameter *pod-graceful-shutdown* Bug Fixes ```````````` -* `Issue 3395 `_: BIGIP controller 2.16.0 removes F5 configuration when removing Kubernetes resources in namespace. -* `Issue 3424 `_: Static routes not added if a label not added to a namespace when --namespace-label used. -* `Issue 3443 `_: Fix issue with IPAM IP allocation on resource recreation -* `Issue 3406 `_: Upon deleting all the CRD resources, the default route domain of CIS-managed Partition resets to 0 -* `Issue 3405 `_: Fix Helm Chart does not enable ingressClass after creating it. +* `Issue 3395 `_: BIG-IP controller 2.16.0 removes F5 configuration when removing Kubernetes resources in namespace. +* `Issue 3424 `_: Static routes are not added if a label is not added to a namespace when using `--namespace-label` flag. +* `Issue 3443 `_: Addressed the problem with IPAM IP allocation on resource recreation. +* `Issue 3406 `_: Upon deletion of all CRD resources, the default route domain of the CIS-managed Partition resets to 0. +* `Issue 3405 `_: Resolved the issue where Helm Chart does not enable ingressClass after creating it. +* Resolved the issue where LB Services remain stuck in a Pending state when using IPAM. Upgrade notes `````````````` -* From this version, re-sync period for service in hub mode is same as periodic-sync-interval configured in the CIS deployment parameter *periodic-sync-interval*. For which the default value is 30 seconds. +Starting with CIS version 2.17.1: + * Re-sync period for the service in hub mode is the same as the periodic sync interval configured in the CIS deployment parameter periodic-sync-interval, for which the default value is 30 seconds. + * If the `--ipam-cluster-label` is already enabled in previous versions, it's recommended to remove the ipam CR created by the previous version of CIS and recreate it. For example, you can use the command: + + ``kubectl -n kube-system delete ipam ..ipam`` + + * If you wish to enable `--ipam-cluster-label` in CIS or modify the `--ipam-cluster-label` configuration, it is still recommended to remove the ipam CR created by the previous version of CIS. 2.17.0 diff --git a/docs/config_examples/customResourceDefinitions/customresourcedefinitions.yml b/docs/config_examples/customResourceDefinitions/customresourcedefinitions.yml index 6a787f0ab..82e51a308 100644 --- a/docs/config_examples/customResourceDefinitions/customresourcedefinitions.yml +++ b/docs/config_examples/customResourceDefinitions/customresourcedefinitions.yml @@ -472,6 +472,16 @@ spec: spec: type: object properties: + tlsCipher: + type: object + properties: + tlsVersion: + type: string + enum: ["1.0", "1.1", "1.2", "1.3"] + ciphers: + type: string + cipherGroup: + type: string hosts: type: array items: