Overview All releases

Version History

v1.16.0-pre.1 v1.16.0-pre.0 v1.15.4 v1.15.3 v1.15.2 v1.15.1 v1.15.0 v1.15.0-rc.1 v1.15.0-rc.0 v1.15.0-pre.3 v1.15.0-pre.2 v1.15.0-pre.1 v1.15.0-pre.0 v1.14.10 v1.14.9 v1.14.8 v1.14.7 v1.14.6 v1.14.5 v1.14.4 v1.14.3 v1.14.2 v1.14.1 v1.14.0 v1.14.0-snapshot.4 v1.14.0-snapshot.3

v1.14.0-snapshot.2

v1.14.0-snapshot.1

v1.14.0-snapshot.0

v1.14.0-rc.1

v1.14.0-rc.0 v1.13.15 v1.13.14 v1.13.13 v1.13.12 v1.13.11 v1.13.10 v1.13.9 v1.13.8 v1.13.7 v1.13.6 v1.13.5 v1.13.4 v1.13.3 v1.13.2 v1.13.1 v1.13.0

v1.13.0-rc5

v1.13.0-rc4

v1.13.0-rc3

v1.13.0-rc2

v1.13.0-rc1

v1.13.0-rc0

v1.12.19 v1.12.18 v1.12.17 v1.12.16 v1.12.15 v1.12.14 v1.12.13 v1.12.12 v1.12.11 v1.12.10 v1.12.9 v1.12.8 v1.12.7 v1.12.6 v1.12.5 v1.12.4 v1.12.3 v1.12.2 v1.12.1 v1.12.0

v1.12.0-rc3

v1.12.0-rc2

v1.12.0-rc1

v1.12.0-rc0

v1.11.20 v1.11.19 v1.11.18 v1.11.17 v1.11.16 v1.11.15 v1.11.14 v1.11.13 v1.11.12 v1.11.11 v1.11.10 v1.11.9 v1.11.8 v1.11.7 v1.11.6 v1.11.5 v1.11.4 v1.11.3 v1.11.2 v1.11.1

v1.11.0

v1.11.0-rc3

v1.11.0-rc2

v1.11.0-rc1

v1.11.0-rc0

v1.10.20 v1.10.19 v1.10.18 v1.10.17 v1.10.16 v1.10.15 v1.10.14 v1.10.13 v1.10.12 v1.10.11 v1.10.10 v1.10.9 v1.10.8 v1.10.7

v1.10.6

v1.10.5

v1.10.4

v1.10.3

v1.10.2

v1.10.1

v1.10.0

v1.10.0-rc2

v1.10.0-rc1

v1.10.0-rc0

v1.9.18 v1.9.17 v1.9.16 v1.9.15 v1.9.14 v1.9.13 v1.9.12

v1.9.11

v1.9.10

v1.9.9

v1.9.8

v1.9.7

v1.9.6

v1.9.5

v1.9.4

v1.9.3

v1.9.2

v1.9.1

v1.9.0

v1.9.0-rc3

v1.9.0-rc2

v1.9.0-rc1

v1.8.13

v1.8.12

v1.8.11

v1.8.10

v1.8.9

v1.8.8

v1.8.7

v1.8.6

v1.8.5

v1.8.4

v1.8.3

v1.8.2

v1.8.1

v1.8.0

v1.8.0-rc4

v1.8.0-rc3

v1.8.0-rc2

v1.8.0-rc1

v1.7.16

v1.7.15

v1.7.14

v1.7.13

v1.7.12

v1.7.11

v1.7.10

v1.7.9

v1.7.8

v1.7.7

v1.7.6

v1.7.5

v1.7.4

v1.7.3

v1.7.2

v1.7.1

v1.7.0

v1.7.0-rc4

v1.7.0-rc3

v1.7.0-rc2

v1.7.0-rc1

v1.6.12

v1.6.11

v1.6.10

v1.6.9

v1.6.8

v1.6.7

v1.6.6

v1.6.5

v1.6.4

v1.6.3

v1.6.2

v1.6.1

v1.6.0

v1.5.13

v1.5.12

v1.5.11

v1.5.10

v1.5.9

v1.5.8

v1.5.7

v1.5.6

v1.5.5

v1.5.4

v1.5.3

v1.5.1

v1.5.0

v1.4.10

v1.4.9

v1.4.8

v1.4.7

v1.4.6

v1.4.5

1.4.4

1.4.3

v1.4.2

1.4.1

v1.4.0

v1.3.8

v1.3.7

1.3.6

1.3.5

v1.3.4

v1.3.3

1.3.2

v1.3.1

1.3.0

v1.2.8

v1.2.7

v1.2.6

v1.2.5

v1.2.4

v1.2.3

1.2.2

v1.2.1

v1.2.0

v1.2.0-rc3

v1.2.0-rc1

v1.1.6

1.1.5

v1.1.4

1.1.3

v1.1.2

v1.1.1

v1.1.0

v1.1.0-rc4

v1.1.0-rc3

v1.1.0-rc2

v1.1.0-rc1

v1.0.7

1.0.6

v1.0.5

v1.0.4

v1.0.3

v1.0.2

v1.0.1

v1.0.0

v1.0.0-rc9

v1.0.0-rc8

v1.0.0-rc7

v1.0.0-rc6

v1.0.0-rc5

v1.0.0-rc4

v1.0.0-rc2

v1.0.0-rc14

v1.0.0-rc13

v1.0.0-rc11

v1.0.0-rc10

v1.0.0-rc1

v0.11

0.10.1

v0.10.0

v0.9.0

v0.9.0-rc1

v0.8.2

v0.8.1

v0.8.0

Cilium - v1.14.0-rc.1

Summary of Changes

Minor Changes:
* Add tls-server-enforce-mtls flag to hubble-relay to enforce mTLS connection with clients. (Backport PR #26636, Upstream PR #25582, @marqc)
* BPF NodePort is now enabled by default if CiliumEnvoyConfig is configured. (Backport PR #26636, Upstream PR #25901, @jrajahalme)
* Fix endpoint slices filtering to ensure we filter out headless services and continue to support older k8s versions where service labels are not propagated to endpoint slices (Backport PR #26799, Upstream PR #25351, @odinuge)
* helm: Allow node port allocation for Ingress LB service (Backport PR #26799, Upstream PR #26502, @sayboras)

Bugfixes:
* Add host-side interface info to cni.Result, which allows bandwidth CNI to work with Cilium (Backport PR #26636, Upstream PR #26518, @nayihz)
* auth: Switch to observing identity changes (Backport PR #26636, Upstream PR #26375, @mhofstetter)
* bgpv1: Unconditionally select node when empty nodeSelector is given (Backport PR #26734, Upstream PR #26590, @YutaroHayakawa)
* client, health/client: set dummy host header on unix:// local communication (Backport PR #26838, Upstream PR #26800, @tklauser)
* egressgw: retry getIdentityLabels on failure (Backport PR #26734, Upstream PR #26457, @jibi)
* Fix bug where bpf map entries may not be reliably dumped or garbage collected when the map is actively being updated. (Backport PR #26838, Upstream PR #26583, @tommyp1ckles)
* Fix error propagation issue in clustermesh which prevented retrying on certain validation errors (Backport PR #26799, Upstream PR #26613, @giorio94)
* Fix SNAT by the N/S load-balancer for fragmented IPv4 requests. (Backport PR #26636, Upstream PR #26550, @julianwiedmann)
* Fixed double metric accounting for k8s events (Backport PR #26636, Upstream PR #26349, @dylandreimerink)
* Fixed proxy redirect policy implementation when any deny rule prevents them. (Backport PR #26813, Upstream PR #26344, @jrajahalme)
* Implement OnAddNode handlers for CiliumNodeUpdater and EndpointManager (Backport PR #26734, Upstream PR #26484, @pippolo84)
* Policy auth precedence fix (Backport PR #26813, Upstream PR #26331, @jrajahalme)
* Validate "ownership" of hostPort service being deleted (Backport PR #26734, Upstream PR #22587, @yasz24)

CI Changes:
* .github/workflows: use Helm mode cilium-cli in K8sUpstreamNetConformance (Backport PR #26734, Upstream PR #26692, @tklauser)
* .github: add 'name' field for the conformance-e2e job (Backport PR #26838, Upstream PR #26791, @aanm)
* ariane: don't skip verifier and l4lb tests on vendor/ changes (Backport PR #26734, Upstream PR #26715, @tklauser)
* ci-multi-pool: Use ip-masq-agent for masquerading (Backport PR #26636, Upstream PR #26538, @gandro)
* docs: Update external workloads instructions (Backport PR #26734, Upstream PR #26607, @michi-covalent)
* replace cilium/customvet by cilium/linters (Backport PR #26799, Upstream PR #26755, @rolinh)
* v1.14: ci: use Ariane to trigger workflows (#26625, @nbusseneau)

Misc Changes:
* Add helm values for K8s API server client rate limits and instructions on how to size them when using L2 announcements. (Backport PR #26799, Upstream PR #26711, @dylandreimerink)
* Add L2 responder map dumping to sysdump (Backport PR #26734, Upstream PR #26667, @dylandreimerink)
* Add the tunnel values to the config map even when the default values are used. (Backport PR #26838, Upstream PR #26712, @3u13r)
* auth: optimize log output for pending auth (Backport PR #26734, Upstream PR #26642, @mhofstetter)
* auth: use NodeManager instead of k8s.CiliumNodeResource in auth gc (Backport PR #26636, Upstream PR #26592, @mhofstetter)
* bgpv1: set correct upper limits to BPG timers and GR restart time (Backport PR #26636, Upstream PR #26534, @harsimran-pabla)
* bpf: dsr: fix IPIP health-encap on older kernels (Backport PR #26636, Upstream PR #26609, @julianwiedmann)
* bpf: nodeport: only set outer src IP for tunnel encap in XDP (Backport PR #26799, Upstream PR #26726, @julianwiedmann)
* bpf: Replace deprecated "-target bpf" with "--target=bpf" for clang (Backport PR #26636, Upstream PR #26553, @qmonnet)
* chore(deps): update all github action dependencies (v1.14) (minor) (#26699, @renovate[bot])
* chore(deps): update all github action dependencies (v1.14) (patch) (#26698, @renovate[bot])
* chore(deps): update dependency cilium/cilium-cli to v0.15.0 (v1.14) (#26700, @renovate[bot])
* chore(deps): update dependency cilium/cilium-cli to v0.15.2 (v1.14) (#26782, @renovate[bot])
* chore(deps): update docker.io/library/golang:1.20.5 docker digest to fd9306e (v1.14) (#26696, @renovate[bot])
* chore(deps): update docker.io/library/ubuntu:22.04 docker digest to 0bced47 (v1.14) (#26697, @renovate[bot])
* chore(deps): update hubble cli to v0.12.0 (v1.14) (minor) (#26763, @renovate[bot])
* daemon: fix issue where IPAM options in custom CNI confs was ignored (Backport PR #26799, Upstream PR #26732, @squeed)
* doc: Documented incompatibility of EgressGW and kvstore (Backport PR #26636, Upstream PR #26139, @PhilipSchmid)
* docs, kpr, maglev: Move Maglev out of beta (Backport PR #26636, Upstream PR #19541, @borkmann)
* docs/ipsec: Clarify limitation on number of nodes (Backport PR #26838, Upstream PR #26810, @pchaigno)
* docs: Add debugging guide for inspecting gops / pprof profiles (Backport PR #26734, Upstream PR #26675, @christarazi)
* docs: Add L2 Pod Announcements docs (Backport PR #26636, Upstream PR #26517, @markpash)
* docs: HOWTO run cilium-cli e2e connectivity tests (Backport PR #26734, Upstream PR #25217, @brb)
* docs: Ignore Helm values, update spelling list (Backport PR #26838, Upstream PR #26759, @qmonnet)
* docs: Istio docs fix sidecar inject method (Backport PR #26636, Upstream PR #26526, @networkop)
* docs: Mention --kube-proxy-replacement=boolean changes (Backport PR #26734, Upstream PR #26577, @brb)
* docs: Multi-Pool IPAM now partially supports iptables-based NAT (Backport PR #26636, Upstream PR #26522, @gandro)
* docs: remove no-longer-valid known policy issue (Backport PR #26799, Upstream PR #26660, @squeed)
* docs: Update cluster mesh instructions (Backport PR #26734, Upstream PR #26608, @michi-covalent)
* docs: Update Go Extension docs (Backport PR #26799, Upstream PR #26504, @sayboras)
* docs: update KPR section on DSR (Backport PR #26636, Upstream PR #26582, @julianwiedmann)
* docs: Update the docs for Helm mode Cilium CLI (Backport PR #26734, Upstream PR #26606, @michi-covalent)
* docs: Upgrade Note For Deny Policy Fix (Backport PR #26636, Upstream PR #26245, @nathanjsweet)
* Document cilium_host's IPv6 change in upgrade guide (Backport PR #26734, Upstream PR #26615, @jschwinger233)
* Documentation/community: add multi-pool IPAM to list of beta features (Backport PR #26636, Upstream PR #26566, @tklauser)
* Egress Gateway: make CiliumEndpoint reconciliation asynchronous from k8s watcher (Backport PR #26799, Upstream PR #26741, @jibi)
* fix kind job with network policy failures (Backport PR #26799, Upstream PR #26639, @aojea)
* helm: Use kubeProxyReplacement as string (Backport PR #26636, Upstream PR #26549, @jrajahalme)
* hubble: Optimize namespace tracking (Backport PR #26799, Upstream PR #26547, @glibsm)
* ipam/multipool: wait for restoration before releasing CIDRs (Backport PR #26734, Upstream PR #26668, @tklauser)
* loader: check enabled L7 proxy via config property (Backport PR #26636, Upstream PR #26627, @mhofstetter)
* make: rework kind-install-cilium-clustermesh for Cilium CLI Helm mode (Backport PR #26799, Upstream PR #26753, @giorio94)
* monitor: update DBG_CT_LOOKUP4_2 / DBG_CT_LOOKUP6_2 output (Backport PR #26636, Upstream PR #26558, @julianwiedmann)
* multi-pool: Document unsupported kvstore mode (Backport PR #26734, Upstream PR #26662, @gandro)
* Prepare v1.14 stable branch (#26548, @joestringer)
* Silence misleading log messages about service resolution in clustermesh (Backport PR #26734, Upstream PR #26614, @giorio94)
* Update docs for Kubernetes 1.27 (Backport PR #26734, Upstream PR #26671, @christarazi)
* vendor: Update go-restful (Backport PR #26636, Upstream PR #26560, @ferozsalam)

Docker Manifests

cilium

docker.io/cilium/cilium:v1.14.0-rc.1@sha256:47c403975508dcf0f53f801f1fd0cf0804d4dc656ee01a136bd3805ed2ec14bb
quay.io/cilium/cilium:v1.14.0-rc.1@sha256:47c403975508dcf0f53f801f1fd0cf0804d4dc656ee01a136bd3805ed2ec14bb

clustermesh-apiserver

docker.io/cilium/clustermesh-apiserver:v1.14.0-rc.1@sha256:5dff8cba7b230294cbfe284222b1963e9c2e0d93baef19f0e565b957dac7749a
quay.io/cilium/clustermesh-apiserver:v1.14.0-rc.1@sha256:5dff8cba7b230294cbfe284222b1963e9c2e0d93baef19f0e565b957dac7749a

docker-plugin

docker.io/cilium/docker-plugin:v1.14.0-rc.1@sha256:ae6beb99ec85a2ccba9f96fe07ce8c0ca0d7d6a1aac696cd9d3c5f005c74279a
quay.io/cilium/docker-plugin:v1.14.0-rc.1@sha256:ae6beb99ec85a2ccba9f96fe07ce8c0ca0d7d6a1aac696cd9d3c5f005c74279a

hubble-relay

docker.io/cilium/hubble-relay:v1.14.0-rc.1@sha256:51627988e5df034e2b7a6291ed06593d0bc12a54f01549a2f5c7db46adc1ecfe
quay.io/cilium/hubble-relay:v1.14.0-rc.1@sha256:51627988e5df034e2b7a6291ed06593d0bc12a54f01549a2f5c7db46adc1ecfe

kvstoremesh

docker.io/cilium/kvstoremesh:v1.14.0-rc.1@sha256:69b385338771696036e2edce22626b98b84df63739bb56287f992ff169fa75c0
quay.io/cilium/kvstoremesh:v1.14.0-rc.1@sha256:69b385338771696036e2edce22626b98b84df63739bb56287f992ff169fa75c0

operator-alibabacloud

docker.io/cilium/operator-alibabacloud:v1.14.0-rc.1@sha256:c0840b26aaff7eb65415e05644cbcefbc47cdc67a35fabe37cc19dc72127d878
quay.io/cilium/operator-alibabacloud:v1.14.0-rc.1@sha256:c0840b26aaff7eb65415e05644cbcefbc47cdc67a35fabe37cc19dc72127d878

operator-aws

docker.io/cilium/operator-aws:v1.14.0-rc.1@sha256:32e6bd6863984be27433c3405f6e41074cc72a3a40cc3bf9d7bc1241552776a5
quay.io/cilium/operator-aws:v1.14.0-rc.1@sha256:32e6bd6863984be27433c3405f6e41074cc72a3a40cc3bf9d7bc1241552776a5

operator-azure

docker.io/cilium/operator-azure:v1.14.0-rc.1@sha256:359b7d84c1544ee3f91ef3eecdbf5a02bc0a5d5077791212a3e7ef2f7304d123
quay.io/cilium/operator-azure:v1.14.0-rc.1@sha256:359b7d84c1544ee3f91ef3eecdbf5a02bc0a5d5077791212a3e7ef2f7304d123

operator-generic

docker.io/cilium/operator-generic:v1.14.0-rc.1@sha256:36e0d2d4ba8f35031b65d0703a74e1dd68253589479f7007f84b245bc6ebc410
quay.io/cilium/operator-generic:v1.14.0-rc.1@sha256:36e0d2d4ba8f35031b65d0703a74e1dd68253589479f7007f84b245bc6ebc410

operator

docker.io/cilium/operator:v1.14.0-rc.1@sha256:3482914fa4c525daa8d6dd26dc60e845d00e5c64d917f1433ef4b1a4f31a3dca
quay.io/cilium/operator:v1.14.0-rc.1@sha256:3482914fa4c525daa8d6dd26dc60e845d00e5c64d917f1433ef4b1a4f31a3dca

Details

date

July 17, 2023, 3:11 p.m.

name

1.14.0-rc.1

type

Pre-release

official page

https://github.com/cilium/cilium/releases/tag/v1.14.0-rc.1

👇

🔍View and search all Cilium releases.
🛠️Create and share lists to track your tools.
🚨Setup notifications for major, security, feature or patch updates.
🚀Much more coming soon!

Continue with GitHub

Continue with Google

Username

Password

Password (again)

leave this field blank to prove your humanity