Releases: gardener-attic/vpn
0.10.0
Most notable changes
- The VPN Seed component sets TCP parameters only if the respective files exist.
Docker Images
Seed Docker image: eu.gcr.io/gardener-project/gardener/vpn-seed:0.10.0
Shoot Docker image: eu.gcr.io/gardener-project/gardener/vpn-shoot:0.10.0
0.9.0
Most notable changes
- The VPN bridge is no longer based on SSH but on OpenVPN. The example deployment manifests as well as the installation instructions have been updated accordingly.
Docker Images
Seed Docker image: eu.gcr.io/gardener-project/gardener/vpn-seed:0.9.0
Shoot Docker image: eu.gcr.io/gardener-project/gardener/vpn-shoot:0.9.0
0.8.0
Most notable changes
- The vpn-seed uses a dedicated file name for its copied input identity file.
Seed Docker image: eu.gcr.io/gardener-project/gardener/vpn-seed:0.8.0
Shoot Docker image: eu.gcr.io/gardener-project/gardener/vpn-shoot:0.8.0
0.7.0
Most notable changes
- The vpn-seed copies the input identity file into a dedicated directory because it tries to set the proper permissions on that file. It cannot do that in the previous directory because it is mounted from a secret and this volume is not writeable.
Seed Docker image: eu.gcr.io/gardener-project/gardener/vpn-seed:0.7.0
Shoot Docker image: eu.gcr.io/gardener-project/gardener/vpn-shoot:0.7.0
0.6.0
Most notable changes
- The sshd config file is now configurable via the environment variable
CONFIG_FILEin the vpn-shoot container. It defaults to/etc/ssh/sshd_config. - The authorized keys file is now configurable via the environment variable
AUTHORIZED_KEYS_FILEin the vpn-shoot container. It defaults to/root/.ssh/authorized_keys. However, the standard run scenario is Kubernetes and here we recommend to not directly mount the secret containing the authorized keys file to/root/.ssh(because the mounted.sshdirectory will have too wide access permissions). Either usesubPath(currently buggy/not working) or mount it to another directory and use the environment variable. The vpn-shoot container will copy the file to its expected location.
Seed Docker image: eu.gcr.io/gardener-project/gardener/vpn-seed:0.6.0
Shoot Docker image: eu.gcr.io/gardener-project/gardener/vpn-shoot:0.6.0
0.5.0
Most notable changes
- The VPN Seed talks via
127.0.0.1to the kube-apiserver if it is running in the same pod.
Seed Docker image: eu.gcr.io/gardener-project/gardener/vpn-seed:0.5.0
Shoot Docker image: eu.gcr.io/gardener-project/gardener/vpn-shoot:0.5.0
0.4.0
Most notable changes
- If the connection to the VPN Shoot container is possible but failing for a certain number of times, the VPN Seed container will restart the VPN Shoot pod and try again. This shall lead to faster reconnections.
Seed Docker image: eu.gcr.io/gardener-project/gardener/vpn-seed:0.4.0
Shoot Docker image: eu.gcr.io/gardener-project/gardener/vpn-shoot:0.4.0
0.3.0
Most notable changes
- The VPN Shoot container terminates with exit code 1 whenever one of its remote endpoints (i.e., vpn-seed's) do not respond to ping requests.
Seed Docker image: eu.gcr.io/gardener-project/gardener/vpn-seed:0.3.0
Shoot Docker image: eu.gcr.io/gardener-project/gardener/vpn-shoot:0.3.0
0.2.0
Most notable changes
- The VPN Shoot container now enables IP forwarding for its environment manually (fixes/mitigates #18). This allows using the VPN solution with Calico v3.0.
Seed Docker image: eu.gcr.io/gardener-project/gardener/vpn-seed:0.2.0
Shoot Docker image: eu.gcr.io/gardener-project/gardener/vpn-shoot:0.2.0
0.1.0
Initial release
The VPN Seed component establishes connectivity from a pod running in the Seed cluster to the networks of a Shoot cluster (which are usually private).
The VPN Shoot component serves an endpoint for incoming connections, allows contacting any IP address within its network and routes the packets back to the caller.
Seed Docker image: eu.gcr.io/gardener-project/gardener/vpn-seed:0.1.0
Shoot Docker image: eu.gcr.io/gardener-project/gardener/vpn-shoot:0.1.0