Avi Kubernetes Operator Version 1.8 Release Notes

The Avi Vantage platform integration with OpenShift/ Kubernetes provides a redesigned architecture involving a new operator called Avi Kubernetes Operator (AKO). The following illustration outlines the components of the Avi Kubernetes integration.

Issues Resolved in AKO Version 1.8.2

• Error in passthrough virtual service DataScript execution when avi-infrasetting is applied to the passthrough ingress/route.
• Secure ingress does not work with Istio.
• Validation error Hosting parent virtualservice must have SSL enabled displayed only when the listener section is provided in the host rule.
• Security vulnerabilities in the Golang packages and the base image.

Key Changes in AKO Version 1.8.2

• Logs from Istio file watched are now changed from Error level to Warn level.
• Status of ingress/route is populated with IPv6 address in IPv6 deployments instead of IPv4 IP with an exception if public IP is configured.

What’s New in AKO Version 1.8.1

• Support for Kubernetes 1.24
• Support for AviInfraSetting CRD in passthrough Ingresses/Routes
• Support for Istio Mutual TLS (mTLS) authentication (Tech-preview)
• Support for IPv6 frontend and backend networking (Tech-preview)
• Support to block the processing of objects in system namespaces in OpenShift and Kubernetes clusters.

Issues Resolved in AKO Version 1.8.1

• A hostrule with sslKeyCertificate of type secret will not work in namespaces other than avi-system in OpenShift clusters.
• Insecure ingress deployment where path name contains mixed case letters, request sent to that ingress on that path returns 407 error.

Key Changes in AKO Version 1.8.1

• For Insecure Ingress deployments, priority labels associated with pools will be case-insensitive.
• nodeNetworkList is not mandatory for NSX-T Overlay deployments.

Document Revision History