v1.11.0

This release introduces an optional new mode for Security groups for pods feature along with other improvements.

EKS documentation suggests to add the ENIConfig label for identifying your worker nodes with "ENI_CONFIG_LABEL_DEF=failure-domain.beta.kubernetes.io/zone". This is to select an ENIConfig based upon availability zone and would need to create an ENIConfig custom resource for each availability zone (e.g. us-east-1a). But the sample default ENIConfig generated by helm used to build the ENIConfig by default using the format REGION + USER-SUPPLIED-NAME which is not inline with the documentation. PR #1918 is included in this release to keep the documentation inline with the sample configs and also provide flexibility if there is no need to follow AZ naming recommendation.

Changes since v1.10.3:

• Feature - Support new SGPP standard mode (@M00nF1sh )
• Feature - IPv4 Randomize SNAT support for IPv6 pods (@achevuru)
• Feature - Respect existing ENIConfig label if set on node (@backjo)
• Improvement - Timeout and reconcile when checking API server connectivity
  (@prateekgogia)
• Improvement - Improve startup performance of IPAMD (@backjo)
• Improvement - Record pod metadata and allocationTime in IP allocation state file (@M00nF1sh )
• Bug - Fixes node label error handling & revert to use update for node label update (@jayanthvn, @M00nF1sh )
  (#1959)
• Bug - IPAMD throw an error on configuration validation failure (@veshij)
• Cleanup - refactoring DataStore.GetStats to simplify adding new fields (@veshij)

To apply this release:

kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/v1.11.0/config/master/aws-k8s-cni.yaml

Verify the update:

$ kubectl describe daemonset aws-node -n kube-system | grep Image | cut -d "/" -f 2                                                   
amazon-k8s-cni-init:v1.11.0
amazon-k8s-cni:v1.11.0