Promote EgressSeparateSubnet feature to Beta

build/charts/antrea/conf/antrea-agent.conf

@@ -88,7 +88,7 @@ featureGates:
 {{- include "featureGate" (dict "featureGates" .Values.featureGates "name" "EgressTrafficShaping" "default" false) }}
 
 # Allow users to allocate Egress IPs from a different subnet from the default Node subnet.
-{{- include "featureGate" (dict "featureGates" .Values.featureGates "name" "EgressSeparateSubnet" "default" false) }}
+{{- include "featureGate" (dict "featureGates" .Values.featureGates "name" "EgressSeparateSubnet" "default" true) }}
 
 # Allow users to apply ClusterNetworkPolicy to Kubernetes Nodes.
 {{- include "featureGate" (dict "featureGates" .Values.featureGates "name" "NodeNetworkPolicy" "default" false) }}

build/yamls/antrea-aks.yml

@@ -4069,7 +4069,7 @@ data:
     #  EgressTrafficShaping: false
 
     # Allow users to allocate Egress IPs from a different subnet from the default Node subnet.
-    #  EgressSeparateSubnet: false
+    #  EgressSeparateSubnet: true
 
     # Allow users to apply ClusterNetworkPolicy to Kubernetes Nodes.
     #  NodeNetworkPolicy: false
@@ -5446,7 +5446,7 @@ spec:
         kubectl.kubernetes.io/default-container: antrea-agent
         # Automatically restart Pods with a RollingUpdate if the ConfigMap changes
         # See https://helm.sh/docs/howto/charts_tips_and_tricks/#automatically-roll-deployments
-        checksum/config: 9c5fd81219c99e3ac42cdbafe79a80f2462119a30249c4dffc6d8eb969251f4e
+        checksum/config: bc29a09c052fff53288bde6360d49e835dbc5caf6a2bf928861236566fa9d1ce
       labels:
         app: antrea
         component: antrea-agent
@@ -5690,7 +5690,7 @@ spec:
       annotations:
         # Automatically restart Pod if the ConfigMap changes
         # See https://helm.sh/docs/howto/charts_tips_and_tricks/#automatically-roll-deployments
-        checksum/config: 9c5fd81219c99e3ac42cdbafe79a80f2462119a30249c4dffc6d8eb969251f4e
+        checksum/config: bc29a09c052fff53288bde6360d49e835dbc5caf6a2bf928861236566fa9d1ce
       labels:
         app: antrea
         component: antrea-controller

build/yamls/antrea-eks.yml

@@ -4069,7 +4069,7 @@ data:
     #  EgressTrafficShaping: false
 
     # Allow users to allocate Egress IPs from a different subnet from the default Node subnet.
-    #  EgressSeparateSubnet: false
+    #  EgressSeparateSubnet: true
 
     # Allow users to apply ClusterNetworkPolicy to Kubernetes Nodes.
     #  NodeNetworkPolicy: false
@@ -5446,7 +5446,7 @@ spec:
         kubectl.kubernetes.io/default-container: antrea-agent
         # Automatically restart Pods with a RollingUpdate if the ConfigMap changes
         # See https://helm.sh/docs/howto/charts_tips_and_tricks/#automatically-roll-deployments
-        checksum/config: 9c5fd81219c99e3ac42cdbafe79a80f2462119a30249c4dffc6d8eb969251f4e
+        checksum/config: bc29a09c052fff53288bde6360d49e835dbc5caf6a2bf928861236566fa9d1ce
       labels:
         app: antrea
         component: antrea-agent
@@ -5691,7 +5691,7 @@ spec:
       annotations:
         # Automatically restart Pod if the ConfigMap changes
         # See https://helm.sh/docs/howto/charts_tips_and_tricks/#automatically-roll-deployments
-        checksum/config: 9c5fd81219c99e3ac42cdbafe79a80f2462119a30249c4dffc6d8eb969251f4e
+        checksum/config: bc29a09c052fff53288bde6360d49e835dbc5caf6a2bf928861236566fa9d1ce
       labels:
         app: antrea
         component: antrea-controller

build/yamls/antrea-gke.yml

@@ -4069,7 +4069,7 @@ data:
     #  EgressTrafficShaping: false
 
     # Allow users to allocate Egress IPs from a different subnet from the default Node subnet.
-    #  EgressSeparateSubnet: false
+    #  EgressSeparateSubnet: true
 
     # Allow users to apply ClusterNetworkPolicy to Kubernetes Nodes.
     #  NodeNetworkPolicy: false
@@ -5446,7 +5446,7 @@ spec:
         kubectl.kubernetes.io/default-container: antrea-agent
         # Automatically restart Pods with a RollingUpdate if the ConfigMap changes
         # See https://helm.sh/docs/howto/charts_tips_and_tricks/#automatically-roll-deployments
-        checksum/config: 115af3aa2408672d2f38c5dfd9aae3a4754703158adc807f695b74a8689f1ada
+        checksum/config: 877979e9392bb2a2b65fa28f362c90d85509102133ad8de6c3410c56e04f0234
       labels:
         app: antrea
         component: antrea-agent
@@ -5688,7 +5688,7 @@ spec:
       annotations:
         # Automatically restart Pod if the ConfigMap changes
         # See https://helm.sh/docs/howto/charts_tips_and_tricks/#automatically-roll-deployments
-        checksum/config: 115af3aa2408672d2f38c5dfd9aae3a4754703158adc807f695b74a8689f1ada
+        checksum/config: 877979e9392bb2a2b65fa28f362c90d85509102133ad8de6c3410c56e04f0234
       labels:
         app: antrea
         component: antrea-controller

build/yamls/antrea-ipsec.yml

@@ -4082,7 +4082,7 @@ data:
     #  EgressTrafficShaping: false
 
     # Allow users to allocate Egress IPs from a different subnet from the default Node subnet.
-    #  EgressSeparateSubnet: false
+    #  EgressSeparateSubnet: true
 
     # Allow users to apply ClusterNetworkPolicy to Kubernetes Nodes.
     #  NodeNetworkPolicy: false
@@ -5459,7 +5459,7 @@ spec:
         kubectl.kubernetes.io/default-container: antrea-agent
         # Automatically restart Pods with a RollingUpdate if the ConfigMap changes
         # See https://helm.sh/docs/howto/charts_tips_and_tricks/#automatically-roll-deployments
-        checksum/config: d7a27b42825a5fb89da24f0e2ba23b6672d3c62ac9bba4507722d6a57bfffaca
+        checksum/config: 00850eea62819cbe3c83a8a8915dba2f0d91d380c1b8566c80b691c3a909b258
         checksum/ipsec-secret: d0eb9c52d0cd4311b6d252a951126bf9bea27ec05590bed8a394f0f792dcb2a4
       labels:
         app: antrea
@@ -5747,7 +5747,7 @@ spec:
       annotations:
         # Automatically restart Pod if the ConfigMap changes
         # See https://helm.sh/docs/howto/charts_tips_and_tricks/#automatically-roll-deployments
-        checksum/config: d7a27b42825a5fb89da24f0e2ba23b6672d3c62ac9bba4507722d6a57bfffaca
+        checksum/config: 00850eea62819cbe3c83a8a8915dba2f0d91d380c1b8566c80b691c3a909b258
       labels:
         app: antrea
         component: antrea-controller

build/yamls/antrea.yml

@@ -4069,7 +4069,7 @@ data:
     #  EgressTrafficShaping: false
 
     # Allow users to allocate Egress IPs from a different subnet from the default Node subnet.
-    #  EgressSeparateSubnet: false
+    #  EgressSeparateSubnet: true
 
     # Allow users to apply ClusterNetworkPolicy to Kubernetes Nodes.
     #  NodeNetworkPolicy: false
@@ -5446,7 +5446,7 @@ spec:
         kubectl.kubernetes.io/default-container: antrea-agent
         # Automatically restart Pods with a RollingUpdate if the ConfigMap changes
         # See https://helm.sh/docs/howto/charts_tips_and_tricks/#automatically-roll-deployments
-        checksum/config: b5a31ae863dbec89793167ebf4204eed1b5649180295c89064769b8e9526a1d6
+        checksum/config: 6b0b82d61a89692c8092a44ac0a7bb02647254384f5246282bbb6be56415d08b
       labels:
         app: antrea
         component: antrea-agent
@@ -5688,7 +5688,7 @@ spec:
       annotations:
         # Automatically restart Pod if the ConfigMap changes
         # See https://helm.sh/docs/howto/charts_tips_and_tricks/#automatically-roll-deployments
-        checksum/config: b5a31ae863dbec89793167ebf4204eed1b5649180295c89064769b8e9526a1d6
+        checksum/config: 6b0b82d61a89692c8092a44ac0a7bb02647254384f5246282bbb6be56415d08b
       labels:
         app: antrea
         component: antrea-controller

docs/egress.md

@@ -251,12 +251,12 @@ spec:
       network-role: egress-gateway
 ```
 
-**Note**: Specifying different subnets is currently in alpha version. To use
-this feature, users should enable the `EgressSeparateSubnet` feature gate.
-Currently, the maximum number of different subnets that can be supported in a
-cluster is 20, which should be sufficient for most cases. If you need to have
-more subnets, please raise an issue with your use case, and we will consider
-revising the limit based on that.
+**Note**: Specifying different subnets is enabled by default since Antrea v2.3.
+To use this feature with an earlier release, users should enable the `EgressSeparateSubnet`
+feature gate. Currently, the maximum number of different subnets that can be
+supported in a cluster is 20, which should be sufficient for most cases. If you
+need to have more subnets, please raise an issue with your use case, and we will
+consider revising the limit based on that.
 
 ### NodeSelector
 

docs/feature-gates.md

@@ -57,7 +57,7 @@ edit the Agent configuration in the
 | `L7NetworkPolicy`             | Agent + Controller | `false` | Alpha | v1.10         | N/A          | N/A        | Yes                |                                               |
 | `AdminNetworkPolicy`          | Controller         | `false` | Alpha | v1.13         | N/A          | N/A        | Yes                |                                               |
 | `EgressTrafficShaping`        | Agent              | `false` | Alpha | v1.14         | N/A          | N/A        | Yes                | OVS meters should be supported                |
-| `EgressSeparateSubnet`        | Agent              | `false` | Alpha | v1.15         | N/A          | N/A        | No                 |                                               |
+| `EgressSeparateSubnet`        | Agent              | `true`  | Beta  | v1.15         | v2.3         | N/A        | No                 |                                               |
 | `NodeNetworkPolicy`           | Agent              | `false` | Alpha | v1.15         | N/A          | N/A        | Yes                |                                               |
 | `L7FlowExporter`              | Agent              | `false` | Alpha | v1.15         | N/A          | N/A        | Yes                |                                               |
 | `BGPPolicy`                   | Agent              | `false` | Alpha | v2.1          | N/A          | N/A        | No                 |                                               |

pkg/apiserver/handlers/featuregates/handler_test.go

@@ -37,6 +37,7 @@ var (
 	multicastStatus                   string
 	cleanupStaleUDPSvcConntrackStatus string
 	serviceExternalIPStatus           string
+	egressSeparateSubnetStatus        string
 )
 
 func Test_getGatesResponse(t *testing.T) {
@@ -59,7 +60,7 @@ func Test_getGatesResponse(t *testing.T) {
 				{Component: "agent", Name: "BGPPolicy", Status: "Disabled", Version: "ALPHA"},
 				{Component: "agent", Name: "CleanupStaleUDPSvcConntrack", Status: cleanupStaleUDPSvcConntrackStatus, Version: "BETA"},
 				{Component: "agent", Name: "Egress", Status: egressStatus, Version: "BETA"},
-				{Component: "agent", Name: "EgressSeparateSubnet", Status: "Disabled", Version: "ALPHA"},
+				{Component: "agent", Name: "EgressSeparateSubnet", Status: egressSeparateSubnetStatus, Version: "BETA"},
 				{Component: "agent", Name: "EgressTrafficShaping", Status: "Disabled", Version: "ALPHA"},
 				{Component: "agent", Name: "EndpointSlice", Status: "Enabled", Version: "GA"},
 				{Component: "agent", Name: "ExternalNode", Status: "Disabled", Version: "ALPHA"},
@@ -224,11 +225,13 @@ func Test_getControllerGatesResponse(t *testing.T) {
 
 func init() {
 	egressStatus = "Enabled"
+	egressSeparateSubnetStatus = "Enabled"
 	multicastStatus = "Enabled"
 	cleanupStaleUDPSvcConntrackStatus = "Enabled"
 	serviceExternalIPStatus = "Enabled"
 	if runtime.IsWindowsPlatform() {
 		egressStatus = "Disabled"
+		egressSeparateSubnetStatus = "Disabled"
 		multicastStatus = "Disabled"
 		cleanupStaleUDPSvcConntrackStatus = "Disabled"
 		serviceExternalIPStatus = "Disabled"

pkg/features/antrea_features.go

@@ -159,6 +159,7 @@ const (
 	EgressTrafficShaping featuregate.Feature = "EgressTrafficShaping"
 
 	// alpha: v1.15
+	// beta: v2.3
 	// Allow users to allocate Egress IPs from a different subnet from the default Node subnet.
 	EgressSeparateSubnet featuregate.Feature = "EgressSeparateSubnet"
 
@@ -219,7 +220,7 @@ var (
 		LoadBalancerModeDSR:         {Default: false, PreRelease: featuregate.Alpha},
 		AdminNetworkPolicy:          {Default: false, PreRelease: featuregate.Alpha},
 		EgressTrafficShaping:        {Default: false, PreRelease: featuregate.Alpha},
-		EgressSeparateSubnet:        {Default: false, PreRelease: featuregate.Alpha},
+		EgressSeparateSubnet:        {Default: true, PreRelease: featuregate.Beta},
 		NodeNetworkPolicy:           {Default: false, PreRelease: featuregate.Alpha},
 		L7FlowExporter:              {Default: false, PreRelease: featuregate.Alpha},
 		NodeLatencyMonitor:          {Default: false, PreRelease: featuregate.Alpha},