Date: July 26, 2023


  • Added Docs for Installation page using Helm
  • Added Docs for Cert Manager Integration
  • Added Docs for Presentation Links
  • Added Docs for configuring multiple TLS Certificates per Listener


  • Added Support for configuring Envoy Gateway Label and Annotations using Helm
  • Increased default Resource defaults for Envoy Gateway to 100m CPU and 256Mi Memory
  • Fixes Helm values for EnvoyGateway startup configuration
  • Added opt-in field to skip creating control plane TLS Certificates allowing users to bring their own certificates.


  • Upgraded to Gateway API v0.7.1
  • Added Support for EnvoyPatchPolicy
  • Added Support for EnvoyProxy Telemetry - Access Logging, Traces and Metrics
  • Added Support for configuring EnvoyProxy Pod Labels
  • Added Support for configuring EnvoyProxy Deployment Strategy Settings, Volumes and Volume Mounts
  • Added Support for configuring EnvoyProxy as a NodePort Type Service
  • Added Support for Distinct RateLimiting for IP Addresses
  • Added Support for converting JWT Claims to Headers, to be used for RateLimiting
  • Added Admin Server for Envoy Gateway
  • Added Pprof Debug Support for Envoy Gateway
  • Added Support to Watch for Resources in Select Namespaces

Breaking Changes

  • Renamed field in EnvoyGateway API from Extension to ExtensionManager

Ci tooling testing

  • Added Retest Github Action
  • Added CherryPick Github Action
  • Added E2E Step in Github CI Workflow
  • Added RateLimit E2E Tests
  • Added JWT Claim based RateLimit E2E Tests
  • Added Access Logging E2E tests
  • Added Metrics E2E tests
  • Added Tracing E2E tests


  • Enabled GatewayWithAttachedRoutes Test
  • Enabled HttpRouteRequestMirror Test
  • Skipped HTTPRouteRedirectPortAndScheme Test


Breaking Changes

  • Renamed IR resources from - to /
  • which also affects generated Xds Resources


  • Reconcile Node resources to be able to compute Status Addresses for Gateway
  • Discard Status before publishing Provider resources to reduce memory consumption


  • Fix Init Race in Xds Runner when starting Xds Server and receiving Xds Input
  • Switched to Xds SOTW Server for RateLimit Service Configuration
  • Added Control Plane TLS between EnvoyProxy and RateLimit Service
  • Enabled adding RateLimit Headers when RateLimit is set
  • Allowed GRPCRoute and HTTPRoute to be linked to the same HTTPS Listener
  • Set ALPN in the Xds Listener with TLS enabled.
  • Added Best Practices Default Edge Settings to Xds Resources
  • Compute and Publish EnvoyPatchPolicy status from xds-translator runner


  • Added egctl x translate Support to generate default missing Resources
  • Added egctl x translate Support for AuthenticationFilter and EnvoyPatchPolicy