v1.0.0-rc.1
5 minute read
Date: Nov 1, 2023
Documentation
- Added User Guide for local rate limit
- Added User Guide for circuit breaker
- Added User Guide for fault injection
- Added User Guide for EnvoyProxy extraArgs
- Added User Guide for Timeouts in ClientTrafficPolicy
- Added User Guide for JWT claim base routing
- Added User Guide for HTTP Timeout
- Added User Guide for Retry in BackendTrafficPolicy
- Added User Guide for basic auth
- Added User Guide for OIDC
- Added User Guide for ClientTrafficPolicy
- Added User Guide for BackendTrafficPolicy
- Added
Typeandrequiredfor CRD API doc - Updated crd-ref-docs to 0.0.10
- Updated Envoy proxy image to envoy:distroless-dev in main
Installation
- Added Support for Pulling envoyGateway image from a private registry
- Added Support for Configuring resources for certgen job
- Added Support for Configuring affinity for EnvoyGateway pod
API
- Added Support for Downstream QUIC/HTTP3 in ClientTrafficPolicy CRD
- Added Support for Downstream MTLS in ClientTrafficPolicy CRD
- Added Support for enabling EnvoyHeaders in ClientTrafficPolicy CRD
- Added Support for DisableMergeSlash and escapedSlashesAction in ClientTrafficPolicy CRD
- Added Support for EnableTrailers in HTTP/1.1 in ClientTrafficPolicy CRD
- Added Support for Preserving header letter-case on HTTP/1 in ClientTrafficPolicy CRD
- Added Support for enabling HTTP/1.0 and HTTP/0.9 in ClientTrafficPolicy CRD
- Added Support for Client IP Detection using XFF in ClientTrafficPolicy CRD
- Added Support for Client IP Detection using Custom Header in ClientTrafficPolicy CRD
- Added Support for Connection Timeouts in ClientTrafficPolicy CRD
- Added Support for Common TLS configuration properties in ClientTrafficPolicy CRD
- Added Support for Proxy protocol in ClientTrafficPolicy CRD
- Added Support for TCPKeepAlive in ClientTrafficPolicy CRD
- Added Support for Local rate limit in BackendTrafficPolicy CRD
- Added Support for CircuitBreaker in BackendTrafficPolicy CRD
- Added Support for Fault injection in BackendTrafficPolicy CRD
- Added Support for Passive Health Checks in BackendTrafficPolicy CRD
- Added Support for Active Health Checks in BackendTrafficPolicy CRD
- Added Support for Connection Timeouts in BackendTrafficPolicy CRD
- Added Support for Compressor/Decompressor in BackendTrafficPolicy CRD
- Added Support for Retry in BackendTrafficPolicy CRD
- Added Support for Slow start mode in BackendTrafficPolicy CRD
- Added Support for Proxy protocol in BackendTrafficPolicy CRD
- Added Support for TCPKeepAlive in BackendTrafficPolicy CRD
- Added Support for OIDC in SecurityPolicy CRD
- Added Support for Basic Auth in SecurityPolicy CRD
- Added Support for RedirectURL and signoutPath to OIDC in SecurityPolicy CRD
- Added Support for ExtractFrom headers and params to JWT in SecurityPolicy CRD
- Added Support for External authorization in SecurityPolicy CRD
- Added Support for RecomputeRoute field to JWT in SecurityPolicy CRD
- Added Support for AllowCredentials knob to CORS setting in SecurityPolicy CRD
- Added Support for Extract from different identifier to JWT in SecurityPolicy CRD
- Added Support for Secret resource in EnvoyPatchPolicy CRD
- Added Support for Making the value optional for JSONPatchOperation in EnvoyPatchPolicy CRD
- Added Support for
Fromfield to JSONPatchOperation in EnvoyPatchPolicy CRD - Added Support for MergeGateways in EnvoyPatchPolicy CRD
- Added Support for Upstream TLS by implementing BackendTLSPolicy CRD
- Added Support for LabelSelector type for NamespaceSelectors in EnvoyGateway Configuration
- Added Support for ratelimit prometheus in EnvoyGateway Configuration
- Added Support for Gracefully drain listeners before envoy shutdown on pod termination in EnvoyProxy CRD
- Added Support for Configuring externalTrafficPolicy to the envoy service in EnvoyProxy CRD
- Added Support for Envoy extra args in EnvoyProxy CRD
- Added Support for Mergepatch to envoyproxy/ratelimit deployment in EnvoyProxy CRD
- Added Support for Mergepatch to envoyproxy service in EnvoyProxy CRD
- Added Support for NodeSelector to PodSpec in EnvoyProxy CRD
- Added Support for HorizontalPodAutoscaler in EnvoyProxy CRD
- Added Support for TopologySpreadConstraints to PodSpec in EnvoyProxy CRD
- Added Support for ImagePullSecrets to PodSpec in EnvoyProxy CRD
Breaking Changes
- Use wildcard to match AllowOrigins to CORS in SecurityPolicy CRD
Conformance
- Replaced backend image from gcr.io/k8s-staging-ingressconformance/echoserver to gcr.io/k8s-staging-gateway-api/echo-basic
Testing
- Added e2e test for header case-preserving
- Added LoadBalancerIP validation to prevent trailing period
- Added e2e test for Timeout in ClientTrafficPolicy
- Added e2e test for jwt claim base routing
- Added e2e test for OIDC
- Added e2e test for BackendTrafficPolicy Retry
Translator
- Fixed Prefix match to prevent mismatching routes with the same prefix
- Fixed Multiple reconciling by implementing comparable interface for ir.Infra
- Fixed EndpointSlice with empty conditions {}
- Fixed Error handling when parsing the http request timeout
- Fixed No status when EnvoyPatchPolicy is disabled
- Fixed Printable for xds and infra IRs
- Fixed Skip backendRefs with weight set to 0
- Fixed AND Header matches in ratelimiting not working
- Fixed Deletion logics when no gatewayclasses exist
- Fixed Match mergedGateways irKey for ClientTrafficPolicy
- Fixed Policies should apply only to gateways they were attached to when mergeGateways is true
- Fixed Listener status is not surfaced for gateways when MergeGateways enabled
- Fixed GRPCroute websocket not working by moving web socket upgrade config from hcm to route
- Fixed Configure idle timeout when timeout is set on HTTPRoute
- Fixed Relaxing HTTPS restriction for OIDC token endpoint
- Fixed Panic when translating routes with empty backends
- Fixed Xds translation should be done in a best-effort manner
- Added Support for validating regex before sending to Envoy
- Added Support for setting spec.addresses.value into ClusterIP when Service Type is ClusterIP
- Added Unsupported status condition for filters within BackendRef
- Added List instead of map for Provider Resources for order stability
- Added Suffix for oauth cookies to prevent multiple oauth filters from overwriting each other’s cookies
- Added Support for overriding condition to BackendTrafficPolicy and SecurityPolicy
- Added Support for default retry budget and retry host predicate
- Added Support for implementing gateway.spec.infrastructure
- Added Validation for CA Cert in ClientTrafficPolicy
Providers
- Added Support for multiple GatewayClass per controller
- Added SecurityPolicyIndexers in Kubernetes Provider
- Added Support for generating HMAC secret in CertGen Job
- Fixed Finalizer logic when deleting Gatewayclasses
- Fixed MergeGateways panics when restarting control plane
xDS
- Added Support for EDS cache
- Added Support for ADS cache to ensure the rule order
- Fixed Deprecated field error when using RequestHeaderModifier filter
- Fixed Envoy rejects XDS at runtime losing all routes on restart
- Fixed Requests not matching defined routes trigger per-route filters
- Bumped go-control-plane to v0.12.0
Cli
- Added Support for egctl x status
- Added Support for egctl experimental dashboard envoy-proxy
- Added Support for egctl config ratelimit
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.