v1.2.0-rc.1
5 minute read
Date: October 25, 2024
Breaking changes
- Gateway API GRPCRoute and ReferenceGrant v1alpha2 have been removed.
- Please refer to the Gateway API v1.2.0 documentation for more information.
- Removed default CPU limit of the Envoy Gateway deployment
- Changed default Envoy shutdown settings: drain strategy has been changed to immediate, default minDrainDuration, drainTimeout and terminationGracePeriodSeconds have been set to 10s, 60s and 360s respectively
New features
- Added support for Gateway-API v1.2.0
- Added support for IPv4/IPv6 Dual Stack for Envoy listeners and BackendRef resources
- Added support for EG standalone(host deployment) mode (experimental)
- Added support for JWT claims based Authorization in SecurityPolicy CRD
- Added support for Direct Response in HTTPRouteFilter CRD
- Added support for Response Override in BackendTrafficPolicy CRD
- Added support for RequestTimeout in BackendTrafficPolicy CRD
- Added support for inverting header matches for rate limit in BackendTrafficPolicy CRD
- Added support for client TLS session resumption in ClientTrafficPolicy CRD
- Added support for HTTPRouteFilter and path regex rewrite
- Added support for host header rewrite in HTTPRouteFilter CRD
- Added support for Listener Access Log in EnvoyProxy CRD
- Added support for Datadog tracing support in EnvoyProxy CRD
- Added support for request response sizes stats in EnvoyProxy CRD
- Added support for wildcard matching for CORS AllowMethods and AllowHeaders settings in SecurityPolicy CRD
- Added support for match conditions for access log in EnvoyProxy CRD
- Added support for using BackendCluster to represent OIDCProvider
- Added support for RecomputeRoute for ExtAuth in SecurityPolicy CRD
- Added support for sharing token cookies between multiple domains in SecurityPolicy CRD
- Added support for JSONPatches for proxy bootstrap modifications in EnvoyProxy CRD
- Added support for LB priority for non xRoute endpoints
- Added support for configuring the GRPC Health Checker in the BackendTrafficPolicy CRD
- Added support for early request header mutation in the ClientTrafficPolicy CRD
- Added support for JsonPath in the EnvoyPatchPolicy CRD
- Added support for cluster settings for tracing and access log backends in EnvoyProxy CRD
- Added support for cluster settings for non xRoute-generated backend refs
- Added support for socket buffer limit field in ClientTrafficPolicy and BackendTrafficPolicy CRD
- Added support for http2 upstream settings in BackendTrafficPolicy CRD
- Added support for DNS resolution settings in BackendTrafficPolicy CRD
- Added support for configuring service annotations in the Envoy Gateway helm chart
- Added support for configuring priorityClassName to Envoy Gateway helm chart
- Added support for ratelimit metrics monitoring in grafana in the addons helm chart
- Added support for default user group and user id for the SecurityContexts in the Envoy Gateway helm chart
- Added support for maxUnavailable in the PodDisruptionBudget in the Envoy Gateway helm chart
- Added support for configuring NodeSelector in the Envoy Gateway helm chart
- Added support for nonce in the OIDC auth flow
- Added support for choosing an HTTPRoute’s non-wildcard hostname as the default Host
- Added support for returning 500 when EnvoyExtensionTrafficPolicy translation fails
- Added support for returning 500 when SecurityPolicy translation fails
- Added support for multiple backendRefs for ExtAuth and ExtProc
- Added support for session persistence in HTTPRoute rules
- Added support for the Backend resource for ExtAuth
- Added support for target selectors on Envoy Gateway Extension Server policies
- Added support for non-Kubernetes Backends for TLSRoute
- Added support for fallback to the Backend API
- Added support for reloadable EnvoyGateway configuration
- Added support for adding Labels to the Envoy Service
- Added support for custom name for ratelimit deployment
- Added default SecurityContext for EG components
- Added startupProbe to all provisioned containers
- Added support for local validations for egctl translate and file provider
- Added support for egctl x collect to collect information from the cluster for debugging
- Added support for a native prometheus metrics endpoint in the ratelimit server
Bug fixes
- Fixed unsupported listener protocol type causing an error while updating Gateway Status
- Fixed some status updates were being discarded by the status updater
- Fixed Gateway crash adding BackendTLSPolicy to External Backend of an HTTPRoute
- Fixed Delay in SecurityPolicy change propagation for HTTPRoute when using targetSelectors
- Fixed JSONPath not correctly translated to JSONPatch paths
- Fixed allow empty slowStart when using LeastRequest
- Fixed Backends which should be rejected are still used as an HTTPRoute’s destination
- Fixed losing timeout settings that originate from the route when translating the backend traffic policy
- Fixed Backend resources don’t get status updates
- Fixed Active Health check requires expectedStatuses field to work
- Fixed HTTPHeaderFilter processing doesn’t correctly support multiple header values
- Fixed multiple reference grants in same namespace
- Fixed upstream get unwanted /.
- Fixed creation of SecurityPolicy with targetSelectors fails
- Fixed wrong gateway is chosen as HTTPRoute parent
- Fixed override issue for EEP
- Fixed nil pointer err translating hash load balancing
- Fixed ratelimit does not work across multiple GatewayClasses
- Fixed upstream mTLS only works for HTTPS listeners
- Fixed nil pointer if backedtls.minVersion is set but backedtls.maxVersion is not
- Fixed empty connection limit causes XDS rejection
- Fixed ratelimit not working with both headers and cidr matches
- Fixed EDS didn’t update when deployments was created after services
- Fixed RBAC issue for deleting infrastructure resources
- Fixed customized infrastructure resources not being deleted
- Fixed Gateways never become ready/programmed when running Envoy as a Daemonset
- Fixed Ratelimit Deployment ignoring pod labels and annotation merge
- Fixed the API Server receives unnecessary requests
- Fixed terminating envoy pods don’t respond with “Connection: close” (H1) or GOAWAY(H2) on shutdown, switch to an immediate drain strategy
- Fixed ratelimit statsd not working
- Fixed not generating selector of deployment/daemonset based on the custom label configuration of EnvoyProxy
- Fixed egctl experimental translate using a wrong ns
Performance improvements
- Fixed repeated resources and optimize memory usage
Other changes
- Removed grafana test framework from the addons helm chart
- Disabled ALPN for non-HTTP routes
- Added statPrefix for HCM and TCPProxy
- Enabled GatewayHTTPListenerIsolation conformance test
- Enabled GRPC conformance profile
- Enabled HTTPRouteBackendRequestHeaderModifier conformance test
- Added e2e test for Daemonset mode
- Updated upgrades tests to use VERSION env variable
- Fixed OVS scanner wrong license warnings
- Added e2e test for TLS session resumption
- Added heap profile into benchmark report
- Added e2e test for RecomputeRoute in ExtAuth
- Added benchmark memory profiles into report
- Fixed flaky gateway_with_conflicted_listener_cannot_be_merged e2e test
- Fixed flaky Zipkin Tracing e2e test
- Added e2e test for cookie based consistent hash load balancing
- Added e2e test for load balancing
- Fixed flaky authorization tests
- Enabled upgrade test
- Fixed flaky basic auth e2e test
- Enabled use-client-protocol e2e test
- Added performance benchmarking test for 1000 HTTPRoutes
- Added e2e test for Datadog tracing
- Added e2e tests for ratelimit invert matching headers
- Reduced readinessProbe failureThreshold and periodSeconds
- Bumped go-control-plane to v0.13.1
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.