Announcing Envoy Gateway v1.2

Envoy Gateway v1.2 release announcement.

We are thrilled to announce the arrival of Envoy Gateway v1.2.0.

This release represents a significant achievement, and we extend our heartfelt gratitude to the entire Envoy Gateway community for their contributions, dedication, and support. Your collaborative efforts have been instrumental in reaching this pivotal release.

Thank you for being an integral part of this journey. We are excited to see how Envoy Gateway v1.2.0 will empower your operations and look forward to continuing our work together to drive the future of Cloud Native API Gateway.

Release NotesDocsCompatibility MatrixInstall

What’s New

The release adds a ton of features and functionality. Here are some highlights:


🚨 Breaking Changes

  • Gateway API Updates: Removed support for the v1alpha2 versions for GRPCRoute and ReferenceGrant. See the Gateway API v1.2.0 documentation for details.
  • CPU Limits: Removed default CPU limit for Envoy Gateway deployment to avoid throttling.
  • Envoy Shutdown Settings: Drain strategy set to immediate, with default values as follows:
    • minDrainDuration: 10s
    • drainTimeout: 60s
    • terminationGracePeriodSeconds: 360s
  • Endpoint Health On Host Removal: Enabled ignore_health_on_host_removal for clusters with static endpoints to allow faster removal of endpoints that have been deleted by the control plane, without waiting for the results of an active health check.
  • Logging Level Adjustment: Set xDS and Infra IR logs to Debug level instead of Info, so they will no longer appear in Envoy Gateway logs by default. You can change the logging level to debug to view them.

✨ New Features

API & Traffic Management Enhancements

  • Gateway-API v1.2.0 Support: Fully compatible with the latest Gateway-API standards.
  • IPv4/IPv6 Dual Stack: Now available for EnvoyProxy fleet and BackendRef resources.
  • Standalone Mode: Experimental support for Envoy Gateway standalone (host deployment) mode.
  • Response Override: Added support for Response Override and RequestTimeout in BackendTrafficPolicy.
  • Active Passive Failover: Supported with the new fallback field in the Backend API.
  • Session Persistence in HTTPRoute: Session persistence is supported in HTTPRoute rules for stateful traffic management.
  • HTTPRouteFilter: Adds support for Direct Response and Path Regex Rewrites in HTTPRouteFilter

Security Enhancements

  • JWT Claims-Based Authorization: Advanced security control with claims-based policies in SecurityPolicy.
  • CORS Wildcard Matching: Wildcard matching for AllowMethods and AllowHeaders settings.
  • OIDC Flow Support: Added nonce support for OIDC authorization.

Observability & Tracing

  • Datadog Tracing Integration: Improved support for Datadog tracing in EnvoyProxy CRD.
  • Listener Access Logs: Adds support for configuring Listener level Access Logs for EnvoyProxy.
  • Native Prometheus Metrics: Introduced a Prometheus metrics endpoint for rate limit monitoring.

Helm Customization

  • SecurityContext Options: Customizable security context for improved deployment.
  • NodeSelector and PriorityClassName: Added for more granular deployment configuration.

🐞 Bug Fixes

  • Fixed xDS translation failure when the WASM HTTP code source was configured without an SHA.
  • Resolved unsupported listener protocol types causing errors in Gateway status updates.
  • Fixed BackendTLSPolicy causing crashes due to invalid sectionName in Backend configurations.
  • Fixed propagation delays in SecurityPolicy updates for HTTPRoute when using targetSelectors.
  • Improved JSONPath to JSONPatch translation accuracy.
  • Fixed unwanted / appearing in paths when using prefix rewrites.
  • Corrected nil pointer errors when configuring hash load balancing.
  • Fixed active health check issues where expectedStatuses was not functioning properly.
  • Ensured correct status updates for Backend resources and HTTPRoute.

🚀 Performance Improvements

  • Memory Optimization: Enhanced memory usage by eliminating redundant resource storage.

⚙️ Other Notable Changes

  • Envoy Upgrade: Now using Envoy v1.32.1 for added stability and performance.
  • Optional Alpha CRD Watching: Allows Envoy Gateway to run with older Gateway API versions.

Last modified December 6, 2024: feat: add body to ext auth (#4671) (ac86045)