The Feature-rich, Kubernetes-native, Next-Generation API Gateway Built on Envoy
APACHE-2.0 License
Bot releases are hidden (Show)
Published by Sodman over 4 years ago
Helm Changes
gatewayProxies.NAME.failover.enabled
: Configure this proxy for failover. Set to false by default.gatewayProxies.NAME.failover.port
: Port to use for failover Gateway bind port, and service. Default is 15443.gatewayProxies.NAME.failover.nodePort
: Optional NodePort for failover Service.gatewayProxies.NAME.failover.secretName
: Secret containing downstream Ssl Secrets. Set to failover-downstream
by default. (https://github.com/solo-io/gloo/issues/3338)gloo.deployment.restXdsPort
: the port port where gloo serves REST xDS API to Envoy. Set to 9976 by default. (https://github.com/solo-io/gloo/issues/3338)New Features
glooctl cluster list
- List clusters registered to the Gloo Federation control planeglooctl cluster register
- Register a cluster to the Gloo Federation control planeglooctl cluster unregister
- Unregister a cluster to the Gloo Federation control plane (https://github.com/solo-io/gloo/issues/3369)glooctl install federation
- install Gloo Federation on Kubernetesglooctl uninstall federation
- uninstall Gloo Federation (https://github.com/solo-io/gloo/issues/3369)Fixes
Notes
Marked as a pre-release as there are errors in the proto imports
Published by marcogschmidt over 4 years ago
New Features
RateLimitConfig
resources. The API allows users to apply policies by referencing a set of RateLimitConfig
resources on VirtualHosts
and Routes
. Each resource represents a rate limit policy that will be independently enforced on the routing resource that references it. Please see the docs for a detailed explanation of the new API. (https://github.com/solo-io/gloo/issues/3335)RateLimitConfig
resources. (https://github.com/solo-io/gloo/issues/2462)Fixes
Published by yuval-k over 4 years ago
Fixes
Published by kdorosh over 4 years ago
New Features
Fixes
Published by yuval-k over 4 years ago
Fixes
Published by kdorosh over 4 years ago
Fixes
Published by kdorosh over 4 years ago
Fixes
Published by EItanya over 4 years ago
New Features
Fixes
RouteTable
routes without matchers. Like with regular VirtualService
routes, these routes will be assigned the default /
prefix matcher. Consequently, the route is valid only if the parent route also has a \
prefix matcher (either explicitly defined, or by default). (https://github.com/solo-io/gloo/issues/3291)RouteTable
, not only on VirtualServices
that use the table. (https://github.com/solo-io/gloo/issues/3144)Published by kdorosh over 4 years ago
Dependency Bumps
Fixes
Published by kdorosh over 4 years ago
CVEs
Updated envoy-gloo to one based on envoy 1.14.3, which includes security fixes in envoy. For more details on the CVEs, see the envoy release notes here.
Note that one of the CVEs requires setting the global_downstream_max_connections
, which may affect traffic if you perform a rolling upgrade from a version vulnerable to the CVE. The max connections is configurable and defaults to 250,000.
Dependency Bumps
Fixes
Published by kdorosh over 4 years ago
CVEs
Updated envoy-gloo to one based on envoy master (1.15.0), which includes security fixes in envoy. For more details on the CVEs, see the envoy release notes here.
Note that one of the CVEs requires setting the global_downstream_max_connections
, which may affect traffic if you perform a rolling upgrade from a version vulnerable to the CVE. The max connections is configurable and defaults to 250,000.
Dependency Bumps
Fixes
Published by kdorosh over 4 years ago
CVEs
Updated envoy-gloo to one based on envoy master (1.15.0), which includes security fixes in envoy. For more details on the CVEs, see the envoy release notes here.
Note that one of the CVEs requires setting the global_downstream_max_connections
, which may affect traffic if you perform a rolling upgrade from a version vulnerable to the CVE. The max connections is configurable and defaults to 250,000.
Dependency Bumps
Fixes
Published by kdorosh over 4 years ago
Dependency Bumps
Published by GrahamGoudeau over 4 years ago
Dependency Bumps
Published by kdorosh over 4 years ago
Dependency Bumps
New Features
Fixes
UseHttp2
option to the list of checked fields. Part of this involved switching the UseHttp2 option on the Upstream to a wrappers.BoolValue
. This has no impact on the API itself, but only on the Go implementations. (https://github.com/solo-io/gloo/issues/3216)Published by kdorosh over 4 years ago
Fixes
UseHttp2
option to the list of checked fields. Part of this involved switching the UseHttp2 option on the Upstream to a wrappers.BoolValue
. This has no impact on the API itself, but only on the Go implementations. (https://github.com/solo-io/gloo/issues/3216)Published by kdorosh over 4 years ago
Helm Changes
ingressProxy.service.loadBalancerIP
. (https://github.com/solo-io/gloo/issues/3184)New Features
Fixes
Published by kdorosh over 4 years ago
Marked as a pre-release as some of the XDS code still returns v3 resources as v2 resources, which may, in rare cases, cause bugs. The envoy v3 API changes will be reverted in the next release, and completed in a future release.
Helm Changes
gatewayProxies.gatewayProxy.loopBackAddress
. That same Helm value is also now used to configure the address used for Envoy's readiness probes in a Kubernetes environment. In "ingress" installations of Gloo, Envoy's admin port address is configured using the Helm string value ingressProxy.loopBackAddress
. And in "knative" installations, it is configured using the Helm string value settings.integrations.knative.proxy.loopBackAddress
. (https://github.com/solo-io/gloo/issues/3114)Fixes
v1.4.0-beta15
as it does not have any meaningful effect on the underlying implementation. (https://github.com/solo-io/gloo/pull/3191)Published by kdorosh over 4 years ago
Fixes
allowWarnings
, default true
) in the API and in helm that was intended to be exposed. When set to false, the validation webhook will begin rejecting resources that cause warnings in addition to resources that would cause errors. For this to take effect, note that the validation setting alwaysAccept
must be set to false. (default true
) (https://github.com/solo-io/gloo/issues/3099)perConnectionBufferLimitBytes
as an optional configuration on an upstream connection. If unset, Envoy uses the default of 1MiB. (https://github.com/solo-io/gloo/issues/2861)Published by kdorosh over 4 years ago
Marked as pre-release due to mTLS mode regression (detailed in #3191) with v2 -> v3 envoy API migration. Will also remove an unnecessary component from the new Failover API added in this release.
New Features
Fixes
allowWarnings
, default true
) in the API and in helm that was intended to be exposed. When set to false, the validation webhook will begin rejecting resources that cause warnings in addition to resources that would cause errors. For this to take effect, note that the validation setting alwaysAccept
must be set to false. (default true
) (https://github.com/solo-io/gloo/issues/3099)