The Feature-rich, Kubernetes-native, Next-Generation API Gateway Built on Envoy
APACHE-2.0 License
Bot releases are hidden (Show)
Published by marcogschmidt almost 5 years ago
New Features
%REQ(header-name)%
format specifier. See here for more information. (https://github.com/solo-io/gloo/issues/1912)Fixes
Published by rickducott almost 5 years ago
Fixes
Published by EItanya almost 5 years ago
New Features
Published by yuval-k almost 5 years ago
Dependency Bumps
Fixes
""
(empty string) as having a domain of "*"
. This then had the potential to conflict with virtual services that legitimately have a domain of "*"
. Now we report an error from virtual service validation when a domain is the empty string. (https://github.com/solo-io/gloo/issues/1885)Published by rickducott almost 5 years ago
Fixes
Published by rickducott almost 5 years ago
Fixes
v1.2.0
release updated the Gloo chart to be compatible with Helm 3. This included moving the CRDs to the new dedicated /crd
directory inside the chart. Helm 2 is not aware of this directory and hence will never render the CRDs. This fix adds back a CRD template file in the templates
directory to make the chart backwards-compatible with Helm 2. (https://github.com/solo-io/gloo/issues/1835)ttlSecondsAfterFinished
attribute on the certgen
job via the gateway.certGenJob.ttlSecondsAfterFinished
Helm value. Since this attribute was introduced with kubernetes 1.12, we here introduce a check in the Helm template to not render it if the version of kubernetes is less than 1.12. (https://github.com/solo-io/gloo/issues/1853)Published by rickducott almost 5 years ago
This release was canceled.
Fixes
Published by marcogschmidt almost 5 years ago
Fixes
1.2.0
release; this change adds it back. (https://github.com/solo-io/gloo/issues/1838)Published by kdorosh almost 5 years ago
Dependency Bumps
Helm Changes
gatewayProxies.NAME.kind.deployment.antiAffinity
Helm value out into gatewayProxies.NAME.antiAffinity
, since it can be applied to both DaemonSets and Deployments. (https://github.com/solo-io/gloo/issues/1775)hook-delete-policy
to clean up the validation webhook certificate generation job after it has successfully completed. (https://github.com/solo-io/gloo/issues/1732)New Features
glooctl
to make it compatible with the new Helm 3 chart format. glooctl
now uses the new Helm 3 libraries and delegates the install
and uninstall
operations to the corresponding Helm functions to provide consistent behavior across different installation flows; for example, it is now possible to install Gloo using glooctl
and uninstall it using Helm, or vice-versa (https://github.com/solo-io/gloo/issues/1732)installConfig.installationId
Helm value to track the resources that belong to a Gloo installation. Helm keeps track of resources by storing release information in a Kubernetes Secret in the namespace Gloo was installed in (this is the default with Helm 3 and can be changed via the HELM_DRIVER
environment variable). glooctl install
and glooctl uninstall
now take the same approach (under the hood the two commands now delegate to their counterparts in the Helm 3 libraries). (https://github.com/solo-io/gloo/issues/1635)ingress
or knative
mode by using value overrides. The Gloo Helm chart now packages a single values file instead of creating variants for ingress
and knative
. The values specific to those two installation modes have been merged into the default values.yaml
, where they will be ignored when those two features are disabled (which is the default). To produce the manifests specific to the ingress
and knative
installations, users can now just disable the gateway and enable the desired component via Helm value overrides. (https://github.com/solo-io/gloo/issues/1732)virtual_service_namespaces
configuration to the HttpGateway
, which allows HttpGateway
s to reference VirtualService
s outside of their own namespace using the label selector. The default behavior, which remains unchanged, is to restrict gateways to referencing virtual services in their own namespace. (https://github.com/solo-io/gloo/issues/1695)Fixes
Published by marcogschmidt almost 5 years ago
Helm Changes
extraEnvoyArgs
to .Values.gatewayProxies.gatewayProxy so users can add additional envoy command line arguments (e.g. --component-log-level "upstream:trace,misc:error", to set log levels for individual envoy components). See the full list of Envoy command line args here - https://www.envoyproxy.io/docs/envoy/latest/operations/cli (https://github.com/solo-io/gloo/issues/1737)New Features
.Values.gatewayProxies.gatewayProxy.extraEnvoyArgs
so users can add additional envoy command line arguments (e.g. --set component-log-level="...", to set log levels for individual envoy components). See the full list of Envoy command line args here - https://www.envoyproxy.io/docs/envoy/latest/operations/cli (https://github.com/solo-io/gloo/issues/1737)glooctl install gateway --dry-run --values file1.yaml,file2.yaml --values file3.yaml
). (https://github.com/solo-io/gloo/issues/1731)Published by marcogschmidt almost 5 years ago
New Features
Published by marcogschmidt almost 5 years ago
Helm Changes
enabled
to .Values.gateway.validation
and .Values.gateway.certGenJob
so users can disable the features without setting the root resource to nil. (https://github.com/solo-io/gloo/issues/1561)settings.linkerd
chart value (https://github.com/solo-io/gloo/issues/1651)New Features
Published by kdorosh almost 5 years ago
Breaking Changes
Gateway
in favor of v2 Gateway
; rename v2 gateway resources to v1. (https://github.com/solo-io/gloo/issues/1171)CorsPolicy
from Gateway and Gloo VirtualHost
, prefer setting CorsPolicy
on VirtualHostPlugins
.name
from gateway VirtualHost
, was previously ignored.bind_addr
and circuit_breakers
from Settings
, prefer gloo.xdsBindAddr
and gloo.circuitBreakers
on same message. (https://github.com/solo-io/gloo/issues/1171)plugins
to options
in Gloo's API. This prevents confusion as Gloo "plugins" is really an implementation detail for devs, and Gloo does not currently support dynamically-loaded plugins (aside from ExtAuth plugins).Proto messages have been updated as such:
VirtualHostPlugins
-> VirtualHostOptions
RoutePlugins
-> RouteOptions
WeightedDestinationPlugins
-> WeightedDestinationOptions
ListenerPlugins
-> ListenerOptions
HttpListenerPlugins
-> HttpListenerOptions
TcpListenerPlugins
-> TcpListenerOptions
When referenced in yaml, each property is referenced as options
under the appropriate containing resource. (https://github.com/solo-io/gloo/issues/1171)
extensions
block, the same configuration lives at the top level in the api_key
and oauth
blocks. (https://github.com/solo-io/gloo/issues/1171)upstreamSpec
field, bringing all the fields contained in upstreamSpec
up one level to the top-level Upstream. (https://github.com/solo-io/gloo/issues/1171)Helm Changes
enabled
to .Values.gateway.validation
and .Values.gateway.certGenJob
so users can disable the features without setting the root resource to nil. (https://github.com/solo-io/gloo/issues/1561)gateway.readGatewaysFromAllNamespaces
. This new field defaults to false to preserve the old Gateway controller behavior, which is to read Gateway CRDs only from the namespace in which the controller is running. When the field is set to true
, it will read Gateway CRDs from any of the watch namespaces. (https://github.com/solo-io/gloo/issues/1489)New Features
gateway.readGatewaysFromAllNamespaces
. The value of this field can be configured at install time by setting the new Helm field gateway.readGatewaysFromAllNamespaces
to your desired value; it defaults to false to preserve the old behavior. (https://github.com/solo-io/gloo/issues/1489)Extension
s (as configured on Gloo resources such as Listener
s, VirtualHost
s, Route
s, etc.) and update documentation to explain its new purpose.Extensions are now used for:
Fixes
Published by GrahamGoudeau almost 5 years ago
Helm Changes
New Features
Fixes
Published by GrahamGoudeau almost 5 years ago
Dependency Bumps
Breaking Changes
Helm Changes
New Features
forward_client_cert_details
and set_current_client_cert_details
HTTP connection manager options (https://github.com/solo-io/gloo/issues/1577)Fixes
Published by kdorosh almost 5 years ago
Dependency Bumps
Breaking Changes
weighed_destination_plugins
on WeightedDestination
s, prefer weighted_destination_plugins
gateway_proxy_name
on Gateway
, prefer proxy_names
role_arns
on UpstreamSpec
, prefer role_arn
VhostExtension
and RouteExtension
, among other minor removals. Prefer configuring Gloo Enterprise ExtAuth using AuthConfig
Custom Resources, and configure Virtual Services via ExtAuthExtension
to either reference these AuthConfig
s or reference your own custom auth implementation using CustomAuth
. (https://github.com/solo-io/gloo/issues/1171)Helm Changes
New Features
forward_client_cert_details
and set_current_client_cert_details
HTTP connection manager options (https://github.com/solo-io/gloo/issues/1577)Extractor
s which target the request/response body and use the resulting data in templates. You can decide whether to parse the body as JSON or as raw text; in the latter case extraction happens via regular expressions, in the former you will also be able to use all the templating capabilities. These have been augmented with three new template functions: body()
will return the whole request body, context()
will return the base JSON context (allowing for example to range
on a JSON body that is an array), and env(NAME)
will return the value of an environment variable with the given name. Finally, it is now possible to set Dynamic Metadata using all the available extraction and templating features. You can now use this metadata to include any request/response property you like in the access logs (see the DYNAMIC_METADATA
command operator here). (https://github.com/solo-io/gloo/issues/1546)glooctl
commands to create and get AuthConfig
s, and update glooctl create vs
command to allow providing AuthConfig
refs to configure extauth. (https://github.com/solo-io/gloo/issues/1171)Fixes
Published by GrahamGoudeau almost 5 years ago
Fixes
glooctl get vs
. (https://github.com/solo-io/gloo/issues/1563)rate_limit_before_auth
setting in its deprecated location. We currently correctly handle the flag in its new location (spec.ratelimit_server.rate_limit_before_auth
). (https://github.com/solo-io/gloo/issues/1572) but ignore it in the deprecated one (spec.extensions.configs.rate-limit.rate_limit_before_auth
)Published by marcogschmidt almost 5 years ago
Dependency Bumps
New Features
Extractor
s which target the request/response body and use the resulting data in templates. You can decide whether to parse the body as JSON or as raw text; in the latter case extraction happens via regular expressions, in the former you will also be able to use all the templating capabilities. These have been augmented with three new template functions: body()
will return the whole request body, context()
will return the base JSON context (allowing for example to range
on a JSON body that is an array), and env(NAME)
will return the value of an environment variable with the given name. Finally, it is now possible to set Dynamic Metadata using all the available extraction and templating features. You can now use this metadata to include any request/response property you like in the access logs (see the DYNAMIC_METADATA
command operator here). (https://github.com/solo-io/gloo/issues/1546)Published by marcogschmidt almost 5 years ago
New Features
Published by mitchdraft about 5 years ago
Dependency Bumps
New Features