Releases: solo-io/gloo
Releases · solo-io/gloo
v1.18.0-rc3
Fixes
- There's a bug in how cycles are detected when evaluating a
delegation chain, because of which a multi-level delegation
tree with the same child route being referenced by multiple
parent HTTP routes is broken. This change fixes the detection
of cycles during the evaluation of the delegation chain. (k8sgateway#10379) - Refactors TCPRoute e2e tests to run in parallel, reduce flakes, and parameterize tests for reusability. (#10414)
- Changes endpointslice logging level to debug for transformK8sEndpoints() function. (solo-io/solo-projects#7286)
- Fix the validation of large configurations when using envoy validation. This was rarely seen in practice but occurred more often with the new fullEnvoyConfig validation. Previously if the configuration grew too large translation would be blocked. (solo-io/solo-projects#7089)
v1.18.0-rc2
Dependency Bumps
- solo-io/solo-kit has been upgraded to v0.36.3.
Breaking Changes
- Upstreams and UpstreamGroups no longer get Accepted status by default. If they have not gone through translation they will have an empty status field. (#10401)
Fixes
- Bump the timeout for the nightly e2e tests (#10380)
- Adds support for setting TCPRoute status and managing status conditions. (k8sgateway#10365)
v1.18.0-rc1
Dependency Bumps
- solo-io/solo-kit has been upgraded to v0.36.2.
Helm Changes
- Adds the following new fields that configure the Kubernetes Gloo Gateway pod :
kubeGateway.gatewayParameters.glooGateway.podTemplate.terminationGracePeriodSeconds
to specify the terminationGracePeriodSeconds.kubeGateway.gatewayParameters.glooGateway.podTemplate.gracefulShutdown
to configure the graceful shutdown config for the envoy container.kubeGateway.gatewayParameters.glooGateway.podTemplate.customLivenessProbe
to specify a custom liveness probe for the envoy container. No default liveness probe is setkubeGateway.gatewayParameters.glooGateway.podTemplate.customReadinessProbe
to specify a custom readiness probe for the envoy container.kubeGateway.gatewayParameters.glooGateway.podTemplate.probes
to enable the readiness probe. If the customReadinessProbe is not specified, a default readiness probe is set. No default liveness probe is set. (solo-io/solo-projects#7084)
New Features
- Adds a common category to all Gloo Gateway CRDs.
kubectl get gloo-gateway -A
can now be used to list all GG CRs on your cluster. Also adds the "solo-io" category to GG enterprise CRDs. (solo-io/solo-projects#6605) - Adds the ability for users to enable as well as add custom readiness and liveness probes to the Kubernetes Gloo Gateway. (solo-io/solo-projects#7084)
- Add API for configuring authentication for APIs managed by Gloo Portal. (solo-io/solo-projects#7170)
Fixes
- Bump the kubectl image from 1.29.6 to to 1.31.1 to address CVE-2023-45288. (solo-io/gloo-mesh-enterprise#19119)
- The GraphQL feature of Gloo Gateway is deprecated and will be removed in a future release (solo-io/solo-projects#7159)
- Remove docs for external APIs (solo-io/solo-projects#6768)
v1.18.0-beta34
Dependency Bumps
- golang/go has been upgraded to v1.23.3.
- solo-io/envoy-gloo has been upgraded to 1.31.2-patch3.
- solo-io/k8s-utils has been upgraded to v0.8.1.
New Features
- Add
glooctl proxy snapshot
command, which can be pointed at a Gloo Gateway instance and will produce a zip archive containing all Envoy state, for the purposes of simplified issue reporting and triage. (solo-io/solo-projects#7131) - Add
listenerTcpStats: true|false
to the ListenerOptions API. Iftrue
will enable Envoy TCP stats collection for all listeners. This can be useful for L4 debugging. (solo-io/solo-projects#7176) - Added support for early header manipulation on Gateways. This feature allows headers to be manipulated before significant processing and routing decisions. It affords the ability to add or remove headers that affect request processing and can be used to implement override headers. This can be configured by setting the
gateway.spec.httpGateway.options.httpConnectionManagerSettings.earlyHeaderMutation
field. The headersToAdd field will add key-value pair headers to the request if not already present or overwrite them unless append is set to true. The headersToRemove field removes the specified headers and is processed after the headers have been added. (#9604) - Support exportTo for Istio's DestinationRule. (solo-io/solo-projects#7101)
- Enable modifying the span name for tracing purposes using InjaTemplates in the transformation filter. More information on OpenTelemetry span names can be found here: https://opentelemetry.io/docs/specs/semconv/http/http-spans/ (#9848)
- Split the validating webhook to allow different failure policies for gloo/non-gloo resources. The split out webhook for kubernetes resources shares all configuration with the existing webhook except for the failure policy, which can be set with
gateway.validation.kubeCoreFailurePolicy
(#10247)
Fixes
- Fix issue where Gloo Gateway did not respect the cluster domain for the xds host address. (#10268)
- Adds basic support for Gateway API TCPRoute. (#10073)
- Makes the Gateway API TCPRoute controller optional. (#10304)
- Removes the endpoints resource from Helm RBAC manifest when kubeGateway is enabled. (#10323)
- Updates the gateway2 project to use EndpointSlice instead of Endpoints for creating upstream endpoints. (solo-io/solo-projects#6910)
v1.17.16
Dependency Bumps
- solo-io/envoy-gloo has been upgraded to 1.30.6-patch5.
- solo-io/envoy-gloo has been upgraded to v1.30.6-patch3.
Helm Changes
- Expose new Helm values
kubeGateway.gatewayParameters.glooGateway.service.extraLabels
andkubeGateway.gatewayParameters.glooGateway.service.extraAnnotations
to set extra labels and extra annotations on the default GatewayParameters. (solo-io/solo-projects#7090)
Fixes
- Added support for early header manipulation on Gateways. This feature allows headers to be manipulated before significant processing and routing decisions. It affords the ability to add or remove headers that affect request processing and can be used to implement override headers. This can be configured by setting the
gateway.spec.httpGateway.options.httpConnectionManagerSettings.earlyHeaderMutation
field. The headersToAdd field will add key-value pair headers to the request if not already present or overwrite them unless append is set to true. The headersToRemove field removes the specified headers and is processed after the headers have been added. (#9604) - Fix
glooctl check
so that it only checks Proxies in the write namespace (where all proxies are written), instead of checking in each of the watch namespaces. (#9935) - When using the Kubernetes Gateway API, the provisioned ServiceAccount's labels and annotations are now configurable via the GatewayParameters fields
spec.kube.serviceAccount.extraLabels
andspec.kube.serviceAccount.extraAnnotations
. These values can also be set on the default GatewayParameters during install/upgrade using the Helm valueskubeGateway.gatewayParameters.glooGateway.serviceAccount.extraLabels
andkubeGateway.gatewayParameters.glooGateway.serviceAccount.extraAnnotations
. (solo-io/solo-projects#6846) - Enable modifying the span name for tracing purposes using InjaTemplates in the transformation filter. More information on OpenTelemetry span names can be found here: https://opentelemetry.io/docs/specs/semconv/http/http-spans/ (#9848)
- Add metrics for translatation timing and time for taken to sync served xDS entries.
skipCI-kube-tests skipCI-docs-build (#10278)
v1.18.0-beta33
New Features
- Support port level settings for lb and outlier detection in Istio's DestinationRule. (solo-io/solo-projects#7101)
v1.18.0-beta32
New Features
- Adds new Portal enablement helm value to simplify enabling the Developer Portal in Gloo Gateway. (
gloo.kubeGateway.portal.enabled
) (solo-io/solo-projects#6470) - Initial support for Istio's DestinationRule resource for purposes of failover. (#10251)
v1.18.0-beta31
Helm Changes
- Expose new Helm values
kubeGateway.gatewayParameters.glooGateway.service.extraLabels
andkubeGateway.gatewayParameters.glooGateway.service.extraAnnotations
to set extra labels and extra annotations on the default GatewayParameters. (solo-io/solo-projects#7090)
New Features
- Add an API to allow configuring
CHAT_STREAMING
to support Gemini streaming API. (hhttps://github.com/solo-io/solo-projects/issues/7030) - Add API to enable passthrough auth strategy for AI services. This allows users to pass through the token to the AI service, rather than requiring them to supply a seprate token for the AI service. This can be useful if Identity federation has already been done for the backend in question (solo-io/solo-projects#7115)
- Add API to add moderation as a possible Prompt Guard step. This allows users to add run the user prompt through a moderation service before sending it to the backend LLM. (solo-io/solo-projects#7070)
- The existing Helm values
settings.aws.enableServiceAccountCredentials
andsettings.aws.stsCredentialsRegion
are now respected when using Kubernetes Gateway API, as part of supporting AWS Lambda with EKS ServiceAccounts. Whensettings.aws.enableServiceAccountCredentials
is true, aaws_sts_cluster
cluster, configured with the STS endpoint specified bysettings.aws.stsCredentialsRegion
, will automatically be added to dynamically provisioned proxies, so that Envoy can reach AWS to assume the role needed to access Lambdas. (solo-io/solo-projects#6847)
Fixes
- Fix
glooctl check
so that it only checks Proxies in the write namespace (where all proxies are written), instead of checking in each of the watch namespaces. (#9935)
v1.18.0-beta30
New Features
- Expose
close_connections_on_host_set_change
onLoadBalancerConfig
. Setting this value configures the Envoy LB policy to drain connections when the upstream host set changes. This is useful when using Ring Hash or Maglev load balancing policies and helps ensure rebalancing when recovering from disruptions. Connections are not immediately closed and are allowed to drain. This feature is disabled by default. (#9505) (#9505)
Fixes
- Fixes a bug where gloo segfaults if resources are applied to a unwatched namespace. (solo-io/solo-projects#7082)
v1.17.15
Dependency Bumps
- solo-io/envoy-gloo-ee has been upgraded to v1.30.6-patch2.
Fixes
- Fixes a bug where gloo segfaults if resources are applied to a unwatched namespace. (solo-io/solo-projects#7082)