Releases: datawire/edge-stack
Ambassador Edge Stack 2.2.1
🎉 Ambassador Edge Stack 2.2.1 🎉
Ambassador Edge Stack is a Kubernetes-native microservices API gateway built on the Envoy Proxy.
Upgrade Edge Stack - https://www.getambassador.io/reference/upgrading.html
View changelog - https://github.com/datawire/edge-stack/blob/master/CHANGELOG.md
Get started with Edge Stack on Kubernetes - https://www.getambassador.io/user-guide/getting-started
Ambassador Edge Stack
-
Security: Upgraded Envoy to address security vulnerabilities CVE-2021-43824, CVE-2021-43825, CVE-2021-43826,
CVE-2022-21654, and CVE-2022-21655. -
Bugfix: The Ambassador Agent now correctly supports requests to cancel a rollout.
Ambassador Edge Stack Chart 7.3.1
🎉 Ambassador Edge Stack Chart 7.3.1 🎉
Upgrade Edge Stack - https://www.getambassador.io/reference/upgrading#helm.html
View changelog - https://github.com/emissary-ingress/edge-stack/blob/chart/v7.3.1/charts/edge-stack/CHANGELOG.md
- Update Edge Stack chart image to version v2.2.1: CHANGELOG
Ambassador Edge Stack 2.1.2
🎉 Ambassador Edge Stack 2.1.2 🎉
Ambassador Edge Stack is a Kubernetes-native microservices API gateway built on the Envoy Proxy.
Upgrade Edge Stack - https://www.getambassador.io/reference/upgrading.html
View changelog - https://github.com/datawire/edge-stack/blob/master/CHANGELOG.md
Get started with Edge Stack on Kubernetes - https://www.getambassador.io/user-guide/getting-started
Ambassador Edge Stack
-
Bugfix: In Ambassador Edge Stack 2.1.0 and 2.1.1, an OAuth2 Filter with
clientAuthentication.method=jwtAssertion
would not function correctly as it would fail to select
the signing-method-appropriate function to parse the private key. -
Bugfix: In Ambassador Edge Stack 2.1.0 and 2.1.1, an
ifRequestHeader
selector (in a FilterPolicy, OAuth2
FilteruseSessionCookies
, or OAuth2 FilterinsteadOfRedirect
) without avalue
or
valueRegex
would erroneously behave as ifvalueRegex='^$'
, rather than performing a simple
presence check. -
Bugfix: Ambassador Edge Stack 2.1.1 generated invalid Envoy configuration for
getambassador.io/v2
Mappings
that setspec.cors.origins
to a string rather than a list of strings; this has been
fixed, and theseMappings
should once again function correctly. -
Bugfix: Changes to the
weight
ofMapping
in a canary group will now always be correctly managed during
reconfiguration; such changes could have been missed in earlier releases. -
Bugfix: A
Mapping
that is not part of a canary group, but that has aweight
less than 100, will be
correctly configured to receive all traffic as if theweight
were 100. -
Bugfix: Using
rewrite: ""
in aMapping
is correctly handled to mean "do not rewrite the path at all". -
Bugfix:
Mapping
s with DNS wildcardhostname
will now be correctly matched withHost
s. Previously,
the case where both theHost
and theMapping
use DNS wildcards for their hostnames could
sometimes not correctly match when they should have. -
Bugfix: Any
Mapping
that uses thehost_redirect
field is now properly discovered and used. Thanks to
Gabriel Féron for contributing this bugfix! (3709) -
Bugfix: If the
ambassador
Module
sets a global default foradd_request_headers
,
add_response_headers
,remove_request_headers
, orremove_response_headers
, it is often
desirable to be able to turn off that setting locally for a specificMapping
. For several
releases this has not been possible forMappings
that are native Kubernetes resources (as
opposed to annotations), as an empty value ("mask the global default") was erroneously considered
to be equivalent to unset ("inherit the global default"). This is now fixed. -
Bugfix: It is now possible to set a
Mapping
spec.error_response_overrides
body.text_format
to an
empty string orbody.json_format
to an empty dict. Previously, this was possible for
annotations but not for native Kubernetes resources. -
Bugfix: Resources that exist as
getambassador.io/config
annotations rather than as native Kubernetes
resources are now validated and internally converted to v3alpha1 and, the same as native
Kubernetes resources. -
Bugfix: Resource validation errors are now reported more consistently; it was the case that in some
situations a validation error would not be reported. -
Change: Docker BuildKit is enabled for all Emissary builds. Additionally, the Go build cache is fully
enabled when building images, speeding up repeated builds.
Ambassador Edge Stack Chart 7.2.2
🎉 Ambassador Edge Stack Chart 7.2.2 🎉
Upgrade Edge Stack - https://www.getambassador.io/reference/upgrading#helm.html
View changelog - https://github.com/emissary-ingress/edge-stack/blob/chart/v7.2.1/charts/edge-stack/CHANGELOG.md
- Update Edge Stack chart image to version v2.1.2: CHANGELOG
Ambassador Edge Stack 2.1.1
🎉 Ambassador Edge Stack 2.1.1 🎉
Ambassador Edge Stack is a Kubernetes-native microservices API gateway built on the Envoy Proxy.
Upgrade Edge Stack - https://www.getambassador.io/reference/upgrading.html
View changelog - https://github.com/datawire/edge-stack/blob/master/CHANGELOG.md
Get started with Edge Stack on Kubernetes - https://www.getambassador.io/user-guide/getting-started
Ambassador Edge Stack
- Bugfix: In Edge Stack 2.1.0, it erroneously ignored
Filters
,FilterPolicies
, andRateLimits
that were created asv3alpha1
(but correctly paid attention to them if they were created asv2
or older). This is fixed; it will now correctly pay attention to both API versions. (3945)
Ambassador Edge Stack Chart 7.2.1
🎉 Ambassador Edge Stack Chart 7.2.1 🎉
Upgrade Edge Stack - https://www.getambassador.io/reference/upgrading#helm.html
View changelog - https://github.com/emissary-ingress/edge-stack/blob/chart/v7.2.1/charts/edge-stack/CHANGELOG.md
- Update Edge Stack chart image to version v2.1.1: CHANGELOG
Ambassador Edge Stack 2.0.5
🎉 Ambassador Edge Stack 2.0.5 🎉
Ambassador Edge Stack is a Kubernetes-native microservices API gateway built on the Envoy Proxy.
Upgrade Edge Stack - https://www.getambassador.io/reference/upgrading.html
View changelog - https://github.com/datawire/edge-stack/blob/master/CHANGELOG.md
Get started with Edge Stack on Kubernetes - https://www.getambassador.io/user-guide/getting-started
Ambassador Edge Stack
-
Change: When Ambassador Edge Stack makes a cacheable internal request (such as fetching the JWKS endpoint
for aJWT
Filter
), if a cache-miss occurs but a request for that resource is already
in-flight, then instead of performing a second request in parallel, it will now wait for the first
request to finish and (if the response is cacheable) use that response. If the response turns out
to be non-cacheable, then it will proceed to make the second request. This avoids the situation
where if a cache entry expires during a moment with high number of concurrent requests, then Edge
Stack creates a deluge of concurrent requests to the resource when one aught to have sufficed;
this allows the result to be returned more quickly while putting less load on the remote resource.
However, if the response turns out to be non-cacheable, then this does effectively serialize
requests, increasing the latency for concurrent requests. -
Feature: It is now possible to set the
circuit_breakers
forAuthServices
, exactly the same as for
Mappings
andTCPMappings
. This makes it possible to configure yourAuthService
to be able to
handle more than 1024 concurrent requests. -
Bugfix: When Ambassador Edge Stack completes an internal request (such as fetching the JWKS endpoint for a
JWT
Filter
) it logs (at theinfo
log level) how long the request took. Previously, the
duration logged was how long it took to receive the response header, and did not count the time it
takes to receive the entire response body; now it properly times the entire thing. Additionally,
it now separately logs the "total duration" and the "networking duration", in order to make it
possible to identify when a request was delayed waiting for other requests to finish. -
Bugfix: Any token delimited by '%' is now validated agains a whitelist of valid Envoy command operators.
Any mapping containing anerror_response_overrides
section with invalid command operators will
be discarded. -
Bugfix: The
Host
CRD now correctly supports themappingSelector
element, as documented. As a
transition aid,selector
is a synonym formappingSelector
; a future version of Ambassador Edge
Stack will remove theselector
element. (3902)
Ambassador Edge Stack Chart 7.1.10
🎉 Ambassador Edge Stack Chart 7.1.10 🎉
Upgrade Edge Stack - https://www.getambassador.io/reference/upgrading#helm.html
View changelog - https://github.com/emissary-ingress/edge-stack/blob/7.1.10/charts/edge-stack/CHANGELOG.md
- Update Edge Stack chart image to version v2.0.5: CHANGELOG
Ambassador Edge Stack 2.0.4
🎉 Ambassador Edge Stack 2.0.4 🎉
Ambassador Edge Stack is a Kubernetes-native microservices API gateway built on the Envoy Proxy.
Upgrade Edge Stack - https://www.getambassador.io/reference/upgrading.html
View changelog - https://github.com/datawire/edge-stack/blob/master/CHANGELOG.md
Get started with Edge Stack on Kubernetes - https://www.getambassador.io/user-guide/getting-started
We're pleased to introduce Ambassador Edge Stack 2.0.4 for general availability! The 2.X family
introduces a number of changes to allow Ambassador Edge Stack to more gracefully handle larger
installations, reduce global configuration to better handle multitenant or multiorganizational installations,
reduce memory footprint, and improve performance. We welcome feedback!! Join us on Slack and let
us know what you think.
Ambassador Edge Stack
-
Change: The
x.getambassador.io/v3alpha1
API version has become thegetambassador.io/v3alpha1
API
version. TheAmbassador-
prefixes fromx.getambassador.io/v3alpha1
resources have been removed
for ease of migration. Note thatgetambassador.io/v3alpha1
is the only supported API version
for 2.0.4 — full support forgetambassador.io/v2
will arrive soon in a later 2.X version. -
Feature: The
getambassador.io/v3alpha1
API version and the published chart and manifests have been
updated to support Kubernetes 1.22. -
Feature: You can now set
dns_type
betweenstrict_dns
andlogical_dns
in aMapping
to configure the
Service Discovery Type. -
Feature: You can now set
respect_dns_ttl
totrue
to force the DNS refresh rate for aMapping
to be
set to the record's TTL obtained from DNS resolution. -
Feature: You can now set
buffer_limit_bytes
in theambassador
Module
to to change the size of the
upstream read and write buffers. The default is 1MiB. -
Bugfix: The release now shows its actual released version number, rather than the internal development
version number. (#3854) -
Bugfix: Large configurations no longer cause Ambassador Edge Stack to be unable to communicate with
Ambassador Cloud. (#3593) -
Bugfix: The
l7Depth
element of theListener
CRD is properly supported.
Ambassador Edge Stack Chart 7.1.9
🎉 Ambassador Edge Stack Chart 7.1.9 🎉
Upgrade Edge Stack - https://www.getambassador.io/reference/upgrading#helm.html
View changelog - https://github.com/emissary-ingress/edge-stack/blob/7.1.9/charts/edge-stack/CHANGELOG.md
- Update Edge Stack chart image to version v2.0.4: CHANGELOG