Skip to content

Emissary Ingress 2.1.0

Compare
Choose a tag to compare
@LukeShu LukeShu released this 16 Dec 17:29
· 1614 commits to master since this release

🎉 Emissary Ingress 2.1.0 🎉

Emissary Ingress is an open source, Kubernetes-native microservices API gateway built on the Envoy Proxy.

Upgrade Emissary - https://www.getambassador.io/reference/upgrading.html
View changelog - https://github.com/emissary-ingress/emissary/blob/master/CHANGELOG.md
Get started with Emissary on Kubernetes - https://www.getambassador.io/user-guide/getting-started

  • Feature: It is now possible to use both the getambassador.io/v2 and getambassador.io/v3alpha1
    apiVersions. This is accomplished with the addition of an emissary-ingress-apiext Service and
    Deployment that handles converting between the two versions for the apiserver. This allows the
    user to semlessly request and author resources in whichever API version is desired, and
    facilitates easier migration from Emissary 1.x to 2.x. Resources authored in v3alpha1 will not be
    visible to Emissary 1.x; resources authored in v2 will be visible to both Emissary 1.x and 2.x.

  • Bugfix: The incremental reconfiguration cache could miss some updates when multiple Mappings had
    the same prefix ("canary"ing multiple Mappings together). This has been corrected, so that all
    such updates correctly take effect. (3945)

  • Bugfix: When using Kubernetes Secrets to store ACME private keys (as the Edge Stack ACME client
    does), an error would always be logged about the Secret not being present, even though it was
    present, and everything was working correctly. This error is no longer logged.

  • Bugfix: When using gzip compression, upstream services will no longer receive compressed data.
    This bug was introduced in 1.14.0. The fix restores the default behavior of not sending compressed
    data to upstream services. (3818)

  • Security: Update to busybox 1.34.1 to resolve CVE-2021-28831, CVE-2021-42378, CVE-2021-42379,
    CVE-2021-42380, CVE-2021-42381, CVE-2021-42382, CVE-2021-42383, CVE-2021-42384, CVE-2021-42385,
    and CVE-2021-42386.

  • Security: Update Python dependencies to resolve CVE-2020-28493 (jinja2), CVE-2021-28363 (urllib3),
    and CVE-2021-33503 (urllib3).

  • Security: Previous built images included some Python packages used only for test. These have now
    been removed, resolving CVE-2020-29651.