You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
On behalf of Kubernetes SIG Network, we are pleased to announce the v1.1 release!
This release includes the graduation of several features to GA, including both
GRPCRoute and Service Mesh. We are also introducing several new experimental
features, including Session Persistence and Gateway Client Cert Verification.
The following represents the changes since v1.0.0:
Standard Channel
GRPCRoute has Graduated to GA 🎉
GRPCRoute has graduated to GA (v1) and is now part of the Standard Channel. If
you are already using the experimental version GRPCRoute, we recommend holding
off on upgrading to the standard channel version of GRPCRoute until the
controllers you're using have been updated to support GRPCRoute v1. Until then,
it is safe to upgrade to the experimental channel version of GRPCRoute in v1.1
that includes both v1alpha2 and v1 API versions.
The standard for using Gateway API for Mesh has formally graduated to GA (v1)
and is now part of the Standard Channel.
Service mesh support in Gateway API allows service mesh users to use the same
API to manage ingress traffic and mesh traffic, reusing the same policy and
routing interfaces. In Gateway API v1.1, routes (such as HTTPRoute) can now have
a Service as a parentRef, to control how traffic to specific services
behave. For more information, read the service
mesh documentation or see the list of implementations.
The Conformance Reports API and the corresponding test suite have been graduated
to GA. The Conformance report API has been expanded with the mode field
(intended to specify the working mode of the implementation), and the gatewayAPIChannel (standard or experimental). The gatewayAPIVersion and gatewayAPIChannel are now filled in automatically by the suite machinery,
along with a brief description of the testing outcome. The Reports have been
reorganized in a more structured way, and the implementations can now add
information on how the tests have been run and provide reproduction steps.
The port field in ParentRefs has graduated to GA (v1) and is now part of the
Standard Channel. You can use the port field to attach resources to Gateways,
Services, or other parent resources. For example, you can attach an HTTPRoute to
one or more specific Listeners of a Gateway based on the Listener port,
instead of name field.
Session Persistence is being introduced to Gateway API via a new policy
(BackendLBPolicy) for Service-level configuration and as fields within HTTPRoute
and GRPCRoute for Route-level configuration. The BackendLBPolicy and Route-level
APIs provide the same session persistence configuration, including session
timeouts, session name, session type, and cookie lifetime type.
Gateways can now configure client cert verification for each Gateway Listener by
introducing a new field frontendValidation field within tls. This field
supports configuring a list of CA Certificates that can be used as a trust
anchor to validate the certificates presented by the client.
As part of a broader goal of making our TLS terminology more consistent
throughout the API, we've introduced some breaking changes to BackendTLSPolicy.
This has resulted in a new API version (v1alpha3) and will require any existing
users of this policy to uninstall the v1alpha2 version before installing this
newer version.
Any references to v1alpha2 BackendTLSPolicy fields will need to be updated.
Specific changes include:
the targetRef field is now a targetRefs list and these references no
longer include a namespace field.
the tls field has been renamed to validation
the caCertRefs field has been renamed to caCertificateRefs
the wellKnownCACerts field has been renamed to wellKnownCACertificates
We've added the ability to filter resources using labels (through the -l
flag) with both the get and describe commands. (#2892, #2915, #2934, @yeedove)
Bug fix: Prevent panic when describing gatewayclasses with no description
(#2894, @pmalek)
TLS Configuration is no longer required on Gateway Listeners to enable more
flexible TLS configuration. (#2721, @robscott)
Conformance Tests
Conformance Profiles have been renamed and a new Mesh-GRPC profile has been
added (#3019, @mlavacca):
HTTP -> Gateway-HTTP
GRPC -> Gateway-GRPC
TLS -> Gateway-TLS
Mesh -> Mesh-HTTP
Fixed GatewayWithAttachedRoutes conformance test to not check that the
HTTPRoute status includes an "Accepted: False" condition because this is not
required by the specification. (#2548, @frankbu)
A new comparison view has been added to our documentation that shows the
extended features supported by every implementation that has submitted a
conformance report (#2874, @xtineskim)
Added SupportMeshConsumerRoute and SupportMeshClusterIPMatching supported
features to more clearly communicate the purpose of existing Mesh conformance
tests (#3035, @howardjohn)
1, because the PR involves a simple version update in a dependency configuration file, which is straightforward to verify and does not involve complex code changes.
Verify compatibility of the updated dependency version
Ensure that the updated tag version 'v1.1.0' is compatible with other dependencies and the current system configuration to avoid potential conflicts or deprecated features that might not be supported.
-tag: v1.1.0+tag: v1.1.0 # Ensure compatibility with system and dependencies
Suggestion importance[1-10]: 4
Why: The suggestion to ensure compatibility is a good practice, but it does not directly improve the code itself. Adding a comment about compatibility is minor and does not address any major issues or bugs.
Because you closed this PR without merging, Renovate will ignore this update (v1.1.0). You will get a PR once a newer version is released. To ignore this dependency forever, add it to the ignoreDeps array of your Renovate config.
If you accidentally closed this PR, or if you changed your mind: rename this PR to get a fresh replacement PR.
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
![renovate[bot]](https://avatars.githubusercontent.com/in/2740?s=60&v=4){kind=small}
This PR contains the following updates:
v1.0.0->v1.1.0Release Notes
kubernetes-sigs/gateway-api (gateway-api)
v1.1.0Compare Source
v1.1.0
On behalf of Kubernetes SIG Network, we are pleased to announce the v1.1 release!
This release includes the graduation of several features to GA, including both
GRPCRoute and Service Mesh. We are also introducing several new experimental
features, including Session Persistence and Gateway Client Cert Verification.
The following represents the changes since v1.0.0:
Standard Channel
GRPCRoute has Graduated to GA 🎉
GRPCRoute has graduated to GA (v1) and is now part of the Standard Channel. If
you are already using the experimental version GRPCRoute, we recommend holding
off on upgrading to the standard channel version of GRPCRoute until the
controllers you're using have been updated to support GRPCRoute v1. Until then,
it is safe to upgrade to the experimental channel version of GRPCRoute in v1.1
that includes both v1alpha2 and v1 API versions.
Leading Contributor: @gnossen
Service Mesh Support has Graduated to GA 🎉
The standard for using Gateway API for Mesh has formally graduated to GA (v1)
and is now part of the Standard Channel.
Service mesh support in Gateway API allows service mesh users to use the same
API to manage ingress traffic and mesh traffic, reusing the same policy and
routing interfaces. In Gateway API v1.1, routes (such as HTTPRoute) can now have
a
Serviceas aparentRef, to control how traffic to specific servicesbehave. For more information, read the service
mesh documentation or see the list of
implementations.
Leading Contributors: @howardjohn, @keithmattix, @kflynn, @mikemorris
Conformance Profiles and Reports
The Conformance Reports API and the corresponding test suite have been graduated
to GA. The Conformance report API has been expanded with the
modefield(intended to specify the working mode of the implementation), and the
gatewayAPIChannel(standard or experimental). ThegatewayAPIVersionandgatewayAPIChannelare now filled in automatically by the suite machinery,along with a brief description of the testing outcome. The Reports have been
reorganized in a more structured way, and the implementations can now add
information on how the tests have been run and provide reproduction steps.
Leading Contributors: @mlavacca, @shaneutt
ParentRef Port field Graduated to GA
The
portfield in ParentRefs has graduated to GA (v1) and is now part of theStandard Channel. You can use the
portfield to attach resources to Gateways,Services, or other parent resources. For example, you can attach an HTTPRoute to
one or more specific Listeners of a Gateway based on the Listener
port,instead of
namefield.Leading Contributor: @frankbu
Experimental Channel
Session Persistence + BackendLBPolicy
Session Persistence is being introduced to Gateway API via a new policy
(BackendLBPolicy) for Service-level configuration and as fields within HTTPRoute
and GRPCRoute for Route-level configuration. The BackendLBPolicy and Route-level
APIs provide the same session persistence configuration, including session
timeouts, session name, session type, and cookie lifetime type.
Leading Contributors: @gcs278, @ginayeh
Gateway Client Cert Verification
Gateways can now configure client cert verification for each Gateway Listener by
introducing a new field
frontendValidationfield withintls. This fieldsupports configuring a list of CA Certificates that can be used as a trust
anchor to validate the certificates presented by the client.
Leading Contributors: @arkodg
BackendTLSPolicy
As part of a broader goal of making our TLS terminology more consistent
throughout the API, we've introduced some breaking changes to BackendTLSPolicy.
This has resulted in a new API version (v1alpha3) and will require any existing
users of this policy to uninstall the v1alpha2 version before installing this
newer version.
Any references to v1alpha2 BackendTLSPolicy fields will need to be updated.
Specific changes include:
targetReffield is now atargetRefslist and these references nolonger include a
namespacefield.tlsfield has been renamed tovalidationcaCertRefsfield has been renamed tocaCertificateRefswellKnownCACertsfield has been renamed towellKnownCACertificatesLeading Contributors: @candita
Gateway Params
Gateways now feature a new field that allows references to
implementation-specific parameters, similar to GatewayClass.
Leading Contributors: @howardjohn
Everything Else
gwctl
getcommand to support gateways, gatewayclasses, andnamespaces. (#2865, #2782, #2847, @jongwooo)
getcommand now provides more detailed information for httproutes,policies, and policycrds. (#2805, #2808, #2811, @jongwooo)
describecommand now supports descriptions of policycrds and namespaces.(#2872, #2836, @Devaansh-Kumar)
-lflag) with both the
getanddescribecommands. (#2892, #2915, #2934,@yeedove)
(#2894, @pmalek)
@yashvardhan-kukreja)
Validation Changes
flexible TLS configuration. (#2721, @robscott)
Conformance Tests
Mesh-GRPCprofile has beenadded (#3019, @mlavacca):
HTTPRoute status includes an "Accepted: False" condition because this is not
required by the specification. (#2548, @frankbu)
extended features supported by every implementation that has submitted a
conformance report (#2874, @xtineskim)
features to more clearly communicate the purpose of existing Mesh conformance
tests (#3035, @howardjohn)
Dependencies
Cleanup
CRDs and replaces the webhook. (#2595, @robscott)
implementation-specific support (#2741, @sunjayBhatia)
names. (#2442, @maleck13)
Configuration
📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR was generated by Mend Renovate. View the repository job log.