Skip to content

Commit

Permalink
Adding changelog for v1.1.0 (#3062)
Browse files Browse the repository at this point in the history
  • Loading branch information
robscott authored May 8, 2024
1 parent a29ddd4 commit 690f754
Show file tree
Hide file tree
Showing 20 changed files with 222 additions and 29 deletions.
194 changes: 193 additions & 1 deletion CHANGELOG/1.1-CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -2,9 +2,201 @@

## Table of Contents

- [v1.1.0](#v110)
- [v1.1.0-rc2](#v110-rc2)
- [v1.1.0-rc1](#v110-rc1)

# v1.1.0
On behalf of Kubernetes SIG Network, we are pleased to announce the v1.1 release!
This release includes the graduation of several features to GA, including both
GRPCRoute and Service Mesh. We are also introducing several new experimental
features, including Session Persistence and Gateway Client Cert Verification.

The following represents the changes since v1.0.0:

## Standard Channel

### GRPCRoute has Graduated to GA 🎉

GRPCRoute has graduated to GA (v1) and is now part of the Standard Channel. If
you are already using the experimental version GRPCRoute, we recommend holding
off on upgrading to the standard channel version of GRPCRoute until the
controllers you're using have been updated to support GRPCRoute v1. Until then,
it is safe to upgrade to the experimental channel version of GRPCRoute in v1.1
that includes both v1alpha2 and v1 API versions.

Leading Contributor: @gnossen

### Service Mesh Support has Graduated to GA 🎉

The standard for using Gateway API for Mesh has formally graduated to GA (v1)
and is now part of the Standard Channel.

Service mesh support in Gateway API allows service mesh users to use the same
API to manage ingress traffic and mesh traffic, reusing the same policy and
routing interfaces. In Gateway API v1.1, routes (such as HTTPRoute) can now have
a `Service` as a `parentRef`, to control how traffic to specific services
behave. For more information, read the [service
mesh](https://gateway-api.sigs.k8s.io/mesh/) documentation or see the list of
[implementations](https://gateway-api.sigs.k8s.io/implementations/#service-mesh-implementation-status).

Leading Contributors: @howardjohn, @keithmattix, @kflynn, @mikemorris

### Conformance Profiles and Reports

The Conformance Reports API and the corresponding test suite have been graduated
to GA. The Conformance report API has been expanded with the `mode` field
(intended to specify the working mode of the implementation), and the
`gatewayAPIChannel` (standard or experimental). The `gatewayAPIVersion` and
`gatewayAPIChannel` are now filled in automatically by the suite machinery,
along with a brief description of the testing outcome. The Reports have been
reorganized in a more structured way, and the implementations can now add
information on how the tests have been run and provide reproduction steps.

Leading Contributors: @mlavacca, @shaneutt

### ParentRef Port field Graduated to GA

The `port` field in ParentRefs has graduated to GA (v1) and is now part of the
Standard Channel. You can use the `port` field to attach resources to Gateways,
Services, or other parent resources. For example, you can attach an HTTPRoute to
one or more specific Listeners of a Gateway based on the Listener `port`,
instead of `name` field.

Leading Contributor: @frankbu

## Experimental Channel

### Session Persistence + BackendLBPolicy
Session Persistence is being introduced to Gateway API via a new policy
(BackendLBPolicy) for Service-level configuration and as fields within HTTPRoute
and GRPCRoute for Route-level configuration. The BackendLBPolicy and Route-level
APIs provide the same session persistence configuration, including session
timeouts, session name, session type, and cookie lifetime type.

Leading Contributors: @gcs278, @ginayeh

### Gateway Client Cert Verification
Gateways can now configure client cert verification for each Gateway Listener by
introducing a new field `frontendValidation` field within `tls`. This field
supports configuring a list of CA Certificates that can be used as a trust
anchor to validate the certificates presented by the client.

Leading Contributors: @arkodg

### BackendTLSPolicy
As part of a broader goal of making our TLS terminology more consistent
throughout the API, we've introduced some breaking changes to BackendTLSPolicy.
This has resulted in a new API version (v1alpha3) and will require any existing
users of this policy to uninstall the v1alpha2 version before installing this
newer version.

Any references to v1alpha2 BackendTLSPolicy fields will need to be updated.
Specific changes include:
- the `targetRef` field is now a `targetRefs` list and these references no
longer include a `namespace` field.
- the `tls` field has been renamed to `validation`
- the `caCertRefs` field has been renamed to `caCertificateRefs`
- the `wellKnownCACerts` field has been renamed to `wellKnownCACertificates`

Leading Contributors: @candita

### Gateway Params
Gateways now feature a new field that allows references to
implementation-specific parameters, similar to GatewayClass.

Leading Contributors: @howardjohn

## Everything Else

### gwctl

* We've extended the `get` command to support gateways, gatewayclasses, and
namespaces. (#2865, #2782, #2847, @jongwooo)
* The `get` command now provides more detailed information for httproutes,
policies, and policycrds. (#2805, #2808, #2811, @jongwooo)
* `describe` command now supports descriptions of policycrds and namespaces.
(#2872, #2836, @Devaansh-Kumar)
* We've added the ability to filter resources using labels (through the `-l`
flag) with both the `get` and `describe` commands. (#2892, #2915, #2934,
@yeedove)
* Bug fix: Prevent panic when describing gatewayclasses with no description
(#2894, @pmalek)
* Properly handle different API versions (#3001, @gauravkghildiyal)
* Provide more detail in describe output (#2999, @gauravkghildiyal)
* Support JSON and YAML output format in get commands (#2940,
@yashvardhan-kukreja)

### Validation Changes

- TLS Configuration is no longer required on Gateway Listeners to enable more
flexible TLS configuration. (#2721, @robscott)

### Conformance Tests

- Conformance Profiles have been renamed and a new `Mesh-GRPC` profile has been
added (#3019, @mlavacca):
- HTTP -> Gateway-HTTP
- GRPC -> Gateway-GRPC
- TLS -> Gateway-TLS
- Mesh -> Mesh-HTTP
- Fixed GatewayWithAttachedRoutes conformance test to not check that the
HTTPRoute status includes an "Accepted: False" condition because this is not
required by the specification. (#2548, @frankbu)
- A new comparison view has been added to our documentation that shows the
extended features supported by every implementation that has submitted a
conformance report (#2874, @xtineskim)
- Added SupportMeshConsumerRoute and SupportMeshClusterIPMatching supported
features to more clearly communicate the purpose of existing Mesh conformance
tests (#3035, @howardjohn)
- Add conformance test for HTTP listener isolation (#3047, @arkodg, @pleshakov)

### Dependencies

- Gateway API has upgraded to Go v1.22 and Kubernetes v1.30 (#2988, @robscott)

### Cleanup

- The validating webhook has been removed. CEL validation is now built-in to
CRDs and replaces the webhook. (#2595, @robscott)
- BackendTLSPolicy WellKnownCACerts field has been updated to
implementation-specific support (#2741, @sunjayBhatia)
- Clarify policy attachment by two of the same policy types when using section
names. (#2442, @maleck13)
- Remove v1alpha2 directory from docs: (#2965, @robscott)


# v1.1.0-rc2

We expect that this release candidate is quite close to the final v1.1.0
release. However, subsequent breaking API changes are still possible.

This release candidate is suitable for implementors, but we do not recommend
shipping products based on a release candidate API due to the possibility of
incompatible changes prior to the final release. The following represents the
changes since v1.1.0-rc1:

## Conformance Profiles
- Add SupportMeshConsumerRoute and SupportMeshClusterIPMatching supported
features to more clearly communicate the purpose of existing Mesh conformance
tests (#3035, @howardjohn)
- Add conformance test for HTTP listener isolation (#3047, @arkodg, @pleshakov)

## gwctl
- Properly handle different API versions (#3001, @gauravkghildiyal)
- Provide more detail in describe output (#2999, @gauravkghildiyal)
- Support JSON and YAML output format in get commands (#2940,
@yashvardhan-kukreja)

## Cleanup
- Revert accidental removal of experimental kustomize configuration (#3022,
@howardjohn)

## Dependencies
- sigs.k8s.io/controller-tools from 0.14.0 to 0.15.0 (#3031)
- sigs.k8s.io/controller-runtime from 0.17.0 to 0.18.0 (#3023, @tao12345666333)


# v1.1.0-rc1

We expect that this release candidate is quite close to the final v1.1.0
Expand All @@ -13,7 +205,7 @@ release. However, subsequent breaking API changes are still possible.
This release candidate is suitable for implementors, but we do not recommend
shipping products based on a release candidate API due to the possibility of
incompatible changes prior to the final release. The following represents the
changes since # v1.1.0-rc1:
changes since v1.1.0-rc1:

## Conformance Profiles
- Add SupportMeshConsumerRoute and SupportMeshClusterIPMatching supported
Expand Down
1 change: 1 addition & 0 deletions CHANGELOG/1.1-TEAM.md
Original file line number Diff line number Diff line change
Expand Up @@ -9,3 +9,4 @@
| Gateway Client Certificate Verification | @arkodg |
| Session Persistence and BackendLBPolicy | @gcs278, @ginayeh |
| TLS Terminology Clarifications | @candita, @robscott |
| Gateway API Maintainers | @robscott, @shaneutt, @youngnick |

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

Loading

0 comments on commit 690f754

Please sign in to comment.