github agentgateway/agentgateway v1.1.0

latest releases: v1.4.0-alpha.1, v1.3.1, v1.3.0...
3 months ago

πŸŽ‰ Welcome to the 1.1.0 release of the agentgateway project!

Artifacts

Docker images are available:

  • cr.agentgateway.dev/agentgateway:v1.1.0
  • cr.agentgateway.dev/controller:v1.1.0

Helm charts are available:

  • cr.agentgateway.dev/charts/agentgateway:v1.1.0
  • cr.agentgateway.dev/charts/agentgateway-crds:v1.1.0

Binaries are available below.

Quick Start

Follow the Kubernetes or Standalone quick start guide to get started!

πŸ”₯ Breaking changes

MCP authentication moved to route level

MCP authentication is now configured at the route level. This aligns MCP auth with other route-level policies and allows JWT claims to be reused in authorization, rate limiting, and transformations.

  • Kubernetes: MCP authentication is configured under traffic.jwtAuthentication.mcp of AgentgatewayPolicy instead of backend.mcp.authentication. The previous backend.mcp.authentication field is deprecated but still works for backward compatibility. If both are set on the same route, the backend-level configuration is ignored. For more information, see Set up MCP auth.
  • Standalone: MCP authentication is configured under routes[].policies.mcpAuthentication. No YAML structure changes are required for existing standalone configs, but any automation that treats MCP authentication as a backend-level concept should be updated. For more information, see MCP authentication.
apiVersion: agentgateway.dev/v1alpha1
kind: AgentgatewayPolicy
metadata:
  name: mcp-authn
spec:
  targetRefs:
  - group: gateway.networking.k8s.io
    kind: HTTPRoute
    name: mcp
  traffic:
    jwtAuthentication:
      mode: Strict
      providers:
      - issuer: http://keycloak.example.com/realms/myrealm
        audiences:
        - http://localhost:8080/mcp
        jwks:
          remote:
            backendRef:
              name: keycloak
              kind: Service
              namespace: keycloak
              port: 8080
            jwksPath: /realms/master/protocol/openid-connect/certs
      mcp:
        provider: Keycloak
        resourceMetadata:
          resource: http://localhost:8080/mcp
          scopesSupported:
          - email
          bearerMethodsSupported:
          - header

Additionally, on AgentgatewayBackend, previously an MCP authentication and MCP authorization policy could be attached to spec.mcp.targets.static.policies.mcp.{authentication,authorization}.
These fields were not intended to be able to be set, and had no impact on the behavior of the proxy.
These fields are now removed.
If you previously set these fields (which, again, had no behavioral impact and was ignored) these will now fail to be applied.

🌟 New features

OIDC browser authentication (Standalone)

A new oidc route policy provides built-in OpenID Connect browser authentication with PKCE support, encrypted session cookies, and automatic redirect handling. The OIDC policy is a native alternative to deploying an external proxy like oauth2-proxy.

policies:
  oidc:
    issuer: http://keycloak.example.com/realms/myrealm
    clientId: agentgateway-browser
    clientSecret: my-secret
    redirectURI: http://localhost:3000/oauth/callback
    scopes:
    - profile
    - email

For more information, see OIDC browser authentication.

Network authorization

A new networkAuthorization policy enables Layer 4 network authorization for non-HTTP traffic based on source IP, port, and mTLS client identity. You can combine it with HTTP authorization for layered L4+L7 controls.

  • Kubernetes: Available under frontend.networkAuthorization. For more information, see Policies.
  • Standalone: Available under frontendPolicies.networkAuthorization. For more information, see Network authorization.

Authorization require rules

Authorization policies now support require rules in addition to allow and deny. All require rules must match for the request to proceed, which provides clearer semantics for expressing mandatory conditions.

MCP improvements

  • Stateless sessions: OpenAPI and SSE upstreams can now use stateless sessions. For Kubernetes docs, see Stateful MCP. For Standalone docs, see OpenAPI connectivity and Backends.
  • Explicit service reference lists: MCP backends can specify targets with explicit service references. For Kubernetes docs, see Static MCP.
  • Tool payloads in CEL context: Tool names and payloads are available in CEL expressions for logging.

LLM gateway enhancements

  • Path prefixes: LLM providers now support custom API base path prefixes. For Standalone docs, see Providers.
  • Azure default authentication: Azure OpenAI providers can use platform-default authentication. For Kubernetes docs, see Azure OpenAI. For Standalone docs, see Azure.
  • Vertex region optional: Vertex AI region configuration is now optional with a global default. For Kubernetes docs, see Vertex AI. For Standalone docs, see Vertex AI.

What's Changed

New Contributors

Full Changelog: v1.0.1...v1.1.0

Don't miss a new agentgateway release

NewReleases is sending notifications on new releases.