v1.2.0-rc1
We expect that this release candidate is quite close to the final v1.2.0 release. However, subsequent breaking API changes are still possible.
This release candidate is suitable for implementors, but we do not recommend shipping products based on a release candidate API due to the possibility of incompatible changes prior to the final release. The following represents the changes since v1.1.0:
Release Cycle changes
This was our first release using a new release cycle that is meant to make Gateway API releases more frequent and predictable.
There are now four phases:
- Scoping: 4-6 weeks, where the maintainers and community determine the set of features we want to include in the release. A key deliverable here is ensuring that the Experimental channel does not get any bigger than it already is; we want to ensure that features make their way to Standard or are removed.
- GEP Iteration and Review: 5-7 weeks, where we work to update GEPs, and solidify and meet graduation criteria for in-scope GEPs.
- API Refinement and Documentation: 3-5 weeks, where we translate proposed changes from GEPs into changes to both the API specification and documentation.
- SIG-Network Review and Release Candidates: 2-4 weeks, where we perform our required upstream reviews, get any further required changes in, and release our release candidates so that implementations can get started with work on the new features asap.
For all the detail about this, please see the Release Cycle docs.
Relevant PRs:
Standard Channel Additions and Changes
The Standard channel is Gateway API's set of maximally-stable install files. Only features with the best testing and support are added to the standard channel. This channel should be considered GA or stable, and future changes will be fully backwards compatible.
Infrastructure Labels and Annotations 🎉
GEP-1867 added an infrastructure
stanza to Gateway objects that is intended to carry infrastructure configuration specific to that Gateway object.
GEP-1762 adds a section for labels
and annotations
to this stanza that specifies labels and annotations to be annotated to all resources created to fulfill that Gateway request.
This feature can be used to affect the labels and annotations created on LoadBalancer Services by in-cluster implementations to fulfill the Gateway contract or by Cloud Load Balancing resources created by Cloud Providers.
This feature has graduated to Standard and is now considered GA or Stable.
This feature's name for conformance tests and GatewayClass status reporting is GatewayInfrastructurePropagation
.
This feature's status is Extended, meaning that it is optional for implementations to support. If you're using Experimental Channel, you can refer to the supportedFeatures
field in the status
of any GatewayClass.
Relevant PRs:
- Remove experimental from gateway infrastructure by @keithmattix in #3272
- Validation for label keys and values according to Kubernetes specification by @snorwin in #3284
HTTPRoute Timeouts and Durations 🎉
The HTTPRoute Timeouts
field on Route Rules has graduated to Standard and is now considered GA or Stable.
This field allows you to configure overall Request Timeouts as well as Backend Request Timeouts. For more information, refer to GEP 1742.
The relevant feature names this for conformance tests and GatewayClass status reporting are:
HTTPRouteRequestTimeout
forhttproute.spec.rules[].timeouts.request
HTTPRouteBackendTimeout
forhttproute.spec.rules[].timeouts.backendRequest
This feature's status is Extended, meaning that it is optional for implementations to support. If you're using Experimental Channel, you can refer to the supportedFeatures
field in the status
of any GatewayClass.
Relevant PRs:
- Graduate GEP-2257 and GEP-1742 to standard by @kflynn in #3210
- GEP2257 Duration parsing by @xtineskim in #3271
BackendProtocol Support 🎉
The previous coordinated work across both Gateway API and upstream Kubernetes which defined 3 new values for the AppProtocol field on Service Ports has graduated to Standard and is now considered GA or Stable.
The values are:
kubernetes.io/h2c
- HTTP/2 over cleartext as described in RFC7540kubernetes.io/ws
- WebSocket over cleartext as described in RFC6445kubernetes.io/wss
- WebSocket over TLS as described in RFC6455
These can now be used with Gateway API to describe the protocol to use for connections to Kubernetes Services. For more information, refer to GEP 1911.
The relevant feature names this for conformance tests and GatewayClass status reporting are:
HTTPRouteBackendProtocolH2C
for H2C support, whenservice.spec.ports[].appProtocol
iskubernetes.io/h2c
.HTTPRouteBackendProtocolWebSocket
for Websocket support, whenservice.spec.ports[].appProtocol
iskubernetes.io/ws
or
kubernetes.io/wss
.
This feature's status is Extended, meaning that it is optional for implementations to support. If you're using Experimental Channel, you can refer to the supportedFeatures
field in the status
of any GatewayClass.
Relevant PRs:
- Backend Protocol Selection is no longer experimental and is now part of HTTPRoute Extended Conformance by @dprotaso in
#3108
Other Standard channel changes
- Increased the limit on HTTPRoute matches from 8 to 64 by @howardjohn in #3205
- Adds the GatewayClassConditionReason "Unsupported" and clarifies when GatewayClassConditionReason "InvalidParameters" should be preferred by @mikemorris in #3048
- HTTPRoute - 503 Status Code MAY be returned for Kubernetes Services who don't have any healthy endpoints by @dprotaso in #3121
- Document the route kinds compatible for each protocolType by @abs007 in #2263
- Move GEP-995 to Implementable by @guicassolato in #3166
- Add policy label to BackendLBPolicy to make it recognizable in gwctl by @gauravkghildiyal in #3195
- remove unnecessary S in ProtocolType validation by @spacewander in #3185
Experimental Channel Additions and Changes
The Experimental Channel is Gateway API's channel for testing out changes and gaining confidence with them before allowing them to go to Standard.
This channel may include features that are changed or removed later!
BREAKING CHANGE
The Experimental supportedFeatures
field in GatewayClass status
has changed from being a list of strings to being a list of objects/structs with a name
field.
This is to allow addding in extra information to each entry at a later date.
Relevant PRs:
- SupportedFeatures field in Gateway Class status are now presented as a list of objects by @LiorLieberman in #3200
HTTPRoute Retry support
GEP-1731 described how to add configuration of retries on HTTPRoute objects, and in this release, this change has moved to Experimental.
Please see the GEP reference document or the API reference for the details.
This feature has graduated to Experimental amd should now be used for testing and verification purposes only. Experimental features may be changed or removed in a future version.
This feature does not currently have a feature name defined.
This feature's status is Extended, meaning that it is optional for implementations to support.
As there is no feature name or conformance tests available for this feature as yet, please see your implementation's documentation to see if it is supported.
Relevant PRs:
- Adds support for configuring retries in HTTPRoute by @mikemorris in #3301
- Adds
retry
stanza within HTTPRouteRule to configure retrying unsuccessful requests to backends before sending a response to a client by @mikemorris in #3199
Percentage-based request mirroring
The existing Request Mirroring feature has been enhanced by allowing users to specify a percentage of requests they'd like mirrored. These changes are described in GEP-3171.
Please see the GEP reference document or the API reference for the details.
This feature has graduated to Experimental amd should now be used for testing and verification purposes only. Experimental features may be changed or removed in a future version.
This feature does not currently have a feature name defined.
This feature's status is Extended, meaning that it is optional for implementations to support.
As there is no feature name or conformance tests available for this feature as yet, please see your implementation's documentation to see if it is supported.
Relevant PRs:
- Adding GEP 3171: Percentage-based Request Mirroring by @jakebennert in #3178
- Add API for GEP-3171 by @jakebennert in #3283
- Add Additional API Testing for GEP-3171 by @jakebennert in #3302
Improvements to backend TLS configuration
Some changes have been made to Gateway API's support for configuring TLS connections between the Gateway and backends.
Gateway has a new Experimental field that contains configuration for the client certificate Gateways should use when connecting to Backends.
The existing BackendTLSPolicy object has had additions as well:
- Ability to specify SANs on BackendTLSPolicy
- Add TLS options to BackendTLSPolicy to mirror TLS config on Gateways
See GEP-3155 for all the details.
This feature has graduated to Experimental amd should now be used for testing and verification purposes only. Experimental features may be changed or removed in a future version.
This feature does not currently have a feature name defined.
This feature's status is Extended, meaning that it is optional for implementations to support.
As there is no feature name or conformance tests available for this feature as yet, please see your implementation's documentation to see if it is supported.
Relevant PRs:
- Add GEP-3155: Complete Backend mTLS Configuration by @mkosieradzki in #3180
- add api changes according to gep-3155 by @LiorLieberman in #3304
Named Route Rules
All Route Rule types (GRPCRouteRule, HTTPRouteRule, TCPRouteRule, TLSRouteRule and UDPRouteRule) have had a new, optional name
field to support referencing individual rules by name.
This name, if present, may be used in status
and logging to indicate which route rule is being referenced in messages in a more readable way than an array index.
This feature has graduated to Experimental amd should now be used for testing and verification purposes only. Experimental features may be changed or removed in a future version.
This feature does not currently have a feature name defined.
This feature's status is Extended, meaning that it is optional for implementations to support.
As there is no feature name or conformance tests available for this feature as yet, please see your implementation's documentation to see if it is supported.
Relevant PRs:
- Implement of GEP-995 by @howardjohn in #2985
- Docs: route rule name by @guicassolato in 3299
Other specification changes
- Fix v1beta1 HTTPHeaderName alias by @spencerhance in #3127
- make update-codegen.sh runnable on Mac by @spacewander in #3186
- Add conformance tests for in-cluster Gateway infrastructure by @keithmattix in #3192
- Remove extra spacing in the API Specification aliases by @nuno-faria in #3218
- fix: allow the header based session persistence not to have AbsoluteTimeout by @sanposhiho in #3215
- Update GRPCRoute GEP to standard by @xtineskim in #3227
- The generated conformance report API version is set to v1 instead of v1alpha1 by @mlavacca in
#3153 - Use GRPCHeaderMatchType in GRPCHeaderMatch structure by @kevinpollet in #3252
- fix: inconsistent default reason for GatewayClass status (#3225) by @snorwin in #3257
- Fixing Mesh version references in docs by @robscott in #3073
- fix: Add BackendLBPolicy to experimental kustomization by @krouma in #3083
Leadership changes
In this release timeframe, Gateway API has been working on building our contributor pool and promoting more contributors up our contributor ladder.
Congratulations to @mlavacca on being promoted into the core Gateway API maintainer team!
Thanks to @keithmattix for all your work as one of the GAMMA leads, and congratulations to @mikemorris on being promoted into the GAMMA lead team.
We've added two new GEP Reviewers: @kflynn and @arkodg
Also promoted in the conformance team:
- @LiorLieberman is now an Approver
- @candita is now a Reviewer
Last but most certainly not least, @guicassolato has become a reviewer for gwctl
.
Congratulations to everyone on the promotions, and thanks for your continued contributions to the Gateway API community!
Relevant PRs:
- Replace keithmattix as a mesh lead and replace with mikemorris by @keithmattix in #3109
- docs: add Mattia Lavacca as Gateway API maintainer by @shaneutt in #3231
- docs: add Flynn as a GEP reviewer by @shaneutt in #3253
- docs: promote Lior to conformance approver by @shaneutt in #3254
- Add Arko as GEP Reviewer by @shaneutt in #3255
- docs: add candita as conformance reviewer by @shaneutt in #3296
- docs: add guicassolato as gwctl reviewer by @shaneutt in #3303
Testing
- Features have been re-arranged to a struct containing metadata and feature Name. The API Channel has been set as a field for such a struct in #3287
- Exposing grpc client interface as a option in the conformance suite in #3095
gwctl
In this release, gwctl is moving to a separate repo: kubernetes-sigs/gwctl. This will enable a more flexible and independent release process. Significant new updates are coming to gwctl, follow the new repo for the latest updates on that
project.
Although these changes won't be part of Gateway API v1.2 and will instead be part of the separate gwctl release, we're noting them as they were merged while the project was part of this repo:
- Describing Gateways and Backends will include a separate field showing InheritedPolicies by @gauravkghildiyal in #3198
- Gwctl allows filtering results to only those related to the specified resource (using the
--for
flag) by @gauravkghildiyal in #3068 - Show Events and Analysis when describing resources by @gauravkghildiyal in #3051
- The output of
gwctl describe httproute <NAME>
now includes more details by @gauravkghildiyal in #3181 - Support wide output format for get commands (-o wide) and Replace
Print
in BackendsPrinter withPrintTable
by @deszhou in
#3129 - Optimize print and reduce repeated logic. Maintain agreement with print methods of other resources @deszhou in #3076
- Outputs ns for gateways in gwctl by @xtineskim in #3136
- gwctl performance improvements by @gauravkghildiyal in #3145
Documentation Changes
- Update and standardise admonitions by @craigbox in #3066
- docs: fix Istio version badge by @howardjohn in #3067
- fix: kind of CACertificateRefs should be ConfigMap by @reaver-flomesh in #3085
- Providing more detailed upgrade notes for v1.1 by @robscott in #3084
- Fix rendering of list in GEP-713 by @craigbox in #3113
- Remove description of GAMMA concepts as "experimental in v0.8". by @craigbox in #3114
- Correct PR link for GEP-995 implementation by @craigbox in #3107
- GEP-1324: Fix image path by @LionelJouin in #3105
- Add missing apiVersion in the referencegrant API docs by @spacewander in #3135
- Fix the missing example in HTTP rewrite by @spacewander in #3126
- chore(docs): GRPC and HTTP docs versions cleanup by @pmalek in #3163
- docs: Fix missing v1beta1, v1alpha3 API versions by @gcs278 in #3202
- chore: fix typo in gep-713 by @spacewander in #3236
- fix: deduplicate Declined status by @xmulligan in #3238
- add link for rfc 3986 by @whitneygriffith in #3240
- docs: partial reports can be submitted by @mlavacca in #3179
- issue-3260: Clarify a few points on Development Documentation. by @jgao1025 in #3261
- Correct indentation for nested list by @mkosieradzki in #3241
- docs: add issue and PR bumping section to CONTRIBUTING.md by @shaneutt in #3264
- geps: Add the missing trailing backtick to gep-3155 by @timflannagan in #3319
- feat: cel validation on multiple K8S versions by @mlavacca in #3316
- Fix typo in MESH-GRPC conformance test profile name by @unicell in #3315
Testing and Conformance changes
- tests(conformance): more precise logs by @pmalek in #3119
- Return the behaviour of a new default GRPC client instantiation for every request by @ciarams87 in
#3130 - fix: change report API version by @mlavacca in #3153
- Conformance Reporting to reflect v1.1.0 release by @xtineskim in #3088
- Add timeout between conformance test cases by @wstcliyu in #3243
- chore: added hack/verify-reports.sh script by @mlavacca in #3167
- feat: add useragent to conformance test run by @BobyMCbobs in #3211
- Expose peer certificates in round tripper response by @snehachhabria in #3110
- Update verify-all.sh: added $t to explicitly tell which script had an issue during a failed test by @TheInvincibleRalph in #3286
- chore: golangci.yml update by @mlavacca in #3317
New Contributors
- @krouma made their first contribution in #3083
- @reaver-flomesh made their first contribution in #3085
- @LionelJouin made their first contribution in #3105
- @czeslavo made their first contribution in #3152
- @ciarams87 made their first contribution in #3130
- @abs007 made their first contribution in #2263
- @nuno-faria made their first contribution in #3218
- @sanposhiho made their first contribution in #3215
- @jakebennert made their first contribution in #3178
- @mkosieradzki made their first contribution in #3180
- @xmulligan made their first contribution in #3238
- @snorwin made their first contribution in #3257
- @BobyMCbobs made their first contribution in #3211
- @jgao1025 made their first contribution in #3261
- @timflannagan made their first contribution in #3289
- @TheInvincibleRalph made their first contribution in #3286
- @unicell made their first contribution in #3315
Dependencies
Added
- cel.dev/expr: v0.15.0
- github.com/planetscale/vtprotobuf:
0393e58
Changed
- cloud.google.com/go/compute/metadata: v0.2.3 → v0.3.0
- github.com/cespare/xxhash/v2: v2.2.0 →
v2.3.0 - github.com/cncf/xds/go: 0fa0005 →
555b57e - github.com/envoyproxy/go-control-plane: v0.12.0 →
1eb8caa - github.com/golang/glog: v1.2.0 →
v1.2.1 - github.com/miekg/dns: v1.1.58 →
v1.1.62 - golang.org/x/crypto: v0.22.0 → v0.26.0
- golang.org/x/mod: v0.17.0 → v0.18.0
- golang.org/x/net: v0.24.0 → v0.28.0
- golang.org/x/oauth2: v0.19.0 → v0.21.0
- golang.org/x/sync: v0.7.0 → v0.8.0
- golang.org/x/sys: v0.19.0 → v0.23.0
- golang.org/x/telemetry: f48c80b → bda5523
- golang.org/x/term: v0.19.0 → v0.23.0
- golang.org/x/text: v0.14.0 → v0.17.0
- golang.org/x/tools: v0.20.0 → v0.22.0
- google.golang.org/appengine: v1.6.8 → v1.6.7
- google.golang.org/genproto/googleapis/api: 6ceb2ff → ef581f9
- google.golang.org/genproto/googleapis/rpc: 6ceb2ff → ef581f9
- google.golang.org/genproto: 6ceb2ff → f966b18
- google.golang.org/grpc/cmd/protoc-gen-go-grpc: v1.3.0 → v1.5.1
- google.golang.org/grpc: v1.63.2 → v1.66.2
- google.golang.org/protobuf: v1.33.0 → v1.34.2
- k8s.io/api: v0.30.0 → v0.31.1
- k8s.io/apiextensions-apiserver: v0.30.0 → v0.31.1
- k8s.io/apimachinery: v0.30.0 → v0.31.1
- k8s.io/client-go: v0.30.0 → v0.31.1
- k8s.io/code-generator: v0.30.0 → v0.31.1
Removed
- cloud.google.com/go/compute: v1.24.0