We are delighted to present version 1.14.0 of Contour Operator, which provides a method for packaging, deploying, and managing Contour.
A big thank you to everyone who contributed to the release.
Major Changes
ClusterIPService Network Publishing Type
Adds support for the "ClusterIPService" Envoy network publishing type. This publishing type will expose Envoy pods as a Kubernetes service of type ClusterIP.
Related Issues and PRs: #238
Contour IngressClass Name Support
Adds support for specifying Contour's IngressClass Name, i.e. the --ingress-class-name flag. If unspecified, Contour processes all ingress objects without an ingress-class annotation or with an annotation matching ingress-class=contour.
Related Issues and PRs: #239
Contour Gateway Configuration Support
Adds support for running Gateway resources with a name other than contour
and in namespaces other than projectcontour
. For example:
kind: Gateway
apiVersion: networking.x-k8s.io/v1alpha1
metadata:
name: foo
namespace: bar
...
The above example will provision Contour in namespace bar
. The Contour Deployment resource will continue to be named contour
.
Related Issues and PRs: #248
Per Contour Cluster-Scoped RBAC
Previously, running multiple contours would fail due to cluster-scoped RBAC resources, i.e. ClusterRole, not being properly updated. Now, each instance of Contour will create its own cluster-scoped RBAC resources using spec.namespace.name
of the Contour
as part of the cluster-scoped RBAC resource name. For example:
apiVersion: operator.projectcontour.io/v1alpha1
kind: Contour
metadata:
name: example
spec:
namespace:
name: foo
...
The above example will create cluster-scoped resources with -foo
as the suffix, i.e. contour-foo
as the ClusterRole and CluserRoleBinding used by Contour. Users that upgrade to v1.14.0 from previous versions should remove the old, non-namespace named cluster-scoped resources after verifying the creation of the new resources.
Related Issues and PRs: #282
Conditionally Starts Gateway Controllers
GatewayClass and Gateway controllers will check for the presence of Gateway API CRDs and only start if they exist.
Related Issues and PRs: #261
Only Gateway Resources Owned by the Operator are Reconciled
Only Gateway resources owned by the operator will be reconciled. Ownership is indicated by controller: projectcontour.io/contour-operator
in a GatewayClass resource.
Related Issues and PRs: #287