Dependency Bumps
- solo-io/envoy-gloo has been upgraded to v1.26.3-patch2.
- solo-io/envoy-gloo has been upgraded to v1.26.4-patch1.
- solo-io/k8s-utils has been upgraded to v0.4.1.
New Features
- Add option to preserve escaped characters within an entire TransformationTemplate and a new Inja function for fine-grained control within a template. (https://github.com/solo-io/solo-projects/issues/5155)
- Gloo now supports connection limiting. This restricts the number of active connections per gateway. Useful to protect resources, ensure fair share of resources across gateways, and prevent DoS attacks. Both HTTP and TCP Gateways can now be configured via the
options.ConnectionLimit
parameter to restrict the number of active connections and wait for an optional delay before closing them. This is based off the envoy Connection Limit Filter (https://www.envoyproxy.io/docs/envoy/latest/configuration/listeners/network_filters/connection_limit_filter) (#7428) - Add an environment variable "HEADER_SECRET_REF_NS_MATCHES_US" that when set in the gloo pod requires that secrets sent in headers to an upstream are in the same namespace as that upstream. This defaults to false and when it is not set, resources can be in any namespaces watched by Gloo. (https://github.com/solo-io/solo-projects/issues/5007)
Fixes
- Fix typo in helm template when rendering multiple Gateways. (#8404)