22
33## Table of Contents
44
5+ - [ v1.1.0] ( #v110 )
56- [ v1.1.0-rc2] ( #v110-rc2 )
67- [ v1.1.0-rc1] ( #v110-rc1 )
78
9+ # v1.1.0
10+ On behalf of Kubernetes SIG Network, we are pleased to announce the v1.1 release!
11+ This release includes the graduation of several features to GA, including both
12+ GRPCRoute and Service Mesh. We are also introducing several new experimental
13+ features, including Session Persistence and Gateway Client Cert Verification.
14+
15+ The following represents the changes since v1.0.0:
16+
17+ ## Standard Channel
18+
19+ ### GRPCRoute has Graduated to GA 🎉
20+
21+ GRPCRoute has graduated to GA (v1) and is now part of the Standard Channel. If
22+ you are already using the experimental version GRPCRoute, we recommend holding
23+ off on upgrading to the standard channel version of GRPCRoute until the
24+ controllers you're using have been updated to support GRPCRoute v1. Until then,
25+ it is safe to upgrade to the experimental channel version of GRPCRoute in v1.1
26+ that includes both v1alpha2 and v1 API versions.
27+
28+ Leading Contributor: @gnossen
29+
30+ ### Service Mesh Support has Graduated to GA 🎉
31+
32+ The standard for using Gateway API for Mesh has formally graduated to GA (v1)
33+ and is now part of the Standard Channel.
34+
35+ Service mesh support in Gateway API allows service mesh users to use the same
36+ API to manage ingress traffic and mesh traffic, reusing the same policy and
37+ routing interfaces. In Gateway API v1.1, routes (such as HTTPRoute) can now have
38+ a ` Service ` as a ` parentRef ` , to control how traffic to specific services
39+ behave. For more information, read the [ service
40+ mesh] ( https://gateway-api.sigs.k8s.io/mesh/ ) documentation or see the list of
41+ [ implementations] ( https://gateway-api.sigs.k8s.io/implementations/#service-mesh-implementation-status ) .
42+
43+ Leading Contributors: @howardjohn , @keithmattix , @kflynn , @mikemorris
44+
45+ ### Conformance Profiles and Reports
46+
47+ The Conformance Reports API and the corresponding test suite have been graduated
48+ to GA. The Conformance report API has been expanded with the ` mode ` field
49+ (intended to specify the working mode of the implementation), and the
50+ ` gatewayAPIChannel ` (standard or experimental). The ` gatewayAPIVersion ` and
51+ ` gatewayAPIChannel ` are now filled in automatically by the suite machinery,
52+ along with a brief description of the testing outcome. The Reports have been
53+ reorganized in a more structured way, and the implementations can now add
54+ information on how the tests have been run and provide reproduction steps.
55+
56+ Leading Contributors: @mlavacca , @shaneutt
57+
58+ ### ParentRef Port field Graduated to GA
59+
60+ The ` port ` field in ParentRefs has graduated to GA (v1) and is now part of the
61+ Standard Channel. You can use the ` port ` field to attach resources to Gateways,
62+ Services, or other parent resources. For example, you can attach an HTTPRoute to
63+ one or more specific Listeners of a Gateway based on the Listener ` port ` ,
64+ instead of ` name ` field.
65+
66+ Leading Contributor: @frankbu
67+
68+ ## Experimental Channel
69+
70+ ### Session Persistence + BackendLBPolicy
71+ Session Persistence is being introduced to Gateway API via a new policy
72+ (BackendLBPolicy) for Service-level configuration and as fields within HTTPRoute
73+ and GRPCRoute for Route-level configuration. The BackendLBPolicy and Route-level
74+ APIs provide the same session persistence configuration, including session
75+ timeouts, session name, session type, and cookie lifetime type.
76+
77+ Leading Contributors: @gcs278 , @ginayeh
78+
79+ ### Gateway Client Cert Verification
80+ Gateways can now configure client cert verification for each Gateway Listener by
81+ introducing a new field ` frontendValidation ` field within ` tls ` . This field
82+ supports configuring a list of CA Certificates that can be used as a trust
83+ anchor to validate the certificates presented by the client.
84+
85+ Leading Contributors: @arkodg
86+
87+ ### BackendTLSPolicy
88+ As part of a broader goal of making our TLS terminology more consistent
89+ throughout the API, we've introduced some breaking changes to BackendTLSPolicy.
90+ This has resulted in a new API version (v1alpha3) and will require any existing
91+ users of this policy to uninstall the v1alpha2 version before installing this
92+ newer version.
93+
94+ Any references to v1alpha2 BackendTLSPolicy fields will need to be updated.
95+ Specific changes include:
96+ - the ` targetRef ` field is now a ` targetRefs ` list and these references no
97+ longer include a ` namespace ` field.
98+ - the ` tls ` field has been renamed to ` validation `
99+ - the ` caCertRefs ` field has been renamed to ` caCertificateRefs `
100+ - the ` wellKnownCACerts ` field has been renamed to ` wellKnownCACertificates `
101+
102+ Leading Contributors: @candita
103+
104+ ### Gateway Params
105+ Gateways now feature a new field that allows references to
106+ implementation-specific parameters, similar to GatewayClass.
107+
108+ Leading Contributors: @howardjohn
109+
110+ ## Everything Else
111+
112+ ### gwctl
113+
114+ * We've extended the ` get ` command to support gateways, gatewayclasses, and
115+ namespaces. (#2865 , #2782 , #2847 , @jongwooo )
116+ * The ` get ` command now provides more detailed information for httproutes,
117+ policies, and policycrds. (#2805 , #2808 , #2811 , @jongwooo )
118+ * ` describe ` command now supports descriptions of policycrds and namespaces.
119+ (#2872 , #2836 , @Devaansh-Kumar )
120+ * We've added the ability to filter resources using labels (through the ` -l `
121+ flag) with both the ` get ` and ` describe ` commands. (#2892 , #2915 , #2934 ,
122+ @yeedove )
123+ * Bug fix: Prevent panic when describing gatewayclasses with no description
124+ (#2894 , @pmalek )
125+ * Properly handle different API versions (#3001 , @gauravkghildiyal )
126+ * Provide more detail in describe output (#2999 , @gauravkghildiyal )
127+ * Support JSON and YAML output format in get commands (#2940 ,
128+ @yashvardhan-kukreja )
129+
130+ ### Validation Changes
131+
132+ - TLS Configuration is no longer required on Gateway Listeners to enable more
133+ flexible TLS configuration. (#2721 , @robscott )
134+
135+ ### Conformance Tests
136+
137+ - Conformance Profiles have been renamed and a new ` Mesh-GRPC ` profile has been
138+ added (#3019 , @mlavacca ):
139+ - HTTP -> Gateway-HTTP
140+ - GRPC -> Gateway-GRPC
141+ - TLS -> Gateway-TLS
142+ - Mesh -> Mesh-HTTP
143+ - Fixed GatewayWithAttachedRoutes conformance test to not check that the
144+ HTTPRoute status includes an "Accepted: False" condition because this is not
145+ required by the specification. (#2548 , @frankbu )
146+ - A new comparison view has been added to our documentation that shows the
147+ extended features supported by every implementation that has submitted a
148+ conformance report (#2874 , @xtineskim )
149+ - Added SupportMeshConsumerRoute and SupportMeshClusterIPMatching supported
150+ features to more clearly communicate the purpose of existing Mesh conformance
151+ tests (#3035 , @howardjohn )
152+ - Add conformance test for HTTP listener isolation (#3047 , @arkodg , @pleshakov )
153+
154+ ### Dependencies
155+
156+ - Gateway API has upgraded to Go v1.22 and Kubernetes v1.30 (#2988 , @robscott )
157+
158+ ### Cleanup
159+
160+ - The validating webhook has been removed. CEL validation is now built-in to
161+ CRDs and replaces the webhook. (#2595 , @robscott )
162+ - BackendTLSPolicy WellKnownCACerts field has been updated to
163+ implementation-specific support (#2741 , @sunjayBhatia )
164+ - Clarify policy attachment by two of the same policy types when using section
165+ names. (#2442 , @maleck13 )
166+ - Remove v1alpha2 directory from docs: (#2965 , @robscott )
167+
168+
169+ # v1.1.0-rc2
170+
171+ We expect that this release candidate is quite close to the final v1.1.0
172+ release. However, subsequent breaking API changes are still possible.
173+
174+ This release candidate is suitable for implementors, but we do not recommend
175+ shipping products based on a release candidate API due to the possibility of
176+ incompatible changes prior to the final release. The following represents the
177+ changes since v1.1.0-rc1:
178+
179+ ## Conformance Profiles
180+ - Add SupportMeshConsumerRoute and SupportMeshClusterIPMatching supported
181+ features to more clearly communicate the purpose of existing Mesh conformance
182+ tests (#3035 , @howardjohn )
183+ - Add conformance test for HTTP listener isolation (#3047 , @arkodg , @pleshakov )
184+
185+ ## gwctl
186+ - Properly handle different API versions (#3001 , @gauravkghildiyal )
187+ - Provide more detail in describe output (#2999 , @gauravkghildiyal )
188+ - Support JSON and YAML output format in get commands (#2940 ,
189+ @yashvardhan-kukreja )
190+
191+ ## Cleanup
192+ - Revert accidental removal of experimental kustomize configuration (#3022 ,
193+ @howardjohn )
194+
195+ ## Dependencies
196+ - sigs.k8s.io/controller-tools from 0.14.0 to 0.15.0 (#3031 )
197+ - sigs.k8s.io/controller-runtime from 0.17.0 to 0.18.0 (#3023 , @tao12345666333 )
198+
199+
8200# v1.1.0-rc1
9201
10202We expect that this release candidate is quite close to the final v1.1.0
@@ -13,7 +205,7 @@ release. However, subsequent breaking API changes are still possible.
13205This release candidate is suitable for implementors, but we do not recommend
14206shipping products based on a release candidate API due to the possibility of
15207incompatible changes prior to the final release. The following represents the
16- changes since # v1.1.0-rc1:
208+ changes since v1.1.0-rc1:
17209
18210## Conformance Profiles
19211- Add SupportMeshConsumerRoute and SupportMeshClusterIPMatching supported
0 commit comments