All Versions
112
Latest Version
Avg Release Cycle
22 days
Latest Release
-

Changelog History
Page 5

  • v1.4.2 Changes

    December 11, 2019

    ๐Ÿš€ > Released 2019/12/10

    ๐Ÿš€ This is another patch release in the 1.4 series, and as such, strictly ๐Ÿ›  contains bugfixes. There are no new features nor breaking changes.

    ๐Ÿ›  Fixes

    Core
    • Fixes some corner cases in the balancer behavior #5318
    ๐Ÿ”Œ Plugins
    • http-log: disable queueing when using the default settings, to avoid memory consumption issues #5323
    • prometheus: restore compatibility with version 0.6.0 #5303

    Back to TOC

  • v1.4.1 Changes

    December 03, 2019

    ๐Ÿš€ > Released 2019/12/03

    ๐Ÿš€ This is a patch release in the 1.4 series, and as such, strictly contains ๐Ÿ›  bugfixes. There are no new features nor breaking changes.

    ๐Ÿ›  Fixes

    Core
    • Fixed a memory leak in the balancer #5229 -- Thanks zeeshen for the patch!
    • Removed arbitrary limit on worker connections. #5148
    • Fixed preserve_host behavior for gRPC routes #5225
    • Fix migrations for ttl for OAuth2 tokens #5253
    • Improve handling of errors when creating balancers #5284
    CLI
    • Fixed an issue with kong config db_export when reading entities that are ttl-enabled and whose ttl value is null. #5185
    Admin API
    ๐Ÿ”Œ Plugins
    • http-log: do not impose a retry delay on successful sends #5282

    Back to TOC

  • v1.4.0 Changes

    October 23, 2019

    ๐Ÿš€ > Released on 2019/10/22

    Installation

    • :warning: All Bintray assets have been renamed from .all. / .noarch. to be architecture specific namely .arm64. and .amd64.

    โž• Additions

    Core
    • :fireworks: New configuration option cassandra_refresh_frequency to set the frequency that Kong will check for Cassandra cluster topology changes, avoiding restarts when Cassandra nodes are added or removed. #5071
    • New transformations property in DAO schemas, which allows adding functions that run when database rows are inserted or updated. #5047
    • The new attribute hostname has been added to upstreams entities. This attribute is used as the Host header when proxying requests through Kong to servers that are listening on server names that are different from the names to which they resolve. #4959
    • New status interface has been introduced. It exposes insensitive health, metrics and error read-only information from Kong, which can be consumed by other services in the infrastructure to monitor Kong's health. This removes the requirement of the long-used workaround to monitor Kong's health by injecting a custom server block. #4977
    • New Admin API response header X-Kong-Admin-Latency, reporting the time taken by Kong to process an Admin API request. #4966
    ๐Ÿ”ง Configuration
    • :warning: New configuration option service_mesh which enables or disables the Service Mesh functionality. The Service Mesh is being deprecated and will not be available in the next releases of Kong. #5124
    • New configuration option router_update_frequency that allows setting the frequency that router and plugins will be checked for changes. This new option avoids performance degradation when Kong routes or plugins are frequently changed. #4897
    ๐Ÿ”Œ Plugins
    • rate-limiting: in addition to consumer, credential, and IP levels, now rate-limiting plugin has service-level support. Thanks wuguangkuo for the patch! #5031
    • Now rate-limiting local policy counters expire using the shared dictionary's TTL, avoiding to keep unnecessary counters in memory. Thanks cb372 for the patch! #5029
    • Authentication plugins have support for tags now. #4945
    • response-transformer plugin now supports renaming response headers. Thanks aalmazanarbs for the patch! #5040

    ๐Ÿ›  Fixes

    Core
    • :warning: Service Mesh is known to cause HTTPS requests to upstream to ignore proxy_ssl* directives, so it is being discontinued in the next major release of Kong. In this release it is disabled by default, avoiding this issue, and it can be enabled as aforementioned in the configuration section. #5124
    • Fixed an issue on reporting the proper request method and URL arguments on NGINX-produced errors in logging plugins. #5073
    • Fixed an issue where targets were not properly updated in all Kong workers when they were removed. #5041
    • Deadlocks cases in database access functions when using Postgres and cleaning up cluster_events in high-changing scenarios were fixed. #5118
    • Fixed issues with tag-filtered GETs on Cassandra-backed nodes. #5105
    ๐Ÿ”ง Configuration
    • Fixed Lua parsing and error handling in declarative configurations. #5019
    • Automatically escape any unescaped # characters in parsed KONG_* environment variables. #5062
    ๐Ÿ”Œ Plugins
    • file-log: creates log file with proper permissions when Kong uses declarative config. #5028
    • basic-auth: fixed credentials parsing when using DB-less configurations. #5080
    • jwt: plugin handles empty claims and return the correct error message. #5123 Thanks to @jeremyjpj0916 for the patch!
    • serverless-functions: Lua code in declarative configurations is validated and loaded correctly. #24
    • request-transformer: fixed bug on removing and then adding request headers with the same name. #9

    Back to TOC

  • v1.4.0.rc2

    October 15, 2019
  • v1.4.0.rc1

    October 02, 2019
  • v1.3.1 Changes

    January 09, 2020

    Download Kong 1.3.1 and run it now:

    ๐Ÿ”— Links:

  • v1.3.0 Changes

    August 21, 2019

    ๐Ÿš€ > Released on 2019/08/21

    Kong 1.3 is the first version to officially support gRPC proxying!

    ๐ŸŒ Following our vision for Kong to proxy modern Web services protocols, we are ๐Ÿ‘ excited for this newest addition to the family of protocols already supported by Kong (HTTP(s), WebSockets, and TCP). As we have recently stated in our โœ… latest Community Call, more protocols are to be expected in the future.

    โž• Additionally, this release includes several highly-requested features such as support for upstream mutual TLS, header-based routing (not only Host), database export, and configurable upstream keepalive timeouts.

    ๐Ÿ”„ Changes

    Dependencies
    • โš  :warning: The required OpenResty version has been bumped to 1.15.8.1. If you are installing Kong from one of our distribution packages, you are not affected by this change. See #4382. With this new version comes a number of improvements:
      1. The new ngx_http_grpc_module.
      2. Configurable of upstream keepalive connections by timeout or number of requests.
      3. Support for ARM64 architectures.
      4. LuaJIT GC64 mode for x86_64 architectures, raising the LuaJIT GC-managed memory limit from 2GB to 128TB and producing more predictable GC performance.
    • โš  :warning: From this version on, the new lua-kong-nginx-module Nginx module is required to be built into OpenResty for Kong to function properly. This new module allows Kong to support new features such as mutual TLS authentication. If you are installing Kong from one of our distribution packages, you are not affected by this change. openresty-build-tools#26

    Note: if you are not using one of our distribution packages and compiling OpenResty from source, you must still apply Kong's OpenResty patches (and, as highlighted above, compile OpenResty with the new lua-kong-nginx-module). Our new ๐Ÿ— openresty-build-tools repository will allow you to do both easily.

    Core
    • :warning: Bugfixes in the router may, in some edge-cases, result in different Routes being matched. It was reported to us that the router behaved incorrectly in some cases when configuring wildcard Hosts and regex paths (e.g. #3094). It may be so that you are subject to these bugs without realizing it. Please ensure that wildcard Hosts and regex paths Routes you have configured are matching as expected before upgrading. See 9ca4dc0, 2683b86, and 6a03e1b for details.
    • Upstream connections are now only kept-alive for 100 requests or 60 seconds (idle) by default. Previously, upstream connections were not actively closed by Kong. This is a (non-breaking) change in behavior, inherited from Nginx 1.15, and configurable via new configuration properties (see below).
    ๐Ÿ”ง Configuration
    • ๐Ÿ”ง :warning: The upstream_keepalive configuration property is deprecated, and replaced by the new nginx_http_upstream_keepalive property. Its behavior is almost identical, but the notable difference is that the latter leverages the injected Nginx directives feature added in Kong 0.14.0. In future releases, we will gradually increase support for injected Nginx directives. We have high hopes that this will remove the occasional need for custom Nginx configuration templates. #4382

    โž• Additions

    Core
    • :fireworks: Native gRPC proxying. Two new protocol types; grpc and grpcs correspond to gRPC over h2c and gRPC over h2. They can be specified on a Route or a Service's protocol attribute (e.g. protocol = grpcs). When an incoming HTTP/2 request matches a Route with a grpc(s) protocol, the request will be handled by the ngx_http_grpc_module, and proxied to the upstream Service according to the gRPC protocol specifications. :warning: Note that not all Kong plugins are compatible with gRPC requests yet. #4801
    • :fireworks: Mutual TLS handshake with upstream services. The Service entity now has a new client_certificate attribute, which is a foreign key to a Certificate entity. If specified, Kong will use the Certificate as a client TLS cert during the upstream TLS handshake. #4800
    • :fireworks: Route by any request header. The router now has the ability to match Routes by any request header (not only Host). The Route entity now has a new headers attribute, which is a map of headers names and values. E.g. { "X-Forwarded-Host": ["example.org"], "Version": ["2", "3"] }. #4758
    • :fireworks: Least-connection load-balancing. A new algorithm attribute has been added to the Upstream entity. It can be set to "round-robin" (default), "consistent-hashing", or "least-connections". #4528
    • A new core entity, "CA Certificates" has been introduced and can be accessed via the new /ca_certificates Admin API endpoint. CA Certificates entities will be used as CA trust store by Kong. Certificates stored by this entity need not include their private key. #4798
    • Healthchecks now use the combination of IP + Port + Hostname when storing upstream health information. Previously, only IP + Port were used. This means that different virtual hosts served behind the same IP/port will be treated differently with regards to their health status. New endpoints were added to the Admin API to manually set a Target's health status. #4792
    ๐Ÿ”ง Configuration
    • :fireworks: A new section in the kong.conf file describes injected Nginx directives (added to Kong 0.14.0) and specifies a few default ones. In future releases, we will gradually increase support for injected Nginx directives. We have high hopes that this will remove the occasional need for custom Nginx configuration templates. #4382
    • ๐Ÿ”ง :fireworks: New configuration properties allow for controlling the behavior of upstream keepalive connections. nginx_http_upstream_keepalive_requests and nginx_http_upstream_keepalive_timeout respectively control the maximum number of proxied requests and idle timeout of an upstream connection. #4382
    • ๐Ÿ†• New flags have been added to the *_listen properties: deferred, bind, and reuseport. #4692
    CLI
    • :fireworks: Database export via the new kong config db_export CLI command. This command will export the configuration present in the database Kong is connected to (Postgres or Cassandra) as a YAML file following Kong's declarative configuration syntax. This file can thus be imported later on in a DB-less Kong node or in another database via kong config db_import. #4809
    Admin API
    • ๐Ÿ‘ Many endpoints now support more levels of nesting for ease of access. For example: /services/:services/routes/:routes is now a valid API endpoint. #4713
    • ๐Ÿ›ฐ The API now accepts form-urlencoded payloads with deeply nested data structures. Previously, it was only possible to send such data structures via JSON payloads. #4768
    ๐Ÿ”Œ Plugins
    • ๐Ÿ†• :fireworks: New bundled plugin: the session plugin is now bundled in Kong. It can be used to manage browser sessions for APIs proxied and authenticated by Kong. #4685
    • ๐Ÿ”ง ldap-auth: A new config.ldaps property allows configuring the plugin to connect to the LDAP server via TLS. It provides LDAPS support instead of only relying on STARTTLS. #4743
    • jwt-auth: The new header_names property accepts an array of header names the JWT plugin should inspect when authenticating a request. It defaults to ["Authorization"]. #4757
    • ๐Ÿ”Œ azure-functions: Bumped to 0.4 for minor fixes and performance improvements.
    • kubernetes-sidecar-injector: The plugin is now more resilient to Kubernetes schema changes.
    • ๐Ÿ”Œ serverless-functions:
      • Bumped to 0.3 for minor performance improvements.
      • Functions can now have upvalues.
    • ๐Ÿ”Œ prometheus: Bumped to 0.4.1 for minor performance improvements.
    • 0๏ธโƒฃ cors: add OPTIONS, TRACE and CONNECT to default allowed methods #4899 Thanks to @eshepelyuk for the patch!
    PDK
    • New function kong.service.set_tls_cert_key(). This functions sets the client TLS certificate used while handshaking with the upstream service. #4797

    ๐Ÿ›  Fixes

    Core
    • ๐Ÿ›  Fix WebSocket protocol upgrades in some cases due to case-sensitive comparisons of the Upgrade header. #4780
    • ๐Ÿ”ง Router: Fixed a bug causing invalid matches when configuring two or more Routes with a plain hosts attribute shadowing another Route's wildcard hosts attribute. Details of the issue can be seen in 01b1cb8. #4775
    • Router: Ensure regex paths always have priority over plain paths. Details of the issue can be seen in 2683b86. #4775
    • Cleanup of expired rows in PostgreSQL is now much more efficient thanks to a new query plan. #4716
    • ๐Ÿ‘Œ Improved various query plans against Cassandra instances by increasing the default page size. #4770
    ๐Ÿ”Œ Plugins
    • cors: ensure non-preflight OPTIONS requests can be proxied. #4899 Thanks to @eshepelyuk for the patch!
    • ๐Ÿ”Œ Consumer references in various plugin entities are now properly marked as required, avoiding credentials that map to no Consumer. #4879
    • hmac-auth: Correct the encoding of HTTP/1.0 requests. #4839
    • oauth2: empty client_id wasn't checked, causing a server error. #4884
    • response-transformer: preserve empty arrays correctly. #4901
    CLI
    • ๐Ÿ›  Fixed an issue when running kong restart and Kong was not running, causing stdout/stderr logging to turn off. #4772
    Admin API
    • ๐Ÿ”ง Ensure PUT works correctly when applied to plugin configurations. #4882
    PDK
    • Prevent PDK calls from failing in custom content blocks. This fixes a misbehavior affecting the Prometheus plugin. #4904
    • Ensure kong.response.add_header works in the rewrite phase. #4888

    Back to TOC

  • v1.3.0.rc2

    August 16, 2019
  • v1.3.0.rc1 Changes

    July 30, 2019

    Download Kong 1.3.0rc1 and test it now:

    Kong 1.3.0rc1 is the first release to officially support gRPC proxying! Also included are several highly-requested features such as support for upstream mutual TLS , header-based routing , database export , and configurable upstream keepalive timeouts.

    ๐Ÿš€ We thank in advance all of the testers for this release candidate!

    ๐Ÿ”— Links:

  • v1.2.3 Changes

    January 09, 2020

    Download Kong 1.2.3 and run it now:

    ๐Ÿ”— Links: