Kong v0.10.0 Release Notes
Release Date: 2017-03-07 // about 7 years ago-
🚀 Kong 0.10 is one of most significant releases to this day. It ships with exciting new features that have been heavily requested for the last few months, 👍 such as load balancing, Cassandra 3.0 compatibility, Websockets support, internal DNS resolution (A and SRV records without Dnsmasq), and more flexible matching capabilities for APIs routing.
🚀 On top of those new features, this release received a particular attention to 🐎 performance, and brings many improvements and refactors that should make it 👍 perform significantly better than any previous version.
🔄 Changed
- :warning: API Objects (as configured via the Admin API) do not support
the
request_host
andrequest_uri
fields anymore. The 0.10 migrations should upgrade your current API Objects, but make sure to read the new 0.10 Proxy Guide to learn the new routing capabilities of Kong. On the good side, this means that Kong can now route incoming requests according to a combination of Host headers, URIs, and HTTP methods. - ⚠ :warning: Final slashes in
upstream_url
are no longer allowed. #2115 - 🚚 :warning: The SSL plugin has been removed and dynamic SSL capabilities have been added to Kong core, and are configurable via new properties on the API entity. See the related PR for a detailed explanation of this change. #1970
- ⚠ :warning: Drop the Dnsmasq dependency. We now internally resolve both A and SRV DNS records. #1587
- ⬆️ :warning: Dropping support for insecure
TLS/1.0
and defaultingUpgrade
responses toTLS/1.2
. #2119 - ⬆️ Bump the compatible OpenResty version to
1.11.2.1
and1.11.2.2
. Support for OpenResty1.11.2.2
requires the--without-luajit-lua52
compilation flag. - 🔊 Separate Admin API and Proxy error logs. Admin API logs are now written to
logs/admin_access.log
. #1782 - Auto-generates stronger SHA-256 with RSA encryption SSL certificates. #2117
➕ Added
- 👍 :fireworks: Support for Cassandra 3.x. #1709
- :fireworks: SRV records resolution. #1587
- :fireworks: Load balancing. When an A or SRV record resolves to multiple
entries, Kong now rotates those upstream targets with a Round-Robin
algorithm. This is a first step towards implementing more load balancing
algorithms.
Another way to specify multiple upstream targets is to use the newly
introduced
/upstreams
and/targets
entities of the Admin API. #1587 #1735 - :fireworks: Multiple hosts and paths per API. Kong can now route incoming requests to your services based on a combination of Host headers, URIs and HTTP methods. See the related PR for a detailed explanation of the new properties and capabilities of the new router. #1970
- :fireworks: Maintain upstream connection pools which should greatly improve
performance, especially for HTTPS upstream connections. We now use HTTP/1.1
for upstream connections as well as an nginx
upstream
block with a configurablekeepalive
directive, thanks to the newnginx_keepalive
configuration property. #1587 #1827 - ⬆️ :fireworks: Websockets support. Kong can now upgrade client connections to
use the
ws
protocol whenUpgrade: websocket
is present. #1827 - 👉 Use an in-memory caching strategy for database entities in order to reduce CPU load during requests proxying. #1688
- Provide negative-caching for missed database entities. This should improve performance in some cases. #1914
- 👌 Support for serving the Admin API over SSL. This introduces new properties in
the configuration file:
admin_listen_ssl
,admin_ssl
,admin_ssl_cert
andadmin_ssl_cert_key
. #1706 - 👌 Support for upstream connection timeouts. APIs now have 3 new fields:
upstream_connect_timeout
,upstream_send_timeout
,upstream_read_timeout
to specify, in milliseconds, a timeout value for requests between Kong and your APIs. #2036 - 👌 Support for clustering key rotation in the underlying Serf process:
- new
cluster_keyring_file
property in the configuration file. - new
kong cluster keys ..
CLI commands that expose the underlyingserf keys ..
commands. #2069
- new
- Support for
lua_socket_pool_size
property in configuration file. #2109 - 🔌 Plugins:
- :fireworks: New AWS Lambda plugin. Thanks Tim Erickson for his collaboration on this new addition. #1777 #1190
- Anonymous authentication for auth plugins. When such plugins receive the
config.anonymous=<consumer_id>
property, even non-authenticated requests will be proxied by Kong, with the traditional Consumer headers set to the designated anonymous consumer, but also with aX-Anonymous-Consumer
header. Multiple auth plugins will work in a logicalOR
fashion. #1666 and #2035 - request-transformer: Ability to change the HTTP method of the upstream request. #1635
- jwt: Support for ES256 signatures. #1920
- rate-limiting: Ability to select the Redis database to use via the new
config.redis_database
plugin property. #1941
🛠 Fixed
- Looking for Serf in known installation paths. #1997
- Including port in upstream
Host
header. #2045 - Clarify the purpose of the
cluster_listen_rpc
property in the configuration file. Thanks Jeremy Monin for the patch. #1860 - Admin API:
- Properly Return JSON responses (instead of HTML) on HTTP 409 Conflict when adding Plugins. #2014
- CLI:
- Avoid double-prefixing migration error messages with the database name (PostgreSQL/Cassandra).
- 🔌 Plugins:
- :warning: API Objects (as configured via the Admin API) do not support
the