Kong v0.13.1 Release Notes
Release Date: 2018-04-23 // about 6 years ago-
๐ This release contains numerous bug fixes and a few convenience features. Notably, a best-effort/backwards-compatible approach is followed to resolve
no memory
errors caused by the fragmentation of shared memory between the ๐ core and plugins.โ Added
Core
- Cache misses are now stored in a separate shared memory zone from hits if
such a zone is defined. This reduces cache turnover and can increase the
cache hit ratio quite considerably.
Users with a custom Nginx template are advised to define such a zone to
benefit from this behavior:
lua_shared_dict kong_db_cache_miss 12m;
. - We now ensure that the Cassandra or PostgreSQL instance Kong is connecting to falls within the supported version range. Deprecated versions result in warning logs. As a reminder, Kong 0.13.x supports Cassandra 2.2+, and PostgreSQL 9.5+. Cassandra 2.1 and PostgreSQL 9.4 are supported, but deprecated. #3310
- HTTP 494 errors thrown by Nginx are now caught by Kong and produce a native, Kong-friendly response. Thanks @ti-mo for the contribution! #3112
CLI
- Report errors when compiling custom Nginx templates. #3294
Admin API
- Friendlier behavior of Routes schema validation: PATCH requests can be made
without specifying all three of
methods
,hosts
, orpaths
if at least one of the three is specified in the body. #3364
๐ Plugins
- ๐ jwt: Support for identity providers using JWKS by ensuring the
config.key_claim_name
values is looked for in the token header. Thanks @brycehemme for the contribution! #3313 - basic-auth: Allow specifying empty passwords. Thanks @zhouzhuojie and @perryao for the contributions! #3243
๐ Fixed
Core
- Numerous users have reported
no memory
errors which were caused by circumstantial memory fragmentation. Such errors, while still possible if plugin authors are not careful, should now mostly be addressed. #3311
If you are using a custom Nginx template, be sure to define the following shared memory zones to benefit from these fixes:
lua_shared_dict kong_db_cache_miss 12m; lua_shared_dict kong_rate_limiting_counters 12m;
CLI
- Redirect Nginx's stdout and stderr output to
kong start
whennginx_daemon
is enabled (such as when using the Kong Docker image). This also prevents growing log files when Nginx redirects logs to/dev/stdout
and/dev/stderr
butnginx_daemon
is disabled. #3297
Admin API
- Set a Service's
port
to443
when theurl
convenience parameter uses thehttps://
scheme. #3358 - Ensure PATCH requests do not return an error when un-setting foreign key
fields with JSON
null
. #3355 - ๐ Ensure the
/plugin/schema/:name
endpoint does not corrupt plugins' schemas. #3348 - ๐ Properly URL-decode path segments of plugins endpoints accepting spaces
(e.g.
/consumers/<consumer>/basic-auth/John%20Doe/
). #3250 - Properly serialize boolean filtering values when using Cassandra. #3362
๐ Plugins
- rate-limiting/response-rate-limiting:
- If defined in the Nginx configuration, will use a dedicated
lua_shared_dict
instead of using thekong_cache
shared memory zone. This prevents memory fragmentation issues resulting inno memory
errors observed by numerous users. Users with a custom Nginx template are advised to define such a zone to benefit from this fix:lua_shared_dict kong_rate_limiting_counters 12m;
. #3311 - When using the Redis strategy, ensure the correct Redis database is selected. This issue could occur when several request and response rate-limiting were configured using different Redis databases. Thanks @mengskysama for the patch! #3293
- If defined in the Nginx configuration, will use a dedicated
- key-auth: Respect request MIME type when re-encoding the request body
if both
config.key_in_body
andconfig.hide_credentials
are enabled. Thanks @p0pr0ck5 for the patch! #3213 - oauth2: Return HTTP 400 on invalid
scope
type. Thanks @Gman98ish for the patch! #3206 - ๐ง ldap-auth: Ensure the plugin does not throw errors when configured as a global plugin. #3354
- hmac-auth: Verify signature against non-normalized (
$request_uri
) request line (instead of$uri
). #3339 - aws-lambda: Fix a typo in upstream headers sent to the function. We now
properly send the
X-Amz-Log-Type
header. #3398
- Cache misses are now stored in a separate shared memory zone from hits if
such a zone is defined. This reduces cache turnover and can increase the
cache hit ratio quite considerably.
Users with a custom Nginx template are advised to define such a zone to
benefit from this behavior: