ยซ Changelog History


Kong v1.0.0 Release Notes

  • ๐Ÿš€ > Released on: 2018/12/18

    This is a major release, introducing new features such as Service Mesh and Stream Routing support, as well as a New Migrations framework. It also ๐Ÿ”Œ includes version 1.0.0 of the Plugin Development Kit. It contains a large ๐Ÿ”Œ number of other features and fixes, listed below. Also, all plugins included โšก๏ธ with Kong 1.0 are updated to use version 1.0 of the PDK.

    โฌ†๏ธ As usual, major version upgrades require database migrations and changes to the ๐Ÿ”ง Nginx configuration file (if you customized the default template). Please take โฌ†๏ธ a few minutes to read the 1.0 Upgrade โฌ†๏ธ Path for more details โฌ†๏ธ regarding breaking changes and migrations before planning to upgrade your Kong cluster.

    ๐Ÿ—„ Being a major version, all entities and concepts that were marked as deprecated ๐Ÿšš in Kong 0.x are now removed in Kong 1.0. The deprecated features are retained in Kong 0.15, the final entry in the Kong 0.x series, which is being ๐Ÿš€ released simultaneously to Kong 1.0.

    ๐Ÿ”„ Changes

    Kong 1.0 includes all breaking changes from 0.15, as well as the removal ๐Ÿ—„ of deprecated concepts.

    Dependencies
    • The required OpenResty version is still 1.13.6.2, but for a full feature set including stream routing and Service Mesh abilities with mutual TLS, Kong's openresty-patches must be applied (those patches are already bundled with our official distribution packages). Kong in HTTP(S) Gateway scenarios does not require these patches.
    • Service Mesh abilities require at least OpenSSL version 1.1.1. In our official distribution packages, OpenSSL has been bumped to 1.1.1. #4005
    ๐Ÿ”ง Configuration
    • ๐Ÿšš :warning: The custom_plugins directive is removed (deprecated since 0.14.0, July 2018). Use plugins instead.
    • ๐Ÿ”ง Modifications must be applied to the Nginx configuration. You are not affected by this change if you do not use a custom Nginx template. See the 1.0 Upgrade Path for a diff of changes to apply.
    • The default value for cassandra_lb_policy changed from RoundRobin to RequestRoundRobin. This helps reducing the amount of new connections being opened during a request when using the Cassandra strategy. #4004
    Core
    • :warning: The API entity and related concepts such as the /apis endpoint, are removed (deprecated since 0.13.0, March 2018). Use Routes and Services instead.
    • :warning: The old DAO implementation is removed, along with the old schema validation library (apis was the last entity using it). Use the new schema format instead in custom plugins. To ease the transition of plugins, the plugin loader in 1.0 includes a best-effort schema auto-translator, which should be sufficient for many plugins.
    • Timestamps now bear millisecond precision in their decimal part. #3660
    • The PDK function kong.request.get_body will now return nil, err, mime when the body is valid JSON but neither an object nor an array. #4063
    CLI
    • โš  :warning: The new migrations framework (detailed below) has a different usage (and subcommands) compared to its predecessor. #3802
    Admin API
    • ๐Ÿš€ :warning: In the 0.14.x release, Upstreams, Targets, and Plugins were still implemented using the old DAO and Admin API. In 0.15.0 and 1.0.0, all core entities use the new kong.db DAO, and their endpoints have been upgraded to the new Admin API (see below for details). #3689 #3739 #3778

    A summary of the changes introduced in the new Admin API:

    • Pagination has been included in all "multi-record" endpoints, and pagination control fields are different than in 0.14.x.
    • ๐Ÿ”Œ Filtering now happens via URL path changes (/consumers/x/plugins) instead of querystring fields (/plugins?consumer_id=x).
    • Array values can't be coerced from comma-separated strings anymore. They must now be "proper" JSON values on JSON requests, or use a new syntax on form-url-encoded or multipart requests.
    • Error messages have been been reworked from the ground up to be more consistent, precise and informative.
    • The PUT method has been reimplemented with idempotent behavior and has been added to some entities that didn't have it.

    ๐Ÿ“„ For more details about the new Admin API, please visit the official docs: ๐Ÿ“„ https://docs.konghq.com/

    ๐Ÿ”Œ Plugins
    • ๐Ÿšš :warning: The galileo plugin has been removed (deprecated since 0.13.0). #3960
    • โš  :warning: Some internal modules that were occasionally used by plugin authors before the introduction of the Plugin Development Kit (PDK) in 0.14.0 are now removed:
      • The kong.tools.ip module was removed. Use kong.ip from the PDK instead.
      • The kong.tools.public module was removed. Use the various equivalent features from the PDK instead.
      • The kong.tools.responses module was removed. Please use kong.response.exit from the PDK instead. You might want to use kong.log.err to log internal server errors as well.
      • The kong.api.crud_helpers module was removed (deprecated since the introduction of the new DAO in 0.13.0). Use kong.api.endpoints instead if you need to customize the auto-generated endpoints.
    • โšก๏ธ All bundled plugins' schemas and custom entities have been updated to the new kong.db module, and their APIs have been updated to the new Admin API, which is described in the above section. #3766 #3774 #3778 #3839
    • โš  :warning: All plugins migrations have been converted to the new migration framework. Custom plugins must use the new migration framework from 0.15 onwards.

    โž• Additions

    :fireworks: Service Mesh and Stream Routes

    ๐Ÿ‘ Kong's Service Mesh support resulted in a number of additions to Kong's ๐Ÿ”ง configuration, Admin API, and plugins that deserve their own section in this changelog.

    • ๐Ÿ‘Œ Support for TCP & TLS Stream Routes via the new stream_listen config option. #4009
    • A new origins config property allows overriding hosts from Kong. #3679
    • A transparent suffix added to stream listeners allows for setting up a dynamic Service Mesh with iptables. #3884
    • Kong instances can now create a shared internal Certificate Authority, which is used for Service Mesh TLS traffic. #3906 #3861
    • ๐Ÿ”Œ Plugins get a new run_on field to control how they behave in a Service Mesh environment. #3930 #4066
    • There is a new phase called preread. This is where stream traffic routing is done.
    ๐Ÿ”ง Configuration
    • A new dns_valid_ttl property can be set to forcefully override the TTL value of all resolved DNS records. #3730
    • ๐Ÿ”ง A new pg_timeout property can be set to configure the timeout of PostgreSQL connections. #3808
    • upstream_keepalive can now be disabled when set to 0. Thanks @pryorda for the patch. #3716
    • The new transparent suffix also applies to the proxy_listen directive.
    CLI
    • ๐Ÿ†• :fireworks: New migrations framework. This new implementation supports no-downtime, Blue/Green migrations paths that will help sustain Kong 1.0's stability. It brings a considerable number of other improvements, such as new commands, better support for automation, improved CLI logging, and many more. Additionally, this new framework alleviates the old limitation around multiple nodes running concurrent migrations. See the related PR for a complete list of improvements. #3802
    Core
    • ๐Ÿ‘Œ :fireworks: Support for TLS 1.3. The support for OpenSSL 1.1.1 (bumped in our official distribution packages) not only enabled Service Mesh features, but also unlocks support for the latest version of the TLS protocol.
    • ๐Ÿ‘Œ :fireworks: Support for HTTPS in active healthchecks. #3815
    • :fireworks: Improved router rebuilds resiliency by reducing database accesses in high concurrency scenarios. #3782
    • ๐ŸŽ :fireworks: Significant performance improvements in the core's plugins runloop. #3794
    • PDK improvements:
      • New kong.node module. #3826
      • New functions kong.response.get_path_with_query() and kong.request.get_start_time(). #3842
      • Getters and setters for Service, Route, Consumer, and Credential. #3916
      • kong.response.get_source() returns error on nginx-produced errors. #4006
      • kong.response.exit() can be used in the header_filter phase, but only without a body. #4039
    • Schema improvements:
      • New field validators: distinct, ne, is_regex, contains, gt.
      • Adding a new field which has a default value to a schema no longer requires a migration. #3756
    Admin API
    • :fireworks: Routes now have a name field (like Services). #3764
    • ๐Ÿ“œ Multipart parsing support. #3776
    • Admin API errors expose the name of the current strategy. #3612
    ๐Ÿ”Œ Plugins
    • ๐Ÿ‘Œ :fireworks: aws-lambda: Support for Lambda Proxy Integration with the new is_proxy_integration property. Thanks @aloisbarreras for the patch! #3427.
    • ๐Ÿ”ง http-log: Support for buffering logging messages in a configurable logging queue. #3604
    • ๐Ÿ”Œ Most plugins' logic has been rewritten with the PDK instead of using internal Kong functions or ngx_lua APIs.

    ๐Ÿ›  Fixes

    Core
    • ๐Ÿ›  Fix an issue which would insert an extra / in the upstream URL when the request path was longer than the configured Route's path attribute. #3780
    • ๐Ÿ‘ Ensure better backwards-compatibility between the new DAO and existing core runloop code regarding null values. #3772 #3710
    • ๐Ÿ‘ Ensure support for Datastax Enterprise 6.x. Thanks @gchristidis for the patch! #3873
    • Various issues with the PostgreSQL DAO strategy were addressed.
    • Various issues related to the new schema library bundled with the new DAO were addressed.
    • PDK improvements:
      • kong.request.get_path() and other functions now properly handle cases when $request_uri is nil. #3842
    Admin API
    • ๐Ÿ”ง Ensure the /certificates endpoints properly returns all SNIs configured on a given certificate. #3722
    • Ensure the upstreams/:upstream/targets/... endpoints returns an empty JSON array ([]) instead of an empty object ({}) when no targets exist. #4058
    • ๐Ÿ‘Œ Improved inferring of arguments with application/x-www-form-urlencoded. #3770
    • ๐Ÿ›  Fix the handling of defaults values in some cases when using PATCH. #3910
    ๐Ÿ”Œ Plugins
    • cors:
      • Ensure Vary: Origin is set when config.credentials is enabled. Thanks @marckhouzam for the patch! #3765
      • Return HTTP 200 instead of 204 for preflight requests. Thanks @aslafy-z for the patch! #4029
      • Ensure request origins specified as flat strings are safely validated. #3872
    • ๐ŸŽ acl: Minor performance improvements by ensuring proper caching of computed values. #4040
    • correlation-id: Prevent an error to be thrown when the access phase was skipped, such as on nginx-produced errors. #4006
    • aws-lambda: When the client uses HTTP/2, strip response headers that are disallowed by the protocols. #4032
    • rate-limiting & response-ratelimiting: Improve efficiency by avoiding unnecessary Redis SELECT operations. #3973

    Back to TOC