release: v1.1.0-rc.1 (envoyproxy#3791)

* release: v1.1.0-rc.1 Signed-off-by: Guy Daich <[email protected]> * fix lint Signed-off-by: Guy Daich <[email protected]> * review fixes Signed-off-by: Guy Daich <[email protected]> --------- Signed-off-by: Guy Daich <[email protected]>
guydc · Jul 9, 2024 · e63ffa0 · e63ffa0
1 parent cd16153
commit e63ffa0
Show file tree

Hide file tree

Showing 3 changed files with 256 additions and 1 deletion.
diff --git a/VERSION b/VERSION
@@ -1 +1 @@
-v1.0.2
+v1.1.0-rc.1
diff --git a/release-notes/v1.1.0-rc1.yaml b/release-notes/v1.1.0-rc1.yaml
@@ -0,0 +1,229 @@
+date: July 8, 2024
+
+changes:
+  - area: documentation
+    change: |
+      Added Performance Benchmarking Document
+      Added User Guide for Zipkin Tracing
+      Added User Guide for Customizing Ordering of Filters
+      Added User Guide for External Processing Filter in EnvoyExtensionPolicy
+      Added User Guide for installation of egctl with brew
+      Added User Guide for Client Buffer Size Limit
+      Added User Guide for Client Idle Timeout
+      Added Chinese translation for release notes, roadmap, installation, development, contribution and several User Guides
+      Added User Guide for Backend resource
+      Added GA Blog Post
+      Added Threat Model
+      Added Adopters section to docs
+      Added User Guide and Dashboards for Control Plane and Resource Observability
+      Added User Guide for Connection Limits in ClientTrafficPolicy
+      Added User Guide on using Private Key Provider
+      Added Design Doc for Authorization
+      Added Design Doc for XDS Metadata
+      Added Design Doc for Backend resource
+      Added Design Doc for Control Plane Observability
+      Added Design Doc for EnvoyExtensionPolicy
+      Added Design Doc for External Processing in EnvoyExtensionPolicy
+      Updated Access Logging User Guide to include filtering with CEL Expression
+      Updated Access Logging User Guide to include Metadata
+      Updated Development Guide to require Golang 1.22
+      Updated Quickstart User Guide to fetch GATEWAY_HOST from Gateway resource
+      Updated Site to reflect GA status
+      Updated HTTP Redirect User Guide to not set a redirect port or require a BackendRef
+      Updated Observability User Guides to use gateway-addons-helm
+      Updated Gateway-API User Guide to reflect support for BackendRef filters
+      Updated HTTP Timeouts User Guide to highlight default Envoy timeouts
+      Updated Installation Guide to use server-side apply
+      Updated Installation Guide to refer to values.yaml docs
+      Updated BackendTLSPolicy User Guide to GW-API v1.1.0
+      Updated User Guides to use tabs when applying yaml from file or stdin
+      Updated OIDC User Guide to use HTTPS redirect URLs
+      Updated Order of versions in Site
+      Updated Extensbility User Gudie to use yaml-format patches
+      Updated Quickstart Guide to include next steps
+      Updated CRD docs to include enum values
+      Updated Extensibility User Guide with Envoy Patch Policy examples
+      Updated structure of docs: rename Guides to Tasks, move Contribution
+      Updated Support Matrix
+      Updated egctl x status docs for xRoute and xPolicy
+      Updated egctl User Guide with Install and Uninstall commands
+      Updated GRPCRoute docs to use v1 instead of v1alpha2
+      Fixed Rate Limiting User Guide to use correct CIDR matcher type names
+      Fixed User Guide for JWT-based routing
+      Fixed JSON Access Log Example
+      Use linkinator to detect dead links in docs
+      Use helm-docs to generate chart docs
+      Support Not-Implemented-Hide marker in API docs
+
+
+  - area: installation
+    change: |
+      Added new gateway-addons-helm chart for Observability
+      Added support for global image settings for all images in Envoy Gateway helm chart
+      Added Support for PodDistruptionBudget for Envoy Gateway
+      Added Support for TopologySpreadConstraints for Envoy Gateway
+      Added Support for Tolerations for Envoy Gateway
+      Added Support for Ratelimit image pull secrets and pull policy
+      Updated ttlSecondsAfterFinished on certgen job to 30 by default
+      Updated Envoy Gateway ImagePullPolicy to IfNotPresent released charts
+      Remove envoy-gateway-metrics-service and merge its contents into envoy-gateway service
+
+
+  - area: api
+    change: |
+      Added Support for Gateway-API v1.1.0
+      Added new Backend CRD
+      Added new EnvoyExtensionPolicy CRD
+      Added Support for Plural Target Refs and Target Selectors in xPolicy CRDs
+      Added Support for Backend CRD BackendRefs in HTTPRoute, GRPCRoute and EnvoyExtensionPolicy CRDs
+      Added Support for Custom Extension Server Policy CRDs in EnvoyGateway Config
+      Added Support for Custom ShutDownManager Image in EnvoyGateway Config
+      Added Support for Leader Election in EnvoyGateway Config
+      Added Support for Connecting to Extension Server over Unix Domain Socket in EnvoyGateway Config
+      Added Support for Proxy PodDisruptionBudget in EnvoyProxy CRD
+      Added Support for Running Envoy Proxy as a Daemonset in EnvoyProxy CRD
+      Added Support for Proxy Loadbalancer Source Ranges in EnvoyProxy CRD
+      Added Support for Proxy Prometheus Metrics Compression in EnvoyProxy CRD
+      Added Support for BackendRefs in Access Log, Metric and Trace Sinks in EnvoyProxy CRD
+      Added Support for Rate Limiting Tracing in EnvoyProxy CRD
+      Added Support for Routing to Service IP in EnvoyProxy CRD
+      Added Support for Access Log CEL filters in EnvoyProxy CRD
+      Added Support for Access Log Formatters for File and OpenTelemetry in EnvoyProxy CRD
+      Added Support for Zipkin Tracing in EnvoyProxy CRD
+      Added Support for using the Listener port as a the Container port in EnvoyProxy CRD
+      Added Support for OpenTelemtry Sink Export Settings in EnvoyProxy CRD
+      Added Support for Backend Client Certificate Authentication in EnvoyProxy CRD
+      Added Support for Backend TLS Settings in EnvoyProxy CRD
+      Added Support for HTTP Filter Ordering in EnvoyProxy CRD
+      Added Support for gRPC Access Log Service (ALS) Sink in EnvoyProxy CRD
+      Added Support for OpenTelelemetry Sinks as a BackendRef in EnvoyProxy CRD
+      Added Support for User-Provided name for generate Kubernetes resources in EnvoyProxy CRD
+      Added Support for Per-Endpoint stats in EnvoyProxy CRD
+      Added Support for Targeting SectionNames in ClientTrafficPolicy CRD
+      Added Support for Preserving X-Request-ID header in ClientTrafficPolicy CRD
+      Added Support for Using Downstream Protocol in Upstream connections in ClientTrafficPolicy CRD
+      Added Support for HTTP/2 settings in ClientTrafficPolicy CRD
+      Added Support for Connection Buffer Size Limit in ClientTrafficPolicy CRD
+      Added Support for HTTP Health Check in ClientTrafficPolicy CRD
+      Added Support for Optionally requiring a Client Certificate in ClientTrafficPolicy CRD
+      Added Support for Headers with Underscores CRD in ClientTrafficPolicy CRD
+      Added Support for XFCC header processing in ClientTrafficPolicy CRD
+      Added Support for TCP Listener Idle Timeout in ClientTrafficPolicy CRD
+      Added Support for IdleTimeout in ClientTrafficPolicy CRD
+      Added Support for Connection Limits in ClientTrafficPolicy CRD
+      Added Support for additional OIDC settings related to Resource, Token and Cookie in SecurityPolicy CRD
+      Added Support for Optionally requiring a JWT in SecurityPolicy CRD
+      Added Support for BackendRefs for Ext-Auth in SecurityPolicy CRD
+      Added Support for Authorization in SecurityPolicy CRD
+      Added Support for Ext-Auth failOpen in SecurityPolicy CRD
+      Added Support for Loadbalancer Cookie Consistent Hashing in BackendTrafficPolicy CRD
+      Added Support for Disabling X-RateLimit headers in BackendTrafficPolicy CRD
+      Added Support for Connection Buffer Size Limit in BackendTrafficPolicy CRD
+      Added Support for Loadbalancing Consistent Hash Table Size in BackendTrafficPolicy CRD
+      Added Support for Loadbalancing Header Hash Policy in BackendTrafficPolicy CRD
+      Added Support for Cluster Connection Buffer Size Limit in BackendTrafficPolicy
+      Added Support for more Rate Limit Rules in BackendTrafficPolicy CRD
+      Added Support for WASM extension in EnvoyExtensionPolicy CRD
+      Added Support for External Processing extension in EnvoyExtensionPolicy CRD
+      Removed Status Print Column from xPolicy CRDs
+
+
+    breaking-change: |
+      Gateway-API BackendTLSPolicy v1alpha3 is incompatible with previous versions of the CRD
+
+
+  - area: conformance
+    change: |
+      Added Supported Features to Gateway Class
+
+
+  - area: testing
+    change: |
+      Added performance benchmarking test
+      Added e2e test for Zipking Tracing
+      Added e2e test for HTTP Health Checks
+      Added e2e test for CEL Access Log Filter
+      Added e2e test for GRPC Access Log Service Sink
+      Added e2e test for XDS Metadata
+      Added e2e test for WASM from OCI Images and HTTP Source
+      Added e2e test for Service IP Routing
+      Added e2e test for Multiple GatewayClasses
+      Added e2e test for HTTP Full Path rewrite
+      Added e2e test for Backend API
+      Added e2e test for Backend TLS Settings
+      Added e2e test for disabling X-RateLimit Headers
+      Added e2e test for Authorization
+      Added e2e test for BackendRefs in Ext-Auth
+      Added e2e test for Using Client Protocol in Upstream Connection
+      Added e2e test for Backend Client Cert Authentication
+      Added e2e test for External Processing Filter
+      Added e2e test for Merge Gateways Feature
+      Added e2e test for Option JWT authentication
+      Added e2e test for Infrastructure using Server-Side Apply
+      Added e2e test for Connection Limits
+      Added e2e test for Envoy Graceful Shutdown
+      Updated e2e test for Limit to cover multiple listeners
+      Updated e2e test for CORS to not require access-control-expose-headers
+      Run CEL tests on all supported K8s versions
+      Added OSV Scanner for Golang Vulnerabilities and Licenses
+      Added Trivy scanner for Docker images
+
+
+  - area: translator
+    change: |
+      Added Support for BackendRef HTTP Filters
+      Added Support for attaching EnvoyProxy to Gateways
+      Added Support for cross-namespace EnvoyProxy reference from GatewayClass
+      Added Support for Backend Traffic Policy for UDPRoute and TCPRoute
+      Added Support for ClientTrafficPolicy for UDPRoute and TCPRoute
+      Added Support for multiple BackendRefs in TCPRoute and UDPRoute
+      Added Metrics related to XDS Server, Infra Manager and Controller
+      Added Support for PolicyStatus in EnvoyPatchPolicy
+      Added Support for Websocket upgrades in HTTP/1 Routes
+      Added Support for custom controller name in egctl
+      Added Support for BackendTLSPoplicy CA Certificate reference to Secret
+      Added names to Filter Chains
+      Added Support extension server hooks for TCP and UDP listeners
+      Added Support for attaching EnvoyProxy resource to Gateways
+      Added Support for Exposing Prometheus Port in Rate Limiter Service
+      Added Support for Optional Rate Limit Backend Redis
+      Updated OAuth2 filter to preserve Authorization header if OIDC token forwarding is enabled
+      Updated Default Filter Order to have Fault filter first in the HTTP Filter Chain
+      Updated Ext-Auth Per-Route config to use filter-specific Config Type
+      Updated Overload Manager configuration according to Envoy recommendations by default
+      Updated Infrastructure resource management to user Server-Side Apply
+      Updated Reflection of Errors in Gateway Status when too many addresses are assigned
+      Fixed enforcement of same-namespace for BackendTLSPolicy and target
+      Fixed processing all listeners before returning with an error
+      Fixed creation of infrastructure resources if there are no listeners
+      Fixed use GatewayClass Name for Observability if Merge Gateways is enabled
+      Fixed CORS to not forward Not-Matching Preflights to Backends
+      Fixed BackendTLSPolicy status to fully conform with PolicyStatus
+      Fixed duplication of Ext-Auth, OIDC and Basic Auth Filters
+      Fixed Proxy Protocol Filter to always be the first Listener Filter
+      Fixed Translation Consistency by sorting Gateways
+      Fixed QUIC Listener to only Advertise HTTP/3 over ALPN
+      Fixed SNI matching for TCP Routes with TLS termination
+      Fixed Reconciliation when EnvoyProxy backendRefs changes
+      Fixed Reconciliation when a referenced Secret or ConfigMap changes
+      Fixed ReplaceFullPath not working for root path
+      Fixed Default Application Protocol to TCP for Zipkin Tracing
+      Fixed not appending well-known ports (80, 443) in rediret Location header
+
+  - area: providers
+    change: |
+      Bumped K8s Client to v0.30.0
+
+
+  - area: xds
+    change: |
+      Bumped go-control-plane to v0.12.1
+
+
+  - area: cli
+    change: |
+      Added Support for Install and Uninstall Commands to egctl
+      Added Support for xRoute and xPolicy in egctl x status
+      Added Golang version to Envoy Gateway version command
+      Fixed egctl x status gatewayclass example message
+
diff --git a/site/content/en/latest/tasks/quickstart.md b/site/content/en/latest/tasks/quickstart.md
@@ -90,6 +90,32 @@ curl --verbose --header "Host: www.example.com" http://localhost:8888/get
 {{% /tab %}}
 {{< /tabpane >}}
 
+## v1.1 Upgrade Notes
+
+Due to breaking changes in the Gateway API v1.1, some manual migration steps are required to upgrade Envoy Gateway to v1.1. 
+
+Delete `BackendTLSPolicy` CRD (and resources): 
+
+```shell
+kubectl delete crd backendtlspolicies.gateway.networking.k8s.io
+```
+
+Update Gateway-API and Envoy Gateway CRDs:
+
+```shell
+helm pull oci://docker.io/envoyproxy/gateway-helm --version v1.1.0 --untar
+kubectl apply -f ./gateway-helm/crds/gatewayapi-crds.yaml
+kubectl apply -f ./gateway-helm/crds/generated
+```
+
+Update your `BackendTLSPolicy` and `GRPCRoute` resources according to Gateway-API [v1.1 Upgrade Notes](https://gateway-api.sigs.k8s.io/guides/#v11-upgrade-notes)
+
+Install Envoy Gateway v1.1.0:
+
+```shell
+helm upgrade eg oci://docker.io/envoyproxy/gateway-helm --version v1.1.0 -n envoy-gateway-system 
+```
+
 ## What to explore next?
 
 In this quickstart, you have: