Skip to content

Releases: aws/aws-application-networking-k8s

Release v1.0.7

05 Nov 23:51
@erikfuller erikfuller
v1.0.7
d0dca4e
Compare
Choose a tag to compare
Release v1.0.7 Latest
Latest

Release v1.0.7 improves route reconciliation performance via configurable max workers for route controller instances. Also improves debugging by enabling correlation of log lines using unique reconciliation IDs. Finally, includes documentation improvements and Helm chart enhancements.

What's Changed

  • Add Trace IDs and metadata to better correlate log lines for a single reconciliation (#648)
  • Add DISABLE_TAGGING_SERVICE_API environment variable to helm chart (#655)
  • Add PodDisruptionBudget and topologySpreadConstraints to helm chart (#651)
  • Add configurable max workers for route controller instances (#672)

Documentation Improvements

  • Minor fixes for typos and version numbers (#654, #662, #664)

Full Change log: v1.0.6...v1.0.7

Log Lines

Example new log lines including trace ID, start with reconcile_start and end with reconcile_end:

2024-11-01T15:30:40.995-0700	INFO	controller.route	gwlog/metadata.go:76	reconcile_start	{"type": "route", "name": "drift-5-nwppj20ozc", "namespace": "e2e-test", "trace_id": "1d3cb3c5-c8e1-4c2f-b313-4a19c6f85e6d"}
2024-11-01T15:30:40.995-0700	INFO	controller.route	controllers/route_controller.go:275	Found aws-vpc-lattice for Route for drift-5-nwppj20ozc, e2e-test	{"trace_id": "1d3cb3c5-c8e1-4c2f-b313-4a19c6f85e6d"}
2024-11-01T15:30:40.995-0700	INFO	controller.route	controllers/route_controller.go:190	reconcile, deleting	{"name": "drift-5-nwppj20ozc", "trace_id": "1d3cb3c5-c8e1-4c2f-b313-4a19c6f85e6d"}
2024-11-01T15:30:40.995-0700	INFO	controller.route	gateway/model_build_lattice_service.go:140	No custom-domain-name for route drift-5-nwppj20ozc-e2e-test	{"trace_id": "1d3cb3c5-c8e1-4c2f-b313-4a19c6f85e6d"}
2024-11-01T15:30:41.495-0700	INFO	controller.route	lattice/service_manager.go:353	Success DeleteService svc-012345012345012345	{"trace_id": "1d3cb3c5-c8e1-4c2f-b313-4a19c6f85e6d"}
2024-11-01T15:30:41.524-0700	INFO	controller.route	controllers/route_controller.go:202	reconciled	{"name": "drift-5-nwppj20ozc", "trace_id": "1d3cb3c5-c8e1-4c2f-b313-4a19c6f85e6d"}
2024-11-01T15:30:41.556-0700	INFO	controller.route	gwlog/metadata.go:82	reconcile_end	{"type": "route", "name": "drift-5-nwppj20ozc", "namespace": "e2e-test", "trace_id": "1d3cb3c5-c8e1-4c2f-b313-4a19c6f85e6d"}
Assets 2
Loading

Release v1.0.6

14 Jun 23:18
@zijun726911 zijun726911
v1.0.6
933a07f
Compare
Choose a tag to compare
Release v1.0.6

This release introduces support for TLSRoute, allowing users to set up TLS passthrough network connectivity.

What's Changed

  • Added support for clusters running in private VPCs (#627)
  • Added support for TLSRoute and TLS passthrough, please check the user guide for more it's details. (#634)
  • Added TLSRoute and TLS passthrough document (#650)

NOTICE

The release v1.0.6 introduced a new TLSRoute CRD, it is already included the controller v1.0.6 helm chart. If you do not use the helm install to install the v1.0.6 controller, please make sure to manually install the TLSRoute CRD in your k8s cluster.

Full Change log: v1.0.5...v1.0.6

Assets 2
Loading

Release v1.0.5

09 May 17:54
@cxiang07 cxiang07
v1.0.5
ea5a394
Compare
Choose a tag to compare
Release v1.0.5

Release v1.0.5 adds logic to conditionally inject the pod readiness gates and adde support for attaching TargetGroupPolicy to ServiceExport objects.

What's Changed

  • Added logic to conditionally inject pod readiness gates (#629)
  • Added support for attaching Target Group policies to ServiceExport objects (#622)

Document Improvements

  • Reorganized and refactored documentations (#630)

Full Change log: v1.0.4...v1.0.5

Assets 2
Loading

Release v1.0.4

27 Mar 18:16
@cxiang07 cxiang07
v1.0.4
1736065
Compare
Choose a tag to compare
Release v1.0.4

Release v1.0.4 includes integration with the pod readiness gate to enable zero downtime rolling deployments.

What's Changed

  • Fixed incorrect ipv6 cluster create command example in docs #599
  • Integrated pod readiness gates to prevent sending traffic to pods before they are ready, enabling zero downtime deployments, please check the pod-readiness-gates.md doc for more detail #606, #607
  • Listened to EndpointSlice events to track pod readiness status #604
  • Fixed the bug when getting tags fails for a service network association. Now logs and skips deletion instead of failing #600

Full Change log: v1.0.3...v1.0.4

Assets 2
Loading

Release v1.0.3

19 Jan 19:48
@zijun726911 zijun726911
v1.0.3
26e8240
Compare
Choose a tag to compare
Release v1.0.3

Release v1.0.3 fixes the issue of not being able to find the foreign cluster’s serviceImport, and introduces the lattice target group global garbage collector to improve the controller performance.

What's Changed

  • Fixed permission denied error handling for service network tags #588
  • Fixed backendref serviceImport target group discovery logic #587
  • e2e test stability improvement #581
  • Added lattice target group garbage collector #580
  • Added cross-account(RAM share) e2e Tests + conflicted gateway status #578
  • Deleted the configmap in the helm chart, helm templates/deployment.yaml directly read value from values.yaml #575
  • Added missing controller permissions in recommended-inline-policy.json #574

Full Change log: v1.0.2...v1.0.3

Assets 2
Loading

Release v1.0.2

15 Dec 23:38
@zijun726911 zijun726911
v1.0.2
6f18450
Compare
Choose a tag to compare
Release v1.0.2

Release includes improved status updates for HTTP/gRPC routes and CRD policies, bug fix for shared Service Networks with RAM, and documentation updates.

What's Changed

  • Added a new recommended multi-cluster architecture documents #533
  • Improved presubmit workflow and add docs guide #545
  • Added service export/import documents #551
  • Bug fix for failing to associate Resource Access Manager(RAM) shared Service network: #566
  • Added generic policy handler, refactoring IAMAuthPolicy, TargetGroupPolicy, VpcAssociationPolicy #547
  • Update validations and status on route reconciler #563
  • Added missing permissions in recommended-inline-policy.json #548 #574

Full Change log: v1.0.1...v1.0.2

Assets 2
Loading

Release v1.0.1

22 Nov 00:49
@solmonk solmonk
v1.0.1
46fdf14
Compare
Choose a tag to compare
Release v1.0.1

This release fixes an issue on helm chart permission, and enables debug level logs to help troubleshooting.

What's Changed

  • Fixes helm chart issue with missing RBAC permission for VpcAssociationPolilcy and TargetGroupPolicy #532
  • Added LOG_LEVEL env variable and updated helm chart accordingly #534
Assets 2
Loading

Release v1.0.0

18 Nov 03:30
@mikhail-aws mikhail-aws
v1.0.0
f69e34c
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
Release v1.0.0

What's Changed

On behalf of the entire AWS Gateway API Controller team, we are pleased to announce the GA release of the AWS Gateway API Controller v1.0.0. A big thank you to all the contributors that made this release possible.

This release completes the VPC Lattice resource ownership changes by removing the Service Network conflict which enables advanced multi-cluster setups. We also added support for the recent GA release of the Gateway API v1 CRDs.

Highlights

  • Detached Gateway from VPC Lattice service network, removing service network conflict (#480, #504)
  • Added DEFAULT_SERVICE_NETWORK environment variable that will automatically create a service network and its VPC association at the controller startup (#502)
  • Updated RouteRules to return 404 status code for invalid backendRefs (#497)
  • Added handling of resource status for TargetGroupPolicy (#509)
  • Updated controller dependencies to gateway-api@v1.0.0 / controller-runtime@v0.16.3 (#503)

Breaking Changes

IAM Policies

  • The required IAM policies have changed - tag:GetResources policy is now required for running the controller. Please update your existing service account with the new policy provided in examples/recommended-inline-policy.json.

Gateway/VPCAssociationPolicy

  • Creating a Gateway no longer creates a service network and its VPC association. Please refer to the documentation for more details. Existing service networks and their associations will not be deleted.
  • Deprecated Gateway’s application-networking.k8s.aws/lattice-vpc-association annotation. Instead, use VPCAssociationPolicy CRD to configure an association.
  • Added ownership concept to VPCAssociationPolicy. It will no longer delete VPC associations that are not owned by the controller.

TargetGroupPolicy

  • Updated the CRD. The new version of controller requires the updated version of TargetGroupPolicy CRD.

General Improvements

  • Fixed e2e tests and examples to be compatible with Gateway API v1 CRDs (#515)
  • Added TargetGroupPolicy controller for updating resource status (#509)
  • Target group reconciliation performance improvements (#495, #501)
  • IAMAuthPolicy E2E test improvements (#496)
  • Target de-registration E2E test improvements (#491)
  • General E2E test performance improvements (#510)

Documentation Improvements

  • Updated deployment instructions (#511, #512, #516)
  • Replaced API references to automatically generated docs from CRDs (#505, #507)
  • Updated and reorganized documentation structure (#506, #513, #517, #521, #522)
  • Added API references to Gateway, xRoute, Service, and IAMAuthPolicy (#492, #500, #514, #518)

Upgrade Instructions

  • TargetGroupPolicy CRD is updated. This is bundled with deploy-*.yaml and Helm chart, but you can also find the CRD on config/crds/bases/application-networking.k8s.aws_targetgrouppolicies.yaml.
  • If you are upgrading from versions older than v0.0.18, please also check v0.0.18 release notes for more feature updates and breaking changes.

Full Changelog: v0.0.18...v1.0.0

Assets 2
Loading

v0.0.18

14 Nov 20:12
@zijun726911 zijun726911
v0.0.18
8d33043
Compare
Choose a tag to compare
v0.0.18

What's Changed

New features:

General Improvement and Bug Fixes:

  • [Breaking change] Replaced support for multicluster.x-k8s.io ServiceExport and ServiceImport with application-networking.k8s.aws ServiceExport and ServiceImport CRDs [#475, @xWink)
  • [Breaking change] Changed Target Groups naming convention and used AWS tags instead of names to identify mapping between k8s services and Lattice target groups. This resolves target group naming conflicts (#457, @erikfuller)
  • Added the ownership concept for VPC Lattice services to prevent conflicting routes across clusters by tagging services with identifying information (name, namespace, routeType) and ignoring changes to non-owned services. The first created route takes effect, changes to conflicting routes are ignored. (#466), @solmonk)
  • Added managedBy AWS tag to all controller managed VPC Lattice resources (#428, @mikhail-aws)
  • Added e2e test for Target Group Policy CRD (#434, @scottlaiaws)
  • Removed the controller's hard coded 100 Lattice Targets limit. We can now support the full VPC Lattice Target soft limit. (#470, @zijun726911 )
  • Added ability to pass LATTICE_ENDPOINT and CLUSTER_NAME env variable for helm chart [#446 #436, @xWink @zijun726911 )

V0.0.18 Controller Upgrade Instructions

Users of the old multicluster.x-k8s.io ServiceExport and ServiceImport need to migrate to the application-networking.k8s.aws ServiceExport and ServiceImport with the following steps:

  • Install the new CRDs
    • kubectl apply -f config/crds/bases/application-networking.k8s.aws_serviceexports.yaml
    • kubectl apply -f config/crds/bases/application-networking.k8s.aws_serviceimports.yaml
  • Replace the apiVersion of all ServiceExport or ServiceImport resources from multicluster.x-k8s.io/v1alpha1 to application-networking.k8s.aws/v1alpha1. Example files of ServiceExport and ServiceImport include:
    • examples/elasticsearch-export.yaml
    • examples/elasticsearch-import.yaml

The target group naming convention has changed in Controller version 0.0.18. For any existing Kubernetes Service and ServiceExport resources in the cluster with corresponding target groups, the controller upgrade will create new target groups using the new naming convention.
Users need to manually delete old target groups that use the previous naming convention.

  • Old target group naming convention: k8s-<namespace>-<route name>-<protocol>-<protocol version>
  • New target group naming convention: k8s-<namespace>-<route name>-<random suffix>

v0.0.17...v0.0.18

Contributors

solmonk, erikfuller, and 4 other contributors
Assets 2
Loading

v0.0.17

06 Oct 16:33
@zijun726911 zijun726911
v0.0.17
9355d85
Compare
Choose a tag to compare
v0.0.17

What's Changed

This release includes Security Groups support for VPC Lattice Service Network Vpc Associations and several bug fixes and user experience improvements. We improved logging clarity and refactored the Controller Data Store to prepare for a larger refactor of the Target Group naming strategy in a future release.

New feature:

General Improvement and bug fixes:

  • Fixed bug #386: create lattice resources when no endpoints in K8s services #406
  • Fixed bug #331: k8s service deletion do not trigger de-registering vpc lattice targets #387
  • Fixed bug #369: Remove healthCheck section in TargetGroupPolicy cannot trigger controller to reconcile TargetGroupPolicy #405
  • Logging readability and clarity improvements, removal of struct embedding in info logs, removal of unnecessary error and info logs, and addition of route reconciler logs #410 #413 #414 #416 #419
  • Removed the internal data store for Services and Services Networks and refactored to improve readability #394 #391
  • General readability improvements, refactoring of large methods, more descriptive naming for variables and functions, and consistent naming in package imports #418
  • Added e2e cleanup script#383
  • Updated docs with latest guide on health checks #377
  • Added GRPCRoute E2E test cases #363 #370

Full Changelog: v0.0.16...v0.0.17

Assets 2
Loading