Skip to content
This repository has been archived by the owner on Jul 11, 2023. It is now read-only.

Release v0.7.0-rc.1

Pre-release
Pre-release
Compare
Choose a tag to compare
@github-actions github-actions released this 01 Feb 20:53
v0.7.0-rc.1
53fe2d5
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.

Notable Changes

  • TCP traffic filtering and routing support with SMI policies and in permissive mode
  • Ability to program outbound IP range exclusion list to bypass sidecar interception
  • Tracing with Jaeger is now disabled by default
  • CPU and memory resources for the OSM control plane can now be configured via chart values.
  • Add experimental routes v2 functionality which modifies how RDS is programmed in Envoy proxies
  • Documentation is now rendered on the Web at https://docs.openservicemesh.io
  • CONTRIBUTING.md has been updated to describe OSM's new pull request workflow
  • Documentation now includes how to upgrade an OSM control plane with Helm
  • Support for gRPC as an application protocol (#2354)
  • Updated SMI Traffic Access Control to v1alpha3 and Traffic Specs to v1alpha4
  • Logging has been audited for security
  • Fixed bug where setting the weight in a Traffic Split to 0 had no effect
  • OSM control planes now emit their own Prometheus metrics like number of pods and namespaces in the mesh, XDS statistics, and more
  • Updated Envoy used in injected sidecar containers to v1.17
  • A validating webhook has been added to verify changes to the osm-config ConfigMap

CRD Updates

charts/osm/crds/access.yaml
charts/osm/crds/specs.yaml

Changelog

  • tests/e2e: fix default expectations in Helm install test a6f634d (Shashank Ram)
  • tests/e2e: Add a test to verify IP range exclusion ba2cb53 (Shashank Ram)
  • configurator: remove tracing config keys from required list dcfe26e (Shashank Ram)
  • Fixed e2e output 9a687f3 (nshankar13)
  • fix(docs/example/README.md): fix apply and move permissivemode c88160e (Rita Zhang)
  • Update readme and tags for 0.7.0-rc.1 2afceb7 (Sanya Kochhar)
  • Turn of tracing by default ea1d39a (Eduard Serra)
  • Update mesh-details dashboard a5412ef (Eduard Serra)
  • codecov: enable on pull action and ignore demo/test code 84a1e72 (Shashank Ram)
  • fix(ci): skip codecov update on PRs 085a684 (Jon Huhn)
  • feat(charts/): parameterize resource configuration 5e1b4d3 (Michelle Noorali)
  • metricstore: remove high cardinality labels from metrics osm metrics e206a09 (Eduard Serra)
  • charts/osm: make IP range exclusion configurable c635b6b (Shashank Ram)
  • charts/osm: update README and remove trailing whitespace d029103 (Shashank Ram)
  • test: verify service port's appProtocol precedence over name 7f09a7a (Shashank Ram)
  • configurator: validate outbound IP exclusion field 5f2445d (Shashank Ram)
  • Allow named service ports to specify application protocol b9667c7 (Shashank Ram)
  • injector: allow outbound IP range exclusions f2b8764 (Shashank Ram)
  • docs(upgrade): Include steps to recreate CRDs 1ea7d27 (Kalya Subramanian)
  • configurator/test: fix test pollution issue 5b38112 (Shashank Ram)
  • docs(upgrade): Document mapping of ConfigMap and values file 0a1081a (Kalya Subramanian)
  • docs: redirect for landing page aaca016 (flynnduism)
  • feat(*): add routes v2 functionality 94f27be (Michelle Noorali)
  • docs: organize markdown content to serve as a website 31f83d6 (flynnduism)
  • tests(*): fixing labels and fixtures while creating pods 1d88175 (Sneha Chhabria)
  • docs(upgrade): Add upgrade troubleshooting guide (#2377) 853b995 (Kalya Subramanian)
  • Make image tag immutable for releases d06015c (Shalier Xia)
  • fix(make): update e2e kind cluster flag bfdfc0f (Jon Huhn)
  • injector: Correct error log message (#2382) 2316bdc (Delyan Raychev)
  • tresor: Change log level for a statement from Info to Debug (#2383) ab76653 (Delyan Raychev)
  • configurator: Convert Info log messages to Debug (#2381) 4776cad (Delyan Raychev)
  • envoy/ads: Augment log messages with context (#2380) 262fd86 (Delyan Raychev)
  • rds: Augment error log message with Pod UID (#2379) f88ca6e (Delyan Raychev)
  • injector: Augmenting log line with missing variable (#2378) 377a47f (Delyan Raychev)
  • ads: Add more context with Envoy Pod UID to some log messages (#2376) bc6d52f (Delyan Raychev)
  • ads: Adding a comment to a log line to remind us of the importance of logging ADS request/responses carefully (#2375) 3c6353d (Delyan Raychev)
  • envoy/route: Delete log line providing little info (#2374) 6b699b9 (Delyan Raychev)
  • catalog: Small tweak verbiage of log line; Delete unused function (#2373) 68bcfab (Delyan Raychev)
  • catalog: Tweak verbiage of log line (#2372) d8b7249 (Delyan Raychev)
  • lds/ingress: Tweak error log message for clarity (#2371) 5d7df9f (Delyan Raychev)
  • catalog: Augment log messages with Pod UID (#2360) 98a6c05 (Delyan Raychev)
  • contributing: update guide to reflect new pull request workflow 3723c37 (Shashank Ram)
  • docs(upgrade): Add docs for helm upgrade (#2340) 90c3259 (Kalya Subramanian)
  • Fix typo on Prometheus enablement flag 3b96400 (Chad Kittel)
  • [tests] : Adding unit test for the entire envoy listener configuration (#2358) 1c00c37 (Sneha Chhabria)
  • injector: Small correction to a log message (#2355) e109d6a (Delyan Raychev)
  • reconciler: Tiny adjustment to a log message (#2357) 4e11b98 (Delyan Raychev)
  • gRPC: allow specifying gRPC as appProtocol for service ports (#2354) b7b4c8d (Shashank Ram)
  • logs: Use Certificate SerialNumber instead of Subject CN (#2351) e59da65 (Delyan Raychev)
  • logging: remove SAN from logs (#2346) 1e6b29a (Sanya Kochhar)
  • docs(release): document release candidate process (#2341) 98d4675 (Jon Huhn)
  • ci: Run Envoy + SMI scenario tests as part of CI (#2303) a0fd215 (Delyan Raychev)
  • injector: Idiomatic logging of error messages with log.Error().Err(err) (#2349) 100375b (Delyan Raychev)
  • ads: Curate log messages when Envoys connect to xDS control plane (#2350) b21a151 (Delyan Raychev)
  • ads: Do not log Envoy's XDS Certificate CN; log cert's SerialNumber instead (#2345) d6b003b (Delyan Raychev)
  • injector: Idiomatic logging of error messages with log.Error().Err(err) (#2348) bc1d7de (Delyan Raychev)
  • injector/init: generate init-container commands within osm-controller (#2343) 05677b0 (Shashank Ram)
  • Proxy fields xDSCertificateCommonName and xDSCertificateSerialNumber can be private 2d72897 (Delyan Raychev)
  • Rename CommonName and SerialNumber fields on the Proxy struct 08b5bdc (Delyan Raychev)
  • proxy: Add certificate SerialNumber UID to NewProxy() and Proxy{} 1c0637f (Delyan Raychev)
  • Change ValidateClient to return certificate SerialNumber for newly connected Envoy proxy da679d7 (Delyan Raychev)
  • smi/traffic-access: update to v1alpha3 (#2336) edd9902 (Shashank Ram)
  • Auditing the log levels in OSM (#2335) a0f936f (Sneha Chhabria)
  • Disable test temporarily e64c6b0 (Delyan Raychev)
  • proxy: Rename GetCommonName() to GetCertificateCommonName(); Add GetCertificateSerialNumber() e2edc78 (Delyan Raychev)
  • doc(chart): Updated chart readme (#2322) 85b5217 (Alessandro Vozza)
  • smi: update to smi-sdk-go v0.5.0 and traffic-specs v1alpha4 (#2331) db184fc (Shashank Ram)
  • Update pkg/certificate/providers/vault/certificate_manager.go 2ca81ad (Delyan Raychev)
  • Update pkg/certificate/providers/certmanager/types.go 42d0aea (Delyan Raychev)
  • Update pkg/envoy/ads/response.go 8c99a84 (Delyan Raychev)
  • Fixing typos in comments, variable names etc. 08f7152 (Delyan Raychev)
  • ref(release): Include CRD upgrade info in Release Notes (#2323) 50a62d3 (Kalya Subramanian)
  • Fix log messages 1c8e111 (Delyan Raychev)
  • certificate: Delete unused functions (#2305) e75dddb (Delyan Raychev)
  • logging: remove request response from log (#2321) c11e267 (Sanya Kochhar)
  • logging: remove raw object from logs (#2326) 16b7727 (Sanya Kochhar)
  • [Bugfix] : Handling services with weight 0 in traffic split (#2320) 8f85d4f (Sneha Chhabria)
  • sds: Correct comments and tests - remove mentions of non-existent requestedCertType function (#2298) d8697f8 (Delyan Raychev)
  • metrics: add metrics for pod and namespace count (#2324) 712cf95 (Shashank Ram)
  • providers: Remove Azure endpoints provider (#2325) 966cb93 (Delyan Raychev)
  • certificate: Implement GetSerialNumber() for all certificate issuers/providers (#2319) 0011cf9 (Delyan Raychev)
  • logging: change podIPs to UIDs (#2315) 57aad53 (Sanya Kochhar)
  • injector: fix bug where existing volumes in pod spec are not preserved (#2238) de5bd8d (Addo.Zhang)
  • debugger: refactor httpserver and debugger (#2308) 24c30d8 (Edu Serra)
  • certificate: Document kinds of certificates in OSM (#2301) 22d368e (Delyan Raychev)
  • metrics : exposing metric for time take to issue xds certificates (#2306) b9e56aa (Sneha Chhabria)
  • changed from connectvault to certmanager in osm_deployment (#2307) 8d10b10 (Niranjan Shankar)
  • metrics : exposing metric for number for xds certificates issued (#2302) b7337ab (Sneha Chhabria)
  • scenarios: Test that the apex service is removed in traffic split (#2274) 9cb3246 (Delyan Raychev)
  • metrics: fix use of short XDS name, Grafan "mesh details" dashboard update (#2300) bfab45e (Edu Serra)
  • envoy/lds: build outound service filter chains per port (#2299) e8880c9 (Shashank Ram)
  • s/SerivceAccount/ServiceAccount/g (#2297) d7f592a (Delyan Raychev)
  • ref(jaeger): Disable Jaeger by default (#2291) 6f4349a (Kalya Subramanian)
  • pkg/*: rename APIs used to retrieve protocol mapping for port and targetPort (#2296) 4c782b0 (Shashank Ram)
  • catalog: add api to retrieve port:protocol mapping (#2295) 92793ea (Shashank Ram)
  • ads/metrics: implement xds path time metrics (#2292) ee1ce5e (Edu Serra)
  • metrics: use event type value as the metric label (#2289) d737ac0 (Shashank Ram)
  • Adding scraping to OSM pod (#2288) 797e53f (Edu Serra)
  • envoy: update to v1.17 to leverage default_filter_chain (#2286) 88980a8 (Shashank Ram)
  • metrics: add type and namespace label to k8s event metric (#2285) 65af7d6 (Shashank Ram)
  • prometheus: limit scrapping to currently used metrics only (#2276) 9614eee (Edu Serra)
  • metrics: add injector webhook metrics (#2284) 047154e (Edu Serra)
  • Update debug server test (#2283) ac52c1f (Niranjan Shankar)
  • Bump versions for 0.6.1 release 01a1dc4 (Sanya Kochhar)
  • metrics: expose metrics for number of connected proxies (#2278) 7a4e24a (Shashank Ram)
  • metricsstore: export prometheus metrics to clients (#2275) b1f24cd (Shashank Ram)
  • webhooks: use separate service and port for validating webhook (#2273) a48de43 (Shashank Ram)
  • metricsstore: integrate metrics store framework (#2270) e291933 (Shashank Ram)
  • docs(release): clarify version update PR (#2272) dd65933 (Jon Huhn)
  • docs(release): clarify main branch version update (#2202) 1898232 (Jon Huhn)
  • injector: Rewrite app health probes; pass through Envoy to payload (#2233) ef33665 (Delyan Raychev)
  • Aliasing import testify/assert to tassert to avoid collision with variable (#2256) df7640e (Delyan Raychev)
  • charts: disable validating webhook configuration (#2268) a1f0060 (Shashank Ram)
  • doc(uninstall): Document which resources are deleted by uninstall (#2267) d2a8f1f (Kalya Subramanian)
  • trafficpolicy: Remove conditional always evaluating to true (#2250) e11a19c (Delyan Raychev)
  • kubernetes: Log the informer and provider names w/ debug log messages (#2255) 268b512 (Delyan Raychev)
  • catalog: simplify function isValidTrafficTarget() (#2246) d640c42 (Delyan Raychev)
  • cds: Remove conditional always evaluating to true (#2261) 4605068 (Delyan Raychev)
  • rds: Rename variable colliding with imported package split (#2247) 6c8eac7 (Delyan Raychev)
  • cli: Check for nil when getting OSM Controller Deployments (#2258) 4554d19 (Delyan Raychev)
  • reconciler: Removing the + flag from %+s which will be ignored by verb in printf statement (#2257) b99e1ab (Delyan Raychev)
  • eds: Remove unused variables and inline usage of meshCatalog.ListAllowedOutboundServicesForIdentity() in for loop (#2259) cf3ebf1 (Delyan Raychev)
  • Fixing typo: s/taggic/tagging/g (#2249) f7bdec7 (Delyan Raychev)
  • Removing redundant import aliases (#2251) 4d8175a (Delyan Raychev)
  • catalog: Add comment to explain what a bool return does (#2245) 7944a11 (Delyan Raychev)
  • Fix typo s/namepace/namespace/g (#2248) 6cf6c28 (Delyan Raychev)
  • Remove duplicate lines from .gitignore (#2252) 34ce3c6 (Delyan Raychev)
  • utils: Delete unused UUID util functions (#2253) 710ad00 (Delyan Raychev)
  • Use _ for unused function params (#2254) c4644cc (Delyan Raychev)
  • Temp fix: Commenting out validating webhook, need to debug (#2265) c48acb9 (Shalier Xia)
  • charts/validatingwebhook: allow webhook deletion (#2262) 346546e (Shashank Ram)
  • Changing linear search function to mapset (#2241) e627efa (Edu Serra)
  • configurator: update validating webhook's port (#2242) 4052817 (Shashank Ram)
  • fix(demo/README.md): Fixed the OSM controller debug port and broken links in README (#2240) 98725da (Aisuko)
  • remove duplicated address_prefix (#2239) 459e353 (Addo.Zhang)
  • fix(pkg): fix typo in health.go (#2236) 08efd2a (Sanya Kochhar)
  • feat(*): add validating webhook for osm-config (#2213) f18bf91 (Shalier Xia)
  • fix(docs/Design.md): Fix the wrong title links of document contents (#2235) 4ec3225 (Aisuko)
  • fix(fluent bit): allow httpProxy or httpsProxy value to be empty (#2231) bf1f2b2 (Sanya Kochhar)
  • Fix race on event handler test (#2232) e111a40 (Edu Serra)
  • tests/e2e: add test for tcp egress (#2230) 2861187 (Shashank Ram)
  • Announcement Channels cleanup (#2228) 9eaec68 (Edu Serra)
  • tests/e2e: move tcp test to own file and test permissive mode (#2227) 932c691 (Shashank Ram)
  • injector: Simplify check for metrics annotations (#2205) 4defb02 (Delyan Raychev)
  • envoy/rbac: rename rbac policy helper functions (#2226) 23e0d2b (Shashank Ram)
  • rbac/tcp: support port based RBAC for tcp traffic (#2224) 498a464 (Shashank Ram)
  • injector: Split Envoy bootstrap config generation into smaller functions (#2225) dfba804 (Delyan Raychev)
  • demo: Adding /liveness, /readiness, /startup paths to the bookstore web server (#2223) 9b69007 (Delyan Raychev)
  • cds: Add comments and tweak getPrometheusCluster() and getTracingCluster() for readability (#2211) 0f3c587 (Delyan Raychev)
  • catalog: update api to retrieve traffic targets (#2222) 7f1a775 (Shashank Ram)
  • @configurator: add specific ConfigMap handler (#2220) 4aa08b7 (Edu Serra)
  • pkg/*: add api to list traffic targets composed of associated routes (#2221) 85f8810 (Shashank Ram)
  • configurator: clean private pubsub interface in favour of global one (#2219) b24f86b (Edu Serra)
  • injector: Use admission.PatchResponseFromRaw to create patches (#2215) a7666fb (Delyan Raychev)
  • ci: only run maestro once for tresor (#2217) 5d52737 (Shashank Ram)
  • tests/e2e: add connectivity test with osm-controller restart (#2212) c37cacc (Shashank Ram)
  • envoy/ads/stream.go: Force full config of an envoy when it connects (#2210) e36ec1f (Edu Serra)
  • Typo fix s/annotion/annotation/g (#2204) dcfaf06 (Delyan Raychev)
  • tests/scale: pod/traffic split scaling test (#2186) 32fb090 (Edu Serra)
  • tests/e2e: set AppProto only if definition has it set (#2198) f1b74fa (Edu Serra)
  • demo: Tweaking join/unjoin demo scripts (#2196) c0fb754 (Delyan Raychev)
  • Update versions for release 0.6.0 (#2200) 23f20b3 (Sanya Kochhar)
  • fluent bit: add identifier to help query logs in output (#2195) 8f40c88 (Sanya Kochhar)
  • tests/e2e: add e2e test for TCP traffic (#2194) 14b8104 (Shashank Ram)
  • scripts: Add script to clean up leaked osm resources (#2193) 7647d12 (Kalya Subramanian)
  • nit: Fix osmNamespace description in values schema (#2192) 196a62a (Kalya Subramanian)
  • fix(fluent bit): update filters to work for various k8s distros (#2170) 5f6e785 (Sanya Kochhar)
  • feat(pkg/catalog): build inbound/outbound policies from traffic targets (#2187) ff58273 (Michelle Noorali)
  • endpoint/kube: Cleanup and move remaining caches to kubecontroller (#2191) 9907bcf (Edu Serra)
  • feat(util): add convenience funcs to get hostnames (#2189) ea43cfd (Michelle Noorali)
  • feat(pkg/trafficpolicy): add constructor funcs (#2188) b3cd61c (Michelle Noorali)
  • tests/framework/profile: allow mutliple results write descriptors (#2185) 9eb9a67 (Edu Serra)
  • feat(osm/install): Decouple releaseNamespace and osmNamespace (#2142) 25144a1 (Kalya Subramanian)
  • feat(*): add functions for merging traffic policies (#2181) 6e14677 (Michelle Noorali)
  • pkg/*: use mutliple value case statement instead of fallthrough (#2184) c8244a2 (Shashank Ram)
  • tcp: add outbound proxying support and update tcp demo (#2183) d906267 (Shashank Ram)
  • fix(e2e): gracefully stop port forwarding to Prometheus/Grafana (#2182) 0fd1d1b (Jon Huhn)
  • fix(e2e): fix typo in method name (#2180) 524e87a (Jon Huhn)
  • doc(charts): doc why failurePolicy must be Fail (#2178) 4245abc (Michelle Noorali)
  • ref(pkg/catalog): add ListMeshServices method (#2176) d0cd814 (Michelle Noorali)
  • pkg/*: use newer api to list outbound services (#2177) d05ceb2 (Shashank Ram)
  • tests/frmwrk: Add testFolder and setOverrides (#2175) 99adfab (Edu Serra)
  • ref(pkg/envoy/cds): use proxy identity to build outbound services (#2174) eeb1600 (Michelle Noorali)
  • Grafana/dashboards: change rate to irate (#2165) 3beb53e (Edu Serra)
  • tests/framework: framework monitoring/scale updates (#2163) 033ddea (Edu Serra)
  • ref(pkg/catalog): update ListAllowedOutboundServicesForIdentity (#2173) b64d9a5 (Michelle Noorali)
  • docs(release): clarify remotes in release guide (#2166) 0d40ccb (Jon Huhn)
  • feat(pkg/catalog): list allowed outbound services for identity (#2169) 4b9e393 (Michelle Noorali)
  • add --set to the osm cli (#1654) f493bfa (Rajkumar Purushothaman)
  • demo/tcp: adds simple tcp client server demo (#2161) 2349201 (Shashank Ram)
  • feat(pkg/trafficpolicy): add routes to outbound traffic policy (#2150) dff9975 (Michelle Noorali)
Assets 9
Loading