- v1.4.1
- v1.4.0
- v1.3.0
- v1.2.3
- v1.2.2
- v1.2.1
- v1.2.0
- v1.1.0
- v1.0.3
- v1.0.2
- v1.0.1
- v1.0.0
- v0.7.0
- v0.6.0
- v0.5.0
- v0.4.0
- v0.3.0
- v0.2.0
- v0.1.1
- v0.1.0
KonnectExtension
does not requirespec.serverHostname
to be set by a user anymore - default is set tokonghq.com
. #947
- Fix
DataPlane
s withKonnectExtension
andBlueGreen
settings. Both the Live and preview deployments are now customized with Konnect-related settings. #910
Release date: 2024-11-28
- Fix setting the
ServiceAccountName
forDataPlane
'sDeployment
. #897 - Fixed setting
ExternalTrafficPolicy
onDataPlane
's ingressService
when the requested value is empty. #898 - Set 0 members on
KonnectGatewayControlPlane
which type is set to group. #896 - Fixed a
panic
inKonnectAPIAuthConfigurationReconciler
occuring when nil response was returned by Konnect API when fetching the organization information. #901 - Bump sdk-konnect-go version to 0.1.10 to fix handling global API endpoints. #894
Release date: 2024-10-31
- Proper
User-Agent
header is now set on outgoing HTTP requests. #387 - Introduce
KongPluginInstallation
CRD to allow installing custom Kong plugins distributed as container images. #400, #424, #474, #560, #615, #476 - Extended
DataPlane
API with a possibility to specifyPodDisruptionBudget
to be created for theDataPlane
deployments viaspec.resources.podDisruptionBudget
. #464 - Add
KonnectAPIAuthConfiguration
reconciler. #456 - Add support for Konnect tokens in
Secrets
inKonnectAPIAuthConfiguration
reconciler. #459 - Add
KonnectControlPlane
reconciler. #462 - Add
KongService
reconciler for Konnect control planes. #470 - Add
KongUpstream
reconciler for Konnect control planes. #593 - Add
KongConsumer
reconciler for Konnect control planes. #493 - Add
KongRoute
reconciler for Konnect control planes. #506 - Add
KongConsumerGroup
reconciler for Konnect control planes. #510 - Add
KongCACertificate
reconciler for Konnect CA certificates. #626 - Add
KongCertificate
reconciler for Konnect Certificates. #643 - Added command line flags to configure the certificate generator job's images. #516
- Add
KongPluginBinding
reconciler for Konnect Plugins. #513, #535 - Add
KongTarget
reconciler for Konnect Targets. #627 - Add
KongVault
reconciler for Konnect Vaults. #597 - Add
KongKey
reconciler for Konnect Keys. #646 - Add
KongKeySet
reconciler for Konnect KeySets. #657 - Add
KongDataPlaneClientCertificate
reconciler for Konnect DataPlaneClientCertificates. #694 - The
KonnectExtension
CRD has been introduced. Such a CRD can be attached to aDataPlane
via the extensions field to have a konnect-flavoredDataPlane
. #453, #578, #736 - Entities created in Konnect are now labeled (or tagged for those that does not
support labels) with origin Kubernetes object's metadata:
k8s-name
,k8s-namespace
,k8s-uid
,k8s-generation
,k8s-kind
,k8s-group
,k8s-version
. #565 - Add
KongService
,KongRoute
,KongConsumer
, andKongConsumerGroup
watchers in theKongPluginBinding
reconciler. #571 - Annotating the following resource with the
konghq.com/plugins
annotation results in the creation of a managedKongPluginBinding
resource: KongConsumer
associated withConsumerGroups
is now reconciled in Konnect by removing/adding the consumer from/to the consumer groups. #592- Add support for
KongConsumer
credentials: - Add support for
KongRoute
s bound directly toKonnectGatewayControlPlane
s (serviceless rotues). #669 - Allow setting
KonnectGatewayControlPlane
s group membership #697 - Apply Konnect-related customizations to
DataPlane
s that properly referenceKonnectExtension
resources. #714 - The KonnectExtension functionality is enabled only when the
--enable-controller-konnect
flag or theGATEWAY_OPERATOR_ENABLE_CONTROLLER_KONNECT
env var is set. #738
- Fixed
ControlPlane
cluster wide resources not migrating to new ownership labels (introduced in 1.3.0) when upgrading the operator form 1.2 (or older) to 1.3.0. #369 - Requeue instead of reporting an error when a finalizer removal yields a conflict. #454
- Requeue instead of reporting an error when a GatewayClass status update yields a conflict. #612
- Guard object counters with checks whether CRDs for them exist #710
- Do not reconcile Gateways nor assign any finalizers when the referred GatewayClass is not supported. #711
- Fixed setting
ExternalTrafficPolicy
onDataPlane
's ingressService
during update and patch operations. #750 - Fixed setting
ExternalTrafficPolicy
onDataPlane
's ingressService
. Remove the default value (Cluster
). Prevent setting this field forClusterIP
Service
s. #812
- Default version of
ControlPlane
is bumped to 3.3.1 #580 - Default version of
DataPlane
is bumped to 3.8.0 #572 - Gateway API has been bumped to v1.2.0 #674
Release date: 2024-06-24
- Add
ExternalTrafficPolicy
toDataPlane
'sServiceOptions
#241
- Changes project layout to match
kubebuilder
v4
. Some import paths (due to dir renames) have changedapis
->api
andcontrollers
->controller
. #84
Gateway
do not have theirReady
status condition set anymore. This aligns with Gateway API and its conformance test suite. #246Gateway
s' listeners now have theirattachedRoutes
count filled in in status. #251- Detect when
ControlPlane
has its admission webhook disabled viaCONTROLLER_ADMISSION_WEBHOOK_LISTEN
environment variable and ensure that relevant webhook resources are not created/deleted. #326 - The
OwnerReferences
on cluster-wide resources to indicate their owner are now replaced by a proper set of labels to identifykind
,namespace
, andname
of the owning object. #259 - Default version of
ControlPlane
is bumped to 3.2.0 #327
- Fix enforcing up to date
ControlPlane
'sValidatingWebhookConfiguration
#225
Release date: 2024-04-23
- Fixes an issue where managed
Gateway
s controller wasn't able to reduce the createdDataPlane
objects when too many have been created. #43 Gateway
controller will no longer setDataPlane
deployment's replicas to default value whenDataPlaneOptions
inGatewayConfiguration
define scaling strategy. This effectively allows users to useDataPlane
horizontal autoscaling withGatewayConfiguration
as the generatedDataPlane
deployment will no longer be rejected. #79- Make creating a
DataPlane
index conditional based on enabling theControlPlane
controller. This allows running KGO withoutControlPlane
CRD with its controller disabled. #103
Release date: 2024-04-23
v1.2.2 was retracted due to a misplaced git tag. Due to golang proxy caching modules indefinitely we needed to retract this version. v1.2.3 contains all the changes that v1.2.2 intended to contain.
Release date: 2024-03-19
- Fixed an issue where operator wasn't able to update
ControlPlane
ClusterRole
orClusterRoleBinding
when they got out of date. #11
-
KGO now uses
GATEWAY_OPERATOR_
prefix for all flags, including thezap
related logging flags. This means that the following can now be set:-zap-devel
(env:GATEWAY_OPERATOR_ZAP_DEVEL
)-zap-encoder
(env:GATEWAY_OPERATOR_ZAP_ENCODER
)-zap-log-level
(env:GATEWAY_OPERATOR_ZAP_LOG_LEVEL
)-zap-stacktrace-level
(env:GATEWAY_OPERATOR_ZAP_STACKTRACE_LEVEL
)-zap-time-encoding
(env:GATEWAY_OPERATOR_ZAP_TIME_ENCODING
)
For more details about those please consult
zap.Options
pkg.go.dev
Release date: 2024-03-15
- 🎓 The Managed
Gateway
s feature is now GA. - 🎓
ControlPlane
andGatewayConfig
APIs have been promoted tov1beta1
. - ✨
DataPlane
s managed byGateway
s can be now scaled horizontally through theGatewayConfiguration
API. - ✨
Gateway
listeners are dynamically mapped to theDataPlane
proxy service ports. - 🧠 The new feature
AIGateway
has been released inalpha
stage.
- Added support for specifying command line flags through environment
variables having the
GATEWAY_OPERATOR_
prefix. For example, you can specify the value of flag--controller-name
through the environment variableGATEWAY_OPERATOR_CONTROLLER_NAME
. Kong/gateway-operator-archive#1616 - Add horizontal autoscaling for
DataPlane
s using itsscaling.horizontal
spec field. Kong/gateway-operator-archive#1281 ControlPlane
s now use Gateway Discovery by default, with Service DNS Strategy. Additionally, theDataPlane
readiness probe has been changed to/status/ready
when theDataPlane
is managed by aGateway
. Kong/gateway-operator-archive#1261Gateway
s andListener
sAccepted
andConflicted
conditions are now set and enforced based on the Gateway API specifications. Kong/gateway-operator-archive#1398ControlPlane
ClusterRole
s andClusterRoleBinding
s are enforced and kept up to date by theControlPlane
controller. Kong/gateway-operator-archive#1259- The
Gateway
listeners are now dynamically mapped toDataPlane
ingress service ports. This means that the change of aGateway
spec leads to aDataPlane
reconfiguration, along with an ingress service update. Kong/gateway-operator-archive#1363 --enable-controller-gateway
and--enable-controller-controlplane
command line flags are set totrue
by default to enable controllers forGateway
s andControlPlane
s. Kong/gateway-operator-archive#1519- When the
Gateway
controller provisions aControlPlane
, it sets theCONTROLLER_GATEWAY_TO_RECONCILE
env variable to let theControlPlane
reconcile that specificGateway
only. Kong/gateway-operator-archive#1529 ControlPlane
is now deployed with a validating webhook server turned on. This involves creatingValidatingWebhookConfiguration
, aService
that exposes the webhook and aSecret
that holds a TLS certificate. TheSecret
is mounted in theControlPlane
'sPod
for the webhook server to use it. Kong/gateway-operator-archive#1539 Kong/gateway-operator-archive#1545- Added
konnectCertificate
field to the DataPlane resource. Kong/gateway-operator-archive#1517 - Added
v1alpha1.AIGateway
as an experimental API. This can be enabled by manually deploying theAIGateway
CRD and enabling the feature on the controller manager with the--enable-controller-aigateway
flag. Kong/gateway-operator-archive#1399 Kong/gateway-operator-archive#1542 - Added validation on checking if ports in
KONG_PORT_MAPS
andKONG_PROXY_LISTEN
environment variables of deployment options inDataPlane
match theports
in the ingress service options of theDataPlane
. Kong/gateway-operator-archive#1521
- The
GatewayConfiguration
API has been promoted fromv1alpha1
tov1beta1
. Kong/gateway-operator-archive#1514 - The
ControlPlane
API has been promoted fromv1alpha1
tov1beta1
. Kong/gateway-operator-archive#1523 - The CRD's shortname of
ControlPlane
has been changed tokocp
. The CRD's shortname ofDataPlane
has been changed tokodp
. The CRD's shortname ofGatewayConfiguration
has been changed tokogc
. Kong/gateway-operator-archive#1532 ControlPlane
(Kong Ingress Controller) default and minimum version has been bumped to 3.1.2. Kong/gateway-operator-archive#1586DataPlane
(Kong Gateway) default version has been bumped tov3.6.0
. Kong/gateway-operator-archive#1577
- Fixed a problem where the operator would not set the defaults to
PodTemplateSpec
patch and because of that it would detect a change and try to reconcile the owned resource where in fact the change was not there. One of the symptoms of this bug could have been aStartupProbe
set inPodSpec
preventing theDataPlane
from getting correct status information. Kong/gateway-operator-archive#1224 - If the Gateway controller is enabled,
DataPlane
andControlPlane
controllers get enabled as well. Kong/gateway-operator-archive#1242 - Fix applying the
PodTemplateSpec
patch so that it's not applied when the calculated patch (resulting from the generated manifest and current in-cluster state) is empty. One of the symptoms of this bug was that when users tried to apply aReadinessProbe
which specified a port name instead of a number (which is what's generated by the operator) it would never reconcile and the status conditions would never get up to dateObservedGeneration
. Kong/gateway-operator-archive#1238 - Fix manager RBAC permissions which prevented the operator from being able to
create
ControlPlane
'sClusterRole
s, list pods or listEndpointSlices
. Kong/gateway-operator-archive#1255 DataPlane
s with BlueGreen rollout strategy enabled will now have its Ready status condition updated to reflect "live"Deployment
andService
s status. Kong/gateway-operator-archive#1308- The
ControlPlane
election-id
has been changed so that everyControlPlane
has its ownelection-id
, based on theControlPlane
name. This preventspod
s belonging to differentControlPlane
s from competing for the same lease. Kong/gateway-operator-archive#1349 - Fill in the defaults for
env
andvolumes
when comparing the in-cluster spec with the generated spec. Kong/gateway-operator-archive#1446 - Do not flap
DataPlane
'sReady
status condition when e.g. ingressService
can't get an address assigned andspec.network.services.ingress.
annotations` is non-empty. Kong/gateway-operator-archive#1447 - Update or recreate a
ClusterRoleBinding
for control planes if the existing one does not contain theServiceAccount
used byControlPlane
, orClusterRole
is changed. Kong/gateway-operator-archive#1501 - Retry reconciling
Gateway
s when provisioning ownedDataPlane
fails. Kong/gateway-operator-archive#1553
Release date: 2023-11-20
- Add support for
ControlPlane
v3.0
by updating the generatedClusterRole
. Kong/gateway-operator-archive#1189
- Bump
ControlPlane
default version tov3.0
. Kong/gateway-operator-archive#1189 - Bump Gateway API to v1.0. Kong/gateway-operator-archive#1189
- Operator
Role
generation is fixed. As a result it contains now less rules hence the operator needs less permissions to run. Kong/gateway-operator-archive#1191
Release date: 2023-11-06
- Fix an issue where operator is upgraded from an older version and it orphans
old
DataPlane
resources. Kong/gateway-operator-archive#1155 Kong/gateway-operator-archive#1161
- Setting
spec.deployment.podTemplateSpec.spec.volumes
andspec.deployment.podTemplateSpec.spec.containers[*].volumeMounts
onControlPlane
s is now allowed. Kong/gateway-operator-archive#1175
Release date: 2023-10-18
- Bump dependencies
Release date: 2023-10-02
- Fix flapping of
Gateway
managedControlPlane
spec
field when applied withoutcontrolPlaneOptions
set. Kong/gateway-operator-archive#1127
- Bump
ControlPlane
default version tov2.12
. Kong/gateway-operator-archive#1118 - Bump
WebhookCertificateConfigBaseImage
tov1.3.0
. Kong/gateway-operator-archive#1130
Release date: 2023-09-26
- Operator managed subresources are now labelled with
gateway-operator.konghq.com/managed-by
additionally to the oldkonghq.com/gateway-operator
label. The value associated with this label stays the same and it still indicates the type of a resource that owns the subresrouce. The old label should not be used as it will be deleted in the future. Kong/gateway-operator-archive#1098 - Enable
DataPlane
Blue Green rollouts controller by default. Kong/gateway-operator-archive#1106
- Fixes handling
Volume
s andVolumeMount
s when customizing throughDataPlane
'sspec.deployment.podTemplateSpec.spec.containers[*].volumeMounts
and/orspec.deployment.podTemplateSpec.spec.volumes
. Sample manifests are updated accordingly. Kong/gateway-operator-archive#1095
Release date: 2023-09-13
- Added
gateway-operator.konghq.com/service-selector-override
as the dataplane annotation to override the defaultSelector
of both the admin and proxy services. Kong/gateway-operator-archive#921 - Added deploying of preview Admin API service when Blue Green rollout strategy
is enabled for
DataPlane
s.DataPlane
'sstatus.rollout.service
is updated accordingly. Kong/gateway-operator-archive#931 - Added
gateway-operator.konghq.com/promote-when-ready
DataPlane
annotation to allow users to signal the operator should proceed with promoting the new resources whenBreakBeforePromotion
promotion strategy is used. Kong/gateway-operator-archive#938 - Added deploying of preview Deployment when Blue Green rollout strategy
is enabled for
DataPlane
s. Kong/gateway-operator-archive#930 - Added appropriate label selectors to
DataPlane
s with enabled Blue Green rollout strategy. Now Admin Service andDataPlane
Deployments correctly select their Pods. AddedDataPlane
'sstatus.selector
andstatus.rollout.deployment.selector
fields. Kong/gateway-operator-archive#951 - Added setting rollout status with
RolledOut
condition Kong/gateway-operator-archive#960 - Added deploying of preview ingress service for Blue Green rollout strategy. Kong/gateway-operator-archive#956
- Implemented an actual promotion of a preview deployment to live state when BlueGreen rollout strategy is used. Kong/gateway-operator-archive#966
- Added
PromotionFailed
condition which is set onDataPlane
s with Blue Green rollout strategy when promotion related activities (like updatingDataPlane
service selector) fail. Kong/gateway-operator-archive#1005 - Added
spec.deployment.rollout.strategy.blueGreen.resources.plan.deployment
which controls how operator managesDataPlane
Deployment
's during and after a rollout. This can currently take 1 value:ScaleDownOnPromotionScaleUpOnRollout
which will scale down theDataPlane
preview deployment to 0 replicas before a rollout is triggered via a spec change. Kong/gateway-operator-archive#1000
- Added admission webhook validation on of
DataPlane
spec updates when the Blue Green promotion is in progress. Kong/gateway-operator-archive#1051 - Added
gateway-operator.konghq.com/wait-for-owner
finalizer to all dependent resources owned byDataPlane
to prevent them from being mistakenly deleted. Kong/gateway-operator-archive#1052
- Fixes setting
status.ready
andstatus.conditions
on theDataPlane
when it's waiting for an address to be assigned to its LoadBalancer Ingress Service. Kong/gateway-operator-archive#942 - Correctly set the
observedGeneration
onDataPlane
andControlPlane
status conditions. Kong/gateway-operator-archive#944 - Added annotation
gateway-operator.konghq.com/last-applied-annotations
to resources (e.g, IngressServices
s) owned byDataPlane
s to store last applied annotations to the owned resource. If an annotation is present in thegateway-operator.konghq.com/last-applied-annotations
annotation of an ingressService
but not present in the current specification of ingressService
annotations of the owningDataPlane
, the annotation will be removed in the ingressService
. Kong/gateway-operator-archive#936 - Correctly set the
Ready
condition inDataPlane
status field during Blue Green promotion. TheDataPlane
is considered ready whenever it has its Deployment'sAvailableReplicas
equal to desired number of replicas (as perspec.replicas
) and its Service has an IP assigned if it's of typeLoadBalancer
. Kong/gateway-operator-archive#986 - Properly handles missing CRD during controller startup. Now whenever a CRD
is missing during startup a clean log entry will be printed to inform a user
why the controller was disabled.
Additionally a check for
discovery.ErrGroupDiscoveryFailed
was added during CRD lookup. Kong/gateway-operator-archive#1059
- Default the leader election namespace to controller namespace (
POD_NAMESPACE
env) instead of hardcoded "kong-system" Kong/gateway-operator-archive#927 - Renamed
DataPlane
proxy service name and label to ingress Kong/gateway-operator-archive#971 - Removed
DataPlane
status.ready
as it couldn't be used reliably to representDataPlane
's status. Users should now usestatus.conditions
'sReady
condition and compare itsobservedGeneration
withDataPlane
metadata.generation
to get an accurate representation ofDataPlane
's readiness. Kong/gateway-operator-archive#989 - Disable
ControlPlane
andGateway
controllers by default. Users who want to enable those can use the command line flags:-enable-controller-controlplane
and-enable-controller-gateway
At this time, the Gateway API andControlPlane
resources that these flags are considered a feature preview, and are not supported. Use these only in non-production scenarios until these features are graduated to GA. Kong/gateway-operator-archive#1026
- Bump
ControlPlane
default version tov2.11.1
and remove support for older versions. To satisfy this change, useProgrammed
condition instead ofReady
in Gateway Listeners status conditions to makeControlPlane
be able to attach routes to those listeners. This stems from the fact that KICv2.11
bumped support for Gateway API tov0.7.1
. Kong/gateway-operator-archive#1041 - Bump Gateway API to v0.7.1. Kong/gateway-operator-archive#1047
- Operator doesn't change the
DataPlane
resource anymore by filling it with Kong Gateway environment variables. Instead this is now happening on the fly so theDataPlane
resources applied by users stay as submitted. Kong/gateway-operator-archive#1034 - Don't use
Provisioned
status condition type onDataPlane
s. From now onDataPlane
s are only expressing their status throughReady
status condtion. Kong/gateway-operator-archive#1043 - Bump default
DataPlane
image to 3.4 Kong/gateway-operator-archive#1067 - When rollout strategy is removed from a
DataPlane
spec, preview subresources are removed. Kong/gateway-operator-archive#1066
Release date: 2023-07-20
- Added
Ready
,ReadyReplicas
andReplicas
fields toDataPlane
's Status Kong/gateway-operator-archive#854 - Added
Rollout
field toDataPlane
CRD. This allows specification of rollout strategy and behavior (e.g. to enable blue/green rollouts for upgrades). Kong/gateway-operator-archive#879 - Added
Rollout
status fields toDataPlane
CRD. Kong/gateway-operator-archive#896
WARN: Breaking changes included
- Renamed
Services
options inDataPlaneOptions
toNetwork
options, which now includesIngressService
as one of the sub-attributes. This is a breaking change which requires some renaming and reworking of struct attribute access. Kong/gateway-operator-archive#849 - Bump Gateway API to v0.6.2 and enable Gateway API conformance testing. Kong/gateway-operator-archive#853
- Add
PodTemplateSpec
toDeploymentOptions
to allow applying strategic merge patcher on top ofPod
s generated by the operator. This is a breaking change which requires manual porting fromPods
field toPodTemplateSpec
. More info on strategic merge patch can be found in official Kubernetes docs at sig-api-machinery/strategic-merge-patch.md. Kong/gateway-operator-archive#862 - Added
v1beta1
version of theDataPlane
API, which replaces thev1alpha1
version. Thev1alpha1
version of the API has been removed entirely in favor of the new version to reduce maintenance costs. Kong/gateway-operator-archive#905
- Fixes setting
Affinity
when generatingDeployment
s forDataPlane
sControlPlane
s which caused 2ReplicaSet
s to be created where the first one should already have theAffinity
set making the update unnecessary. Kong/gateway-operator-archive#894
Release date: 2023-06-20
- Added
AddressSourceType
toDataPlane
statusAddress
Kong/gateway-operator-archive#798 - Add pod Affinity field to
PodOptions
and support for bothDataPlane
andControlPlane
- Add Kong Gateway enterprise image -
kong/kong-gateway
- to the set of supportedDataPlane
images. Kong/gateway-operator-archive#749 - Moved pod related options in
DeploymentOptions
toPodsOptions
and added pod labels option. Kong/gateway-operator-archive#742 - Added
Volumes
andVolumeMounts
field inDeploymentOptions
ofDataPlane
specs. Users can attach custom volumes and mount the volumes to proxy container of pods inDeployments
of dataplanes. Note:Volumes
andVolumeMounts
are not supported forControlPlane
specs now. Kong/gateway-operator-archive#681 - Added possibility to replicas on
DataPlane
deployments This allows users to defineDataPlane
s - withoutControlPlane
- to be horizontally scalable. Kong/gateway-operator-archive#737 - Added possibility to specify
DataPlane
proxy service type Kong/gateway-operator-archive#739 - Added possibility to specify resources through
DataPlane
andControlPlane
spec.deployment.resources
Kong/gateway-operator-archive#712 - The
DataPlane
spec has been updated with a new field related to the proxy service. By using such a field, it is possible to specify annotations to be set on theDataPlane
proxy service. Kong/gateway-operator-archive#682
- Bumped default ControlPlane image to 2.9.3 Kong/gateway-operator-archive#712 Kong/gateway-operator-archive#719
- Bumped default DataPlane image to 3.2.2 Kong/gateway-operator-archive#728
- Bumped Gateway API to 0.6.1. Along with it, the deprecated
Gateway
scheduled
condition has been replaced by theaccepted
condition. Kong/gateway-operator-archive#618 ControlPlane
andDataPlane
specs have been refactored by explicitly setting the deployment field (instead of having it inline). Kong/gateway-operator-archive#725ControlPlane
andDataPlane
specs now require users to providecontainerImage
andversion
fields. This is being enforced in the admission webhook. Kong/gateway-operator-archive#758- Validation for
ControlPlane
andDataPlane
components no longer has a "ceiling", or maximum version. This due to popular demand, but now puts more emphasis on the user to troubleshoot when things go wrong. It's no longer possible to use a tag that's not semver compatible (e.g. 2.10.0) for these components (for instance, a branch such asmain
) without enabling developer mode. Kong/gateway-operator-archive#819 ControlPlane
andDataPlane
image validation now supports enterprise image flavours, e.g.3.3.0-ubuntu
,3.2.0.0-rhel
etc. Kong/gateway-operator-archive#830
- Fix admission webhook certificates Job which caused TLS handshake errors when webhook was being called. Kong/gateway-operator-archive#716
- Include leader election related role when generating
ControlPlane
RBAC manifests so that Gateway Discovery can be used by KIC. Kong/gateway-operator-archive#743
Release date: 2022-01-25
- Added machinery for ControlPlanes to communicate with DataPlanes directly via Pod IPs. The Admin API has been removed from the LoadBalancer service. Kong/gateway-operator-archive#609
- The Gateway Listeners status is set and kept up to date by the Gateway controller. Kong/gateway-operator-archive#627
Release date: 2022-11-30
Maturity: ALPHA
- Bumped DataPlane default image to 3.0.1 Kong/gateway-operator-archive#561
- Gateway statuses now include all addresses from their DataPlane Service. Kong/gateway-operator-archive#535
- DataPlane Deployment strategy enforced as RollingUpdate. Kong/gateway-operator-archive#537
- Regenerate DataPlane's TLS secret upon deletion Kong/gateway-operator-archive#500
- Gateway statuses no longer list cluster IPs if their DataPlane Service is a LoadBalancer. Kong/gateway-operator-archive#535
Release date: 2022-10-26
Maturity: ALPHA
- Updated default Kong version to 3.0.0
- Updated default Kubernetes Ingress Controller version to 2.7
- Update DataPlane and ControlPlane Ready condition when underlying Deployment changes Ready condition Kong/gateway-operator-archive#451
- Update DataPlane NetworkPolicy to match KONG_PROXY_LISTEN and KONG_ADMIN_LISTEN environment variables set in DataPlane Kong/gateway-operator-archive#473
- Added Container image and version validation for ControlPlanes and DataPlanes. The operator now only supports the Kubernetes-ingress-controller (2.7) as the ControlPlane, and Kong (3.0) as the DataPlane. Kong/gateway-operator-archive#490
- DataPlane resources get a new
Status
field:Addresses
which will contain backing service addresses. Kong/gateway-operator-archive#483
Release date: 2022-09-24
Maturity: ALPHA
HTTPRoute
support was added. If version of control plane image is at least 2.6, theGateway=true
feature gate is enabled, so the control plane can pick up theHTTPRoute
and configure it on data plane. Kong/gateway-operator-archive#302
Release date: 2022-09-15
Maturity: ALPHA
This is the initial release which includes basic functionality at an alpha level of maturity and includes some of the fundamental APIs needed to create gateways for ingress traffic.
- The
GatewayConfiguration
API was added to enable configuringGateway
resources with the options needed to influence the configuration of the underlyingControlPlane
andDataPlane
resources. Kong/gateway-operator-archive#43 GatewayClass
support was added to delineate whichGateway
resources the operator supports. Kong/gateway-operator-archive#22Gateway
support was added: used to create edge proxies for ingress traffic. Kong/gateway-operator-archive#6- The
ControlPlane
API was added to deploy Kong Ingress Controllers which can be attached toDataPlane
resources. Kong/gateway-operator-archive#5 - The
DataPlane
API was added to deploy Kong Gateways. Kong/gateway-operator-archive#4 - The operator manages certificates for control and data plane communication and configures mutual TLS between them. It cannot yet replace expired certificates. Kong/gateway-operator-archive#103
When deploying the gateway-operator through the bundle, there might be some leftovers from previous operator deployments in the cluster. The user needs to delete all the cluster-wide leftovers (clusterrole, clusterrolebinding, validatingWebhookConfiguration) before re-installing the operator through the bundle.