1.6.0 (March 20, 2018) ====================== Changes ------- * access log: added DOWNSTREAM_REMOTE_ADDRESS, DOWNSTREAM_REMOTE_ADDRESS_WITHOUT_PORT, and DOWNSTREAM_LOCAL_ADDRESS :ref:`access log formatters `. DOWNSTREAM_ADDRESS access log formatter has been deprecated. * access log: added less than or equal (LE) :ref:`comparison filter `. * access log: added configuration to :ref:`runtime filter ` to set default sampling rate, divisor, and whether to use independent randomness or not. * admin: added :ref:`/runtime ` admin endpoint to read the current runtime values. * build: added support for :repo:`building Envoy with exported symbols `. This change allows scripts loaded with the Lua filter to load shared object libraries such as those installed via `LuaRocks `_. * config: added support for sending error details as `grpc.rpc.Status `_ in :ref:`DiscoveryRequest `. * config: added support for :ref:`inline delivery ` of TLS certificates and private keys. * config: added restrictions for the backing :ref:`config sources ` of xDS resources. For filesystem based xDS the file must exist at configuration time. For cluster based xDS the backing cluster must be statically defined and be of non-EDS type. * grpc: the Google gRPC C++ library client is now supported as specified in the :ref:`gRPC services overview ` and :ref:`GrpcService `. * grpc-json: added support for :ref:`inline descriptors `. * health check: added :ref:`gRPC health check ` based on `grpc.health.v1.Health `_ service. * health check: added ability to set :ref:`host header value ` for http health check. * health check: extended the health check filter to support computation of the health check response based on the :ref:`percentage of healthy servers in upstream clusters `. * health check: added setting for :ref:`no-traffic interval`. * http: added idle timeout for :ref:`upstream http connections `. * http: added support for :ref:`proxying 100-Continue responses `. * http: added the ability to pass a URL encoded PEM encoded peer certificate in the :ref:`config_http_conn_man_headers_x-forwarded-client-cert` header. * http: added support for trusting additional hops in the :ref:`config_http_conn_man_headers_x-forwarded-for` request header. * http: added support for :ref:`incoming HTTP/1.0 `. * hot restart: added SIGTERM propagation to children to :ref:`hot-restarter.py `, which enables using it as a parent of containers. * ip tagging: added :ref:`HTTP IP Tagging filter`. * listeners: added support for :ref:`listening for both IPv4 and IPv6 ` when binding to ::. * listeners: added support for listening on :ref:`UNIX domain sockets `. * listeners: added support for :ref:`abstract unix domain sockets ` on Linux. The abstract namespace can be used by prepending '@' to a socket path. * load balancer: added cluster configuration for :ref:`healthy panic threshold ` percentage. * load balancer: added :ref:`Maglev ` consistent hash load balancer. * load balancer: added support for :ref:`LocalityLbEndpoints` priorities. * lua: added headers :ref:`replace() ` API. * lua: extended to support :ref:`metadata object ` API. * redis: added local `PING` support to the :ref:`Redis filter `. * redis: added `GEORADIUS_RO` and `GEORADIUSBYMEMBER_RO` to the :ref:`Redis command splitter ` allowlist. * router: added DOWNSTREAM_REMOTE_ADDRESS_WITHOUT_PORT, DOWNSTREAM_LOCAL_ADDRESS, DOWNSTREAM_LOCAL_ADDRESS_WITHOUT_PORT, PROTOCOL, and UPSTREAM_METADATA :ref:`header formatters `. The CLIENT_IP header formatter has been deprecated. * router: added gateway-error :ref:`retry-on ` policy. * router: added support for route matching based on :ref:`URL query string parameters `. * router: added support for more granular weighted cluster routing by allowing the :ref:`total_weight ` to be specified in configuration. * router: added support for :ref:`custom request/response headers ` with mixed static and dynamic values. * router: added support for :ref:`direct responses `. I.e., sending a preconfigured HTTP response without proxying anywhere. * router: added support for :ref:`HTTPS redirects ` on specific routes. * router: added support for :ref:`prefix_rewrite ` for redirects. * router: added support for :ref:`stripping the query string ` for redirects. * router: added support for downstream request/upstream response :ref:`header manipulation ` in :ref:`weighted cluster `. * router: added support for :ref:`range based header matching ` for request routing. * squash: added support for the :ref:`Squash microservices debugger `. Allows debugging an incoming request to a microservice in the mesh. * stats: added metrics service API implementation. * stats: added native :ref:`DogStatsd ` support. * stats: added support for :ref:`fixed stats tag values ` which will be added to all metrics. * tcp proxy: added support for specifying a :ref:`metadata matcher ` for upstream clusters in the tcp filter. * tcp proxy: improved TCP proxy to correctly proxy TCP half-close. * tcp proxy: added :ref:`idle timeout `. * tcp proxy: access logs now bring an IP address without a port when using DOWNSTREAM_ADDRESS. Use :ref:`DOWNSTREAM_REMOTE_ADDRESS ` instead. * tracing: added support for dynamically loading an :ref:`OpenTracing tracer `. * tracing: when using the Zipkin tracer, it is now possible for clients to specify the sampling decision (using the :ref:`x-b3-sampled ` header) and have the decision propagated through to subsequently invoked services. * tracing: when using the Zipkin tracer, it is no longer necessary to propagate the :ref:`x-ot-span-context ` header. See more on trace context propagation :ref:`here `. * transport sockets: added transport socket interface to allow custom implementations of transport sockets. A transport socket provides read and write logic with buffer encryption and decryption (if applicable). The existing TLS implementation has been refactored with the interface. * upstream: added support for specifying an :ref:`alternate stats name ` while emitting stats for clusters. * Many small bug fixes and performance improvements not listed. Deprecated ---------- * DOWNSTREAM_ADDRESS log formatter is deprecated. Use DOWNSTREAM_REMOTE_ADDRESS_WITHOUT_PORT instead. * CLIENT_IP header formatter is deprecated. Use DOWNSTREAM_REMOTE_ADDRESS_WITHOUT_PORT instead. * 'use_original_dst' field in the v2 LDS API is deprecated. Use listener filters and filter chain matching instead. * `value` and `regex` fields in the `HeaderMatcher` message is deprecated. Use the `exact_match` or `regex_match` oneof instead.