.. _version_history_1.10.0: 1.10.0 (April 5, 2019) ======================= Changes ------- * **access log**: added a :ref:`gRPC filter ` to allow filtering on gRPC status. * **access log**: added a new field for upstream transport failure reason in :ref:`file access logger ` and :ref:`gRPC access logger ` for HTTP access logs. * **access log**: added a new flag for stream idle timeout. * **access log**: added a new flag for upstream retry count exceeded. * **access log**: added new fields for downstream x509 information (URI sans and subject) to file and gRPC access logger. * **admin**: changed HTTP response status code from 400 to 405 when attempting to GET a POST-only route (such as /quitquitquit). * **admin**: the admin server can now be accessed via HTTP/2 (prior knowledge). * **buffer**: fix vulnerabilities when allocation fails. * **build**: dev docker images :ref:`have been split ` from tagged images for easier discoverability in Docker Hub. Additionally, we now build images for point releases. * **build**: releases are built with GCC-7 and linked with LLD. * **config**: added support for :ref:`initial_fetch_timeout `. The timeout is disabled by default. * **config**: added support of using google.protobuf.Any in opaque configs for extensions. * **config**: finish cluster warming only when a named response i.e. ClusterLoadAssignment associated to the cluster being warmed comes in the EDS response. This is a behavioural change from the current implementation where warming of cluster completes on missing load assignments also. * **config**: logging warnings when deprecated fields are in use. * **config**: removed REST_LEGACY as a valid :ref:`ApiType `. * **config**: removed deprecated --v2-config-only from command line config. * **config**: removed deprecated_v1 sds_config from :ref:`Bootstrap config `. * **config**: removed the deprecated_v1 config option from :ref:`ring hash `. * **config**: use Envoy cpuset size to set the default number or worker threads if :option:`--cpuset-threads` is enabled. * **cors**: added :ref:`filter_enabled & shadow_enabled RuntimeFractionalPercent flags ` to filter. * **csrf**: added. * **ext_authz**: added a configurable option to make the gRPC service cross-compatible with V2Alpha. Note that this feature is already deprecated. It should be used for a short time, and only when transitioning from alpha to V2 release version. * **ext_authz**: added support for buffering request body. * **ext_authz**: authorization request and response configuration has been separated into two distinct objects: :ref:`authorization request ` and :ref:`authorization response `. In addition, :ref:`client headers ` and :ref:`upstream headers ` replaces the previous ``allowed_authorization_headers-`` object. All the control header lists now support :ref:`string matcher ` instead of standard string. * **ext_authz**: migrated from v2alpha to v2 and improved docs. * **ext_authz**: migrated from v2alpha to v2 and improved the documentation. * **fault**: added :ref:`HTTP header fault configuration ` to the HTTP fault filter. * **fault**: added :ref:`response rate limit ` fault injection. * **fault**: added the :ref:`max_active_faults ` setting, as well as :ref:`statistics ` for the number of active faults and the number of faults the overflowed. * **governance**: extending Envoy deprecation policy from 1 release (0-3 months) to 2 releases (3-6 months). * **health check**: expected response codes in http health checks are now :ref:`configurable `. * **http**: added :ref:`max request headers size `. The default behaviour is unchanged. * **http**: added encodeComplete/decodeComplete. These are invoked at the end of the stream, after all data has been encoded/decoded respectively. Default implementation is a no-op. * **http**: added modifyDecodingBuffer/modifyEncodingBuffer to allow modifying the buffered request/response data. * **http**: added new grpc_http1_reverse_bridge filter for converting gRPC requests into HTTP/1.1 requests. * **http**: fixed a bug where Content-Length:0 was added to HTTP/1 204 responses. * **jwt_authn**: added :ref:`filter_state_rules ` to allow specifying requirements from filterState by other filters. * **mysql**: added a MySQL proxy filter that is capable of parsing SQL queries over MySQL wire protocol. Refer to :ref:`MySQL proxy ` for more details. * **outlier_detection**: added support for :ref:`outlier detection event protobuf-based logging `. * **performance**: new buffer implementation (disabled by default; to test it, add "--use-libevent-buffers 0" to the command-line arguments when starting Envoy). * **ratelimit**: removed deprecated rate limit configuration from bootstrap. * **redis**: added :ref:`hashtagging ` to guarantee a given key's upstream. * **redis**: added :ref:`latency stats ` for commands. * **redis**: added :ref:`latency_in_micros ` to specify the redis commands stats time unit in microseconds. * **redis**: added :ref:`success and error stats ` for commands. * **redis**: migrate hash function for host selection to `MurmurHash2 `_ from std::hash. MurmurHash2 is compatible with std::hash in GNU libstdc++ 3.4.20 or above. This is typically the case when compiled on Linux and not macOS. * **router**: added :ref:`rq_reset_after_downstream_response_started ` counter stat to router stats. * **router**: added ability to configure a :ref:`retry policy ` at the virtual host level. * **router**: added per-route configuration of :ref:`internal redirects `. * **router**: added reset reason to response body when upstream reset happens. After this change, the response body will be of the form ``upstream connect error or disconnect/reset before headers. reset reason:``. * **router**: added support for prefix wildcards in :ref:`virtual host domains `. * **router**: made :ref:`max retries header ` take precedence over the number of retries in route and virtual host retry policies. * **router**: removed deprecated route-action level headers_to_add/remove. * **stats**: added gauges tracking remaining resources before circuit breakers open. * **stats**: added support for histograms in prometheus. * **stats**: added usedonly flag to prometheus stats to only output metrics which have been updated at least once. * **tap**: added new alpha :ref:`HTTP tap filter `. * **tls**: enabled TLS 1.3 on the server-side (non-FIPS builds). * **tracing**: added :ref:`verbose ` to support logging annotations on spans. * **upstream**: add cluster factory to allow creating and registering :ref:`custom cluster type `. * **upstream**: add hash_function to specify the hash function for :ref:`ring hash ` as either xxHash or `murmurHash2 `_. MurmurHash2 is compatible with std::hash in GNU libstdc++ 3.4.20 or above. This is typically the case when compiled on Linux and not macOS. * **upstream**: added :ref:`degraded health value ` which allows routing to certain hosts only when there are insufficient healthy hosts available. * **upstream**: added a :ref:`circuit breaker ` to limit the number of concurrent connection pools in use. * **upstream**: added configuration option to select any host when the fallback policy fails. * **upstream**: added support for host weighting and :ref:`locality weighting ` in the :ref:`ring hash load balancer `, and added a :ref:`maximum_ring_size ` config parameter to strictly bound the ring size. * **upstream**: stopped incrementing upstream_rq_total for HTTP/1 conn pool when request is circuit broken. * **zookeeper**: added a ZooKeeper proxy filter that parses ZooKeeper messages (requests/responses/events). Refer to :ref:`ZooKeeper proxy ` for more details. Deprecated ---------- * **cors**: Use of ``enabled`` in ``CorsPolicy``, found in :ref:`route.proto `. Set the ``filter_enabled`` field instead. * **ext_authz**: Use of ``use_alpha`` in :ref:`Ext-Authz Authorization Service ` is deprecated. It should be used for a short time, and only when transitioning from alpha to V2 release version. * **fault_delay**: Use of the ``type`` field in the ``FaultDelay`` message (found in :ref:`fault.proto `) has been deprecated. It was never used and setting it has no effect. It will be removed in the following release.