0.10.0 RC2

@thefosk thefosk released this Jan 17, 2017 · 1 commit to master since this release

You can use the Docker version by pulling mashape/kong:0.10.0rc2.

Kong 0.10 is one of most significant releases to this day. It ships with
exciting new features that have been havily requested for the last few months,
such as load balancing, Cassandra 3.0 compatibility, Websockets support,
internal DNS resolution (A and SRV records without dnsmasq), and more flexible
matching capabilities for APIs routing.

On top of those new features, this release received a particular attention to
performance, and brings many improvements and refactors that should make it
perform significantly better than any previous version.

Changed

  • ⚠️ Drop the dnsmasq dependency. We now internally resolve both A and SRV DNS records. #1587
  • ⚠️ The SSL plugin has been removed and dynamic SSL capabilities have been added to Kong core, and are configurable via new properties on the API entity. See the related PR for a detailed explanation of this change. #1970
  • Bump the compatible OpenResty version to 1.11.2.1 and 1.11.2.2. Support for OpenResty 1.11.2.2 requires the --without-luajit-lua52 compilation flag.
  • Maintain upstream connections pools which should greatly improve performance, especially for HTTPS upstream connections. We now use HTTP/1.1 for upstream connections as well as an nginx upstream block with a configurable keepalive directive, thanks to the new nginx_keepalive configuration property. #1587 #1827
  • Use an in-memory caching strategy for database entities in order to reduce CPU load during requests proxying. #1688
  • Provide negative-caching for missed database entities. This should improve performance in some cases. #1914
  • Separate Admin API and Proxy error logs. Admin API logs are now written to logs/admin_access.log. #1782

Added

  • 🎆 Support for Cassandra 3.x. #1709
  • 🎆 SRV records resolution. #1587
  • 🎆 Load balancing. When an A or SRV record resolves to multiple entries, Kong now rotates those upstream targets with a Round-Robin algorithm. This is a first step towards implementing more load balancing algorithms. Another way to specify multiple upstream targets is to use the newly introduced /upstreams and /targets entities of the Admin API. #1587 #1735
  • 🎆 Multiple hosts and paths per API. Kong can now route incoming requests to your services based on a combination of Host headers, URIs and HTTP methods. See the related PR for a detailed explanation of the new properties and capabilities of the new router. #1970
  • 🎆 Websockets support. Kong can now upgrade client connections to use the ws protocol when Upgrade: websocket is present. #1827
  • Support for serving the Admin API over SSL. This introduces new properties in the configuration file: admin_listen_ssl, admin_ssl, admin_ssl_cert and admin_ssl_cert_key. #1706
  • Plugins:
    • 🎆 New AWS Lambda plugin. Thanks Tim Erickson for his collaboration on this new addition. #1777 #1190
    • Anonymous authentication for auth plugins. When such plugins receive the config.anonymous=true property, even non-authenticated requests will be proxied by Kong, without the traditional Consumer headers, but with a X-Anonymous-Consumer header. #1666
    • request-transformer: Ability to change the HTTP method of the upstream request. #1635
    • jwt: Support for ES256 signatures. #1920
    • rate-limiting: Ability to select the Redis database to use via the new config.redis_database plugin property. #1941

Fixed

  • Clarify the purpose of the cluster_listen_rpc property in the configuration file. Thanks Jeremy Monin for the patch. #1860
  • CLI:
    • Avoid double-prefixing migration error messages with the database name (PostgreSQL/Cassandra).
  • Plugins:
    • Fix fault tolerancy logic and error reporting in rate-limiting plugins.

Downloads

0.9.7

@thefosk thefosk released this Dec 23, 2016 · 1 commit to master since this release

Fixed

  • Fixed a performance issue in Cassandra by removing an old workaround that was forcing Cassandra to use LuaSocket instead of cosockets. #1916
  • Fixed an issue that was causing a recursive attempt to stop Kong's services when an error was occurring. #1877
  • Custom plugins are now properly loaded again. #1910
  • Plugins:
    • Galileo: properly encode empty arrays. #1909
    • OAuth 2: implements a missing Postgres migration for redirect_uri in every OAuth 2 credential. #1911
    • OAuth 2: safely parse the request body even when no data has been sent. #1915

Downloads

0.9.6

@thibaultcha thibaultcha released this Nov 29, 2016 · 13 commits to master since this release

Fixed

  • Resolve support for PostgreSQL SSL connections. #1720
  • Ensure kong start honors the --conf flag is a config file already exists at one of the default locations (/etc/kong.conf, /etc/kong/kong.conf). #1681
  • Obfuscate sensitive properties from the / Admin API route which returns the current node's configuration. #1650

Downloads

0.9.4

@thefosk thefosk released this Nov 3, 2016 · 21 commits to master since this release

Fixed

  • Fixed the random string generator that was causing some problems, especially in Serf for clustering. #1754
  • Seed random number generator in CLI. #1641
  • Reducing log noise in the Admin API. #1781
  • Fixed the reports lock implementation that was generating a periodic error message. #1783

Downloads

0.9.2

@thefosk thefosk released this Sep 21, 2016 · 66 commits to master since this release

Fixed

  • Correctly report migrations errors. This was caused by an error being thrown from the error handler, and superseding the actual error. #1605
  • Prevent Kong from silently failing to start. This would be caused by an erroneous error handler. 28f5d10
  • Only report a random number generator seeding error when it is not already seeded. #1613
  • Reduce intra-cluster noise by not propagating keepalive requests events. #1660
  • Admin API:
    • Obfuscates sensitive configuration settings from the / route. #1650
  • CLI:
    • Prevent a failed kong start to stop an already running Kong node. #1645
    • Remove unset configuration placeholders from the nginx configuration template. This would occur when no Internet connection would be available and would cause Kong to compile an erroneous nginx config. #1606
    • Properly count the number of executed migrations. #1649
  • Plugins:
    • OAuth2: remove the "Kong" mentions in missing provision_key error messages. #1633
    • OAuth2: allow to correctly delete applications when using Cassandra. #1659
    • galileo: provide a default bodySize value when log_bodies=true but the current request/response has no body. #1657

Downloads

0.9.1

@thibaultcha thibaultcha released this Sep 6, 2016 · 66 commits to master since this release

Added

  • Plugins:
    • ACL: allow to retrieve/update/delete an ACL by group name. #1544
    • Basic Authentication: allow to retrieve/update/delete a credential by username. #1570
    • HMAC Authentication: allow to retrieve/update/delete a credential by username. #1570
    • JWT Authentication: allow to retrieve/update/delete a credential by key. #1570
    • Key Authentication: allow to retrieve/update/delete a credential by key. #1570
    • OAuth2 Authentication: allow to retrieve/update/delete a credential by client_id and tokens by access_token. #1570

Fixed

  • Correctly parse configuration file settings contaning comments. #1569
  • Prevent third-party Lua modules (and plugins) to override the seed for random number generation. This prevents the creation of conflicitng UUIDs. #1558
  • Use pgmoon-mashape 2.0.0 which properly namespaces our fork, avoiding conflicts with other versions of pgmoon, such as the one installed by Lapis. #1582
  • Avoid exposing OpenResty's information on HTTP 4xx errors. #1567
  • ulimit with unlimited value is now properly handled. #1545
  • CLI:
    • Stop third-party services (dnsmasq/Serf) when Kong could not start. #1588
    • Prefix database migration errors (such as Postgres' connection refused) with the database name (postgres/cassandra) to avoid confusions. #1583
  • Plugins:
    • galileo: Use Content-Length header to get request/response body size when log_bodies is disabled. #1584
  • Admin API:
    • Revert the /plugins/enabled endpoint's response to be a JSON array, and not an Object. #1529

Downloads

0.9.0

@thefosk thefosk released this Aug 20, 2016 · 111 commits to master since this release

The main focus of this release is Kong's new CLI. With a simpler configuration file, new settings, environment variables support, new commands as well as a new interpreter, the new CLI gives more power and flexibility to Kong users and allow for an easier integration in your deployment workflow, as well as better testing for developers and plugins authors. Additionally, some new plugins and performance improvements are included as well as the regular bug fixes.

Changed

  • ⚠️ PostgreSQL is the new default datastore for Kong. If you were using Cassandra and you are upgrading, you need to explicitly set cassandra as your database.
  • ⚠️ New CLI, with new commands and refined arguments. This new CLI uses the resty-cli interpreter (see lua-resty-cli) instead of LuaJIT. As a result, the resty executable must be available in your $PATH (resty-cli is shipped in the OpenResty bundle) as well as the bin/kong executable. Kong does not rely on Luarocks installing the bin/kong executable anymore. This change of behavior is taken care of if you are using one of the official Kong packages.
  • ⚠️ Kong uses a new configuration file, with an easier syntax than the previous YAML file.
  • New arguments for the CLI, such as verbose, debug and tracing flags. We also avoid requiring the configuration file as an argument to each command as per the previous CLI.
  • Customization of the Nginx configuration can now be taken care of using two different approaches: with a custom Nginx configuration template and using kong start --template <file>, or by using kong compile to generate the Kong Nginx sub-configuration, and include it in a custom Nginx instance.
  • Plugins:
    • Rate Limiting: the continue_on_error property is now called fault_tolerant.
    • Response Rate Limiting: the continue_on_error property is now called fault_tolerant.

Added

  • 🎆 Support for overriding configuration settings with environment variables.
  • 🎆 Support for SSL connections between Kong and PostgreSQL. #1425
  • 🎆 Ability to apply plugins with more granularity: per-consumer, and global plugins are now possible. #1403
  • New kong check command: validates a Kong configuration file.
  • Better version check for third-party dependencies (OpenResty, Serf, dnsmasq). #1307
  • Ability to configure the validation depth of database SSL certificates from the configuration file. #1420
  • request_host: internationalized url support; utf-8 domain names through punycode support and paths through %-encoding. #1300
  • Implements caching locks when fetching database configuration (APIs, Plugins...) to avoid dog pile effect on cold nodes. #1402
  • Plugins:
    • 🎆 New bot-detection plugin: protect your APIs by detecting and rejecting common bots and crawlers. #1413
    • correlation-id: new "tracker" generator, identifying requests per worker and connection. #1288
    • request/response-transformer: ability to add strings including colon characters. #1353
    • rate-limiting: support for new rate-limiting policies (cluster, local and redis), and for a new limit_by property to force rate-limiting by consumer, credential or ip.
    • response-rate-limiting: support for new rate-limiting policies (cluster, local and redis), and for a new limit_by property to force rate-limiting by consumer, credential or ip.
    • galileo: performance improvements of ALF serialization. ALFs are not discarded when exceeding 20MBs anymore. #1463
    • statsd: new upstream_stream latency metric. #1466
    • datadog: new upstream_stream latency metric and tagging support for each metric. #1473

Removed

  • We now use lua-resty-jit-uuid for UUID generation, which is a pure Lua implementation of RFC 4122. As a result, libuuid is not a dependency of Kong anymore.

Fixed

  • Sensitive configuration settings are not printed to stdout anymore. #1256
  • Fixed bug that caused nodes to remove themselves from the database when they attempted to join the cluster. #1437
  • Plugins:
    • request-size-limiting: use proper constant for MB units while setting the size limit. #1416
    • OAuth2: security and config validation fixes. #1409 #1112
    • request/response-transformer: better validation of fields provided without a value. #1399
    • JWT: handle some edge-cases that could result in HTTP 500 errors. #1362

internal

  • new test suite using resty-cli and removing the need to monkey-patch the ngx global.
  • custom assertions and new helper methods (wait_until()) to gracefully fail in case of timeout.
  • increase atomicity of the testing environment.
  • lighter testing instance, only running 1 worker and not using dnsmasq by default.

Downloads