Skip to content

0.10.0
Compare
Choose a tag to compare
@thibaultcha thibaultcha released this 08 Mar 01:21
· 7806 commits to master since this release
0.10.0
This tag was signed with the committer’s verified signature.
thibaultcha Thibault Charbonnier
GPG key ID: E1D41D2DDFA3B99D
Learn about vigilant mode.
f692216

Kong 0.10 is one of most significant releases to this day. It ships with
exciting new features that have been heavily requested for the last few months,
such as load balancing, Cassandra 3.0 compatibility, Websockets support,
internal DNS resolution (A and SRV records without Dnsmasq), and more flexible
matching capabilities for APIs routing.

On top of those new features, this release received a particular attention to
performance, and brings many improvements and refactors that should make it
perform significantly better than any previous version.

Changed

  • ⚠️ API Objects (as configured via the Admin API) do not support
    the request_host and request_uri fields anymore. The 0.10 migrations
    should upgrade your current API Objects, but make sure to read the new 0.10
    Proxy Guide     to learn the new routing
    capabilities of Kong. On the good side, this means that Kong can now route
    incoming requests according to a combination of Host headers, URIs, and HTTP
    methods.
  • ⚠️ Final slashes in upstream_url are no longer allowed.
    #2115
  • ⚠️ The SSL plugin has been removed and dynamic SSL capabilities have
    been added to Kong core, and are configurable via new properties on the API
    entity. See the related PR for a detailed explanation of this change.
    #1970
  • ⚠️ Drop the Dnsmasq dependency. We now internally resolve both A and
    SRV DNS records.
    #1587
  • ⚠️ Dropping support for unsecure TLS/1.0 and defaulting Upgrade
    responses to TLS/1.2.
    #2119
  • Bump the compatible OpenResty version to 1.11.2.1 and 1.11.2.2. Support
    for OpenResty 1.11.2.2 requires the --without-luajit-lua52 compilation
    flag.
  • Separate Admin API and Proxy error logs. Admin API logs are now written to
    logs/admin_access.log.
    #1782
  • Auto-generates stronger SHA-256 with RSA encryption SSL certificates.
    #2117

Added

  • 🎆 Support for Cassandra 3.x.
    #1709
  • 🎆 SRV records resolution.
    #1587
  • 🎆 Load balancing. When an A or SRV record resolves to multiple
    entries, Kong now rotates those upstream targets with a Round-Robin
    algorithm. This is a first step towards implementing more load balancing
    algorithms.
    Another way to specify multiple upstream targets is to use the newly
    introduced /upstreams and /targets entities of the Admin API.
    #1587
    #1735
  • 🎆 Multiple hosts and paths per API. Kong can now route incoming
    requests to your services based on a combination of Host headers, URIs and
    HTTP methods. See the related PR for a detailed explanation of the new
    properties and capabilities of the new router.
    #1970
  • 🎆 Maintain upstream connection pools which should greatly improve
    performance, especially for HTTPS upstream connections. We now use HTTP/1.1
    for upstream connections as well as an nginx upstream block with a
    configurablekeepalive directive, thanks to the new nginx_keepalive
    configuration property.
    #1587
    #1827
  • 🎆 Websockets support. Kong can now upgrade client connections to
    use the ws protocol when Upgrade: websocket is present.
    #1827
  • Use an in-memory caching strategy for database entities in order to reduce
    CPU load during requests proxying.
    #1688
  • Provide negative-caching for missed database entities. This should improve
    performance in some cases.
    #1914
  • Support for serving the Admin API over SSL. This introduces new properties in
    the configuration file: admin_listen_ssl, admin_ssl, admin_ssl_cert and
    admin_ssl_cert_key.
    #1706
  • Support for upstream connection timeouts. APIs now have 3 new fields:
    upstream_connect_timeout, upstream_send_timeout, upstream_read_timeout
    to specify, in milliseconds, a timeout value for requests between Kong and
    your APIs.
    #2036
  • Support for clustering key rotation in the underlying Serf process:
    • new cluster_keyring_file property in the configuration file.
    • new kong cluster keys .. CLI commands that expose the underlying
      serf keys .. commands.
      #2069
  • Support for lua_socket_pool_size property in configuration file.
    #2109
  • Plugins:
    • 🎆 New AWS Lambda plugin. Thanks Tim Erickson for his
      collaboration on this new addition.
      #1777
      #1190
    • Anonymous authentication for auth plugins. When such plugins receive the
      config.anonymous=<consumer_id> property, even non-authenticated requests
      will be proxied by Kong, with the traditional Consumer headers set to the
      designated anonymous consumer, but also with a X-Anonymous-Consumer
      header. Multiple auth plugins will work in a logical OR fashion.
      #1666 and
      #2035
    • request-transformer: Ability to change the HTTP method of the upstream
      request. #1635
    • jwt: Support for ES256 signatures.
      #1920
    • rate-limiting: Ability to select the Redis database to use via the new
      config.redis_database plugin property.
      #1941

Fixed

  • Looking for Serf in known installation paths.
    #1997
  • Including port in upstream Host header.
    #2045
  • Clarify the purpose of the cluster_listen_rpc property in
    the configuration file. Thanks Jeremy Monin for the patch.
    #1860
  • Admin API:
    • Properly Return JSON responses (instead of HTML) on HTTP 409 Conflict
      when adding Plugins.
      #2014
  • CLI:
    • Avoid double-prefixing migration error messages with the database name
      (PostgreSQL/Cassandra).
  • Plugins:
    • Fix fault tolerancy logic and error reporting in rate-limiting plugins.
    • CORS: Properly return Access-Control-Allow-Credentials: false if
      Access-Control-Allow-Origin: *.
      #2104
    • key-auth: enforce key_names to be proper header names according to Nginx.
      #2142
Assets 12
Loading