v1.1.1-rc.1

Notable changes

• A new spec.sidecar.localProxyMode field in the MeshConfig API allows users
  to specify whether traffic from Envoy sidecars to application containers is
  redirected via 127.0.0.1 (the previous behavior and current default) or the
  Pod's IP address
• A new spec.traffic.networkInterfaceExclusionList field in the MeshConfig API
  allows users to specify names of network interfaces on Pods that should not
  have traffic proxied through Envoy sidecars
• The installed MeshConfig resource can now be updated with kubectl apply

Breaking changes

None

Deprecation notes

None

CRD Updates

No CRD changes between tags v1.1.0 and v1.1.1-rc.1

Changelog

• Release v1.1.1-rc.1 (#4720) 0171d84 (Keith Mattix II)
• Fix e2e_client_server_connectivity_test noInstall (#4708) 2cb3ee9 (Niranjan Shankar)
• pkg/injector: Enable podIP proxying via meshconfig setting (#4701) cbdcfe1 (Keith Mattix II)
• add the last applied annotation to allow using kubectl apply on the mesh config (#4673) 868c132 (steeling)
• feat(injector): add list of ignored network interfaces (#4700) 79eef29 (Jon Huhn)
• config/meshConfig: New localProxyMode field (#4686) 5a29022 (Keith Mattix II)
• Revert "config/meshConfig: New localProxyMode field (#4671)" (#4684) e9ae621 (Keith Mattix II)
• config/meshConfig: New localProxyMode field (#4671) (#4680) 134d5e2 (steeling)
• apis: add MeshRootCertificate API types (#4677) 1ca81b3 (Jackie Elliott)
• fix(doc): update release guide (#4661) e26305c (Jon Huhn)
• config/meshConfig: New localProxyMode field (#4671) 63786fd (Keith Mattix II)
• fix: upgrade vulnerable library crypto (#4676) 6089ff7 (allenlsy)

v1.1.0

Notable changes

• Circuit breaking support for traffic directed to in-mesh and external destinations

Breaking changes

The following changes are not backward compatible with the previous release.

• The osm_proxy_response_send_success_count and osm_proxy_response_send_error_count metrics are now labeled with the proxy certificate's common name and XDS type, so queries to match the previous equivalent need to sum for all values of each of those labels.

Deprecation notes

The following capabilities have been deprecated and cannot be used.

• The osm_injector_injector_sidecar_count and osm_injector_injector_rq_time metrics have been removed. The osm_admission_webhook_response_total and osm_http_response_duration metrics should be used instead.
• OSM will no longer support installation on Kubernetes version v1.19.

CRD Updates

No CRD changes between tags v1.0.0 and v1.1.0

Changelog

• cut v1.1.0 (#4652) a23afae (schristoff)
• cli/verifier: add Envoy config dump parser (#4646) 71fea3e (Shashank Ram)
• ref(smi): remove unused kubeClient from smi client (#4643) 273e512 (Deepesh Pathak)
• cli: add verify command (#4639) 1198792 (Shashank Ram)
• Add overwrite label osm bootstrap (#4642) 1b94fbf (Niranjan Shankar)
• fix(ci): fix lint (#4633) ed4b428 (Jon Huhn)
• chore(release): cut v1.1.0-rc.1 (#4630) 2820d82 (schristoff)
• ref(cert): refactor tresor (#4626) 30e5362 (schristoff)
• envoy: fix misleading comment (#4628) 6247f2f (Shashank Ram)
• feat(log): add access log to TCP listener (#4625) bd7e61d (allenlsy)
• feat(certificates) rework vault certificate provider (#4596) d1100a8 (schristoff)
• Decouple Conversion Patch and CRD Reconciler (#4612) 8bae12f (Keith Mattix II)
• ref(webhook): remove leaf cert from webhook cabundles (#4603) 9ecf16b (Jackie Elliott)
• ref(cli): refactor version subcommand to search all namespaces (#4611) a0d81cc (Shalier Xia)
• doc: add environments.md (#4593) f10a3cc (Zach Rhoads)
• apis/UpstreamTrafficSetting: allow setting status (#4615) b6ff0e7 (Shashank Ram)
• docs: update release notes for v1.1.0 (#4614) cd2c815 (Shashank Ram)
• k8s/version: drop v1.19 support and bump CI version (#4607) 97c6395 (Shashank Ram)
• feat(metrics): add conversion webhook metrics (#4606) 0f36516 (Jon Huhn)
• ref(crdconvert): respond with errors from all requested resources (#4601) aaa7f30 (Jon Huhn)
• owners: add @trstringer as a codeowner maintainer (#4604) 6bda5c3 (Shashank Ram)
• feat(metrics): generalize admission webhook metrics (#4597) 02e6d7d (Jon Huhn)
• apis: correct comments for UpstreamTrafficSetting (#4605) 2f483d2 (Shashank Ram)
• feat(ads): xDS response add TLS config (#4582) 7e0674c (allenlsy)
• fix(logs): add missing Msg calls to logs (#4599) eec706d (Jon Huhn)
• Allow custom image names for OSM Helm chart (#4595) f0c6def (Shalier Xia)
• egress: add UpstreamTrafficSetting support (#4594) 7ecd8e9 (Shashank Ram)
• feat(certificates) begin to abstract the cert manager patterns (#4580) caaa189 (steeling)
• chore: show release version in Grafana boards (#4529) dafba7b (Johnson Shi)
• feat(metrics): add cn/type labels to xds response metrics (#4590) b3b202d (Jon Huhn)
• feat(metrics): add proxy rejected max connections metric (#4589) 1775316 (Jon Huhn)
• configurator: only watch required MeshConfig (#4587) b7a4a3b (Shashank Ram)
• policy: implement UpstreamTrafficSetting API (#4585) fe04957 (Shashank Ram)
• feat(metrics): add proxy XDS request metric (#4584) cc43617 (Jon Huhn)
• feat(metrics): add feature flag metrics (#4581) 269a1b8 (Jon Huhn)
• feat(sidecar): add tls protocol version and cipher suites config to (#4418) c7fead4 (allenlsy)
• feat(metrics): add HTTP response metrics (#4578) 797a297 (Jon Huhn)
• owners: clarify non-codeowner maintainer (#4579) cc46528 (Shashank Ram)
• doc: Remove reference to closed SMI metrics support issue (#4566) 87a8d74 (mudit singh)
• owners: mirror code owners file (#4577) 1de0388 (Shashank Ram)
• doc: Update links in docs (#4519) e972a05 (allenlsy)
• Upgrade docker distribution to v2.8.0 (#4571) c522ed1 (Thomas Stringer)
• Upgrade containerd to v1.5.10 (#4570) 1dc6bfd (Thomas Stringer)
• crd/conversion: only patch CRDs needing conversion (#4569) 1d92058 (Shashank Ram)
• envoy: update go-control-plane version (#4567) 7acf583 (Shashank Ram)
• envoy: update to v1.19.3 (#4564) 2d5d065 (Shashank Ram)
• add darwin and linux arm64 support (#4553) 73f7e06 (timbo)
• fix(healthprobes): add support for TCPSocket probes (#4558) 6acc953 (Jackie Elliott)
• fix(scripts): remove bash 4.0 dependency in coverage script (#4561) f83b8a7 (Jon Huhn)
• contrib/ladder: remove duplicate approvers section (#4560) cbd6a4c (Shashank Ram)
• Create release process documentation (#4557) ebd1de5 (Thomas Stringer)
• (feature): update kind-registry port forwarding (#4554) 28e3409 (schristoff)
• ci: Use GitHub action checkout@v2 (#4542) edd9ea7 (Delyan Raychev)
• api/UpstreamTrafficSetting: add informer client (#4550) 0c9628f (Shashank Ram)
• ref(ptypes): update deprecated ptypes functions (#4544) c52865e (Jackie Elliott)
• doc: Updated broken link (#4549) f640ecb (mudit singh)
• feat(certificate): Remove the Certificater interface in favor of a struct. (#4536) 37d2e4f (steeling)
• crds: add UpstreamTrafficSetting CRD (#4547) cf5223c (Shashank Ram)
• charts(osm-*): add pod and node affinities to control plane pods (#4527) 9b268d0 (Sanya Kochhar)
• cli: Remove metrics annotation from namespaces removed from the mesh (#4539) 774eb83 (mudit singh)
• ref(install): remove redundant checks (#4543) ef48caf (Jon Huhn)
• envoy/ads: Simplify unit test (#4538) 544483d (Delyan Raychev)
• ref(install): move namespace controller check to chart (#4540) 1a3d38b (Jon Huhn)
• apis: add UpstreamTrafficSetting API types (#4535) 9b67c22 (Shashank Ram)
• ref(install): move enforceSingleMesh validation to chart (#4522) 5c5fcf8 (Jon Huhn)
• feat(ads) implement a logger for the snapshot cache (#4520) c3b6739 (steeling)
• ref(build): update image scanning (#4517) b42c9a2 (Jon Huhn)
• ref(chart): push vault validation to chart (#4513) e507ca9 (Jon Huhn)
• docs: updated link to project board (#4510) 1f299bc (mudit singh)
• feat(viz): control-plane timings viz improvements (#4481) cc0ebeb (Johnson Shi)
• fix(cli): uninstall mesh force flag description (#4507) 68dbb7e (Johnson Shi)
• fix(cmd/cli): Show single-mesh-enforced warning (#4503) cff645b (Shalier Xia)
• feat(*): add retry policy (#4476) 0d75c93 (Shalier Xia)
• chore(chart): bump chart version to 1.0.0 (#4508) df42849 (Jon Huhn)
• chore(cleanup): remove cleanup script (#4506) 0986001 (Sanya Kochhar)
• Collect bug report for e2e failures (#4504) 47db020 (Niranjan Shankar)
• fix(injector): make init container pullPolicy configurable (#4505) 755d80a (Jon Huhn)
• injector: add support to configure IP range inclusions (#4498) 3367f49 (Shashank Ram)
• use single command to uninstall mesh and cluster wide resources (#4491) fe48a44 (Sneha Chhabria)
• crdconversion: handle MeshConfig optional field (#4497) 1e0072e (Shashank Ram)
• fix(e2e): isolate upgrade test (#4494) 0923046 (Jon Huhn)
• If ignore label exist don`t add namespace (#4473) e350bc0 (mudit singh)
• feat(mockgen): improve...

v1.1.0-rc.1

Notable changes

• Circuit breaking support for traffic directed to in-mesh and external destinations

Breaking changes

The following changes are not backward compatible with the previous release.

• The osm_proxy_response_send_success_count and osm_proxy_response_send_error_count metrics are now labeled with the proxy certificate's common name and XDS type, so queries to match the previous equivalent need to sum for all values of each of those labels.

Deprecation notes

The following capabilities have been deprecated and cannot be used.

• The osm_injector_injector_sidecar_count and osm_injector_injector_rq_time metrics have been removed. The osm_admission_webhook_response_total and osm_http_response_duration metrics should be used instead.
• OSM will no longer support installation on Kubernetes version v1.19.

CRD Updates

No CRD changes between tags v1.0.0 and v1.1.0-rc.1

Changelog

• chore(release): cut v1.1.0-rc.1 (#4630) 2820d82 (schristoff)
• ref(cert): refactor tresor (#4626) 30e5362 (schristoff)
• envoy: fix misleading comment (#4628) 6247f2f (Shashank Ram)
• feat(log): add access log to TCP listener (#4625) bd7e61d (allenlsy)
• feat(certificates) rework vault certificate provider (#4596) d1100a8 (schristoff)
• Decouple Conversion Patch and CRD Reconciler (#4612) 8bae12f (Keith Mattix II)
• ref(webhook): remove leaf cert from webhook cabundles (#4603) 9ecf16b (Jackie Elliott)
• ref(cli): refactor version subcommand to search all namespaces (#4611) a0d81cc (Shalier Xia)
• doc: add environments.md (#4593) f10a3cc (Zach Rhoads)
• apis/UpstreamTrafficSetting: allow setting status (#4615) b6ff0e7 (Shashank Ram)
• docs: update release notes for v1.1.0 (#4614) cd2c815 (Shashank Ram)
• k8s/version: drop v1.19 support and bump CI version (#4607) 97c6395 (Shashank Ram)
• feat(metrics): add conversion webhook metrics (#4606) 0f36516 (Jon Huhn)
• ref(crdconvert): respond with errors from all requested resources (#4601) aaa7f30 (Jon Huhn)
• owners: add @trstringer as a codeowner maintainer (#4604) 6bda5c3 (Shashank Ram)
• feat(metrics): generalize admission webhook metrics (#4597) 02e6d7d (Jon Huhn)
• apis: correct comments for UpstreamTrafficSetting (#4605) 2f483d2 (Shashank Ram)
• feat(ads): xDS response add TLS config (#4582) 7e0674c (allenlsy)
• fix(logs): add missing Msg calls to logs (#4599) eec706d (Jon Huhn)
• Allow custom image names for OSM Helm chart (#4595) f0c6def (Shalier Xia)
• egress: add UpstreamTrafficSetting support (#4594) 7ecd8e9 (Shashank Ram)
• feat(certificates) begin to abstract the cert manager patterns (#4580) caaa189 (steeling)
• chore: show release version in Grafana boards (#4529) dafba7b (Johnson Shi)
• feat(metrics): add cn/type labels to xds response metrics (#4590) b3b202d (Jon Huhn)
• feat(metrics): add proxy rejected max connections metric (#4589) 1775316 (Jon Huhn)
• configurator: only watch required MeshConfig (#4587) b7a4a3b (Shashank Ram)
• policy: implement UpstreamTrafficSetting API (#4585) fe04957 (Shashank Ram)
• feat(metrics): add proxy XDS request metric (#4584) cc43617 (Jon Huhn)
• feat(metrics): add feature flag metrics (#4581) 269a1b8 (Jon Huhn)
• feat(sidecar): add tls protocol version and cipher suites config to (#4418) c7fead4 (allenlsy)
• feat(metrics): add HTTP response metrics (#4578) 797a297 (Jon Huhn)
• owners: clarify non-codeowner maintainer (#4579) cc46528 (Shashank Ram)
• doc: Remove reference to closed SMI metrics support issue (#4566) 87a8d74 (mudit singh)
• owners: mirror code owners file (#4577) 1de0388 (Shashank Ram)
• doc: Update links in docs (#4519) e972a05 (allenlsy)
• Upgrade docker distribution to v2.8.0 (#4571) c522ed1 (Thomas Stringer)
• Upgrade containerd to v1.5.10 (#4570) 1dc6bfd (Thomas Stringer)
• crd/conversion: only patch CRDs needing conversion (#4569) 1d92058 (Shashank Ram)
• envoy: update go-control-plane version (#4567) 7acf583 (Shashank Ram)
• envoy: update to v1.19.3 (#4564) 2d5d065 (Shashank Ram)
• add darwin and linux arm64 support (#4553) 73f7e06 (timbo)
• fix(healthprobes): add support for TCPSocket probes (#4558) 6acc953 (Jackie Elliott)
• fix(scripts): remove bash 4.0 dependency in coverage script (#4561) f83b8a7 (Jon Huhn)
• contrib/ladder: remove duplicate approvers section (#4560) cbd6a4c (Shashank Ram)
• Create release process documentation (#4557) ebd1de5 (Thomas Stringer)
• (feature): update kind-registry port forwarding (#4554) 28e3409 (schristoff)
• ci: Use GitHub action checkout@v2 (#4542) edd9ea7 (Delyan Raychev)
• api/UpstreamTrafficSetting: add informer client (#4550) 0c9628f (Shashank Ram)
• ref(ptypes): update deprecated ptypes functions (#4544) c52865e (Jackie Elliott)
• doc: Updated broken link (#4549) f640ecb (mudit singh)
• feat(certificate): Remove the Certificater interface in favor of a struct. (#4536) 37d2e4f (steeling)
• crds: add UpstreamTrafficSetting CRD (#4547) cf5223c (Shashank Ram)
• charts(osm-*): add pod and node affinities to control plane pods (#4527) 9b268d0 (Sanya Kochhar)
• cli: Remove metrics annotation from namespaces removed from the mesh (#4539) 774eb83 (mudit singh)
• ref(install): remove redundant checks (#4543) ef48caf (Jon Huhn)
• envoy/ads: Simplify unit test (#4538) 544483d (Delyan Raychev)
• ref(install): move namespace controller check to chart (#4540) 1a3d38b (Jon Huhn)
• apis: add UpstreamTrafficSetting API types (#4535) 9b67c22 (Shashank Ram)
• ref(install): move enforceSingleMesh validation to chart (#4522) 5c5fcf8 (Jon Huhn)
• feat(ads) implement a logger for the snapshot cache (#4520) c3b6739 (steeling)
• ref(build): update image scanning (#4517) b42c9a2 (Jon Huhn)
• ref(chart): push vault validation to chart (#4513) e507ca9 (Jon Huhn)
• docs: updated link to project board (#4510) 1f299bc (mudit singh)
• feat(viz): control-plane timings viz improvements (#4481) cc0ebeb (Johnson Shi)
• fix(cli): uninstall mesh force flag description (#4507) 68dbb7e (Johnson Shi)
• fix(cmd/cli): Show single-mesh-enforced warning (#4503) cff645b (Shalier Xia)
• feat(*): add retry policy (#4476) 0d75c93 (Shalier Xia)
• chore(chart): bump chart version to 1.0.0 (#4508) df42849 (Jon Huhn)
• chore(cleanup): remove cleanup script (#4506) 0986001 (Sanya Kochhar)
• Collect bug report for e2e failures (#4504) 47db020 (Niranjan Shankar)
• fix(injector): make init container pullPolicy configurable (#4505) 755d80a (Jon Huhn)
• injector: add support to configure IP range inclusions (#4498) 3367f49 (Shashank Ram)
• use single command to uninstall mesh and cluster wide resources (#4491) fe48a44 (Sneha Chhabria)
• crdconversion: handle MeshConfig optional field (#4497) 1e0072e (Shashank Ram)
• fix(e2e): isolate upgrade test (#4494) 0923046 (Jon Huhn)
• If ignore label exist don`t add namespace (#4473) e350bc0 (mudit singh)
• feat(mockgen): improve error messaging; add ability to run one mockgen (#4493) fb5f9df (steeling)
• injector: support pod specific IP range exclusions (#4488) 252a315 (Shashank Ram)
• chore(pkg/catalog): Remove unused variable (#4487) 3b34201 (Shalier Xia)
• feat(cli): latest verion availability notification on osm version (#4416) 7158a8c (Jackie Elliott)
• ref(cert): remove expiration field from osm-ca-bundle secret data (#4472) 0c0d99f...

v1.0.0

Notable changes

• New internal control plane event management framework to handle changes to the Kubernetes cluster and policies
• Validations to reject/ignore invalid SMI TrafficTarget resources
• Control plane memory utilization improvements
• Support for TCP server-first protocols for in-mesh traffic
• Updates to Grafana dashboards to reflect accurate metrics
• OSM control plane images are now multi-architecture, built for linux/amd64 and linux/arm64

Breaking changes

The following changes are not backward compatible with the previous release.

• Top level Helm chart keys are renamed from OpenServiceMesh to osm
• osm mesh upgrade no longer carries over values from previous releases. Use the --set flag on osm mesh upgrade to pass values as needed. The --container-registry and --osm-image-tag flags have also been removed in favor of --set.

Deprecation notes

The following capabilities have been deprecated and cannot be used.

• Kubernetes Ingress API to configure a service mesh backend to authorize ingress traffic. OSM's IngressBackend API must be used to authorize ingress traffic between an ingress gateway and service mesh backend.

CRD Updates

No CRD changes between tags v0.11.1 and v1.0.0

Changelog

• chore(release): cut v1.0.0 (#4474) 26886c4 (Jon Huhn)
• charts/cleanup-hook: fix CRD reset logic (#4468) (#4470) 22e4501 (mergify[bot])
• chore(release): cut v1.0.0-rc.4 6dcba54 (Jon Huhn)
• fix(grafana): remove hardcoded control plane namespace (#4454) (#4460) 568e165 (Jackie Elliott)
• [backport] bug(*): Fix memory targetAverageUtilization (#4459) f76562b (Shalier Xia)
• fix(cli): do not throw error for osm version when no control plane (#4433) (#4457) 8c87b8a (Jackie Elliott)
• [reconciler]: fix label assignment on mwhc (#4431) (#4432) c764eed (mergify[bot])
• meshConfig: add validation for ingressgateway certificate (#4422) (#4426) a21f567 (mergify[bot])
• crd-conversion: fix webhook port number (#4424) 4e5f574 (Shashank Ram)
• chore(release): cut v1.0.0-rc.3 abbb048 (Jon Huhn)
• contributing: update maintainer requirement (#4415) 99d7ed5 (Shashank Ram)
• ref(build): build all images with buildx (#4402) 4fe1c64 (Jon Huhn)
• build: update to Go 1.17 (#4410) dddd8de (Eng Zer Jun)
• fix security vulnerabilities in dependencies (#4413) 0360d14 (Sneha Chhabria)
• chore(route): Refactor buildRoute() by reducing parameters (#4407) 1c9f7c5 (Shalier Xia)
• add ingress information to bug report 6ed8486 (Thomas Stringer)
• validator: validate ingress backend source kind (#4412) 04f7062 (Shashank Ram)
• injector: allow redirection of app traffic to itself (#4411) 3f7db6e (Shashank Ram)
• ref(*): stepping down as maintainer (#4400) bed1c6b (Edu Serra)
• feat(cli): add remote version to osm version output (#4395) a1a4aff (Jackie Elliott)
• ref(*): stepping down as maintainer 287cc95 (Michelle Noorali)
• Corrected spelling mistake (#4392) a70ae96 (mudit singh)
• rename environment variables for images d93e1ab (Thomas Stringer)
• remove image defaults from preset mesh config and CRD and allow the ability to specify the images through environment variables fa64db5 (Thomas Stringer)
• fix(cli): set sidecar injection annotation to disabled 442d062 (jaellio)
• injector: rename iptables chains for clarity (#4379) 2b93d98 (Shashank Ram)
• ref(k8s): remove IsMetricsEnabled from Controller c61bf17 (Jon Huhn)
• injector: make iptable rules idempotent (#4373) 07c2757 (Shashank Ram)
• ref(k8s): remove K8sServiceToMeshServices from Controller 2ca6b5c (Jon Huhn)
• fix(ingress): increase timeout for TestHandleCertificateChange 52e596c (jaellio)
• add ability for bug-report to get previous logs for control plane containers if they have been restarted 660a0c8 (Thomas Stringer)
• Add bug-report ability to collect control plane logs (#4365) 9048b02 (Thomas Stringer)
• injector: skip injection when pod belongs to host network (#4360) 1d3c236 (Shashank Ram)
• chore(release): cut v1.0.0-rc.2 6549c52 (Jon Huhn)
• fix(ci): fix image scan a386088 (Jon Huhn)
• fix(init): set init container level security context (#4346) 626967b (Sanya Kochhar)
• Remove avg and max envoy update time metrics from grafana dashboard and resolves #3987 8e72beb (Shalier Xia)
• fix failure typos in webhook creators e6784a2 (Thomas Stringer)
• Typo fix for dev guide README (#4347) 7297153 (Bridget Kromhout)
• Updated figure link 29e0574 (mudit singh)
• feat(hpa): Adds memory targetAverageUtilization (#4217) 701d1c3 (Shalier Xia)
• messaging: trigger proxy update when feature flag is toggled (#4345) 52e13ad (Shashank Ram)
• fix(upgrade): handle removed values ad3b63e (Jon Huhn)
• fix(grafana): add version to dashboard descriptions 55bc0ae (jaellio)
• fix(grafana): update grafana version in dashboards (#4337) 78a9927 (Jackie Elliott)
• docs: add release notes doc (#4338) 277ffc2 (Shashank Ram)
• ref(tcp): support tcp-server-first inside the mesh f6c14d6 (Jon Huhn)
• fix(grafana): remove irate from active connection query caf0090 (jaellio)
• chore(release): update instructions for updating release version references 280cb44 (jaellio)
• codeowners: expand approvers to be explicit 1b38273 (Shashank Ram)
• update curl command for init containers 1f95871 (Sneha Chhabria)
• feat(cli): add uninstall cluster-wide-resources cmd 65c0c6d (Johnson Shi)
• docs(demo): update manual demo manifests 3bf8390 (Jon Huhn)
• fix(maestro): update pod readiness checks db9613a (Jon Huhn)
• fix(grafana): use osm_request_duration_ms for latency graphs 659f5ed (jaellio)
• chore(grafana): update Grafana version 675f2e2 (jaellio)
• tests/e2e: skip traffic split selector test for OpenShift (#4320) cfc96d1 (Shashank Ram)
• Fixed development guide broken link (#4322) 4a40b33 (mudit singh)
• ref(charts) updatea top OpenServiceMesh key to osm (#4317) 92c0719 (Michelle Noorali)
• ingress: fix typos (#4319) e7b78aa (Thomas Stringer)
• chore(ci): create release on nightly tags 323e58c (Jon Huhn)
• parameterize all images used in helm charts 1dfa5ec (Sneha Chhabria)
• docs: update release notes workflow (#4311) 30a2f05 (Shashank Ram)
• Add bug report feature to get all pod data in the mesh with the --all parameter (#4310) 91dca3e (Thomas Stringer)
• docs/samples: add manifests for canary demo (#4308) 8f92c9d (Shashank Ram)
• catalog: allow root service selector to match backend pods (#4303) d9baef6 (Shashank Ram)
• demo: use default namespace if unset (#4304) 43cd0fe (Shashank Ram)
• Update default code approvers (#4305) 31f70a9 (Shashank Ram)
• fix(vulnerability): Update github.com/ulikunitz/xz version 8c26e09 (Sneha Chhabria)
• ref(cli): mv uninstall -> uninstall mesh command (#4283) 76365f5 (Michelle Noorali)
• Removing a namespace also removes ignore flag (#4288) 1c16017 (Clarence Bakirtzidis)
• ref(build): remove need for helm dependency update 8267fe8 (Jon Huhn)
• chore(release): update chart version to v0.11.1 40d3b1a (Sneha Chhabria)
• fix(demo): fail gracefully when /books-bought receives no POST data 481149d (Jon Huhn)
• fix(cli): fix uninstall cmd not showing smi info (#4235) 22c1b4d (Johnson Shi)
• fix(MeshConfig): Remove omitEmpty from bool values in the meshconfig db5eb69 (Sneha Chhabria)
• ingress: deprecate k8s ingress API usage (#4285) e9ec05f (Shashank Ram)
• fix(osm-crds): use busybox base image daa6c0e (Jon Huhn)
• CI/codeq...

v1.0.0-rc.4

Notable changes

• New internal control plane event management framework to handle changes to the Kubernetes cluster and policies
• Validations to reject/ignore invalid SMI TrafficTarget resources
• Control plane memory utilization improvements
• Support for TCP server-first protocols for in-mesh traffic
• Updates to Grafana dashboards to reflect accurate metrics
• OSM control plane images are now multi-architecture, built for linux/amd64 and linux/arm64

Breaking changes

The following changes are not backward compatible with the previous release.

• Top level Helm chart keys are renamed from OpenServiceMesh to osm
• osm mesh upgrade no longer carries over values from previous releases. Use the --set flag on osm mesh upgrade to pass values as needed. The --container-registry and --osm-image-tag flags have also been removed in favor of --set.

Deprecation notes

The following capabilities have been deprecated and cannot be used.

• Kubernetes Ingress API to configure a service mesh backend to authorize ingress traffic. OSM's IngressBackend API must be used to authorize ingress traffic between an ingress gateway and service mesh backend.

CRD Updates

No CRD changes between tags v1.0.0-rc.3 and v1.0.0-rc.4

Changelog

• chore(release): cut v1.0.0-rc.4 6dcba54 (Jon Huhn)
• fix(grafana): remove hardcoded control plane namespace (#4454) (#4460) 568e165 (Jackie Elliott)
• [backport] bug(*): Fix memory targetAverageUtilization (#4459) f76562b (Shalier Xia)
• fix(cli): do not throw error for osm version when no control plane (#4433) (#4457) 8c87b8a (Jackie Elliott)
• [reconciler]: fix label assignment on mwhc (#4431) (#4432) c764eed (mergify[bot])
• meshConfig: add validation for ingressgateway certificate (#4422) (#4426) a21f567 (mergify[bot])
• crd-conversion: fix webhook port number (#4424) 4e5f574 (Shashank Ram)

v1.0.0-rc.3

Notable changes

• New internal control plane event management framework to handle changes to the Kubernetes cluster and policies
• Validations to reject/ignore invalid SMI TrafficTarget resources
• Control plane memory utilization improvements
• Support for TCP server-first protocols for in-mesh traffic
• Updates to Grafana dashboards to reflect accurate metrics
• OSM control plane images are now multi-architecture, built for linux/amd64 and linux/arm64

Breaking changes

The following changes are not backward compatible with the previous release.

• Top level Helm chart keys are renamed from OpenServiceMesh to osm
• osm mesh upgrade no longer carries over values from previous releases. Use the --set flag on osm mesh upgrade to pass values as needed. The --container-registry and --osm-image-tag flags have also been removed in favor of --set.

Deprecation notes

The following capabilities have been deprecated and cannot be used.

• Kubernetes Ingress API to configure a service mesh backend to authorize ingress traffic. OSM's IngressBackend API must be used to authorize ingress traffic between an ingress gateway and service mesh backend.

CRD Updates

No CRD changes between tags v1.0.0-rc.2 and v1.0.0-rc.3

Changelog

• chore(release): cut v1.0.0-rc.3 abbb048 (Jon Huhn)
• contributing: update maintainer requirement (#4415) 99d7ed5 (Shashank Ram)
• ref(build): build all images with buildx (#4402) 4fe1c64 (Jon Huhn)
• build: update to Go 1.17 (#4410) dddd8de (Eng Zer Jun)
• fix security vulnerabilities in dependencies (#4413) 0360d14 (Sneha Chhabria)
• chore(route): Refactor buildRoute() by reducing parameters (#4407) 1c9f7c5 (Shalier Xia)
• add ingress information to bug report 6ed8486 (Thomas Stringer)
• validator: validate ingress backend source kind (#4412) 04f7062 (Shashank Ram)
• injector: allow redirection of app traffic to itself (#4411) 3f7db6e (Shashank Ram)
• ref(*): stepping down as maintainer (#4400) bed1c6b (Edu Serra)
• feat(cli): add remote version to osm version output (#4395) a1a4aff (Jackie Elliott)
• ref(*): stepping down as maintainer 287cc95 (Michelle Noorali)
• Corrected spelling mistake (#4392) a70ae96 (mudit singh)
• rename environment variables for images d93e1ab (Thomas Stringer)
• remove image defaults from preset mesh config and CRD and allow the ability to specify the images through environment variables fa64db5 (Thomas Stringer)
• fix(cli): set sidecar injection annotation to disabled 442d062 (jaellio)
• injector: rename iptables chains for clarity (#4379) 2b93d98 (Shashank Ram)
• ref(k8s): remove IsMetricsEnabled from Controller c61bf17 (Jon Huhn)
• injector: make iptable rules idempotent (#4373) 07c2757 (Shashank Ram)
• ref(k8s): remove K8sServiceToMeshServices from Controller 2ca6b5c (Jon Huhn)
• fix(ingress): increase timeout for TestHandleCertificateChange 52e596c (jaellio)
• add ability for bug-report to get previous logs for control plane containers if they have been restarted 660a0c8 (Thomas Stringer)
• Add bug-report ability to collect control plane logs (#4365) 9048b02 (Thomas Stringer)
• injector: skip injection when pod belongs to host network (#4360) 1d3c236 (Shashank Ram)

v1.0.0-rc.2

Notable changes

• New internal control plane event management framework to handle changes to the Kubernetes cluster and policies
• Validations to reject/ignore invalid SMI TrafficTarget resources
• Control plane memory utilization improvements
• Support for TCP server-first protocols for in-mesh traffic
• Updates to Grafana dashboards to reflect accurate metrics

Breaking changes

The following changes are not backward compatible with the previous release.

• Top level Helm chart keys are renamed from OpenServiceMesh to osm
• osm mesh upgrade no longer carries over values from previous releases. Use the --set flag on osm mesh upgrade to pass values as needed. The --container-registry and --osm-image-tag flags have also been removed in favor of --set.

Deprecation notes

The following capabilities have been deprecated and cannot be used.

• Kubernetes Ingress API to configure a service mesh backend to authorize ingress traffic. OSM's IngressBackend API must be used to authorize ingress traffic between an ingress gateway and service mesh backend.

CRD Updates

No CRD changes between tags v1.0.0-rc.1 and v1.0.0-rc.2

Changelog

• chore(release): cut v1.0.0-rc.2 6549c52 (Jon Huhn)
• fix(ci): fix image scan a386088 (Jon Huhn)
• fix(init): set init container level security context (#4346) 626967b (Sanya Kochhar)
• Remove avg and max envoy update time metrics from grafana dashboard and resolves #3987 8e72beb (Shalier Xia)
• fix failure typos in webhook creators e6784a2 (Thomas Stringer)
• Typo fix for dev guide README (#4347) 7297153 (Bridget Kromhout)
• Updated figure link 29e0574 (mudit singh)
• feat(hpa): Adds memory targetAverageUtilization (#4217) 701d1c3 (Shalier Xia)
• messaging: trigger proxy update when feature flag is toggled (#4345) 52e13ad (Shashank Ram)
• fix(upgrade): handle removed values ad3b63e (Jon Huhn)
• fix(grafana): add version to dashboard descriptions 55bc0ae (jaellio)
• fix(grafana): update grafana version in dashboards (#4337) 78a9927 (Jackie Elliott)
• docs: add release notes doc (#4338) 277ffc2 (Shashank Ram)
• ref(tcp): support tcp-server-first inside the mesh f6c14d6 (Jon Huhn)
• fix(grafana): remove irate from active connection query caf0090 (jaellio)
• chore(release): update instructions for updating release version references 280cb44 (jaellio)
• codeowners: expand approvers to be explicit 1b38273 (Shashank Ram)
• update curl command for init containers 1f95871 (Sneha Chhabria)
• feat(cli): add uninstall cluster-wide-resources cmd 65c0c6d (Johnson Shi)
• docs(demo): update manual demo manifests 3bf8390 (Jon Huhn)
• fix(maestro): update pod readiness checks db9613a (Jon Huhn)
• fix(grafana): use osm_request_duration_ms for latency graphs 659f5ed (jaellio)
• chore(grafana): update Grafana version 675f2e2 (jaellio)
• tests/e2e: skip traffic split selector test for OpenShift (#4320) cfc96d1 (Shashank Ram)
• Fixed development guide broken link (#4322) 4a40b33 (mudit singh)
• ref(charts) updatea top OpenServiceMesh key to osm (#4317) 92c0719 (Michelle Noorali)
• ingress: fix typos (#4319) e7b78aa (Thomas Stringer)
• chore(ci): create release on nightly tags 323e58c (Jon Huhn)
• parameterize all images used in helm charts 1dfa5ec (Sneha Chhabria)
• docs: update release notes workflow (#4311) 30a2f05 (Shashank Ram)
• Add bug report feature to get all pod data in the mesh with the --all parameter (#4310) 91dca3e (Thomas Stringer)
• docs/samples: add manifests for canary demo (#4308) 8f92c9d (Shashank Ram)
• catalog: allow root service selector to match backend pods (#4303) d9baef6 (Shashank Ram)
• demo: use default namespace if unset (#4304) 43cd0fe (Shashank Ram)
• Update default code approvers (#4305) 31f70a9 (Shashank Ram)
• fix(vulnerability): Update github.com/ulikunitz/xz version 8c26e09 (Sneha Chhabria)
• ref(cli): mv uninstall -> uninstall mesh command (#4283) 76365f5 (Michelle Noorali)
• Removing a namespace also removes ignore flag (#4288) 1c16017 (Clarence Bakirtzidis)
• ref(build): remove need for helm dependency update 8267fe8 (Jon Huhn)
• chore(release): update chart version to v0.11.1 40d3b1a (Sneha Chhabria)
• fix(demo): fail gracefully when /books-bought receives no POST data 481149d (Jon Huhn)
• fix(cli): fix uninstall cmd not showing smi info (#4235) 22c1b4d (Johnson Shi)
• fix(MeshConfig): Remove omitEmpty from bool values in the meshconfig db5eb69 (Sneha Chhabria)
• ingress: deprecate k8s ingress API usage (#4285) e9ec05f (Shashank Ram)
• fix(osm-crds): use busybox base image daa6c0e (Jon Huhn)
• CI/codeql: fix indent (#4287) c653a2a (Shashank Ram)
• CI/codeql: cache Go module and build dependencies (#4286) bfb9603 (Shashank Ram)
• go/deps: update Helm to v3.7.1 (#4277) 263ab54 (Jackie Elliott)
• CI: skip Go codeql action for docs (#4276) 77ae218 (Shashank Ram)
• docs/examples: add tcp-echo manifest (#4275) 48b9150 (Shashank Ram)
• Removes namespace label from metric. b00c17a (jaellio)
• Updates namespace counter inline and removes goroutine. c9a82ff (jaellio)
• feat(metrics): monitored namespaces prometheus metric ceb6044 (jaellio)
• fix(pre-release): Update image scan in pre-release workflow 7cbff92 (Sneha Chhabria)
• messaging/proxy: avoid unnecessary proxy broadcasts (#4265) 99f64e7 (Shashank Ram)
• fix(pre-release): fix indentation in pre-release workflow b68b667 (Sneha Chhabria)
• charts(cleanup): delete secrets on cleanup 449ed62 (Sanya Kochhar)
• charts(cleanup): delete secrets on cleanup 1d8a51f (Sanya Kochhar)
• ref(*): removes unnecessary namespace check (#4251) 5e61956 (Michelle Noorali)
• docs(chart): template chart README versions 09c5825 (Jon Huhn)
• chore(ci): Update codecov uploader 93d862e (Jon Huhn)
• chore(chart): increase osm-controller memory limit 473bffd (Jon Huhn)
• chore(security/scan): Scan docker images d1a8858 (nshankar13)
• fix(preset-mesh-config.yaml): add json check (#4241) 04736da (Michelle Noorali)
• ingress/client: remove unnecessary check for namespace (#4244) 0a5fa82 (Shashank Ram)

v0.11.1

Notable Changes

• Codeql GitHub action integrated into PR workflow
• Message broker replaced the global pub-sub instance in the control plane for internal message passing
• Invalid traffic targets will be ignored by OSM
• Some high memory usage issues fixed
• Performance improvements

CRD Updates

No CRD changes between tags v0.11.0 and v0.11.1

Changelog

• chore(release): update version to v0.11.1 545e854 (Sneha Chhabria)
• fix(MeshConfig): Remove omitEmpty from bool values in the meshconfig 6a5b804 (Sneha Chhabria)
• chore(release): update version to v0.11.1-rc.1 dcc91b7 (Sneha Chhabria)
• CI: fix image scan job for pre-release 3312be3 (Sneha Chhabria)
• fix(pre-release): fix indentation in pre-release workflow e503c02 (Sneha Chhabria)
• charts(cleanup): delete secrets on cleanup 9563464 (Sanya Kochhar)
• ref(*): removes unnecessary namespace check (#4251) 5e61956 (Michelle Noorali)
• docs(chart): template chart README versions 09c5825 (Jon Huhn)
• chore(ci): Update codecov uploader 93d862e (Jon Huhn)
• chore(chart): increase osm-controller memory limit 473bffd (Jon Huhn)
• chore(security/scan): Scan docker images d1a8858 (nshankar13)
• fix(preset-mesh-config.yaml): add json check (#4241) 04736da (Michelle Noorali)
• ingress/client: remove unnecessary check for namespace (#4244) 0a5fa82 (Shashank Ram)
• fix(cleanuphook): Delete mwhc and vwhc in all scenarios 3ce755c (Sneha Chhabria)
• messaging/broker: batch proxy update events (#4240) 11af38e (Shashank Ram)
• chore(security/scan): Add codeql scan a23f83c (nshankar13)
• fix(ads): properly sync proxy disconnect c055b1d (Jon Huhn)
• chore(release): update version to v0.11 in chart c40ad8f (jaellio)
• events: log event kind being processed and disable resyncs (#4231) 09f4838 (Shashank Ram)
• chore(tlsversion): Add a tls minimum version for webhooks 2e1ebea (Sneha Chhabria)
• Update tests to resolve missing mock calls 4d140cf (jaellio)
• go/deps: update Helm to v3.7.0 and kubernetes packages db5d919 (jaellio)
• fix(UpgradeTest) : Fix the upgrade e2e test 50c0a50 (Sneha Chhabria)
• fix(ImageTags) : Update image pull to use tags if specified over the digest 6e40f0d (Sneha Chhabria)
• metrics: add counters related to proxy response send (#4219) 0e3f746 (Shashank Ram)
• envoy/registry: do not track disconnected proxies (#4216) d0d5d97 (Shashank Ram)
• messaging: use message broker in control plane (#4212) 0309a0f (Shashank Ram)
• fix(tests): disable smi validate test for NoInstall (#4209) 1caae97 (Michelle Noorali)
• messaging: introduce message broker (#4210) f454b07 (Shashank Ram)
• feat(*): ignore invalid traffic targets (#4177) ae5c9d8 (Michelle Noorali)
• feat(charts): Adding priorityClassName to the OSM deployments a6b59b9 (Shalier Xia)
• catalog/ingress: check backend's port in addition to name (#4202) 37c3d65 (Shashank Ram)

v0.11.1-rc.1

Notable Changes

• Codeql GitHub action integrated into PR workflow
• Message broker replaced the global pub-sub instance in the control plane for internal message passing
• Invalid traffic targets will be ignored by OSM
• Some high memory usage issues fixed
• Performance improvements

CRD Updates

No CRD changes between tags v0.11.0 and v0.11.1-rc.1

Changelog

• chore(release): update version to v0.11.1-rc.1 dcc91b7 (Sneha Chhabria)
• CI: fix image scan job for pre-release 3312be3 (Sneha Chhabria)
• fix(pre-release): fix indentation in pre-release workflow e503c02 (Sneha Chhabria)
• charts(cleanup): delete secrets on cleanup 9563464 (Sanya Kochhar)
• ref(*): removes unnecessary namespace check (#4251) 5e61956 (Michelle Noorali)
• docs(chart): template chart README versions 09c5825 (Jon Huhn)
• chore(ci): Update codecov uploader 93d862e (Jon Huhn)
• chore(chart): increase osm-controller memory limit 473bffd (Jon Huhn)
• chore(security/scan): Scan docker images d1a8858 (nshankar13)
• fix(preset-mesh-config.yaml): add json check (#4241) 04736da (Michelle Noorali)
• ingress/client: remove unnecessary check for namespace (#4244) 0a5fa82 (Shashank Ram)
• fix(cleanuphook): Delete mwhc and vwhc in all scenarios 3ce755c (Sneha Chhabria)
• messaging/broker: batch proxy update events (#4240) 11af38e (Shashank Ram)
• chore(security/scan): Add codeql scan a23f83c (nshankar13)
• fix(ads): properly sync proxy disconnect c055b1d (Jon Huhn)
• chore(release): update version to v0.11 in chart c40ad8f (jaellio)
• events: log event kind being processed and disable resyncs (#4231) 09f4838 (Shashank Ram)
• chore(tlsversion): Add a tls minimum version for webhooks 2e1ebea (Sneha Chhabria)
• Update tests to resolve missing mock calls 4d140cf (jaellio)
• go/deps: update Helm to v3.7.0 and kubernetes packages db5d919 (jaellio)
• fix(UpgradeTest) : Fix the upgrade e2e test 50c0a50 (Sneha Chhabria)
• fix(ImageTags) : Update image pull to use tags if specified over the digest 6e40f0d (Sneha Chhabria)
• metrics: add counters related to proxy response send (#4219) 0e3f746 (Shashank Ram)
• envoy/registry: do not track disconnected proxies (#4216) d0d5d97 (Shashank Ram)
• messaging: use message broker in control plane (#4212) 0309a0f (Shashank Ram)
• fix(tests): disable smi validate test for NoInstall (#4209) 1caae97 (Michelle Noorali)
• messaging: introduce message broker (#4210) f454b07 (Shashank Ram)
• feat(*): ignore invalid traffic targets (#4177) ae5c9d8 (Michelle Noorali)
• feat(charts): Adding priorityClassName to the OSM deployments a6b59b9 (Shalier Xia)
• catalog/ingress: check backend's port in addition to name (#4202) 37c3d65 (Shashank Ram)

v1.0.0-rc.1

Notable Changes

• Codeql GitHub action integrated into PR workflow
• Message broker replaced the global pub-sub instance in the control plane for internal message passing
• Invalid traffic targets will be ignored by OSM
• Some high memory usage issues fixed

CRD Updates

No CRD changes between tags v0.11.0 and v1.0.0-rc.1

Changelog

• chore(release): update appVersion and version images 435f914 (jaellio)
• chore(release): update version to v1.0.0-rc.1 0c779c5 (jaellio)
• fix(cleanuphook): Delete mwhc and vwhc in all scenarios 3ce755c (Sneha Chhabria)
• messaging/broker: batch proxy update events (#4240) 11af38e (Shashank Ram)
• chore(security/scan): Add codeql scan a23f83c (nshankar13)
• fix(ads): properly sync proxy disconnect c055b1d (Jon Huhn)
• chore(release): update version to v0.11 in chart c40ad8f (jaellio)
• events: log event kind being processed and disable resyncs (#4231) 09f4838 (Shashank Ram)
• chore(tlsversion): Add a tls minimum version for webhooks 2e1ebea (Sneha Chhabria)
• Update tests to resolve missing mock calls 4d140cf (jaellio)
• go/deps: update Helm to v3.7.0 and kubernetes packages db5d919 (jaellio)
• fix(UpgradeTest) : Fix the upgrade e2e test 50c0a50 (Sneha Chhabria)
• fix(ImageTags) : Update image pull to use tags if specified over the digest 6e40f0d (Sneha Chhabria)
• metrics: add counters related to proxy response send (#4219) 0e3f746 (Shashank Ram)
• envoy/registry: do not track disconnected proxies (#4216) d0d5d97 (Shashank Ram)
• messaging: use message broker in control plane (#4212) 0309a0f (Shashank Ram)
• fix(tests): disable smi validate test for NoInstall (#4209) 1caae97 (Michelle Noorali)
• messaging: introduce message broker (#4210) f454b07 (Shashank Ram)
• feat(*): ignore invalid traffic targets (#4177) ae5c9d8 (Michelle Noorali)
• feat(charts): Adding priorityClassName to the OSM deployments a6b59b9 (Shalier Xia)
• catalog/ingress: check backend's port in addition to name (#4202) 37c3d65 (Shashank Ram)