Contour 1.17.0 is out with a layer seven HTTP reverse proxy for Kubernetes clusters. The new version has arrived with many new features and several fixes, which will make the functioning of the ingress controller smoother. More activities within the community came along with the release of this version. So, we will have a look at all of this. Let’s get going.
Tech Writing Working Group
As earlier told, a significant change came to the community with this new release. It is seen vividly with the announcement of introducing the tech writing working group in the Contour community. Because of this, specific documentation proposals and fixes comes as contributions. We can see a few changes, such as fixing of error by flagging an expected argument with –kubernetes-debug command.
Ignoring Irrelevant Endpoints Updates
As reported earlier here, previously to this release, we can see endpoint changes for services not related to Contour would cause a no-op configuration push to Envoy. Because of this, we find a lot of churns in busy clusters. Now, we have fixed this issue. For more information, click here.
In the Gateway API, Gateways refer to a GatewayClass, and controllers decide which Gateways to reconcile. They did it by determining for which GatewayClass(es) they are responsible. It is specified using the spec.controller field in the GatewayClass. We now expect that controllers look for a specific value in that field and only reconcile Gateways that reference GatewayClasses that match.
In this release, Contour has changed the method by which it selects which Gateway to reconcile. It now follows the spec for looking up a GatewayClass and finding the first created Gateway in that GatewayClass to be the Gateway it will watch for config when using the Gateway API. We can now accomplish this by specifying the value to look for inside the GatewayClass spec.controller field using the controllerName area inside the gateway stanza in the config file. It means that the name and namespace parameters in the gateway stanza inside the Contour config file are now deprecated.
Support for TLS Route Termination Mode
Contour now supports the Gateway API TLSRoute object’s terminate mode, which terminates TLS at the Gateway. For more information and description on this topic, click here.
With the new release, we can see an improved testing framework and CI infrastructure. As well as several other changes, the CI now runs Contour out-of-cluster to enable testing multiple configurations. It will now allow Contour to experiment with more combinations of config and objects and increase the overall test coverage.
Now, tests will use Contour running locally. Again, we can check for nil conditions in an HTTP request. We can see Controller Runtime test suite improvements with this update. Also, we can see updates of test scripts README for the new e2e format. We can now fix codespell errors. Also, now we can use up to date go in e2e/upgrade CI jobs and install Gateway API CRDs from examples/gateway.
Config file: Gateway.Name and Gateway.Namespace
As described in the “Reconciling Gateways” section, the config file parameters Gateway.Name & Gateway.Namespace is deprecated.
Config file: make gencerts
Contour currently has a make gencerts available in the local Makefile for creating certificates for securing Contour to Envoy traffic. The contour certgen command now superseded, which can output to local files in various formats or directly to Kubernetes Secrets. This part of the Makefile is therefore deprecated.
The new release comes with the fixing of Rendered Gateway Example. We now see bumping of gomega package to 1.13.0, golang to 1.16.5 and ginkgo to 1.16.4. Also, it will now help users with the bumping of protobuf and fix lint issues. Also, we find the fixing of references to kuard-dag.png. The pull deployment manifest can now unmarshal/update into the framework. Updating compatibility docs, releasing cutting notes, fixing label sync, updating labels, and adding new decision issue types comes with the latest release.
We also see several fixes on the site too. The new Contour release will now replace latest_release_tag_name with latest_version. It will also now use a single parameter for the latest version. Several fixups like fixing the upgrade guide, RateLimiting Guide, and some other links and improving the configuration page for Hugo’s move will now help users. Also, we will have the bulk replacement of Jekyll templates. We will now have fixing of links on deploy-options pages and to HTTP Proxy fundamentals for annotations page.
The new and improved Contour will now help more. You can also try it out by clicking here.