* feat: release 2.8 Signed-off-by: spacewander <spacewanderlzx@gmail.com> * docs: fix section titles' links (#4671) Co-authored-by: yilinzeng <36651058+yzeng25@users.noreply.github.com>
45 KiB
title |
---|
Changelog |
Table of Contents
- 2.8.0
- 2.7.0
- 2.6.0
- 2.5.0
- 2.4.0
- 2.3.0
- 2.2.0
- 2.1.0
- 2.0.0
- 1.5.0
- 1.4.1
- 1.4.0
- 1.3.0
- 1.2.0
- 1.1.0
- 1.0.0
- 0.9.0
- 0.8.0
- 0.7.0
- 0.6.0
2.8.0
Change
- change: enable stream proxy only by default #4580
Core
- 🌅 feat: allow user-defined balancer with metadata in node #4605
- 🌅 feat: Add option retry_timeout that like nginx's proxy_next_upstream_timeout #4574
- 🌅 feat: enable balancer phase for plugins #4549
- 🌅 feat: allow setting separate keepalive pool #4506
- 🌅 feat: enable etcd health-check #4191
Plugin
- 🌅 feat: add gzip plugin #4640
- 🌅 feat(plugin): Add new plugin ua-restriction for bot spider restriction #4587
- 🌅 feat(stream): add ip-restriction #4602
- 🌅 feat(stream): add limit-conn #4515
- 🌅 feat: increase ext-plugin timeout to 60s #4557
- 🌅 feat(key-auth): supporting key-auth plugin to get key from query string #4490
- 🌅 feat(kafka-logger): support for specified the log formats via admin API. #4483
Bugfix
- fix(stream): sni router is broken when session reuses #4607
- fix: the limit-conn plugin cannot effectively intercept requests in special scenarios #4585
- fix: ref check while deleting proto via Admin API #4575
- fix(skywalking): handle conflict between global rule and route #4589
- fix:
ctx.var.cookie_*
cookie not found log #4564 - fix(request-id): we can use different ids with the same request #4479
2.7.0
Change
- change: check metadata_schema with check_schema like the other schema #4381
- change(echo): remove odd auth_value #4055
- fix(admin): correct the resources' count field and change its type to integer #4385
Core
- 🌅 feat(stream): support client certificate verification #4445
- 🌅 feat(stream): accept tls over tcp #4409
- 🌅 feat(stream): support domain in the upstream #4386
- 🌅 feat(cli): wrap nginx quit cmd #4360
- 🌅 feat: allow to set custom timeout for route #4340
- 🌅 feat: nacos discovery support group #4325
- 🌅 feat: nacos discovery support namespace #4313
Plugin
- 🌅 feat(client-control): set client_max_body_size dynamically #4423
- 🌅 feat(ext-plugin): stop the runner with SIGTERM #4367
- 🌅 feat(limit-req) support nodelay #4395
- 🌅 feat(mqtt-proxy): support domain #4391
- 🌅 feat(redirect): support appending query string #4298
Bugfix
- fix: solve memory leak when the client aborts #4405
- fix(etcd): check res.body.error before accessing the data #4371
- fix(ext-plugin): when token is stale, refresh token and try again #4345
- fix(ext-plugin): pass environment variables #4349
- fix: ensure the plugin is always reloaded #4319
2.6.0
Change
- change(prometheus): redesign the latency metrics & update grafana #3993
- change(prometheus): don't expose metrics to internet #3994
- change(limit-count): ensure redis cluster name is set correctly #3910
- change: drop support of OpenResty 1.15 #3960
Core
- 🌅 feat: support passing different host headers in multiple nodes #4208
- 🌅 feat: add 50x html for error page #4164
- 🌅 feat: support to use upstream_id in stream_route #4121
- 🌅 feat: support client certificate verification #4034
- 🌅 feat: add nacos support #3820
- 🌅 feat: patch tcp.sock.connect to use our DNS resolver #4114
Plugin
- 🌅 feat(redirect): support uri encoding #4244
- 🌅 feat(key-auth): allow customizing header #4013
- 🌅 feat(response-rewrite): allow using variable in the header #4194
- 🌅 feat(ext-plugin): APISIX can support Java, Go and other languages to implement custom plugin #4183
Bugfix
- fix(DNS): support IPv6 resolver #4242
- fix(healthcheck): only one_loop is needed in the passive health check report #4116
- fix(traffic-split): configure multiple "rules", the request will be confused between upstream #4092
- fix: ensure upstream with domain is cached #4061
- fix: be compatible with the router created before 2.5 #4056
- fix(standalone): the conf should be available during start #4027
- fix: ensure atomic operation in limit-count plugin #3991
2.5.0
The changes marked with ⚠️ are not backward compatible. Please upgrade your data accordingly before upgrading to this version. #3809 Means that empty vars will make the route fail to match any requests.
Change
- ⚠️ change: remove unused consumer.id #3868
- ⚠️ change: remove deprecated upstream.enable_websocket #3854
- change(zipkin): rearrange the child span #3877
Core
- 🌅 feat: support mTLS with etcd #3905
- ⚠️ feat: upgrade lua-resty-expr/radixtree to support logical expression #3809
- 🌅 feat: load etcd configuration when apisix starts #3799
- 🌅 feat: let balancer support priority #3755
- 🌅 feat: add control api for discovery module #3742
Plugin
- 🌅 feat(skywalking): allow destroy and configure report interval for reporter #3925
- 🌅 feat(traffic-split): the upstream pass_host needs to support IP mode #3870
- 🌅 feat: Add filter on HTTP methods for consumer-restriction plugin #3691
- 🌅 feat: add allow_origins_by_regex to cors plugin #3839
- 🌅 feat: support conditional response rewrite #3577
Bugfix
- fix(error-log-logger): the logger should be run in each process #3912
- fix: use the builtin server by default #3907
- fix(traffic-split): binding upstream via upstream_id is invalid #3842
- fix: correct the validation for ssl_trusted_certificate #3832
- fix: don't override cache relative headers #3789
- fix: fail to run
make deps
on macOS #3718
2.4.0
Change
- change: global rules should not be executed on the internal api by default #3396
- change: default to cache DNS record according to the TTL #3530
Core
- 🌅 feat: support SRV record #3686
- 🌅 feat: add dns discovery #3629
- 🌅 feat: add consul kv discovery module #3615
- 🌅 feat: support to bind plugin config by
plugin_config_id
#3567 - 🌅 feat: support listen http2 with plaintext #3547
- 🌅 feat: support DNS AAAA record #3484
Plugin
- 🌅 feat: the traffic-split plugin supports upstream_id #3512
- 🌅 feat(zipkin): support b3 req header #3551
Bugfix
- fix(chash): ensure retry can try every node #3651
- fix: script does not work when the route is bound to a service #3678
- fix: use openssl111 in openresty dir in precedence #3603
- fix(zipkin): don't cache the per-req sample ratio #3522
For more changes, please refer to Milestone
2.3.0
Change
- fix: use luajit by default when run apisix #3335
- feat: use luasocket instead of curl in etcd.lua #2965
Core
- 🌅 feat: support to communicate with etcd by TLS without verification in command line #3415
- 🌅 feat: chaos test on route could still works when etcd is down #3404
- 🌅 feat: ewma use p2c to improve performance #3300
- 🌅 feat: support specifying https in upstream to talk with https backend #3430
- 🌅 feat: allow customizing lua_package_path & lua_package_cpath #3417
- 🌅 feat: allow to pass SNI in HTTPS proxy #3420
- 🌅 feat: support gRPCS #3411
- 🌅 feat: allow getting upstream health check status via control API #3345
- 🌅 feat: support dubbo #3224
- 🌅 feat: load balance by least connections #3304
Plugin
- 🌅 feat: kafka-logger implemented reuse kafka producer #3429
- 🌅 feat(authz-keycloak): dynamic scope and resource mapping. #3308
- 🌅 feat: proxy-rewrite host support host with port #3428
- 🌅 feat(fault-injection): support conditional fault injection using nginx variables #3363
Bugfix
- fix(standalone): require consumer's id to be the same as username #3394
- fix: support upstream_id & consumer with grpc #3387
- fix: set conf info when global rule is hit without matched rule #3332
- fix: avoid caching outdated discovery upstream nodes #3295
- fix: create the health checker in
access
phase #3240 - fix: make set_more_retries() work when upstream_type is chash #2676
For more changes, please refer to Milestone
2.2.0
Change
- disable node-status plugin by default #2968
- k8s_deployment_info is no longer allowed in upstream #3098
- don't treat route segment with ':' as parameter by default #3154
Core
- 🌅 allow create consumers with multiple auth plugins #2898
- 🌅 increase the delay before resync etcd #2977
- 🌅 support enable/disable route #2943
- 🌅 route according to the graphql attributes #2964
- 🌅 share etcd auth token #2932
- 🌅 add control API #3048
Plugin
- 🌅 feat(limt-count): use 'remote_addr' as default key #2927
- 🌅 feat(fault-injection): support Nginx variable in abort.body #2986
- 🌅 feat: implement new plugin
server-info
#2926 - 🌅 feat: add batch process metrics #3070
- 🌅 feat: Implement traffic splitting plugin #2935
- 🌅 feat: the proxy-rewrite plugin support pass nginx variable within header #3144
- 🌅 feat: Make headers to add to request in openid-connect plugin configurable #2903
- 🌅 feat: support var in upstream_uri on proxy-rewrite plugin #3139
Bugfix
- basic-auth plugin should run in rewrite phases. #2905
- fixed the non effective config update in http/udp-logger #2901
- always necessary to save the data of the limit concurrency, and release the statistical status in the log phase #2465
- avoid duplicate auto-generated id #3003
- fix: ctx being contaminated due to a new feature of openresty 1.19. For openresty 1.19 users, it is recommended to upgrade the APISIX version as soon as possible. #3105
- fix: correct the validation of route.vars #3124
For more changes, please refer to Milestone
2.1.0
Core
- 🌅 support ENV variable in configuration. #2743
- 🌅 support TLS connection with etcd. #2548
- generate create/update_time automatically. #2740
- add a deprecate log for enable_websocket in upstream.#2691
- add a deprecate log for consumer id.#2829
- Added
X-APISIX-Upstream-Status
header to distinguish 5xx errors from upstream or APISIX itself. #2817 - support Nginx configuration snippet. #2803
Plugin
- 🌅 Upgrade protocol to support Apache Skywalking 8.0#2389. So this version only supports skywalking 8.0 protocol. This plugin is disabled by default, you need to modify config.yaml to enable, which is not backward compatible.
- 🌅 add aliyun sls logging plugin.#2169
- proxy-cache: the cache_zone field in the schema should be optional.#2776
- fix: validate plugin configuration in the DP #2856
Bugfix
- 🐛 fix(etcd): handle etcd compaction.#2687
- fix: move
conf/cert
tot/certs
and disable ssl by default, which is not backward compatible. #2112 - fix: check decrypt key to prevent lua thread aborted #2815
Not downward compatible features in future versions
-In the 2.3 release, the consumer will only support user names and discard the id. The consumer needs to manually clean up the id field in etcd, otherwise the schema verification will report an error during use -In the 2.3 release, opening websocket on upstream will no longer be supported -In version 3.0, the data plane and control plane will be separated into two independent ports, that is, the current port 9080 will only process data plane requests, and no longer process admin API requests
For more changes, please refer to Milestone
2.0.0
This is release candidate.
Core
- 🌅 Migrate from etcd v2 to v3 protocol, which is not backward compatible. Apache APISIX only supports etcd 3.4 and above versions. #2036
- add labels for upstream object.#2279
- add managed fields in json schema for resources, such as create_time and update_time.#2444
- use interceptors to protect plugin's route#2416
- support multiple ports for http and https listen.#2409
- implement
core.sleep
.#2397
Plugin
- 🌅 add AK/SK(HMAC) auth plugin.#2192
- 🌅 add referer-restriction plugin.#2352
limit-count
support to useredis
cluster.#2406- feat(proxy-cache): store the temporary file under cache directory. #2317
- feat(http-logger): support for specified the log formats via admin API #2309
Bugfix
- 🐛
high priority
When the data plane receives an instruction to delete a resource(router or upstream etc.), it does not properly clean up the cache, resulting in the existing resources cannot be found. This problem only occurs in the case of long and frequent deletion operations.#2168 - fix routing priority does not take effect.#2447
- set random seed for each worker process at
init_worker
phase, onlyinit
phase is not enough.#2357 - remove unsupported algorithm in jwt plugin.#2356
- return correct response code when
http_to_https
enabled in redirect plugin.#2311
For more changes, please refer to Milestone
CVE
- Fixed Admin API default access token vulnerability
1.5.0
Core
- Admin API: support authentication with SSL certificates. 1747
- Admin API: support both standard
PATCH
and sub pathPATCH
. 1930 - HealthCheck: supports custom host port. 1914
- Upstream: supports turning off the default retry mechanism. 1919
- URI: supports delete the '/' at the end of the
URI
. 1766
New Plugin
- 🌅 Request Validator 1709
Improvements
- change: nginx worker_shutdown_timeout is changed from 3s to recommended value 240s. 1883
- change: the
healthcheck
timeout time type changed frominteger
tonumber
. 1892 - change: the
request-validation
plugin input parameter supportsSchema
validation. 1920 - change: add comments for Makefile
install
command. 1912 - change: update comment for config.yaml
etcd.timeout
configuration. 1929 - change: add more prometheus metrics. 1888
- change: add more configuration options for
cors
plugin. 1963
Bugfix
- fixed: failed to get
host
in health check configuration. 1871 - fixed: should not save the runtime data of plugin into
etcd
. 1910 - fixed: run
apisix start
several times will start multi nginx processes. 1913 - fixed: read the request body from the temporary file if it was cached. 1863
- fixed: batch processor name and error return type. 1927
- fixed: failed to read redis.ttl in
limit-count
plugin. 1928 - fixed: passive health check seems never provide a healthy report. 1918
- fixed: avoid to modify the original plugin conf. 1958
- fixed: the test case of
invalid-upstream
is unstable and sometimes fails to run. 1925
Doc
- doc: added APISIX Lua Coding Style Guide. 1874
- doc: fixed link syntax in README.md. 1894
- doc: fixed image links in zh-cn benchmark. 1896
- doc: fixed typos in
FAQ
、admin-api
、architecture-design
、discovery
、prometheus
、proxy-rewrite
、redirect
、http-logger
documents. 1916 - doc: added improvements for OSx unit tests and request validation plugin. 1926
- doc: fixed typos in
architecture-design
document. 1938 - doc: added the default import path of
Nginx
for unit testing inLinux
andmacOS
systems in thehow-to-build
document. 1936 - doc: add
request-validation
plugin chinese document. 1932 - doc: fixed file path of
gRPC transcoding
inREADME
. 1945 - doc: fixed
uri-blocker
plugin path error inREADME
. 1950 - doc: fixed
grpc-transcode
plugin path error inREADME
. 1946 - doc: removed unnecessary configurations for
k8s
document. 1891
1.4.1
Bugfix
- Fix: multiple SSL certificates are configured, but only one certificate working fine. 1818
1.4.0
Core
New plugins
- 🌅 Apache Skywalking plugin 1241
- 🌅 Keycloak Identity Server Plugin 1701
- 🌅 Echo Plugin 1632
- 🌅 Consume Restriction Plugin 1437
Improvements
- Batch Request : Copy all headers to every request 1697
- SSL private key encryption 1678
- Improvement of docs for multiple plugins
1.3.0
The 1.3 version is mainly for security update.
Security
- reject invalid header#1462 and uri safe encode#1461
- only allow 127.0.0.1 access admin API and dashboard by default. #1458
Plugin
1.2.0
The 1.2 version brings many new features, including core and plugins.
Core
- 🌅 support etcd cluster. #1283
- using the local DNS resolver by default, which is friendly for k8s. #1387
- support to run
header_filter
,body_filter
andlog
phases for global rules. #1364 - changed the
lua/apisix
dir toapisix
(not backward compatible). #1351 - add dashboard as submodule. #1360
- allow adding custom shared dict. #1367
Plugin
- 🌅 add Apache Kafka plugin. #1312
- 🌅 add CORS plugin. #1327
- 🌅 add TCP logger plugin. #1221
- 🌅 add UDP logger plugin. 1070
- 🌅 add proxy mirror plugin. #1288
- 🌅 add proxy cache plugin. #1153
- drop websocket enable control in proxy-rewrite plugin(not backward compatible). 1332
- Adding support to public key based introspection for OAuth plugin. #1266
- response-rewrite plugin support binary data to client by base64. #1381
- plugin
grpc-transcode
supports grpc deadline. #1149 - support password auth for limit-count-redis. #1150
- Zipkin plugin add service name and report local server IP. #1386
- add
change_pwd
anduser_info
for Wolf-Rbac plugin. #1204
Admin API
- 🌅 support key-based authentication for Admin API(not backward compatible). #1169
- hide SSL private key in admin API. #1240
Bugfix
- missing
clear
table before to reuse table (will cause memory leak). #1134 - print warning error message if the yaml route file is invalid. #1141
- the balancer IP may be nil, use an empty string instead. #1166
- plugin node-status and heartbeat don't have schema. #1249
- the plugin basic-auth needs required field. #1251
- check the count of upstream valid node. #1292
1.1.0
This release is mainly to strengthen the stability of the code and add more documentation.
Core
- always specify perl include path when running test cases. #1097
- Feature: Add support for PROXY Protocol. #1113
- enhancement: add verify command to verify apisix configuration(nginx.conf). #1112
- feature: increase the default size of the core file. #1105
- feature: make the number of file is as configurable as the connections. #1098
- core: improve the core.log module. #1093
- Modify bin/apisix to support the SO_REUSEPORT. #1085
Doc
- doc: add link to download grafana meta data. #1119
- doc: Update README.md. #1118
- doc: doc: add wolf-rbac plugin. #1116
- doc: update the download link of rpm. #1108
- doc: add more english article. #1092
- Adding contribution guidelines for the documentation. #1086
- doc: getting-started.md check. #1084
- Added additional information and refactoring sentences. #1078
- Update admin-api-cn.md. #1067
- Update architecture-design-cn.md. #1065
CI
- ci: remove patch which is no longer necessary and removed in the upst. #1090
- fix path error when install with luarocks. #1068
- travis: run a apisix instance which intalled by luarocks. #1063
Plugins
- feature: Add wolf rbac plugin. #1095
- Adding UDP logger plugin. #1070
- enhancement: using internal request instead of external request in node-status plugin. #1109
1.0.0
This release is mainly to strengthen the stability of the code and add more documentation.
Core
- 🌅 Support routing priority. You can match different upstream services based on conditions such as header, args, priority, etc. under the same URI. #998
- When no route is matched, an error message is returned. To distinguish it from other 404 requests. #1013
- The address of the dashboard
/apisix/admin
supports CORS. #982 - The jsonschema validator returns a clearer error message. #1011
- Upgrade the
ngx_var
module to version 0.5. #1005 - Upgrade the
lua-resty-etcd
module to version 0.8. #980 - In development mode, the number of workers is automatically adjusted to 1. #926
- Remove the nginx.conf file from the code repository. It is automatically generated every time and cannot be modified manually. #974
Doc
- Added documentation on how to customize development plugins. #909
- fixed example's bugs in the serverless plugin documentation. #1006
- Added documentation for using the Oauth plugin. #987
- Added dashboard compiled documentation. #985
- Added documentation on how to perform a/b testing. #957
- Added documentation on how to enable the MQTT plugin. #916
Test case
- Add test cases for key-auth plugin under normal circumstances. #964
- Added tests for gRPC transcode pb options. #920
0.9.0
This release brings many new features, such as support for running APISIX with Tengine, an advanced debugging mode that is more developer friendly, and a new URI redirection plugin.
Core
- 🌅 Supported to run APISIX with tengine. #683
- 🌅 Enabled HTTP2 and supported to set ssl_protocols. #663
- 🌅 Advanced Debug Mode, Target module function's input arguments or returned value would be printed once this option is enabled. #614
- Support to install APISIX without dashboard. #686
- Removed router R3 #725
Plugins
- Redirect URI: Redirect URI plugin. #732
- Proxy Rewrite: Supported remove
header
feature. #658 - Limit Count: Supported global limit count with
Redis Server
.#624
lua-resty-*
- lua-resty-radixtree
- Support for
host + uri
as an index.
- Support for
- lua-resty-jsonschema
- This extension is a JSON data validator that replaces the existing
lua-rapidjson
extension.
- This extension is a JSON data validator that replaces the existing
Bugfix
- key-auth plugin cannot run accurately in the case of multiple consumers. #826
- Exported schema for plugin serverless. #787
- Discard args of uri when using proxy-write plugin #642
- Zipkin plugin not set tracing data to request header. #715
- Skipped check cjson for luajit environment in apisix CLI. #652
- Skipped to init etcd if use local file as config center. #737
- Support more built-in parameters when set chash balancer. #775
Dependencies
- Replace the
lua-rapidjson
module withlua-resty-jsonschema
global,lua-resty-jsonschema
is faster and easier to compile.
0.8.0
Released on 2019/09/30
This release brings many new features, such as stream proxy, support MQTT protocol proxy, and support for ARM platform, and proxy rewrite plugin.
Core
- 🌅 support stand-alone mode: using yaml to update configurations of APISIX, more friendly to kubernetes. #464
- 🌅 support stream proxy. #513
- 🌅 support consumer bind plugins. #544
- support domain name in upstream, not only IP. #522
- ignored upstream node when it's weight is 0. #536
Plugins
- 🌅 MQTT Proxy: support to load balance MQTT by
client_id
, both support MQTT 3.1 and 5.0. #513 - proxy-rewrite: rewrite uri, schema, host for upstream. #594
ARM
- 🌅 APISIX can run normally under Ubuntu 18.04 of ARM64 architecture, so you can use APISIX as IoT gateway with MQTT plugin.
lua-resty-*
- lua-resty-ipmatcher
- support IPv6
- IP white/black list, route.
- lua-resty-radixtree
- allow to specify multiple host, remote_addr and uri.
- allow to define user-function to filter request.
- use
lua-resty-ipmatcher
instead oflua-resty-iputils
,lua-resty-ipmatcher
matches fast and support IPv6.
Bugfix
- healthcheck: the checker name is wrong if APISIX works under multiple processes. #568
Dependencies
- removed
lua-tinyyaml
from source code base, and install through Luarocks.
0.7.0
Released on 2019/09/06
This release brings many new features, such as IP black and white list, gPRC protocol transcoding, IPv6, IdP (identity provider) services, serverless, Change the default route to radix tree (not downward compatible), and more.
Core
- 🌅 gRPC transcoding: supports protocol transcoding so that clients can access your gRPC API by using HTTP/JSON. #395
- 🌅 radix tree router: The radix tree is used as the default router implementation. It supports the uri, host, cookie, request header, request parameters, Nginx built-in variables, etc. as the routing conditions, and supports common operators such as equal, greater than, less than, etc., more powerful and flexible.IMPORTANT: This change is not downward compatible. All users who use historical versions need to manually modify their routing to work properly. #414
- Dynamic upstream supports more parameters, you can specify the upstream uri and host, and whether to enable websocket. #451
- Support for get values from cookies directly from
ctx.var
. #449 - Routing support IPv6. #331
Plugins
- 🌅 serverless: With serverless support, users can dynamically run any Lua function on a gateway node. Users can also use this feature as a lightweight plugin.#86
- 🌅 support IdP: Support external authentication services, such as Auth0, okta, etc., users can use this to connect to Oauth2.0 and other authentication methods. #447
- rate limit: Support for more restricted keys, such as
X-Forwarded-For
andX-Real-IP
, and allows users to use Nginx variables, request headers, and request parameters as keys. #228 - IP black and white list Support IP black and white list for security. #398
CLI
- Add the
version
directive to get the version number of APISIX. #420
Admin
- The
PATCH
API is supported and can be modified individually for a configuration without submitting the entire configuration. #365
Dashboard
- 🌅 Add the online version of the dashboard,users can experience APISIX without install. #374
0.6.0
Released on 2019/08/05
This release brings many new features such as health check and circuit breaker, debug mode, opentracing and JWT auth. And add built-in dashboard.
Core
- 🌅 Health Check and Circuit Breaker: Enable health check on the upstream node, and will automatically filter unhealthy nodes during load balancing to ensure system stability. #249
- Anti-ReDoS(Regular expression Denial of Service). #252
- supported debug mode. #319
- allowed to use different router. #364
- supported to match route by host + uri. #325
- allowed plugins to handler balance phase. #299
- added desc for upstream and service in schema. #289
Plugins
- 🌅 OpenTracing: support Zipkin and Apache SkyWalking. #304
- JWT auth. #303
CLI
- support multiple ips of
allow
. #340 - supported real_ip configure in nginx.conf and added functions to get ip and remote ip. #236
Dashboard
- 🌅 add built-in dashboard. #327