v1.1.1

Layer7 Operator v1.1.1 Release

Dependency Updates

• Golang 1.22.0 ==> 1.23.3
• Other dependencies

Removals

• Kube RBAC Proxy
  • resolves #60

Updates

• Fixed an issue where external keys would not sync correctly

Testing

• CI Tooling updated
• Kubernetes 1.30 ==> 1.31

layer7-operator-0.1.6

The Layer7 Operator Helm Chart

v1.1.0

Layer7 Operator v1.1.0 Release

Highlights

• Experimental API Developer Portal Integration
  The Operator now supports an experimental integration between the Portal and ephemeral container Gateways with a ground to cloud agent

• Local Repositories
  The Operator now supports local repositories in the form of Graphman bundles stored in Kubernetes secrets requiring zero external dependencies and with faster change detection and synchronization

• Trusted Certificate Support
  The Operator now supports managing gateway trusted certificates externally using Kubernetes secrets

• Gateway Custom Resource Driven Entity Management
  Direct, dynamic, zero restart, full CRUD entity management for the the following entities via Gateway custom resource changes:

  • Cluster Properties
  • Listen Ports
  • External Secrets
  • External Keys
  • External Certs

• Automatic Gateway Restart on Configuration Changes
  The Operator can now optionally restart container Gateways when certain configuration properties that are read on Gateway startup are changed in their Gateway custom resource definition

• Automatic Resource Cleanup
  The Operator will attempt to automatically cleanup associated resources when any of the following Kubernetes configuration options are disabled in a Gateway custom resource:

  • Ingress/Routes
  • PodDisruptionBudgets
  • HorizontalPodAutoscalers

layer7-operator-0.1.5

The Layer7 Operator Helm Chart

v1.0.7

v1.07 Updates

• Support added for running the Gateway without Diskless Config
  • Uses node.properties which can be mounted via Secret or Secret Store CSI Driver
  • Must be conciously enabled (limited to Gateway v11.1.1)
• Redis configuration update
  • Additional system properties for the key/value store assertion added (commented by default)
    • please refer to Techdocs for more details
  • Using new shared state provider config (limited to Redis and Gateway v11.1.1)
    • this new configuration is not backwards or forwards compatible
      • Please view redis configuration for more details on how to configure your values file.
    • additional redis providers can be set via additionalConfigs
• Configurable Java Min/Max Heap size
  • Java Min and Max Heap Size is now configurable
• Liquibase Log Level is now settable via database.liquibaseLogLevel.
  • default "off"
    • possible values
      • severe
      • warning
      • info
      • fine(debug)
      • off
• System Properties
  • FIPS
    • Switched to BCFIPS 2.0 to provide both non-FIPS and FIPS functionality to the Gateway.
    • Previous
      • com.safelogic.cryptocomply.rsa.allow_multi_use=true
    • New
      • com.l7tech.org.bouncycastle.rsa.allow_multi_use=true
• Port Restart on Key Change
  • Added spec.app.listenPorts.refreshOnKeyChanges to listenPort definition
  • This adds refreshOnKeyChanges=true to advanced properties on 8443 and 9443 when spec.app.listenPorts.harden is true
  • New system-property for refreshing mtls key in the route via http(s) assertion
    • com.l7tech.server.policy.assertion.ServerHttpRoutingAssertion.refreshOnKeyChanges (true|false ==> default: false)
  • Fixed NodePort on the Gateway Services
  • Graphman Client Update for Gateway v11.1.1
    • Supports the latest graphman schema
    • Supports variable expansion for entities separated into files with --options.level 1 and 2
      • Trusted Certificates
      • Keys
      • SOAP services (wsdl)
    • New entities
      • Audit Configurations
      • Roles
      • Generic Entities
    • Supports Bundle Mappings
    • Updated error handling

layer7-operator-0.1.4

The Layer7 Operator Helm Chart

v1.0.6

Layer7 Operator v1.0.6

• All Gateway examples updated to v11.1.00
  • Graphman go client updated, this update is not backwards compatible.
  • Please refer to the compatibility matrix
• OpenTelemetry examples updated
  • Grafana LGTM stack example added, this includes logs/audits, metrics and traces.
    • Limited to using the OTel agent for the example
    • Read more about the preview OTel Integration
• Redis standalone configuration updated
  • Includes additional configuration for standalone, auth + tls.
    • Gateway v11.1.00 only

Other updates

• Resolved a webhook validation bug
• Updated OTK experimental examples
• Helm Chart updated
• Ingress configuration updated
  • ability to specify a management backend for database backed gateways
• Portal ==> Operator sync removed in favour of Portal Kubernetes integration.
• Portal/Operator experimental integration

layer7-operator-0.1.3

The Layer7 Operator Helm Chart

layer7-operator-0.1.2

The Layer7 Operator Helm Chart

layer7-operator-0.1.1

The Layer7 Operator Helm Chart