🛜 RSS feed

Changelog entry types

Changelog entries are categorized into the following types:

  • Breaking Changes: An API is changed in a way that is not backwards compatible, such as a changed format for an API field.
  • Bug Fixes: A bug is resolved in this release.
  • Dependency Bumps: The version for a dependency in Gloo Gateway is bumped in this release.
  • New Features: A new feature is implemented in the release.

v2.2

2.2.0-beta.16

Published on: 2026-04-01

New Features

  • PostgreSQL migration framework for portal backend

2.2.0-beta.15

Published on: 2026-03-25

New Features

  • Support ratelimit overrides from dynamic metadata
  • Portal: Support HTTPRoute delegation for APIProducts
  • Add status reporting for WAFPolicy.

2.2.0-beta.14

Published on: 2026-03-18

2.2.0-beta.13

Published on: 2026-03-11

New Features

  • Allow mounting the license key in a volume

Cleanup

  • bump envoy-gloo-ee to v1.36.5-patch1 and fix fips build

2.2.0-beta.12

Published on: 2026-03-13

Test release only. Use later releases instead.

2.2.0-beta.11

Published on: 2026-03-11

New Features

  • The WAF server can now be configured via EnterpriseKgatewayParameters spec.kube.sharedExtensions.waf.
  • WAFPolicy supports loading directives from ConfigMaps.
  • expose pprof server for portal

Bug Fixes

  • Fixed being able to send traffic to remote global service when only remote waypoint exists.
  • WAF now server fails closed on invalid WAFPolicy configuration.

Cleanup

  • Added ext-auth RBAC permissions for reading ReferenceGrant and added API key HMAC e2e coverage.
  • bundle rust dynamic module in the envoy image so kgateway transformation policy will work.

2.2.0-beta.10

Published on: 2026-03-06

2.2.0-beta.9

Published on: 2026-03-05

2.2.0-beta.8

Published on: 2026-03-04

Test release only. Use later releases instead.

2.2.0-beta.7

Published on: 2026-03-04

Test release only. Use later releases instead.

2.2.0-beta.6

Published on: 2026-03-04

Test release only. Use later releases instead.

2.2.0-beta.5

Published on: 2026-03-04

Changes since 2.2.0-beta.4

New Features

  • [Upstream] Add allow_mode_override and allowed_override_modes support in ExtProc GatewayExtensions (#13394)
  • [Upstream] support GRPCRoutes attaching to HTTPS listeners (#13493)
  • [Upstream] Support per listener mTLS client cert validation (#13518)
  • [Upstream] Support attaching TrafficPolicy to GRPCRoutes (#13519)
  • [Upstream] Add loadBalancerSourceRanges support to GatewayParameters.spec.kube.service for the dynamically provisioned gateway service (#13545)
  • [Upstream] Support TLS Termination for TLSRoute on TLS listener (#13548)
  • [Upstream] Allow setting Envoy’s xff_trusted_cidrs and skip_xff_append via ListenerPolicy (#13551)
  • [Upstream] Allow configuring Envoy application log format, either as JSON or custom text (#13561)
  • [Upstream] Controller helm chart exposes topologySpreadConstraints (#13573)

Bug Fixes

  • GracefulShutdownSpec fixed so that envoy proxies fail readiness checks as documented.
  • Fix: Replicated Ext Auth Oauth2/OIDC state token signing keys were not always in sync replica to replica
  • [Upstream] Relaxed CEL rules for BackendConfigPolicy to support Istio Hostname as a target (#13374)
  • [Upstream] Fix Rustformations returning HTTP 400 on small JSON request bodies arriving in a single chunk. (#13480)
  • [Upstream] fix: RBAC is expanded to include VPA, HPA, and PDB because data planes can be configured to come along with these resources since #13266 (#13497)
  • [Upstream] Introduce kgateway-base manifests and migrate tests to base gateway for faster tests (chore): use native go instead of curl pod to create http reqs for ExtAuth, BackendTLS, Backends, Accesslogs, BasicRouting, DFP, HTTPRoute (#13515)
  • [Upstream] Fixed no endpoints for services/namespaces without an ingress-use-waypoint label when at least one other has it (#13531)
  • [Upstream] Fix cross-namespace extensionRef in TrafficPolicy.spec.jwtAuth resulting in broken requirement_name in Envoy filter config (#13540)
  • [Upstream] fix: Deployer deploys RBAC changes etc. first since later changes depend on them (#13552)

Documentation

  • [Upstream] GracefulShutdownSpec API doc correction (#13577)

Cleanup

  • Finish the removal of agentgateway from the Solo Enterprise for kgateway codebase. This includes the removal of the envoy based support for inference extensions.
  • [Upstream] Removes deprecated Gateway API Inference Extension support, which had already moved to agentgateway (#13514)

Dependency Updates

  • [Upstream] Upgrade to latest Go 1.26 (#13517)

2.2.0-beta.4

Published on: 2026-02-19

Test release only. Use later releases instead.

2.2.0-beta.3

Published on: 2026-02-19

Test release only. Use later releases instead.

2.2.0-beta.2

Published on: 2026-02-18

New Features

  • Added new SpaceDelimitedStringContains matcher type for JWT RBAC principal claims. This matcher enables matching space-delimited strings (like OAuth2 scopes) with AND logic, where all specified tokens must be present. For example, a matcher value of “read write” will only match JWTs containing both “read” AND “write” in the scope claim, regardless of order.
  • Solo Enterprise for kgateway: Data plane pods’ priorityClassName is configurable.
  • Solo Enterprise for kgateway: Fixes a bug regarding overriding the data plane’s startupProbes.
  • CI: Adds a workflow to sync clients to public kgateway-client repo.
  • Add initial WAF support. A new WAFPolicy CRD can be used to configure the CoreRuleSet, rule engine settings, and custom directives. To use the policy, configure a EnterpriseKgatewayTrafficPolicy with entWAF referencing the WAFPolicy and WAF server.

2.2.0-beta.1

Published on: 2026-02-11

v2.1

2.1.5

Published on: 2026-04-09

What’s Changed

2.1.4

Published on: 2026-03-27

Changes since 2.1.3

Bug Fixes

  • fix: EnterpriseAgentgatewayParameters did not merge resources or Istio configuration deeply when present on both GC and GW
  • updated envoy and go dependencies to address CVE’s

2.1.3

Published on: 2026-03-13

Changes since 2.1.2

New Features

  • Allow mounting the license key in a volume

Bug Fixes

  • Allow mounting the license key in a volume
  • Fix peering ingress with only remote waypoint.
  • [Upstream] add PreRouting phase support for authentication policies (#13544)
  • [Upstream] Fixed no endpoints for services/namespaces without an ingress-use-waypoint label when at least one other has it. (#13550)
  • [Upstream] fix nil panic in TrafficPolicy when attaching to redirect rules in HTTPRoute (#13625) (#13627)

Cleanup

  • [Upstream] fix nil panic in TrafficPolicy when attaching to redirect rules in HTTPRoute (#13625) (#13627)
  • bundle rust dynamic module in the envoy image so kgateway transformation policy will work.
  • bump envoy-gloo-ee to v1.36.5-patch1 and fix fips build
  • [Upstream] bump envoy to v1.36.5 (#13646)

Dependency Updates

  • [Upstream] bump envoy to v1.36.5 (#13646)
  • Bumped, on branch 2.1.x, the Go version to 1.25.8, the otel version to 1.41.0, and related contrib packages and dependencies as needed.
  • [Upstream] Bumps to go 1.25.8 (#13650)

2.1.2

Published on: 2026-03-02

Changes since 2.1.1

Bug Fixes

  • Fix ‘Authorization’ header redaction in ext-auth DEBUG logs and in error cases in ext-auth INFO logs. Fix header redaction to be case-insensitive.
  • GracefulShutdownSpec fixed so that envoy proxies fail readiness checks as documented.
  • [Upstream] add PreRouting phase support for authentication policies (#13544)
  • [Upstream] Fixed no endpoints for services/namespaces without an ingress-use-waypoint label when at least one other has it. (#13550)

2.1.1

Published on: 2026-01-30

Changes since 2.1.0

Bug Fixes

  • Fixes a deployer bug where changes to EnterpriseKgatewayParameters and EnterpriseAgentgatewayParameters failed to change Kubernetes Deployments when necessary (e.g., when replica count changed).
  • Fixed the ancestor ref on EnterpriseAgentgatewayPolicy to resolve to Gateway.
  • [Upstream] Header lookups in rustformation are now correctly case-insensitive (#13386)
  • Rename the volumeMount mountPath in the redis container of the ext-proc deployment to /data to match the redis default write directory.

Documentation

  • Rename the volumeMount mountPath in the redis container of the ext-proc deployment to /data to match the redis default write directory.
  • Updates API docs regarding server-side apply (SSA) and EnterpriseAgentgatewayParameters
  • [Upstream] Updates API docs regarding server-side apply (SSA) and AgentgatewayParameters (#13300)
  • [Upstream] Updates API docs regarding server-side apply (SSA) and AgentgatewayParameters (#13306)

Cleanup

  • [Upstream] Updates API docs regarding server-side apply (SSA) and AgentgatewayParameters (#13306)
  • [Upstream] [rustformation] create per config minijinja env (#13289)
  • [Upstream] [rustformation] create per config minijinja env (#13304)

2.1.0

Published on: 2026-01-15

Changes since 2.0.0

Breaking Changes

  • Rename of GlooAgentgatewayPolicy to AgentgatewayEnterprisePolicy and changed fields within to entExtAuth and entRateLimit instead of glooExtAuth and glooRateLimit
  • Splits the EnterpriseKgateway && EnterpriseAgentgateway CRDs into separate groups
  • Update the metrics with the new product name
  • Update agentgateway class and controller name to enterprise-agentgateway and solo.io/enterprise-agentgateway respectively
  • Split helm UX into dedicated charts for Solo Enterprise for kgateway and Solo Enterprise for agentgateway. Adds JWKS support to Solo Enterprise for agentgateway
  • Adds Kubernetes short name ekgtp for EnterpriseKgatewayTrafficPolicy
  • Removed EnterpriseKgatewayKubernetesProxyConfig.Agentgateway. Users should now use EnterpriseAgentgatewayParameters instead.
  • [Upstream] Introduces a new setting KGW_ENABLE_GATEWAY_API_EXPERIMENTAL_FEATURES to gate experimental Gateway API features and APIs. Defaults to false (#12695)
  • [Upstream] Added new AgentgatewayPolicy to replace TrafficPolicy for agentgateway. Added support for backend and frontend configuration. (#12723)
  • [Upstream] The deprecated spec.kube.floatingUserId field has been removed from the GatewayParameters CRD. This field was previously used to unset runAsUser values in security contexts. When migrating, users should use the supported spec.kube.omitDefaultSecurityContext field instead. When set to true, this field prevents the controller from injecting opinionated default security contexts, allowing your platform (e.g. OCP) to dynamically provide the appropriate securitycontexts. (#12747)
  • [Upstream] Remove AI policy from TrafficPolicy. (#12901)
  • [Upstream] Add option to allow missing JWT. [Internal break only] Changed the gateway extension API. Providers are now nested within JWT. (#12998)
  • [Upstream] Updated agentgateway resources to use new agentgateway.dev GVK. DirectResponse for agentgateway is now only configurable through the AgentgatewayPolicy instead of the separate DirectResponse CRD. (#13013)
  • [Upstream] agentgateway can no longer be configured with GatewayParameters, only with AgentgatewayParameters. (#13054)
  • [Upstream] Split helm UX into dedicated charts for Envoy based kgateway and agentgateway (#13062)
  • [Upstream] Renames controller kgateway.dev/agentgateway to agentgateway.dev/agentgateway, breaking legacy agentgateway installations. The bundled GatewayClass using the agentgateway data plane is renamed from agentgateway to agentgateway-v2. (#13088)
  • [Upstream] AgentgatewayParameters rawConfig breaking change to allow configuring binds, e.g., and other things in config.yaml but outside of its config section (#13127)
  • [Upstream] [Internal break only] jwt renamed to jwtAuth, apiKeyAuthentication renamed to apiKeyAuth (#13254)
  • [Upstream] Agentgateway ExtAuth policies will now fail closed when the backendRef to the auth server is invalid (#13273)

New Features

  • [Upstream] Agentgateway ExtAuth policies will now fail closed when the backendRef to the auth server is invalid (#13273)
  • Added support for agentgateway CEL-based ratelimit actions.
  • Show Accepted and Attached status for GlooTrafficPolicy in kubectl get output.
  • Add configuration for agentgateway CA for waypoint to GlooGatewayParams
  • Added new GlooAgentgatewayPolicy CRD.
  • Add support for Istio Ambient Mesh waypoints with multi-cluster peering, enabling policy attachment to global services.
  • Support configuring an rfc8693 token exchange policy in agent gateway.
  • Adds a new EnterpriseListenerSets API to serve as a stable alternative to XListenerSet. This CRD can be installed by setting the installEnterpriseListenerSetCRD helm flag to true. Disabled by default
  • Adds EnterpriseAgentgatewayParameters
  • Build and publish standalone multi-arch enterprise agentgateway controller image
  • PodDisruptionBudget and HorizontalPodAutoscaler support for the data plane of Solo Enterprise for agentgateway
  • EnterpriseAgentgatewayPolicies ExtAuth policies will now fail closed for invalid backend references or missing AuthConfigs
  • [Upstream] Add modelAliases support to TrafficPolicy AIPolicy to allow friendly model name aliases. (#12479)
  • [Upstream] Added CSRF support in agentgateway (#12516)
  • [Upstream] Add RouteType configuration to AI backends for path-based API format routing (completions, messages, models, passthrough) (#12590)
  • [Upstream] Allow using kgateway.dev/http-redirect-status-code annotation to configure the allowed HTTP redirect status codes as an override API with the RequestRedirect filter. (#12610)
  • [Upstream] Adds retry policy to configure retries for the gRPC streams associated with GatewayExtension services. (#12669)
  • [Upstream] Allows users to define GatewayClasses using any controller. E.g., a user can create a custom GatewayClass with an arbitrary name that uses controllerName kgateway.dev/agentgateway to duplicate the behavior of the built-in GatewayClass agentgateway. A user may still choose to patch the built-in GatewayClass to change its behavior via GatewayParameters, but now it is also possible to choose to just create a new GatewayClass that refers to equivalent GatewayParameters. One motivation: two different teams that want different GatewayParameters for class agentgateway. Another motivation: clean GitOps with entirely new resources, no patching required. (#12733)
  • [Upstream] The kgateway GatewayClass now supports labels and annotations in the Gateway API infrastructure field, in addition to the previously supported parametersRef field. When a Gateway using the kgateway class specifies infrastructure labels or annotations, these values will be propagated to all managed Kubernetes resources including the Deployment, Service, ConfigMap, and ServiceAccount. When both infrastructure metadata and GatewayParameters are configured (via parametersRef or the Gateway’s parametersRef field), the values are merged together. In cases where the same key is defined in both locations, the infrastructure value takes precedence over the GatewayParameters “extraLabels” or “extraAnnotations” value. This allows infrastructure-level configuration to override parameter-level settings when necessary. (#12735)
  • [Upstream] Added event reporting for agentgateway gateways that indicates when a gateway has nacked an update (#12770)
  • [Upstream] Added JWT Authentication configuration to the TrafficPolicy and support for JWT Providers to the GatewayExtension. (#12811)
  • [Upstream] Add support for Azure OpenAI backends with agentgateway. (#12836)
  • [Upstream] rustformation: implemented remove headers and some jinja custom functions (#12848)
  • [Upstream] Introduced support for remote jwks in JWTAuthentication policies. (#12850)
  • [Upstream] Added support for OpenAI Responses API and Anthropic token counting route types. Added prompt caching configuration for Bedrock enabling up to 90% cost reduction and significantly faster response times. (#12855)
  • [Upstream] Add multi-network support to agentgateway syncer for cross-network workload discovery and routing in ambient mode. (#12858)
  • [Upstream] Introduce support for basic auth, api-key auth, and inline jwt auth policies to agent gateway (#12886)
  • [Upstream] Add support for multiple certificateRefs in listener tls section (#12895)
  • [Upstream] support TLS termination for TCPRoutes (#12906)
  • [Upstream] Allow configuring cipher suites, ecdh curves, minimum TLS version, maximum TLS version using tls options map. (#12917)
  • [Upstream] add support for remote JWKS (#12939)
  • [Upstream] Add global disable option for JWT policy (#12945)
  • [Upstream] Adds priorityClassName to the Pod struct used in GatewayParameters in order to set the corresponding priorityClassName field in the gateway-proxy pod. (#12949)
  • [Upstream] [rustformation] support parsing body as json and implemented all documented jinja custom functions (#12950)
  • [Upstream] Add HTTP support for ExtAuth (#12952)
  • [Upstream] Add support for circuit breakers in BackendConfigPolicy. (#12957)
  • [Upstream] Add helm values for setting custom GatewayParameters for bundled gatewayclasses (#12960)
  • [Upstream] Add support for configuring an API key authentication in TrafficPolicy with keys defined in secret(s) (#12962)
  • [Upstream] Added support for MCP authentication for agentgateway. (#12966)
  • [Upstream] Add a ListenerPolicy CRD and ProxyProtocol config in it. (#12979)
  • [Upstream] Add basic auth configuration to TrafficPolicy. (#12983)
  • [Upstream] Add stats matcher config to GatewayPparameters (#12985)
  • [Upstream] Add support for gzip response compression and request decompression in TrafficPolicy. (#12986)
  • [Upstream] Add earlyRequestHeaderModifier to HTTPListenerPolicy. this allows performing header modifications before a route is selected. (#12992)
  • [Upstream] add regex path rewrite (#13001)
  • [Upstream] Added metrics and logs for envoy xDS errors. (#13003)
  • [Upstream] Support setting of tls options in connections to remote jwks sources. (#13014)
  • [Upstream] Add PerConnectionBufferLimit to ListenerPolicy Deprecate PerConnectionBufferLimit annotation on Gateway resources (#13016)
  • [Upstream] Added a new AgentgatewayParameters API in agentgateway.dev/v1alpha1 (#13018)
  • [Upstream] Adds OAuth2 policy to enable OAuth2 and OIDC flows with Envoy as the Gateway. (#13051)
  • [Upstream] Implement FrontendTLConfig in the Gateway API Implementation specific details:
  • Allow multiple caCertificateRefs
  • Allow caCertificateRefs to reference secrets as well as configmaps
  • Added the kgateway.dev/verify-certificate-hash to listener TLS options to allow configuration of validate client certificates. (#13064)
  • [Upstream] Support Gateway.spec.addresses. We currently support one IP address type value that will be used in the gateway’s Service loadbalancerIP. (#13070)
  • [Upstream] Added kgateway.dev/verify-subject-alt-names TLS option (#13097)
  • [Upstream] OAuth2: allow customizing cookie settings and denying redirects for matching requests. (#13099)
  • [Upstream] Added mode for MCP authentication and support for Unspecified IDPs. (#13111)
  • [Upstream] backendTLSPolicy: support secret ref kind for caCertificateRefs (#13117)
  • [Upstream] Add new multi-arch controller image for agentgateway (#13194)
  • [Upstream] Support Gateway.spec.addresses for agentgateway (#13197)
  • [Upstream] Bump Agentgateway to 0.11.0 Add support for Canadian Social Insurance Number prompt guards for Agentgateway (#13199)
  • [Upstream] Added configuration for stateful/stateless session routing for mcp backends. (#13201)
  • [Upstream] Added timeout to agentgateway’s ExtAuth policy (#13202)
  • [Upstream] Add disable field to API key authentication in TrafficPolicy, allowing routes to selectively opt-out of gateway-level authentication requirements. (#13217)
  • [Upstream] Added support for CipherSuite configuration on frontend tls policy. (#13219)
  • [Upstream] support maxRequestHeadersKb field in ListenerPolicy (#13224)
  • [Upstream] Added tracing support for AgentgatewayPolicy. (#13226)
  • [Upstream] PodDisruptionBudget and HorizontalPodAutoscaler are now options for the agentgateway proxy via AgentgatewayParameters. (#13237)
  • [Upstream] PodDisruptionBudget is now an option for the agentgateway and envoy control planes. (#13238)
  • [Upstream] add preserveExternalRequestId generateRequestId to HttpListenerPolicy and ListenerPolicy users can now disable the generation of Request ID and preserve external request ID (#13250)

Bug Fixes

  • [Upstream] add preserveExternalRequestId generateRequestId to HttpListenerPolicy and ListenerPolicy users can now disable the generation of Request ID and preserve external request ID (#13250)
  • Helm chart installation bug fix when providing your own Kubernetes Secret(s)
  • Fixed downstream status reporting on GlooAgentgatewayPolicy.
  • Fixed AgentgatewayPolicy CEL logic for new AgentgatewayBackend.
  • fixed a bug where multiple gateways with extauth deployments would break extauth
  • bump envoy-gloo-ee to v1.36.3-patch1
  • Fixed policy attachment CEL rules.
  • Fixes bugs regarding merging EnterpriseAgentgatewayParameters and using open-source AgentgatewayParameters
  • Fixes bug regarding graceful shutdown of ext-cache.
  • [Upstream] The agentgateway.enabled Helm parameter is now enabled by default. Note: this just enables the controllers for agentgateway; agentgateway is not deployed until a Gateway is created. The agentgateway control plane has been refactored, improving performance by up to 25x. (#12415)
  • [Upstream] Fixed TCP Routes translation in agentgateway. (#12578)
  • [Upstream] Propagate backend error to backend crd status (#12608)
  • [Upstream] agentgateway: Bumps version from 0.10.2 to 0.10.3. (#12665)
  • [Upstream] Fix policy status Attached condition true when Accepted=false (#12691)
  • [Upstream] Fixed HTTPRoute mirror filters to support multiple mirrors per rule and correct percentage-based mirroring. Previously, percentage values were off by 100x (e.g., 50% mirrored only 0.5% of traffic). (#12734)
  • [Upstream] Fix a bug where agw did not work with listenersets allowed by the namespace selector (#12838)
  • [Upstream] Clear stale HTTPRoute status after the route has all invalid ParentRefs (#12852)
  • [Upstream] Clear stale TrafficPolicy and HTTPListenerPolicy status after the policy has all invalid TargetRefs (#12883)
  • [Upstream] Fixed mcp authorization parsing for backend policy on AgentgatewayPolicy. (#12897)
  • [Upstream] fix: set default alpn on transport socket Allow configuring ALPN protocols using kgateway.dev/alpn-protocols TLS option (#12903)
  • [Upstream] Fix a bug where a listener on a listenerset can not read a secret in its own namespace (#12936)
  • [Upstream] Enforce ReferenceGrants for cross namespace Secrets references used by XListenerSets (#12954)
  • [Upstream] Fixed agentgateway global ratelimit translation for token unit. (#12959)
  • [Upstream] Fixed issue with stale configuration when changing a service traffic distribution. (#13005)
  • [Upstream] Fixes a bug with GatewayParameters on a Gateway that use OmitDefaultSecurityContext when parameters are also present on the GatewayClass. (#13046)
  • [Upstream] Use TARGETPLATFORM when building envoyinit container (#13048)
  • [Upstream] Enhanced agentgateway backend error handling and status condition propagation. (#13073)
  • [Upstream] Support DNS lookup family settings in the ingress-use-waypoint cluster config (#13085)
  • [Upstream] Server-side apply field manager name cleanup. (#13108)
  • [Upstream] Fixed agentgateway passthrough auth policy. (#13125)
  • [Upstream] Fixed the AI prompt guard api to align with other enums MASK is now Mask and REJECT is now Reject. These are enforced by CEL in the API. (#13177)
  • [Upstream] Detect the port for listeners without a defined port. It selects 80 for HTTP and 443 for HTTPS. Other protocols do not support automatic port detection and listeners without a defined port are not accepted (#13253)

Deprecations

  • [Upstream] Detect the port for listeners without a defined port. It selects 80 for HTTP and 443 for HTTPS. Other protocols do not support automatic port detection and listeners without a defined port are not accepted (#13253)
  • [Upstream] HTTPListenerPolicy is now deprecated. Use the httpSettings under ListenerPolicy instead. (#13066)
  • [Upstream] Deprecate agentgateway fields for GatewayParameters (#13101)

Documentation

  • [Upstream] Deprecate agentgateway fields for GatewayParameters (#13101)
  • [Upstream] Add rate limiting tests (#12538)
  • [Upstream] CRDs not include descriptions for fields (#12626)

Cleanup

  • [Upstream] CRDs not include descriptions for fields (#12626)
  • Bump ext-auth to 0.73.4 and rate limit to 0.16.4
  • Upgraded envoy-gloo-ee to v1.36.2-patch1
  • Upgrades to go 1.25.5
  • Renames the CRDs to align with the new product name
  • KGW_ENABLE_WAYPOINT=true added to controller deployment
  • Rename the Agentgateway CRDs to align with the new product name
  • Bump go module to v2
  • bump rate-limiter to v0.17.2
  • bump redis to 7.2.12
  • updated envoy-gloo-ee to 1.36.4-patch1
  • API naming consistency
  • Bump Istio version used in testing to claim support for 1.28.2
  • [Upstream] Added support for PartiallyValid on agentgateway TrafficPolicies. (#12454)
  • [Upstream] Use native envoy per-route config in rustformation dynamic module (#12499)
  • [Upstream] Add the HTTPRouteCORS conformance test to the supported features (#12593)
  • [Upstream] cleanup: remove NET_BIND_SERVICE from data plane pods. (#12624)
  • [Upstream] Added codeowners for kgateway for API maintainers and CI maintainers. (#12635)
  • [Upstream] updated envoy to v1.36.2 (#12685)
  • [Upstream] Support for InferencePool with the kgateway class, which was deprecated in v2.1, has been removed. Support is available with the agentgateway class. (#12689)
  • [Upstream] Support for AI backends with the kgateway class, which was deprecated in v2.1, has been removed. Support is available with the agentgateway class. (#12690)
  • [Upstream] Helm chart cleanup re: appVersion/version which should better support Flux. (#12730)
  • [Upstream] rustformations module reorganization, doc and build improvement (#12764)
  • [Upstream] Use the TransformationPolicy API directly as rustformation config (#12803)
  • [Upstream] Removes the deprecated spec.kube.aiExtension from the GatewayParameters API. Users should migrate to using the agentgateway dataplane for AI capabilities. (#12840)
  • [Upstream] Adds TCPRoute && TLSRoute to the list of gated experimental gateway API features. Enable experimental gateway API features by default. (#12881)
  • [Upstream] Inference: Moves InferencePool status code to agentgateway package. (#12902)
  • [Upstream] Removed enabled from agentgateway in GatewayParameters as it should only use controllerName to know if its agentgateway or envoy (#13017)
  • [Upstream] Reverts the GatewayClass rename back from agentgateway-v2 to agentgateway. (#13163)
  • [Upstream] Isolated GoReleaser build tool dependencies to separate tools submodule, reducing main module size by ~31% (#13205)
  • [Upstream] Switched to credential_injector filter for xds Authorization header (#13212)
  • [Upstream] Migrated from deprecated dockers + docker_manifests to dockers_v2 in GoReleaser configuration (#13218)
  • [Upstream] Envoy controller: Changes the k8s Container name from ‘kgateway’ to ‘controller’ (#13232)
  • [Upstream] updated to use envoy 1.36.4; prep for multi-arch build (#13242)
  • [Upstream] updated to use envoy 1.36.4; prep for multi-arch build (#13288)

Dependency Updates

  • [Upstream] updated to use envoy 1.36.4; prep for multi-arch build (#13288)
  • [Upstream] bump envoy-gloo to v1.36.3-patch1 (#13058)

2.1.0-rc.4

Published on: 2026-01-14

Changes since 2.1.0-rc.3

Cleanup

  • [Upstream] updated to use envoy 1.36.4; prep for multi-arch build (#13242)
  • [Upstream] updated to use envoy 1.36.4; prep for multi-arch build (#13288)

2.1.0-rc.3

Published on: 2026-01-14

2.1.0-rc.2

Published on: 2026-01-13

Changes since 2.1.0-rc.1

Breaking Changes

  • [Upstream] Agentgateway ExtAuth policies will now fail closed when the backendRef to the auth server is invalid (#13273)

New Features

  • [Upstream] Agentgateway ExtAuth policies will now fail closed when the backendRef to the auth server is invalid (#13273)
  • EnterpriseAgentgatewayPolicies ExtAuth policies will now fail closed for invalid backend references or missing AuthConfigs

Cleanup

  • EnterpriseAgentgatewayPolicies ExtAuth policies will now fail closed for invalid backend references or missing AuthConfigs
  • Bump Istio version used in testing to claim support for 1.28.2
  • [Upstream] Migrated from deprecated dockers + docker_manifests to dockers_v2 in GoReleaser configuration (#13218)

2.1.0-rc.1

Published on: 2026-01-09

Changes since 2.0.0

Breaking Changes

  • Rename of GlooAgentgatewayPolicy to AgentgatewayEnterprisePolicy and changed fields within to entExtAuth and entRateLimit instead of glooExtAuth and glooRateLimit
  • Splits the EnterpriseKgateway && EnterpriseAgentgateway CRDs into separate groups
  • Update the metrics with the new product name
  • Update agentgateway class and controller name to enterprise-agentgateway and solo.io/enterprise-agentgateway respectively
  • Split helm UX into dedicated charts for Solo Enterprise for kgateway and Solo Enterprise for agentgateway. Adds JWKS support to Solo Enterprise for agentgateway
  • Adds Kubernetes short name ekgtp for EnterpriseKgatewayTrafficPolicy
  • Removed EnterpriseKgatewayKubernetesProxyConfig.Agentgateway. Users should now use EnterpriseAgentgatewayParameters instead.
  • [Upstream] Introduces a new setting KGW_ENABLE_GATEWAY_API_EXPERIMENTAL_FEATURES to gate experimental Gateway API features and APIs. Defaults to false (#12695)
  • [Upstream] Added new AgentgatewayPolicy to replace TrafficPolicy for agentgateway. Added support for backend and frontend configuration. (#12723)
  • [Upstream] The deprecated spec.kube.floatingUserId field has been removed from the GatewayParameters CRD. This field was previously used to unset runAsUser values in security contexts. When migrating, users should use the supported spec.kube.omitDefaultSecurityContext field instead. When set to true, this field prevents the controller from injecting opinionated default security contexts, allowing your platform (e.g. OCP) to dynamically provide the appropriate securitycontexts. (#12747)
  • [Upstream] Remove AI policy from TrafficPolicy. (#12901)
  • [Upstream] Add option to allow missing JWT. [Internal break only] Changed the gateway extension API. Providers are now nested within JWT. (#12998)
  • [Upstream] Updated agentgateway resources to use new agentgateway.dev GVK. DirectResponse for agentgateway is now only configurable through the AgentgatewayPolicy instead of the separate DirectResponse CRD. (#13013)
  • [Upstream] agentgateway can no longer be configured with GatewayParameters, only with AgentgatewayParameters. (#13054)
  • [Upstream] Split helm UX into dedicated charts for Envoy based kgateway and agentgateway (#13062)
  • [Upstream] Renames controller kgateway.dev/agentgateway to agentgateway.dev/agentgateway, breaking legacy agentgateway installations. The bundled GatewayClass using the agentgateway data plane is renamed from agentgateway to agentgateway-v2. (#13088)
  • [Upstream] AgentgatewayParameters rawConfig breaking change to allow configuring binds, e.g., and other things in config.yaml but outside of its config section (#13127)
  • [Upstream] [Internal break only] jwt renamed to jwtAuth, apiKeyAuthentication renamed to apiKeyAuth (#13254)

New Features

  • [Upstream] [Internal break only] jwt renamed to jwtAuth, apiKeyAuthentication renamed to apiKeyAuth (#13254)
  • Added support for agentgateway CEL-based ratelimit actions.
  • Show Accepted and Attached status for GlooTrafficPolicy in kubectl get output.
  • Add configuration for agentgateway CA for waypoint to GlooGatewayParams
  • Added new GlooAgentgatewayPolicy CRD.
  • Add support for Istio Ambient Mesh waypoints with multi-cluster peering, enabling policy attachment to global services.
  • Support configuring an rfc8693 token exchange policy in agent gateway.
  • Adds a new EnterpriseListenerSets API to serve as a stable alternative to XListenerSet
  • Adds EnterpriseAgentgatewayParameters
  • Build and publish standalone multi-arch enterprise agentgateway controller image
  • PodDisruptionBudget and HorizontalPodAutoscaler support for the data plane of Solo Enterprise for agentgateway
  • [Upstream] Add modelAliases support to TrafficPolicy AIPolicy to allow friendly model name aliases. (#12479)
  • [Upstream] Added CSRF support in agentgateway (#12516)
  • [Upstream] Add RouteType configuration to AI backends for path-based API format routing (completions, messages, models, passthrough) (#12590)
  • [Upstream] Allow using kgateway.dev/http-redirect-status-code annotation to configure the allowed HTTP redirect status codes as an override API with the RequestRedirect filter. (#12610)
  • [Upstream] Adds retry policy to configure retries for the gRPC streams associated with GatewayExtension services. (#12669)
  • [Upstream] Allows users to define GatewayClasses using any controller. E.g., a user can create a custom GatewayClass with an arbitrary name that uses controllerName kgateway.dev/agentgateway to duplicate the behavior of the built-in GatewayClass agentgateway. A user may still choose to patch the built-in GatewayClass to change its behavior via GatewayParameters, but now it is also possible to choose to just create a new GatewayClass that refers to equivalent GatewayParameters. One motivation: two different teams that want different GatewayParameters for class agentgateway. Another motivation: clean GitOps with entirely new resources, no patching required. (#12733)
  • [Upstream] The kgateway GatewayClass now supports labels and annotations in the Gateway API infrastructure field, in addition to the previously supported parametersRef field. When a Gateway using the kgateway class specifies infrastructure labels or annotations, these values will be propagated to all managed Kubernetes resources including the Deployment, Service, ConfigMap, and ServiceAccount. When both infrastructure metadata and GatewayParameters are configured (via parametersRef or the Gateway’s parametersRef field), the values are merged together. In cases where the same key is defined in both locations, the infrastructure value takes precedence over the GatewayParameters “extraLabels” or “extraAnnotations” value. This allows infrastructure-level configuration to override parameter-level settings when necessary. (#12735)
  • [Upstream] Added event reporting for agentgateway gateways that indicates when a gateway has nacked an update (#12770)
  • [Upstream] Added JWT Authentication configuration to the TrafficPolicy and support for JWT Providers to the GatewayExtension. (#12811)
  • [Upstream] Add support for Azure OpenAI backends with agentgateway. (#12836)
  • [Upstream] rustformation: implemented remove headers and some jinja custom functions (#12848)
  • [Upstream] Introduced support for remote jwks in JWTAuthentication policies. (#12850)
  • [Upstream] Added support for OpenAI Responses API and Anthropic token counting route types. Added prompt caching configuration for Bedrock enabling up to 90% cost reduction and significantly faster response times. (#12855)
  • [Upstream] Add multi-network support to agentgateway syncer for cross-network workload discovery and routing in ambient mode. (#12858)
  • [Upstream] Introduce support for basic auth, api-key auth, and inline jwt auth policies to agent gateway (#12886)
  • [Upstream] Add support for multiple certificateRefs in listener tls section (#12895)
  • [Upstream] support TLS termination for TCPRoutes (#12906)
  • [Upstream] Allow configuring cipher suites, ecdh curves, minimum TLS version, maximum TLS version using tls options map. (#12917)
  • [Upstream] add support for remote JWKS (#12939)
  • [Upstream] Add global disable option for JWT policy (#12945)
  • [Upstream] Adds priorityClassName to the Pod struct used in GatewayParameters in order to set the corresponding priorityClassName field in the gateway-proxy pod. (#12949)
  • [Upstream] [rustformation] support parsing body as json and implemented all documented jinja custom functions (#12950)
  • [Upstream] Add HTTP support for ExtAuth (#12952)
  • [Upstream] Add support for circuit breakers in BackendConfigPolicy. (#12957)
  • [Upstream] Add helm values for setting custom GatewayParameters for bundled gatewayclasses (#12960)
  • [Upstream] Add support for configuring an API key authentication in TrafficPolicy with keys defined in secret(s) (#12962)
  • [Upstream] Added support for MCP authentication for agentgateway. (#12966)
  • [Upstream] Add a ListenerPolicy CRD and ProxyProtocol config in it. (#12979)
  • [Upstream] Add basic auth configuration to TrafficPolicy. (#12983)
  • [Upstream] Add stats matcher config to GatewayPparameters (#12985)
  • [Upstream] Add support for gzip response compression and request decompression in TrafficPolicy. (#12986)
  • [Upstream] Add earlyRequestHeaderModifier to HTTPListenerPolicy. this allows performing header modifications before a route is selected. (#12992)
  • [Upstream] add regex path rewrite (#13001)
  • [Upstream] Added metrics and logs for envoy xDS errors. (#13003)
  • [Upstream] Support setting of tls options in connections to remote jwks sources. (#13014)
  • [Upstream] Add PerConnectionBufferLimit to ListenerPolicy Deprecate PerConnectionBufferLimit annotation on Gateway resources (#13016)
  • [Upstream] Added a new AgentgatewayParameters API in agentgateway.dev/v1alpha1 (#13018)
  • [Upstream] Adds OAuth2 policy to enable OAuth2 and OIDC flows with Envoy as the Gateway. (#13051)
  • [Upstream] Implement FrontendTLConfig in the Gateway API Implementation specific details:
  • Allow multiple caCertificateRefs
  • Allow caCertificateRefs to reference secrets as well as configmaps
  • Added the kgateway.dev/verify-certificate-hash to listener TLS options to allow configuration of validate client certificates. (#13064)
  • [Upstream] Support Gateway.spec.addresses. We currently support one IP address type value that will be used in the gateway’s Service loadbalancerIP. (#13070)
  • [Upstream] Added kgateway.dev/verify-subject-alt-names TLS option (#13097)
  • [Upstream] OAuth2: allow customizing cookie settings and denying redirects for matching requests. (#13099)
  • [Upstream] Added mode for MCP authentication and support for Unspecified IDPs. (#13111)
  • [Upstream] backendTLSPolicy: support secret ref kind for caCertificateRefs (#13117)
  • [Upstream] Add new multi-arch controller image for agentgateway (#13194)
  • [Upstream] Support Gateway.spec.addresses for agentgateway (#13197)
  • [Upstream] Bump Agentgateway to 0.11.0 Add support for Canadian Social Insurance Number prompt guards for Agentgateway (#13199)
  • [Upstream] Added configuration for stateful/stateless session routing for MCP backends. (#13201)
  • [Upstream] Added timeout to agentgateway’s ExtAuth policy (#13202)
  • [Upstream] Add disable field to API key authentication in TrafficPolicy, allowing routes to selectively opt-out of gateway-level authentication requirements. (#13217)
  • [Upstream] Added support for CipherSuite configuration on frontend TLS policy. (#13219)
  • [Upstream] support maxRequestHeadersKb field in ListenerPolicy (#13224)
  • [Upstream] Added tracing support for AgentgatewayPolicy. (#13226)
  • [Upstream] PodDisruptionBudget and HorizontalPodAutoscaler are now options for the agentgateway proxy via AgentgatewayParameters. (#13237)
  • [Upstream] PodDisruptionBudget is now an option for the agentgateway and envoy control planes. (#13238)
  • [Upstream] add preserveExternalRequestId generateRequestId to HttpListenerPolicy and ListenerPolicy users can now disable the generation of Request ID and preserve external request ID (#13250)

Bug Fixes

  • [Upstream] add preserveExternalRequestId generateRequestId to HttpListenerPolicy and ListenerPolicy users can now disable the generation of Request ID and preserve external request ID (#13250)
  • Helm chart installation bug fix when providing your own Kubernetes Secret(s)
  • Fixed downstream status reporting on GlooAgentgatewayPolicy.
  • Fixed AgentgatewayPolicy CEL logic for new AgentgatewayBackend.
  • fixed a bug where multiple gateways with extauth deployments would break extauth
  • bump envoy-gloo-ee to v1.36.3-patch1
  • Fixed policy attachment CEL rules.
  • Fixes bugs regarding merging EnterpriseAgentgatewayParameters and using open-source AgentgatewayParameters
  • Fixes bug regarding graceful shutdown of ext-cache.
  • [Upstream] The agentgateway.enabled Helm parameter is now enabled by default. Note: this just enables the controllers for agentgateway; agentgateway is not deployed until a Gateway is created. The agentgateway control plane has been refactored, improving performance by up to 25x. (#12415)
  • [Upstream] Fixed TCP Routes translation in agentgateway. (#12578)
  • [Upstream] Propagate backend error to backend crd status (#12608)
  • [Upstream] agentgateway: Bumps version from 0.10.2 to 0.10.3. (#12665)
  • [Upstream] Fix policy status Attached condition true when Accepted=false (#12691)
  • [Upstream] Fixed HTTPRoute mirror filters to support multiple mirrors per rule and correct percentage-based mirroring. Previously, percentage values were off by 100x (e.g., 50% mirrored only 0.5% of traffic). (#12734)
  • [Upstream] Fix a bug where agw did not work with listenersets allowed by the namespace selector (#12838)
  • [Upstream] Clear stale HTTPRoute status after the route has all invalid ParentRefs (#12852)
  • [Upstream] Clear stale TrafficPolicy and HTTPListenerPolicy status after the policy has all invalid TargetRefs (#12883)
  • [Upstream] Fixed mcp authorization parsing for backend policy on AgentgatewayPolicy. (#12897)
  • [Upstream] fix: set default alpn on transport socket Allow configuring ALPN protocols using kgateway.dev/alpn-protocols TLS option (#12903)
  • [Upstream] Fix a bug where a listener on a listenerset can not read a secret in its own namespace (#12936)
  • [Upstream] Enforce ReferenceGrants for cross namespace Secrets references used by XListenerSets (#12954)
  • [Upstream] Fixed agentgateway global ratelimit translation for token unit. (#12959)
  • [Upstream] Fixed issue with stale configuration when changing a service traffic distribution. (#13005)
  • [Upstream] Fixes a bug with GatewayParameters on a Gateway that use OmitDefaultSecurityContext when parameters are also present on the GatewayClass. (#13046)
  • [Upstream] Use TARGETPLATFORM when building envoyinit container (#13048)
  • [Upstream] Enhanced agentgateway backend error handling and status condition propagation. (#13073)
  • [Upstream] Support DNS lookup family settings in the ingress-use-waypoint cluster config (#13085)
  • [Upstream] Server-side apply field manager name cleanup. (#13108)
  • [Upstream] Fixed agentgateway passthrough auth policy. (#13125)
  • [Upstream] Fixed the AI prompt guard api to align with other enums MASK is now Mask and REJECT is now Reject. These are enforced by CEL in the API. (#13177)
  • [Upstream] Detect the port for listeners without a defined port. It selects 80 for HTTP and 443 for HTTPS. Other protocols do not support automatic port detection and listeners without a defined port are not accepted (#13253)

Deprecations

  • [Upstream] Detect the port for listeners without a defined port. It selects 80 for HTTP and 443 for HTTPS. Other protocols do not support automatic port detection and listeners without a defined port are not accepted (#13253)
  • [Upstream] HTTPListenerPolicy is now deprecated. Use the httpSettings under ListenerPolicy instead. (#13066)
  • [Upstream] Deprecate agentgateway fields for GatewayParameters (#13101)

Documentation

  • [Upstream] Deprecate agentgateway fields for GatewayParameters (#13101)
  • [Upstream] Add rate limiting tests (#12538)
  • [Upstream] CRDs not include descriptions for fields (#12626)

Cleanup

  • [Upstream] CRDs not include descriptions for fields (#12626)
  • Bump ext-auth to 0.73.4 and rate limit to 0.16.4
  • Upgraded envoy-gloo-ee to v1.36.2-patch1
  • Upgrades to go 1.25.5
  • Renames the CRDs to align with the new product name
  • KGW_ENABLE_WAYPOINT=true added to controller deployment
  • Rename the Agentgateway CRDs to align with the new product name
  • Bump go module to v2
  • bump rate-limiter to v0.17.2
  • bump redis to 7.2.12
  • updated envoy-gloo-ee to 1.36.4-patch1
  • API naming consistency
  • [Upstream] Added support for PartiallyValid on agentgateway TrafficPolicies. (#12454)
  • [Upstream] Use native envoy per-route config in rustformation dynamic module (#12499)
  • [Upstream] Add the HTTPRouteCORS conformance test to the supported features (#12593)
  • [Upstream] cleanup: remove NET_BIND_SERVICE from data plane pods. (#12624)
  • [Upstream] Added codeowners for kgateway for API maintainers and CI maintainers. (#12635)
  • [Upstream] updated envoy to v1.36.2 (#12685)
  • [Upstream] Support for InferencePool with the kgateway class, which was deprecated in v2.1, has been removed. Support is available with the agentgateway class. (#12689)
  • [Upstream] Support for AI backends with the kgateway class, which was deprecated in v2.1, has been removed. Support is available with the agentgateway class. (#12690)
  • [Upstream] Helm chart cleanup re: appVersion/version which should better support Flux. (#12730)
  • [Upstream] rustformations module reorganization, doc and build improvement (#12764)
  • [Upstream] Use the TransformationPolicy API directly as rustformation config (#12803)
  • [Upstream] Removes the deprecated spec.kube.aiExtension from the GatewayParameters API. Users should migrate to using the agentgateway dataplane for AI capabilities. (#12840)
  • [Upstream] Adds TCPRoute && TLSRoute to the list of gated experimental gateway API features. Enable experimental gateway API features by default. (#12881)
  • [Upstream] Inference: Moves InferencePool status code to agentgateway package. (#12902)
  • [Upstream] Removed enabled from agentgateway in GatewayParameters as it should only use controllerName to know if its agentgateway or envoy (#13017)
  • [Upstream] Reverts the GatewayClass rename back from agentgateway-v2 to agentgateway. (#13163)
  • [Upstream] Isolated GoReleaser build tool dependencies to separate tools submodule, reducing main module size by ~31% (#13205)
  • [Upstream] Switched to credential_injector filter for xds Authorization header (#13212)
  • [Upstream] Migrated from deprecated dockers + docker_manifests to dockers_v2 in GoReleaser configuration (#13218)
  • [Upstream] Envoy controller: Changes the k8s Container name from ‘kgateway’ to ‘controller’ (#13232)

Dependency Updates

  • [Upstream] Envoy controller: Changes the k8s Container name from ‘kgateway’ to ‘controller’ (#13232)
  • [Upstream] bump envoy-gloo to v1.36.3-patch1 (#13058)

2.1.0-beta.3

Published on: 2026-01-06

Changes since 2.1.0-beta.2

Breaking Changes

  • Adds Kubernetes short name ekgtp for EnterpriseKgatewayTrafficPolicy
  • Removed EnterpriseKgatewayKubernetesProxyConfig.Agentgateway. Users should now use EnterpriseAgentgatewayParameters instead.

New Features

  • Removed EnterpriseKgatewayKubernetesProxyConfig.Agentgateway. Users should now use EnterpriseAgentgatewayParameters instead.
  • Support configuring an rfc8693 token exchange policy in agent gateway.
  • Build and publish standalone multi-arch enterprise agentgateway controller image
  • [Upstream] [rustformation] support parsing body as json and implemented all documented jinja custom functions (#12950)
  • [Upstream] Added mode for MCP authentication and support for Unspecified IDPs. (#13111)
  • [Upstream] Bump Agentgateway to 0.11.0 Add support for Canadian Social Insurance Number prompt guards for Agentgateway (#13199)
  • [Upstream] Added timeout to agentgateway’s ExtAuth policy (#13202)

Bug Fixes

  • [Upstream] Added timeout to agentgateway’s ExtAuth policy (#13202)
  • Fixes bugs regarding merging EnterpriseAgentgatewayParameters and using open-source AgentgatewayParameters
  • [Upstream] Fixed the AI prompt guard api to align with other enums MASK is now Mask and REJECT is now Reject. These are enforced by CEL in the API. (#13177)

Cleanup

  • [Upstream] Fixed the AI prompt guard api to align with other enums MASK is now Mask and REJECT is now Reject. These are enforced by CEL in the API. (#13177)
  • Bump go module to v2
  • bump rate-limiter to v0.17.2

2.1.0-beta.2

Published on: 2025-12-18

IMPORTANT This release includes breaking changes from previous releases, please refer to migration guide for details

Changes since 2.0.0

Breaking Changes

  • Rename of GlooAgentgatewayPolicy to AgentgatewayEnterprisePolicy and changed fields within to entExtAuth and entRateLimit instead of glooExtAuth and glooRateLimit
  • Splits the EnterpriseKgateway && EnterpriseAgentgateway CRDs into separate groups
  • Update the metrics with the new product name
  • Update agentgateway class and controller name to enterprise-agentgateway and solo.io/enterprise-agentgateway respectively
  • Split helm UX into dedicated charts for Solo Enterprise for kgateway and Solo Enterprise for agentgateway. Adds JWKS support to Solo Enterprise for agentgateway
  • [Upstream] Introduces a new setting KGW_ENABLE_GATEWAY_API_EXPERIMENTAL_FEATURES to gate experimental Gateway API features and APIs. Defaults to false (#12695)
  • [Upstream] Added new AgentgatewayPolicy to replace TrafficPolicy for agentgateway. Added support for backend and frontend configuration. (#12723)
  • [Upstream] The deprecated spec.kube.floatingUserId field has been removed from the GatewayParameters CRD. This field was previously used to unset runAsUser values in security contexts. When migrating, users should use the supported spec.kube.omitDefaultSecurityContext field instead. When set to true, this field prevents the controller from injecting opinionated default security contexts, allowing your platform (e.g. OCP) to dynamically provide the appropriate securitycontexts. (#12747)
  • [Upstream] Remove AI policy from TrafficPolicy. (#12901)
  • [Upstream] Add option to allow missing JWT. [Internal break only] Changed the gateway extension API. Providers are now nested within JWT. (#12998)
  • [Upstream] Updated agentgateway resources to use new agentgateway.dev GVK. DirectResponse for agentgateway is now only configurable through the AgentgatewayPolicy instead of the separate DirectResponse CRD. (#13013)
  • [Upstream] agentgateway can no longer be configured with GatewayParameters, only with AgentgatewayParameters. (#13054)
  • [Upstream] Split helm UX into dedicated charts for Envoy based kgateway and agentgateway (#13062)
  • [Upstream] Renames controller kgateway.dev/agentgateway to agentgateway.dev/agentgateway, breaking legacy agentgateway installations. The bundled GatewayClass using the agentgateway data plane is renamed from agentgateway to agentgateway-v2. (#13088)
  • [Upstream] AgentgatewayParameters rawConfig breaking change to allow configuring binds, e.g., and other things in config.yaml but outside of its config section (#13127)

New Features

  • [Upstream] AgentgatewayParameters rawConfig breaking change to allow configuring binds, e.g., and other things in config.yaml but outside of its config section (#13127)
  • Added support for agentgateway CEL-based ratelimit actions.
  • Show Accepted and Attached status for GlooTrafficPolicy in kubectl get output.
  • Add configuration for agentgateway CA for waypoint to GlooGatewayParams
  • Added new GlooAgentgatewayPolicy CRD.
  • Add support for Istio Ambient Mesh waypoints with multi-cluster peering, enabling policy attachment to global services.
  • Adds EnterpriseAgentgatewayParameters
  • [Upstream] Add modelAliases support to TrafficPolicy AIPolicy to allow friendly model name aliases. (#12479)
  • [Upstream] Added CSRF support in agentgateway (#12516)
  • [Upstream] Add RouteType configuration to AI backends for path-based API format routing (completions, messages, models, passthrough) (#12590)
  • [Upstream] Allow using kgateway.dev/http-redirect-status-code annotation to configure the allowed HTTP redirect status codes as an override API with the RequestRedirect filter. (#12610)
  • [Upstream] Adds retry policy to configure retries for the gRPC streams associated with GatewayExtension services. (#12669)
  • [Upstream] Allows users to define GatewayClasses using any controller. E.g., a user can create a custom GatewayClass with an arbitrary name that uses controllerName kgateway.dev/agentgateway to duplicate the behavior of the built-in GatewayClass agentgateway. A user may still choose to patch the built-in GatewayClass to change its behavior via GatewayParameters, but now it is also possible to choose to just create a new GatewayClass that refers to equivalent GatewayParameters. One motivation: two different teams that want different GatewayParameters for class agentgateway. Another motivation: clean GitOps with entirely new resources, no patching required. (#12733)
  • [Upstream] The kgateway GatewayClass now supports labels and annotations in the Gateway API infrastructure field, in addition to the previously supported parametersRef field. When a Gateway using the kgateway class specifies infrastructure labels or annotations, these values will be propagated to all managed Kubernetes resources including the Deployment, Service, ConfigMap, and ServiceAccount. When both infrastructure metadata and GatewayParameters are configured (via parametersRef or the Gateway’s parametersRef field), the values are merged together. In cases where the same key is defined in both locations, the infrastructure value takes precedence over the GatewayParameters “extraLabels” or “extraAnnotations” value. This allows infrastructure-level configuration to override parameter-level settings when necessary. (#12735)
  • [Upstream] Added event reporting for agentgateway gateways that indicates when a gateway has nacked an update (#12770)
  • [Upstream] Added JWT Authentication configuration to the TrafficPolicy and support for JWT Providers to the GatewayExtension. (#12811)
  • [Upstream] Add support for Azure OpenAI backends with agentgateway. (#12836)
  • [Upstream] rustformation: implemented remove headers and some jinja custom functions (#12848)
  • [Upstream] Introduced support for remote jwks in JWTAuthentication policies. (#12850)
  • [Upstream] Added support for OpenAI Responses API and Anthropic token counting route types. Added prompt caching configuration for Bedrock enabling up to 90% cost reduction and significantly faster response times. (#12855)
  • [Upstream] Add multi-network support to agentgateway syncer for cross-network workload discovery and routing in ambient mode. (#12858)
  • [Upstream] Introduce support for basic auth, api-key auth, and inline jwt auth policies to agent gateway (#12886)
  • [Upstream] Add support for multiple certificateRefs in listener tls section (#12895)
  • [Upstream] support TLS termination for TCPRoutes (#12906)
  • [Upstream] Allow configuring cipher suites, ecdh curves, minimum TLS version, maximum TLS version using tls options map. (#12917)
  • [Upstream] add support for remote JWKS (#12939)
  • [Upstream] Add global disable option for JWT policy (#12945)
  • [Upstream] Adds priorityClassName to the Pod struct used in GatewayParameters in order to set the corresponding priorityClassName field in the gateway-proxy pod. (#12949)
  • [Upstream] Add HTTP support for ExtAuth (#12952)
  • [Upstream] Add support for circuit breakers in BackendConfigPolicy. (#12957)
  • [Upstream] Add helm values for setting custom GatewayParameters for bundled gatewayclasses (#12960)
  • [Upstream] Add support for configuring an API key authentication in TrafficPolicy with keys defined in secret(s) (#12962)
  • [Upstream] Added support for MCP authentication for agentgateway. (#12966)
  • [Upstream] Add a ListenerPolicy CRD and ProxyProtocol config in it. (#12979)
  • [Upstream] Add basic auth configuration to TrafficPolicy. (#12983)
  • [Upstream] Add stats matcher config to GatewayPparameters (#12985)
  • [Upstream] Add support for gzip response compression and request decompression in TrafficPolicy. (#12986)
  • [Upstream] Add earlyRequestHeaderModifier to HTTPListenerPolicy. this allows performing header modifications before a route is selected. (#12992)
  • [Upstream] add regex path rewrite (#13001)
  • [Upstream] Added metrics and logs for envoy xDS errors. (#13003)
  • [Upstream] Support setting of tls options in connections to remote jwks sources. (#13014)
  • [Upstream] Add PerConnectionBufferLimit to ListenerPolicy Deprecate PerConnectionBufferLimit annotation on Gateway resources (#13016)
  • [Upstream] Added a new AgentgatewayParameters API in agentgateway.dev/v1alpha1 (#13018)
  • [Upstream] Adds OAuth2 policy to enable OAuth2 and OIDC flows with Envoy as the Gateway. (#13051)
  • [Upstream] Implement FrontendTLConfig in the Gateway API Implementation specific details:
  • Allow multiple caCertificateRefs
  • Allow caCertificateRefs to reference secrets as well as configmaps
  • Added the kgateway.dev/verify-certificate-hash to listener TLS options to allow configuration of validate client certificates. (#13064)
  • [Upstream] Support Gateway.spec.addresses. We currently support one IP address type value that will be used in the gateway’s Service loadbalancerIP. (#13070)
  • [Upstream] Added kgateway.dev/verify-subject-alt-names TLS option (#13097)
  • [Upstream] OAuth2: allow customizing cookie settings and denying redirects for matching requests. (#13099)

Bug Fixes

  • [Upstream] OAuth2: allow customizing cookie settings and denying redirects for matching requests. (#13099)
  • Helm chart installation bug fix when providing your own Kubernetes Secret(s)
  • Fixed downstream status reporting on GlooAgentgatewayPolicy.
  • Fixed AgentgatewayPolicy CEL logic for new AgentgatewayBackend.
  • fixed a bug where multiple gateways with extauth deployments would break extauth
  • bump envoy-gloo-ee to v1.36.3-patch1
  • Fixed policy attachment CEL rules.
  • [Upstream] The agentgateway.enabled Helm parameter is now enabled by default. Note: this just enables the controllers for agentgateway; agentgateway is not deployed until a Gateway is created. The agentgateway control plane has been refactored, improving performance by up to 25x. (#12415)
  • [Upstream] Fixed TCP Routes translation in agentgateway. (#12578)
  • [Upstream] Propagate backend error to backend crd status (#12608)
  • [Upstream] agentgateway: Bumps version from 0.10.2 to 0.10.3. (#12665)
  • [Upstream] Fix policy status Attached condition true when Accepted=false (#12691)
  • [Upstream] Fixed HTTPRoute mirror filters to support multiple mirrors per rule and correct percentage-based mirroring. Previously, percentage values were off by 100x (e.g., 50% mirrored only 0.5% of traffic). (#12734)
  • [Upstream] Fix a bug where agw did not work with listenersets allowed by the namespace selector (#12838)
  • [Upstream] Clear stale HTTPRoute status after the route has all invalid ParentRefs (#12852)
  • [Upstream] Clear stale TrafficPolicy and HTTPListenerPolicy status after the policy has all invalid TargetRefs (#12883)
  • [Upstream] Fixed mcp authorization parsing for backend policy on AgentgatewayPolicy. (#12897)
  • [Upstream] fix: set default alpn on transport socket Allow configuring ALPN protocols using kgateway.dev/alpn-protocols TLS option (#12903)
  • [Upstream] Fix a bug where a listener on a listenerset can not read a secret in its own namespace (#12936)
  • [Upstream] Enforce ReferenceGrants for cross namespace Secrets references used by XListenerSets (#12954)
  • [Upstream] Fixed agentgateway global ratelimit translation for token unit. (#12959)
  • [Upstream] Fixed issue with stale configuration when changing a service traffic distribution. (#13005)
  • [Upstream] Use TARGETPLATFORM when building envoyinit container (#13048)
  • [Upstream] Enhanced agentgateway backend error handling and status condition propagation. (#13073)
  • [Upstream] Support DNS lookup family settings in the ingress-use-waypoint cluster config (#13085)
  • [Upstream] Server-side apply field manager name cleanup. (#13108)
  • [Upstream] Fixed agentgateway passthrough auth policy. (#13125)

Deprecations

  • [Upstream] Fixed agentgateway passthrough auth policy. (#13125)
  • [Upstream] HTTPListenerPolicy is now deprecated. Use the httpSettings under ListenerPolicy instead. (#13066)
  • [Upstream] Deprecate agentgateway fields for GatewayParameters (#13101)

Documentation

  • [Upstream] Deprecate agentgateway fields for GatewayParameters (#13101)
  • [Upstream] Add rate limiting tests (#12538)
  • [Upstream] CRDs not include descriptions for fields (#12626)

Cleanup

  • [Upstream] CRDs not include descriptions for fields (#12626)
  • Bump ext-auth to 0.73.4 and rate limit to 0.16.4
  • Upgraded envoy-gloo-ee to v1.36.2-patch1
  • Upgrades to go 1.25.5
  • Renames the CRDs to align with the new product name
  • KGW_ENABLE_WAYPOINT=true added to controller deployment
  • Rename the Agentgateway CRDs to align with the new product name
  • [Upstream] Added support for PartiallyValid on agentgateway TrafficPolicies. (#12454)
  • [Upstream] Use native envoy per-route config in rustformation dynamic module (#12499)
  • [Upstream] Add the HTTPRouteCORS conformance test to the supported features (#12593)
  • [Upstream] cleanup: remove NET_BIND_SERVICE from data plane pods. (#12624)
  • [Upstream] Added codeowners for kgateway for API maintainers and CI maintainers. (#12635)
  • [Upstream] updated envoy to v1.36.2 (#12685)
  • [Upstream] Support for InferencePool with the kgateway class, which was deprecated in v2.1, has been removed. Support is available with the agentgateway class. (#12689)
  • [Upstream] Support for AI backends with the kgateway class, which was deprecated in v2.1, has been removed. Support is available with the agentgateway class. (#12690)
  • [Upstream] Helm chart cleanup re: appVersion/version which should better support Flux. (#12730)
  • [Upstream] rustformations module reorganization, doc and build improvement (#12764)
  • [Upstream] Use the TransformationPolicy API directly as rustformation config (#12803)
  • [Upstream] Removes the deprecated spec.kube.aiExtension from the GatewayParameters API. Users should migrate to using the agentgateway dataplane for AI capabilities. (#12840)
  • [Upstream] Adds TCPRoute && TLSRoute to the list of gated experimental gateway API features. Enable experimental gateway API features by default. (#12881)
  • [Upstream] Inference: Moves InferencePool status code to agentgateway package. (#12902)
  • [Upstream] Removed enabled from agentgateway in GatewayParameters as it should only use controllerName to know if its agentgateway or envoy (#13017)
  • [Upstream] Reverts the GatewayClass rename back from agentgateway-v2 to agentgateway. (#13163)

Dependency Updates

  • [Upstream] Reverts the GatewayClass rename back from agentgateway-v2 to agentgateway. (#13163)
  • [Upstream] bump envoy-gloo to v1.36.3-patch1 (#13058)

2.1.0-beta.1

Published on: 2025-11-21

Changes since 2.1.0-alpha.1

Breaking Changes

  • Rename of GlooAgentgatewayPolicy to AgentgatewayEnterprisePolicy and changed fields within to entExtAuth and entRateLimit instead of glooExtAuth and glooRateLimit
  • [Upstream] Introduces a new setting KGW_ENABLE_GATEWAY_API_EXPERIMENTAL_FEATURES to gate experimental Gateway API features and APIs. Defaults to false (#12695)
  • [Upstream] Added new AgentgatewayPolicy to replace TrafficPolicy for agentgateway. Added support for backend and frontend configuration. (#12723)
  • [Upstream] Remove AI policy from TrafficPolicy. (#12901)

New Features

  • [Upstream] Remove AI policy from TrafficPolicy. (#12901)
  • Added new GlooAgentgatewayPolicy CRD.
  • [Upstream] Allows users to define GatewayClasses using any controller. E.g., a user can create a custom GatewayClass with an arbitrary name that uses controllerName kgateway.dev/agentgateway to duplicate the behavior of the built-in GatewayClass agentgateway. A user may still choose to patch the built-in GatewayClass to change its behavior via GatewayParameters, but now it is also possible to choose to just create a new GatewayClass that refers to equivalent GatewayParameters. One motivation: two different teams that want different GatewayParameters for class agentgateway. Another motivation: clean GitOps with entirely new resources, no patching required. (#12733)
  • [Upstream] Added event reporting for agentgateway gateways that indicates when a gateway has nacked an update (#12770)
  • [Upstream] Added JWT Authentication configuration to the TrafficPolicy and support for JWT Providers to the GatewayExtension. (#12811)
  • [Upstream] Add support for Azure OpenAI backends with agentgateway. (#12836)
  • [Upstream] rustformation: implemented remove headers and some jinja custom functions (#12848)
  • [Upstream] Introduced support for remote jwks in JWTAuthentication policies. (#12850)
  • [Upstream] Added support for OpenAI Responses API and Anthropic token counting route types. Added prompt caching configuration for Bedrock enabling up to 90% cost reduction and significantly faster response times. (#12855)
  • [Upstream] Introduce support for basic auth, api-key auth, and inline jwt auth policies to agent gateway (#12886)
  • [Upstream] Add support for multiple certificateRefs in listener tls section (#12895)
  • [Upstream] support TLS termination for TCPRoutes (#12906)

Bug Fixes

  • [Upstream] support TLS termination for TCPRoutes (#12906)
  • Fixed downstream status reporting on GlooAgentgatewayPolicy.
  • [Upstream] Fix a bug where agw did not work with listenersets allowed by the namespace selector (#12838)
  • [Upstream] Clear stale HTTPRoute status after the route has all invalid ParentRefs (#12852)
  • [Upstream] Fixed mcp authorization parsing for backend policy on AgentgatewayPolicy. (#12897)
  • [Upstream] fix: set default alpn on transport socket Allow configuring ALPN protocols using kgateway.dev/alpn-protocols TLS option (#12903)
  • [Upstream] Fix a bug where a listener on a listenerset can not read a secret in its own namespace (#12936)

Cleanup

  • [Upstream] Fix a bug where a listener on a listenerset can not read a secret in its own namespace (#12936)
  • [Upstream] Support for InferencePool with the kgateway class, which was deprecated in v2.1, has been removed. Support is available with the agentgateway class. (#12689)
  • [Upstream] Use the TransformationPolicy API directly as rustformation config (#12803)
  • [Upstream] Removes the deprecated spec.kube.aiExtension from the GatewayParameters API. Users should migrate to using the agentgateway dataplane for AI capabilities. (#12840)
  • [Upstream] Adds TCPRoute && TLSRoute to the list of gated experimental gateway API features. Enable experimental gateway API features by default. (#12881)
  • [Upstream] Inference: Moves InferencePool status code to agentgateway package. (#12902)

2.1.0-alpha.1

Published on: 2025-11-05

What’s Changed

v2.0

2.0.2

Published on: 2025-12-05

Changes since 2.0.1

Bug Fixes

  • bump envoy-gloo-ee to v1.35.7-patch1

2.0.1

Published on: 2025-10-23

Changes since 2.0.0

New Features

  • [Upstream] Allow using kgateway.dev/http-redirect-status-code annotation to configure the allowed HTTP redirect status codes as an override API with the RequestRedirect filter. (#12612)

Bug Fixes

  • [Upstream] Allow using kgateway.dev/http-redirect-status-code annotation to configure the allowed HTTP redirect status codes as an override API with the RequestRedirect filter. (#12612)
  • Helm chart installation bug fix when providing your own Kubernetes Secret(s)

Cleanup

  • Helm chart installation bug fix when providing your own Kubernetes Secret(s)
  • upgrade envoy-gloo-ee to v1.35.6-patch1
  • Bump ext-auth to 0.73.4 and rate limit to 0.16.4

2.0.0

Published on: 2025-10-13

New Features

  • Update gateway class name to gloo-gateway-v2
  • Change gloo-agentgateway class name to agentgateway-enterprise.
  • Disable gloo-gateway-v2-waypoint to only allow agentgateway-enterprise-waypoint as the waypoint gatewayclass.
  • GlooTrafficPolicy can now do everything a TrafficPolicy can.
  • Support enterprise rate-limit and ext-authz APIs
  • Add Retry and Timeouts to GlooTrafficPolicy.
  • Added ee transformation api
  • Adds support for automatic discovery of openAPI specifications belonging to services or external endpoints which is a foundational component for the portal feature.
  • Implements Enterprise AWS Lambda transformations with GlooTrafficPolicy.
  • Add Enterprise JWT functionality
  • Added support for deploying of shared ext-auth and rate-limiter services
  • Implements gloo-gateway control plane metrics using the upstream pkg/metrics library from kgateway.
  • Adds support for Gloo RBAC policies
  • The GlooTrafficPolicy plugin now respects the route replacement mode setting (KGW_ROUTE_REPLACEMENT_MODE). When in strict mode, the plugin performs additional validation to catch invalid configurations before they reach Envoy. Invalid policies that would cause Envoy to NACK at runtime (e.g. malformed templates) will now be replaced with a direct response (HTTP 500) and report clear status conditions. This prevents fail-open scenarios where invalid policies could allow unintended traffic.
  • Make the ratelimitConfigRef namespace configurable for rate limit policies.
  • Distroless images for Envoyinit/SDS components
  • Add FIPS builds for all components
  • Add helm fields to the CRD chart to allow conditional install of extension CRDs. New fields installExtAuthCRDs & installRateLimitCRDs are available.
  • This change allows users to define actions in the RateLimitConfig spec’s raw.rateLimits field, with a GlooTrafficPolicy that references this resource in the spec’s glooRateLimit.global.rateLimitConfigRef field. Users can now specify rate limit descriptors and actions in the same RateLimitConfig resource.
  • Adds a helm chart: gloo-gateway-dashboards, to deploy monitoring dashboards which can be automatically detected by kube-prometheus-stack.
  • Add support for configuring nodeSelector, affinity (including the antiAffinity sub field), tolerations, and topologySpreadConstraints for shared resources via GatewayParameters
  • Adds support for a GlooTrafficPolicy referencing a GatewayExtension in a different namespace than the policy using a new namespace field.
  • Added agentgateway extauth support.
  • Add initial support for configuring agentgateway with GlooJWT traffic policies.
  • Added support for agentgateway as a waypoint.
  • Adds license logging for agentgateway.
  • Added AGENTGATEWAY_LICENSE_KEY for agentgateway license.
  • Allows for configuring extensions’ images.
  • Support specifying omitReplicas in the GlooGatewayParameters to allow custom HPA control it
  • API changes to GlooGatewayParameters to better support real-world configuration of extensions.
  • Add support in the agentgateway syncer for basic status reporting on gloo traffic policies
  • Convert GlooTrafficPolicy.spec.glooRateLimit.global.RateLimitConfigRef into a list of refs and rename it to RateLimitConfigRefs
  • [Upstream] Updates the status API for TrafficPolicy and HTTPListenerPolicy to use Gateway API v1alpha2.PolicyStatus API. (#11141)
  • [Upstream] Enables kgateway to act as the control plane for agentgateway. (#11151)
  • [Upstream] Enables policy attachment using labels using the targetSelectors API for kgateway policy APIs. (#11163)
  • [Upstream] Introduce BYO global rate limiting so operators can expose an external rate-limit service through a GatewayExtension resource and reference that extension from a TrafficPolicy. This enables users to configure both local and cluster-wide quotas within the same API surface. (#11169)
  • [Upstream] Add a setting to toggle the listener bind address to either ipv4 or ipv6 (#11196)
  • [Upstream] Add support for dynamic forward proxy. (#11197)
  • [Upstream] Introduce BackendConfigPolicy api to allow configuring envoy clusters. (#11214)
  • [Upstream] Enables setting annotations on Deployment generated by kgateway Helm chart. (#11224)
  • [Upstream] Adds InferencePool status management to Inference Extension endpointpicker (EPP) Plugin. (#11230)
  • [Upstream] Enables multiple kgateway installs in separate namespaces, and implements discoveryNamespaceSelectors to control the namespaces that are considered for config discovery by a kgateway instance based on label selectors. (#11238)
  • [Upstream] Respect DestinationRule TCP keepalive settings (#11246)
  • [Upstream] CORS support has been added and can be configured in the TrafficPolicy or in HTTPRoute, depending on the desired policy. (#11252)
  • [Upstream] Allows a Kubernetes gateway to have more than 64 listeners by implementing ListenerSets defined in https://gateway-api.sigs.k8s.io/geps/gep-1713/. Listener Sets can define their own listeners and be mapped to a parent gateway via their parentRef. The Kubernetes gateway will have the merged list of all listeners from itself and attached ListenerSets. This experimental feature requires the xlistenersets.gateway.networking.x-k8s.io CRD to be present. (#11255)
  • [Upstream] Invalid durations in our CRDs will now be rejected using CEL, before the CR is admitted. (#11266)
  • [Upstream] Allow TrafficPolicy to targetRef using section name. (#11272)
  • [Upstream] Add PathOverride and AuthHeaderOverride fields for custom LLM provider endpoints (#11282)
  • [Upstream] add TargetSelectors field in BackendConfigPolicySpec to enable selection of resources with matchLabels. (#11289)
  • [Upstream] Support for CSRF policy has been added to the TrafficPolicy. (#11302)
  • [Upstream] backendconfigpolicy: add ssl config (#11308)
  • [Upstream] Support sessionPersistence on HTTPRoute (#11320)
  • [Upstream] Add control plane metrics support for observability of controller, collections, and translation operations. (#11342)
  • [Upstream] Adds initial InferencePool e2e tests (#11344)
  • [Upstream] added support for extended gateway parameters (#11346)
  • [Upstream] Support Service appProtocols http2, grpc, and grpc-web. (#11352)
  • [Upstream] backendconfigpolicy: add load balancer configuration (#11365)
  • [Upstream] Enables configuring the payload transformation mode for AWS Lambda backends. (#11381)
  • [Upstream] Allow configuring app protocol on Static Backends. (#11384)
  • [Upstream] add health check config to backendconfigpolicy (#11393)
  • [Upstream] For kubernetes services, set IgnoreHealthOnHostRemoval to true on the cluster. (#11395)
  • [Upstream] Adds support for OpenTelemetry Tracing & Access Log Support. This can be configured via the HTTPListenerPolicy (#11396)
  • [Upstream] add http2 protocol options to backendconfigpolicy (#11455)
  • [Upstream] Add useRemoteAddress, xffNumTrustedHops, serverHeaderTransformation, and streamIdleTimeout to HTTPListenerPolicy https://github.com/kgateway-dev/kgateway/issues/11231 (#11462)
  • [Upstream] Users can now define custom environment variables for the envoy proxy container via the gateway parameters. It can be specified as a list via GatewayParameters.spec.kube.envoyContainer.env (#11463)
  • [Upstream] Added image, security context and resource configuration on GatewayParameters for agentgateway. (#11464)
  • [Upstream] Enables sorting of HTTPRoutes using weights assigned with the kgateway.dev/route-weight annotation when KGW_WEIGHTED_ROUTE_PRECEDENCE=true. (#11470)
  • [Upstream] Added CEL validation to enforce proper attachment semantics for policy APIs. This ensures that policies can only be attached to valid Gateway API resources. (#11499)
  • [Upstream] Allow setting listener-level perConnectionBufferLimitBytes by setting the kgateway.dev/per-connection-buffer-limit annotation on the gateway. (#11505)
  • [Upstream] Privileged ports used (< 1024) on a listener are no longer mapped to a higher port. If listeners are using privileged ports before upgrading, there may be down time when the port mapping is updated. (#11508)
  • [Upstream] Add support for setting request buffer limit using TrafficPolicy (#11523)
  • [Upstream] The TrafficPolicy plugin now respects the route replacement mode setting (KGW_ROUTE_REPLACEMENT_MODE). When in strict mode, the plugin performs additional validation to catch invalid configurations before they reach Envoy. Invalid policies that would cause Envoy to NACK at runtime (e.g. malformed templates) will now be replaced with a direct response (HTTP 500) and report clear status conditions. This prevents fail-open scenarios where invalid policies could allow unintended traffic. (#11553)
  • [Upstream] CORS’s allowOrigins now fully supports the format defined by the gateway api v1.3.0 spec, including wildcards. (#11581)
  • [Upstream] add hash policy to TrafficPolicy for configuring hashing loadbalancers (#11583)
  • [Upstream] Adds the ability for resources to attach to policies defined in the global policy namespace when using targetSelectors. (#11585)
  • [Upstream] Added comprehensive KGateway load testing framework implementing gateway-api-bench methodology with VCluster simulation for fake cluster resources, baseline (1000 routes) and production (5000 routes) performance tests measuring Gateway API control plane performance through incremental route testing with real traffic validation, event-driven monitoring for precise timing measurements, GitHub Actions integration for CI/CD workflows with optional release validation and nightly testing across multiple Kubernetes versions, Makefile targets for easy execution, VS Code debug configurations for development, and complete documentation. (#11598)
  • [Upstream] Adds support for Envoy HealthCheck filter policy to HTTPListenerPolicy (#11629)
  • [Upstream] Add OTel instrumentation for AI non-streaming requests following Gen AI semantic conventions (#11670)
  • [Upstream] Use kgateway.dev/inherited-policy-priority: ShallowMergePreferParent instead of delegation.kgateway.dev/inherited-policy-priority: PreferParent and kgateway.dev/inherited-policy-priority: ShallowMergePreferChild instead of delegation.kgateway.dev/inherited-policy-priority: PreferChild, as annotations to define inherited policy priority for delegated routes. By default, child HTTPRoute policies take precedence over parent HTTPRoute policies for delegated routes. (#11675)
  • [Upstream] CI: Adds support for running Gateway API Inference Extension conformance tests. (#11679)
  • [Upstream] Add InsecureSkipVerify option to backendconfigpolicy. This allows for TLS without verifying server certificates. (#11743)
  • [Upstream] Support traffic distribution modes to prefer endpoints close to the kgateway / waypoint with failover to other priorities. (#11793)
  • [Upstream] Updated kgateway agentgateway integration to support the latest agentgateway. (#11816)
  • [Upstream] Add option for preserving http1 header case to httplistenerpolicy (#11829)
  • [Upstream] Add option to preserve http1 header casing in BackendConfigPolicy (#11836)
  • [Upstream] Enable the IngressUseWaypoint feature by default. Users can still opt-out by setting an environment variable KGW_INGRESS_USE_WAYPOINTS to false. (#11857)
  • [Upstream] Added DirectResponse Support in agentgateway (#11859)
  • [Upstream] Add support for leader election. This is enabled by default and can be disabled by setting the disableLeaderElection setting (#11890)
  • [Upstream] Adds disable field to extAuth, extProc, cors, buffer policies to allow disabling the policies per-route. (#11893)
  • [Upstream] Adds topologySpreadConstraints to the Pod struct used in GatewayParameters in order to set the corresponding topologySpreadConstrains field in the gateway-proxy pod. (#11913)
  • [Upstream] Added AWS Bedrock support for agentgateway. Bumped agentgateway to v0.7.3. (#11933)
  • [Upstream] Extend the route replacement functionality so that when kgateway runs in STRICT mode it prevents invalid Envoy route configuration from ever reaching the proxies. It primarily covers HTTPRoute rules that either 1.) define invalid matchers (e.g. bad regular expressions) or 2.) use built-in Gateway API filters that translate into invalid Envoy xDS. (#11939)
  • [Upstream] Inference: Replaces InferencePool v1alpha2 with v1 (#11965)
  • [Upstream] TrafficPolicy supports configuring timeouts at the route level, and retries at the route and gateway listener level. (#11970)
  • [Upstream] Add header modifiers, using the API from HTTPHeaderFilter, to TrafficPolicy resources. (#11985)
  • [Upstream] Added support for extauth in agentgateway TrafficPolicies. (#11993)
  • [Upstream] Expose acceptHttp10 and defaultHostForHttp10 options via httplistenerpolicy to accept incoming HTTP 1.0 and HTTP 0.9 requests. (#12009)
  • [Upstream] Added custom configmap support for agentgateway. (#12013)
  • [Upstream] Add support for resource attributes in OTel access logs (#12019)
  • [Upstream] Expose envoy’s idle_timeout via HTTPListenerPolicy. (#12020)
  • [Upstream] Supports passive health checking (outlier detection). (#12025)
  • [Upstream] Support applying HPA for a gateway by setting a flag in the GatewayParameters (#12045)
  • [Upstream] Added CEL-based rbac support. (#12054)
  • [Upstream] Added agentgateway rbac support. (#12066)
  • [Upstream] Adds support for a TrafficPolicy referencing a GatewayExtension in a different namespace than the policy using a new namespace field. (#12067)
  • [Upstream] Added externaltrafficpolicy support. (#12089)
  • [Upstream] Enables optional deep merging of extAuth, extProc, transformation policies in TrafficPolicy for policies attached to the same resource. Enables the ability to prioritize policies and GatewayExtensions using the kgateway.dev/policy-weight annotation. (#12111)
  • [Upstream] Added the ability to configure additional resources to agentgateway syncer. Added the ability to configure ExtraVolumes and ExtraVolumeMount via GatewayParameters. (#12117)
  • [Upstream] backendconfigpolicy: option to use system CA certs for TLS (#12149)
  • [Upstream] Added support for specifying a backend annotation that will disable Istio auto-mtls for that backend when Istio is enabled (#12176)
  • [Upstream] Added Transformation support in agentgateway (#12202)
  • [Upstream] Add generic gRPC request timeout to GatewayExtension gRPC services Add failOpen support to all GatewayExtension external providers Change ExtProc GatewayExtension provider to failOpen by default (#12239)
  • [Upstream] Add default support for graceful shutdown and zero-downtime rollout of gateway proxies. (#12242)
  • [Upstream] Helm charts allow for specifying a rollout strategy for the controller; GatewayParameters allows for specifying a rollout strategy for Envoy. (#12247)
  • [Upstream] Add various configuration options to the various external service providers in GatewayExtensions (#12252)
  • [Upstream] Added statuses to TrafficPolicies in agentgateway. (#12256)
  • [Upstream] Add “Accepted” column to TrafficPolicy and BackendConfigPolicy kubectl output for easier status monitoring (#12303)
  • [Upstream] Rename agentgateway controller to kgateway.dev/agentgateway. Added separate xds port (agw-grpc-xds) for agentgateway. (#12323)
  • [Upstream] Enable per-provider BackendTLSPolicy attachment for AI backends. (#12369)
  • [Upstream] Allow downstreams to provide extra AgentgatewayPolicyStatusSyncHandler for policy status reporting with agentgateway (#12377)
  • [Upstream] Added CEL validation to TrafficPolicy transformation policy when using agentgateway. (#12404)
  • [Upstream] Deprecates GatewayParameters.FloatingUserId in favor of OmitDefaultSecurityContext (#12418)
  • [Upstream] Bumps Gateway API dependency to v1.4.0. Gateway API CRDs should be updated to v1.4.0. BackendTLSPolicy is promoted from v1alpha3 to v1. (#12439)
  • [Upstream] Updates gateway-api-inference-extension version to v1.0.1 (#12466)
  • [Upstream] Uses JWT based authentication for xDS by default. (#12471)
  • [Upstream] The new gateway.networking.k8s.io/gateway-class-name label is added to all resources created by Kgateway to represent which GatewayClass was responsible for creating the resource. (#12472)
  • [Upstream] pkg/deployer now exports DeepMergeImage and DeepMergeSecurityContext (#12473)
  • [Upstream] Introduce server-side TLS support for the xDS gRPC server. Users can enable this feature in the controller.xds.tls.enabled field in the helm values. When enabled, they must create a Secret with the kgateway-xds-cert name of type kubernetes.io/tls containing tls.crt, tls.key, and ca.crt. This feature is opt-in and is disabled by default. (#12498)
  • [Upstream] Add version info and endpoint to the admin server (#12547)

Bug Fixes

  • Fix a bug where RateLimitConfigs were assumed to always exist in the Gloo Gateway install namespace.
  • Fix an issue where the namespaces for controller managed external services (e.g. ext-auth-server) was hardcoded to the gloo-gateway-system namespace. This limitation breaks installations that installed to custom namespaces and prevents native support for multiple GG control plane installations on the same cluster. The controller has been updated to remove the hardcoded assumption and properly support custom installation namespaces.
  • Ensure the graceful shutdown on termination signals for the gloo-gateway controller component
  • Fixed a bug which caused the EDS for a backend to have 0 endpoints on the gateway.
  • Fixed gloo-agentgateway helm value merging for gloo-gateway deployer.
  • Fix JWT validation option (validationPolicy field) being ignored with single provider
  • Fixed an invalid Envoy config when not specifying path specifiers in the matcher. Renamed transformation request matcher for regex from safeRegex to regex.
  • Fixed a panic in solo matcher filter with specific cases of prefixes in the transformation matcher
  • Updated the remote jwks url validation rule
  • Fixed support for kgateway v1alpha1.GatewayParameters.
  • ExtAuth and RateLimiter resources will be cleaned up when those extensions are disabled via GlooGatewayParameters.
  • Fix ability to use the jwt field as part of a booleanExpr in an AuthConfig
  • Deploy gloo-ext-cache (redis) as a standalone extension instead of being tied to the rate-limit extension
  • Fixed licensing requirements.
  • Updated the stages of the JWT filters and the gloo ExtAuth to be earlier in the filter chain
  • Fixed the agentgateway waypoint controller name.
  • Fixes helm installation in the case of having just one license key
  • Support of token-base LLM rate-limiting
  • Bump kgateway to v2.1.0-main.0.20250926231554-6d73107c4ddf
  • Improved gateway parameter handling to support configuration overrides for all gateway types including Agentgateway Waypoint, with code cleanup and enhanced testing.
  • Install the agentgateway-enterprise-waypoint gateway class only when the agentgateway feature is enabled.
  • Fixes bug in OmitDefaultSecurityContext when Gateway directly references parameters.
  • [Upstream] Backend targeted policy such as BackendTLSPolicy can now target ServiceEntry either via the networking.istio.io/ServiceEntry group/kind, or the synthetic networking.istio.io/Hostname group/kind. (#11212)
  • [Upstream] Turn off ambient DNS capture by default for kgateway-waypoint, fixing traffic loops in ServiceEntry with DNS resolution. (#11216)
  • [Upstream] Gateways’ Status.Addresses will now include Spec.Addresses. This allows other controllers that rely on Status.Addresses to read what is specified for self-managed gateways. An example of this is Istio reading the address for a self-managed Waypoint. (#11311)
  • [Upstream] Fix a bug where the AttachedListenerSets condition is sometimes incorrectly set. (#11321)
  • [Upstream] Header modification now works on backendRefs inside http route rules. (#11336)
  • [Upstream] bugfix: only Apply deployed objects if they are different. (#11338)
  • [Upstream] Fix BackendTLSPolicy to use multiple targetRefs if provided (#11364)
  • [Upstream] fix an issue with BackendConfigPolicy where Envoy would reject configuration if only CommonHttpProtocolOptions were specified (#11420)
  • [Upstream] Fixed an issue where HTTPRoute status updates could fail when reporting translation errors. Previously, status updates would fail schema validation when routes had invalid configurations (like invalid path prefix matchers). Status conditions are now properly set with valid reason fields and detailed error messages. (#11427)
  • [Upstream] Makes HTTPBackendRef.Port optional when referencing an InferencePool, ignoring the port if specified. (#11448)
  • [Upstream] prevent BackendConfigPolicy with http1protocoloptions set from overwriting an http2 backend (#11449)
  • [Upstream] Fixes deprecation warning by replacing deprecated MatchSubjectAltNames field with MatchTypedSubjectAltNames in TLS validation context for BackendConfigPolicy. (#11520)
  • [Upstream] enforce max limit on HTTP/2 initial stream and connection window sizes, reporting an error on the policy if max is exceeded. (#11525)
  • [Upstream] add validation to ensure maxRequestSize is greater than 0 (#11564)
  • [Upstream] validate that HTTPRoute backendRef weights add to greater than zero (#11567)
  • [Upstream] Parent HTTPRoutes with unresolved child routes will return a 500 direct response. (#11604)
  • [Upstream] Fix HTTPRoute session persistence: marshal StatefulSessionPerRoute per‐route config instead of StatefulSession (#11618)
  • [Upstream] fix: handle changing the value of the PerConnectionBufferLimitBytes annotation on the gateway (#11626)
  • [Upstream] fix: correctly set Gateway listener status when protocol is unsupported (#11631)
  • [Upstream] Support having ingress-use-waypoint on backend service alias namespace. (#11680)
  • [Upstream] use lower case for log level and use JSON format for krt logs to be consistent (#11688)
  • [Upstream] Adds retries to gateway controller and proxy syncer when updating Gateway status. (#11697)
  • [Upstream] Correctly report status for attached policies and gatewayExtensions when only errors change (#11721)
  • [Upstream] Validation improvements for TrafficPolicy rate limit descriptors (#11803)
  • [Upstream] Fixed the agentgateway TCPRoutes. Fixed the label selector MCP route translation. (#11854)
  • [Upstream] Fix consistent CI failures in GIE conformance tests (#11858)
  • [Upstream] HTTPRoute status now correctly reflects error when referencing a missing extensionRef (#11883)
  • [Upstream] Fixed an issue when dynamically modifying the traffic distribution won’t change the distribution. (#11953)
  • [Upstream] Add error messages to ListenerSet status conditions (#12044)
  • [Upstream] The data-plane backend builder now resolves endpoints from all pods that match the InferencePool’s selector. (#12050)
  • [Upstream] - Implement listener precedence with listenersets
  • Fix listenersets not to inherit gateway routes
  • Updated status reporting on listenersets (#12091)
  • [Upstream] Added support for listener and route rule policy attachment, bumped agentgateway to 0.7.8. (#12136)
  • [Upstream] gateway translator: don’t add listener with no filter chains (#12165)
  • [Upstream] Use DelayedInformer for BackendTLSPolicy to handle missing CRDs (#12178)
  • [Upstream] Descriptive ResolvedRefs condition error message about specifying port in the backendRef (#12190)
  • [Upstream] FIX CEL rule evaluation in Backend API for k8s <= 1.31. (#12194)
  • [Upstream] Change ExtAuth ext_authz filter to the earlier AuthN stage in the chain (#12300)
  • [Upstream] Validate the CA certificate referenced in BackendTLSPolicy (#12402)
  • [Upstream] Fixed BackendConfigPolicy outlier detection interval validation to prevent “0s” values that cause Envoy NACKs. (#12403)
  • [Upstream] Fixed BackendConfigPolicy TLS parsing to prevent nil pointer panic when minVersion or maxVersion is omitted. (#12409)
  • [Upstream] Fix a bug caused by sharing a securityContext between Agentgateway and EnvoyContainer that leads to the gateway inheriting the Agentgateway’s securityContext instead of the EnvoyContainer’s securityContext (#12436)
  • [Upstream] Fixed no access log when specific filter conditions were added to it (#12457)
  • [Upstream] Fixes bugs with OmitDefaultSecurityContext and agentgateway and GatewayParameters attached to Gateways directly. (#12494)
  • [Upstream] Make Bedrock model field optional to allow user-specified models, matching OpenAI/Anthropic behavior (#12514)
  • [Upstream] Fix a bug where the volumeMounts were rendered in the proxy deployment when no volume mounts are defined (#12525)
  • [Upstream] Fixes a bug where a user-defined GatewayParameters has a different probe from the default one, resulting in an invalid podTemplate with multiple probe actions for the given probe (#12526)

Deprecations

  • [Upstream] Deprecated Envoy-based AI Gateway, Envoy-based Inference Extension, and Inference Extension auto-provisioning. (#12437)

Documentation

  • [Upstream] Docs update for Helm values file descriptions. (#11350)
  • [Upstream] Adds release workflow document. (#11542)

Cleanup

  • Replace the usage of deprecated HeaderMatcher fields.
  • [Upstream] Switching to Envoy’s /stats/prometheus?usedonly endpoint to only get statistics that Envoy has updated (counters incremented at least once, gauges changed at least once, and histograms added to at least once). (#11358)
  • glooExtAuth.disable allows disabling all extAuth providers. Breaking change: glooJWT and glooRBAC use an empty struct value instead of bool value to disable the filters.
  • Removes WAF-related API types and fields from the GlooTrafficPolicy CRD
  • Bump envoy version to gloo-envoy-ee v1.35.0-patch1
  • Set the default ratelimit service timeout to 100ms (increased from 20ms).
  • Supports licensing via a manual Kubernetes Secret or via the gloo-gateway helm chart.
  • Updated envoy to v1.35.2
  • Bring in envoy-gloo changes to disable loading template file from transformation template by default.
  • [Upstream] Add kgateway label to data plane pods (#11241)
  • [Upstream] moved reusable parts of Deployer into pkg/deployer; default GatewayParameter values can be reused in downstream projects (#11377)
  • [Upstream] rename ssl config to tls (#11401)
  • [Upstream] remove HeadersWithUnderscoresAction from BackendConfigPolicy (#11440)
  • [Upstream] Refactored settings test suites to use consistent standard library testing patterns (#11518)
  • [Upstream] Bumps the inference extension CRDs to sync with upstream commit 842603b. (#11539)
  • [Upstream] Update policy APIs to use pointer types for optional fields, and value types within slices. (#11606)
  • [Upstream] Endpoint-picker:
  • Rebuild InferencePool.status.parents deterministically, eliminating flapping.
  • Reconcile InferencePool status based on HTTPRoute, Service, and InferencePool events.
  • Honor HTTPBackendRef.namespace when matching pools.
  • Avoid data races in Service reconciliation by using a mutex to lock inferencePool IR errors. (#11621)
  • [Upstream] Inference: Bumps Kgateway to support release v0.5.0-rc.2 (#11715)
  • [Upstream] Inference: Replaces deprecated AddToScheme() with Install() to install the Inference Extension v1alpha2 scheme. (#11729)
  • [Upstream] API validation tests now log the output from kubectl apply when an unexpected error occurs, making it easier to debug failing test cases. (#11772)
  • [Upstream] Inference: Added EPP fail-open support by refactoring the inference plugin to use static and subset load-balancing clusters. (#11810)
  • [Upstream] remove insecureSkipVerify field from Backend and AI ssl validation (#11819)
  • [Upstream] Tooling: Adds make targets for managing Gateway API and Gateway API Inference Extension dependencies. (#11830)
  • [Upstream] Removed knative dependency for calculating the service FQDN. (#11861)
  • [Upstream] Tooling: Splits up the setup Makefile target to support dev and released versions of kgateway. (#11921)
  • [Upstream] The global ratelimit filter’s defaults have changed to failOpen=true and timeout=100ms. In addition, removed the statPrefix and turned off enableXRatelimitHeaders. (#12035)
  • [Upstream] Bumped agentgateway to v0.7.5. (#12062)
  • [Upstream] Bumps InferencePool to v1.0.0-rc.2. inferencePool.spec.endpointPickerRef.portNumber field has been replaced with inferencePool.spec.endpointPickerRef.port.number. (#12166)
  • [Upstream] Updated envoy to v1.35.2 (#12209)
  • [Upstream] Inference: Bumps the Gateway API Inference Extension (GIE) dependency from v1.0.0-rc.2 to v1.0.0. (#12241)
  • [Upstream] Inference: Updates the agentgateway e2e test Helm values to include inference extension. (#12268)
  • [Upstream] Report accurate Gateway Status conditions for types Accepted and Programmed based on Listener status. If a Gateway has a any Listener with a ListenerConditionProgrammed condition with a Status of false, the GatewayConditionAccepted on the Gateway will be reported with a “Status: true” and “Reason: ListenersNotValid” (#12290)
  • [Upstream] Rename agentGateway to agentgateway for consistency in helm values. Rename GatewayParameters agentGateway field to agentgateway. (#12293)
  • [Upstream] AI Backend API has been updated to simplify the API. Use ai.llm. instead of `ai.llm.provider.. Use ai.priorityGroups[].providers[] instead of ai.multipool.priorities[].pool[].provider. (#12327)
  • [Upstream] If an XListenerSet has any Listener with a ListenerConditionProgrammed condition with a Status of false, the GatewayConditionAccepted on the XListenerSet will be reported with a “Status: true” and “Reason: ListenersNotValid” (#12342)
  • [Upstream] Added gosec to the linter workflow. Fixed int types to follow Kubernetes Gateway API standards for primitive types. (#12358)
  • [Upstream] Removed the SupportedVersion status condition from GatewayClass. (#12434)
  • [Upstream] API client now uses the correct plural form of GatewayParameters (#12492)
  • [Upstream] Disables creating the kgateway-waypoint gatewayclass if it is not enabled (#12519)
  • [Upstream] Clean up references to GGv1 APIs in the examples folder (#12521)
  • [Upstream] Fix reconcile bug where deployers would not reconcile on changes to parameters on the GatewayClass (#12534)
  • [Upstream] Remove omitReplicas from GatewayParameters (#12548)
  • [Upstream] As waypoint functionality is alpha, disable it by default. It can be enabled by setting the waypoint.enabled helm value to true (#12385)

Dependency Updates

  • [Upstream] sigs.k8s.io/gateway-api bumped from v1.2.1 to 1.3.0 (#11263)

2.0.0-rc.3

Published on: 2025-10-10

Changes since 2.0.0-rc.2

Breaking Changes

  • [Upstream] Bumps Gateway API dependency to v1.4.0. Previous Gateway API CRDs must be replaced with v1.4.0. API type changes must be manually converted. BackendTLSPolicy is promoted from v1alpha3 to v1. The v1alpha3 scheme is removed due to the BackendTLSPolicy promotion. Users must replace v1alpha3 instances of BackendTLSPolicy with v1 after installing the Gateway API v1.4.0 CRDs. (#12439)
  • [Upstream] Updates gateway-api-inference-extension version to v1.0.1 and removes inferencepools.inference.networking.x-k8s.io CRD. (#12466)
  • [Upstream] Remove omitReplicas from GatewayParameters. This is only an internal break for previous betas/RC versions (#12548)

New Features

  • Convert GlooTrafficPolicy.spec.glooRateLimit.global.RateLimitConfigRef into a list of refs and rename it to RateLimitConfigRefs
  • [Upstream] Uses JWT based authentication for xDS by default. (#12471)
  • [Upstream] The new gateway.networking.k8s.io/gateway-class-name label is added to all resources created by Kgateway to represent which GatewayClass was responsible for creating the resource. (#12472)
  • [Upstream] pkg/deployer now exports DeepMergeImage and DeepMergeSecurityContext (#12473)
  • [Upstream] Introduce server-side TLS support for the xDS gRPC server. Users can enable this feature in the controller.xds.tls.enabled field in the helm values. When enabled, they must create a Secret with the kgateway-xds-cert name of type kubernetes.io/tls containing tls.crt, tls.key, and ca.crt. This feature is opt-in and is disabled by default. (#12498)
  • [Upstream] Add version info and endpoint to the admin server (#12547)

Bug Fixes

  • Improved gateway parameter handling to support configuration overrides for all gateway types including Agentgateway Waypoint, with code cleanup and enhanced testing.
  • Install the agentgateway-enterprise-waypoint gateway class only when the agentgateway feature is enabled.
  • Fixes bug in OmitDefaultSecurityContext when Gateway directly references parameters.
  • [Upstream] Fixed no access log when specific filter conditions were added to it (#12457)
  • [Upstream] Fixes bugs with OmitDefaultSecurityContext and agentgateway and GatewayParameters attached to Gateways directly. (#12494)
  • [Upstream] Make Bedrock model field optional to allow user-specified models, matching OpenAI/Anthropic behavior (#12514)
  • [Upstream] Fix a bug where the volumeMounts were rendered in the proxy deployment when no volume mounts are defined (#12525)
  • [Upstream] Fixes a bug where a user-defined GatewayParameters has a different probe from the default one, resulting in an invalid podTemplate with multiple probe actions for the given probe (#12526)

Cleanup

  • Bring in envoy-gloo changes to disable loading template file from transformation template by default.
  • [Upstream] Tooling: Splits up the setup Makefile target to support dev and released versions of kgateway. (#11921)
  • [Upstream] API client now uses the correct plural form of GatewayParameters (#12492)
  • [Upstream] Disables creating the kgateway-waypoint gatewayclass if it is not enabled (#12519)
  • [Upstream] Clean up references to GGv1 APIs in the examples folder (#12521)
  • [Upstream] Fix reconcile bug where deployers would not reconcile on changes to parameters on the GatewayClass (#12534)

2.0.0-rc.2

Published on: 2025-10-01

Changes since 2.0.0-rc.1

Breaking Changes

  • Disable gloo-gateway-v2-waypoint to only allow agentgateway-enterprise-waypoint as the waypoint gatewayclass.
  • [Upstream] As waypoint functionality is alpha, disable it by default. It can be enabled by setting the waypoint.enabled helm value to true (#12385)

New Features

  • Allows for configuring extensions’ images.
  • Support specifying omitReplicas in the GlooGatewayParameters to allow custom HPA control it
  • API changes to GlooGatewayParameters to better support real-world configuration of extensions.
  • Add support in the agentgateway syncer for basic status reporting on gloo traffic policies
  • [Upstream] Add default support for graceful shutdown and zero-downtime rollout of gateway proxies. (#12242)
  • [Upstream] Enable per-provider BackendTLSPolicy attachment for AI backends. (#12369)
  • [Upstream] Allow downstreams to provide extra AgentgatewayPolicyStatusSyncHandler for policy status reporting with agentgateway (#12377)
  • [Upstream] Added CEL validation to TrafficPolicy transformation policy when using agentgateway. (#12404)
  • [Upstream] Deprecates GatewayParameters.FloatingUserId in favor of OmitDefaultSecurityContext (#12418)

Bug Fixes

  • Updated the stages of the JWT filters and the gloo ExtAuth to be earlier in the filter chain
  • Fixed the agentgateway waypoint controller name.
  • Fixes helm installation in the case of having just one license key
  • Support of token-base LLM rate-limiting
  • Bump kgateway to v2.1.0-main.0.20250926231554-6d73107c4ddf
  • [Upstream] Change ExtAuth ext_authz filter to the earlier AuthN stage in the chain (#12300)
  • [Upstream] Validate the CA certificate referenced in BackendTLSPolicy (#12402)
  • [Upstream] Fixed BackendConfigPolicy outlier detection interval validation to prevent “0s” values that cause Envoy NACKs. (#12403)
  • [Upstream] Fixed BackendConfigPolicy TLS parsing to prevent nil pointer panic when minVersion or maxVersion is omitted. (#12409)
  • [Upstream] Fix a bug caused by sharing a securityContext between Agentgateway and EnvoyContainer that leads to the gateway inheriting the Agentgateway’s securityContext instead of the EnvoyContainer’s securityContext (#12436)

Deprecations

  • [Upstream] Deprecated Envoy-based AI Gateway, Envoy-based Inference Extension, and Inference Extension auto-provisioning. (#12437)

Cleanup

  • [Upstream] Added gosec to the linter workflow. Fixed int types to follow Kubernetes Gateway API standards for primitive types. (#12358)
  • [Upstream] Removed the SupportedVersion status condition from GatewayClass. (#12434)

2.0.0-rc.1

Published on: 2025-09-22

Changes since 2.0.0-beta.3

Breaking Changes

  • Change gloo-agentgateway class name to agentgateway-enterprise.
  • [Upstream] Add generic gRPC request timeout to GatewayExtension gRPC services Add failOpen support to all GatewayExtension external providers Change ExtProc GatewayExtension provider to failOpen by default (#12239)
  • [Upstream] Rename agentGateway to agentgateway for consistency in helm values. Rename GatewayParameters agentGateway field to agentgateway. (#12293)

New Features

  • Added support for agentgateway as a waypoint.
  • Added AGENTGATEWAY_LICENSE_KEY for agentgateway license.
  • [Upstream] Added the ability to configure additional resources to agentgateway syncer. Added the ability to configure ExtraVolumes and ExtraVolumeMount via GatewayParameters. (#12117)
  • [Upstream] Added support for specifying a backend annotation that will disable Istio auto-mtls for that backend when Istio is enabled (#12176)
  • [Upstream] Added Transformation support in agentgateway (#12202)
  • [Upstream] Helm charts allow for specifying a rollout strategy for the controller; GatewayParameters allows for specifying a rollout strategy for Envoy. (#12247)
  • [Upstream] Add various configuration options to the various external service providers in GatewayExtensions (#12252)
  • [Upstream] Added statuses to TrafficPolicies in agentgateway. (#12256)
  • [Upstream] Add “Accepted” column to TrafficPolicy and BackendConfigPolicy kubectl output for easier status monitoring (#12303)
  • [Upstream] Rename agentgateway controller to kgateway.dev/agentgateway. Added separate xds port (agw-grpc-xds) for agentgateway. (#12323)

Bug Fixes

  • Deploy gloo-ext-cache (redis) as a standalone extension instead of being tied to the rate-limit extension
  • Fixed licensing requirements.

Cleanup

  • Updated envoy to v1.35.2
  • [Upstream] Tooling: Adds make targets for managing Gateway API and Gateway API Inference Extension dependencies. (#11830)
  • [Upstream] Updated envoy to v1.35.2 (#12209)
  • [Upstream] Inference: Bumps the Gateway API Inference Extension (GIE) dependency from v1.0.0-rc.2 to v1.0.0. (#12241)
  • [Upstream] Inference: Updates the agentgateway e2e test Helm values to include inference extension. (#12268)
  • [Upstream] Report accurate Gateway Status conditions for types Accepted and Programmed based on Listener status. If a Gateway has a any Listener with a ListenerConditionProgrammed condition with a Status of false, the GatewayConditionAccepted on the Gateway will be reported with a “Status: true” and “Reason: ListenersNotValid” (#12290)
  • [Upstream] AI Backend API has been updated to simplify the API. Use ai.llm. instead of `ai.llm.provider.. Use ai.priorityGroups[].providers[] instead of ai.multipool.priorities[].pool[].provider. (#12327)
  • [Upstream] If an XListenerSet has any Listener with a ListenerConditionProgrammed condition with a Status of false, the GatewayConditionAccepted on the XListenerSet will be reported with a “Status: true” and “Reason: ListenersNotValid” (#12342)

2.0.0-beta.3

Published on: 2025-09-08

Changes since 2.0.0-beta.2

New Features

  • Add initial support for configuring agentgateway with GlooJWT traffic policies.
  • Adds license logging for agentgateway.
  • [Upstream] backendconfigpolicy: option to use system CA certs for TLS (#12149)

Bug Fixes

  • Fixed support for kgateway v1alpha1.GatewayParameters.
  • ExtAuth and RateLimiter resources will be cleaned up when those extensions are disabled via GlooGatewayParameters.
  • Fix ability to use the jwt field as part of a booleanExpr in an AuthConfig
  • [Upstream] gateway translator: don’t add listener with no filter chains (#12165)
  • [Upstream] Use DelayedInformer for BackendTLSPolicy to handle missing CRDs (#12178)
  • [Upstream] Descriptive ResolvedRefs condition error message about specifying port in the backendRef (#12190)
  • [Upstream] FIX CEL rule evaluation in Backend API for k8s <= 1.31. (#12194)

Cleanup

  • [Upstream] Bumps InferencePool to v1.0.0-rc.2. inferencePool.spec.endpointPickerRef.portNumber field has been replaced with inferencePool.spec.endpointPickerRef.port.number. (#12166)

2.0.0-beta.2

Published on: 2025-08-29

Changes since 2.0.0-beta.1

Breaking Changes

  • [Upstream] Inference: Replaces InferencePool v1alpha2 with v1 (#11965)

New Features

  • Adds a helm chart: gloo-gateway-dashboards, to deploy monitoring dashboards which can be automatically detected by kube-prometheus-stack.
  • Added agentgateway extauth support.
  • [Upstream] Added comprehensive KGateway load testing framework implementing gateway-api-bench methodology with VCluster simulation for fake cluster resources, baseline (1000 routes) and production (5000 routes) performance tests measuring Gateway API control plane performance through incremental route testing with real traffic validation, event-driven monitoring for precise timing measurements, GitHub Actions integration for CI/CD workflows with optional release validation and nightly testing across multiple Kubernetes versions, Makefile targets for easy execution, VS Code debug configurations for development, and complete documentation. (#11598)
  • [Upstream] Expose envoy’s idle_timeout via HTTPListenerPolicy. (#12020)
  • [Upstream] Added CEL-based rbac support. (#12054)
  • [Upstream] Added agentgateway rbac support. (#12066)
  • [Upstream] Enables optional deep merging of extAuth, extProc, transformation policies in TrafficPolicy for policies attached to the same resource. Enables the ability to prioritize policies and GatewayExtensions using the kgateway.dev/policy-weight annotation. (#12111)
  • Supports licensing via a manual Kubernetes Secret or via the gloo-gateway helm chart.

Bug Fixes

  • Fixed an invalid Envoy config when not specifying path specifiers in the matcher. Renamed transformation request matcher for regex from safeRegex to regex.
  • Updated the remote jwks url validation rule
  • [Upstream] - Implement listener precedence with listenersets
  • Fix listenersets not to inherit gateway routes
  • Updated status reporting on listenersets (#12091)
  • [Upstream] Added support for listener and route rule policy attachment, bumped agentgateway to 0.7.8. (#12136)

2.0.0-beta.1

Published on: 2025-08-25

Changes since 2.0.0-alpha.4

New Features

  • Add support for configuring nodeSelector, affinity (including the antiAffinity sub field), tolerations, and topologySpreadConstraints for shared resources via GatewayParameters
  • Adds support for a GlooTrafficPolicy referencing a GatewayExtension in a different namespace than the policy using a new namespace field.
  • [Upstream] Add OTel instrumentation for AI non-streaming requests following Gen AI semantic conventions (#11670)
  • [Upstream] Added DirectResponse Support in agentgateway (#11859)
  • [Upstream] Add support for leader election. This is enabled by default and can be disabled by setting the disableLeaderElection setting (#11890)
  • [Upstream] Added AWS Bedrock support for agentgateway. Bumped agentgateway to v0.7.3. (#11933)
  • [Upstream] Extend the route replacement functionality so that when kgateway runs in STRICT mode it prevents invalid Envoy route configuration from ever reaching the proxies. It primarily covers HTTPRoute rules that either 1.) define invalid matchers (e.g. bad regular expressions) or 2.) use built-in Gateway API filters that translate into invalid Envoy xDS. (#11939)
  • [Upstream] TrafficPolicy supports configuring timeouts at the route level, and retries at the route and gateway listener level. (#11970)
  • [Upstream] Add header modifiers, using the API from HTTPHeaderFilter, to TrafficPolicy resources. (#11985)
  • [Upstream] Added support for extauth in agentgateway TrafficPolicies. (#11993)
  • [Upstream] Expose acceptHttp10 and defaultHostForHttp10 options via httplistenerpolicy to accept incoming HTTP 1.0 and HTTP 0.9 requests. (#12009)
  • [Upstream] Added custom configmap support for agentgateway. (#12013)
  • [Upstream] Add support for resource attributes in OTel access logs (#12019)
  • [Upstream] Supports passive health checking (outlier detection). (#12025)
  • [Upstream] Support applying HPA for a gateway by setting a flag in the GatewayParameters (#12045)
  • [Upstream] Adds support for a TrafficPolicy referencing a GatewayExtension in a different namespace than the policy using a new namespace field. (#12067)
  • [Upstream] Added externaltrafficpolicy support. (#12089)

Bug Fixes

  • Fix JWT validation option (validationPolicy field) being ignored with single provider
  • Fixed a panic in solo matcher filter with specific cases of prefixes in the transformation matcher
  • [Upstream] Fixed an issue when dynamically modifying the traffic distribution won’t change the distribution. (#11953)
  • [Upstream] Add error messages to ListenerSet status conditions (#12044)
  • [Upstream] The data-plane backend builder now resolves endpoints from all pods that match the InferencePool’s selector. (#12050)

Cleanup

  • Bump envoy version to gloo-envoy-ee v1.35.0-patch1
  • Set the default ratelimit service timeout to 100ms (increased from 20ms).
  • [Upstream] The global ratelimit filter’s defaults have changed to failOpen=true and timeout=100ms. In addition, removed the statPrefix and turned off enableXRatelimitHeaders. (#12035)
  • [Upstream] Bumped agentgateway to v0.7.5. (#12062)

2.0.0-alpha.4

Published on: 2025-08-12

Changes since 2.0.0-alpha.3

Breaking Changes

  • [Upstream] remove insecureSkipVerify field from Backend and AI ssl validation (#11819)
  • [Upstream] Adds disable field to extAuth, extProc, cors, buffer policies to allow disabling the policies per-route. Breaking change: extAuth.enablement has been removed in favor of extAuth.disable. (#11893)

New Features

  • Implements gloo-gateway control plane metrics using the upstream pkg/metrics library from kgateway.
  • The GlooTrafficPolicy plugin now respects the route replacement mode setting (KGW_ROUTE_REPLACEMENT_MODE). When in strict mode, the plugin performs additional validation to catch invalid configurations before they reach Envoy. Invalid policies that would cause Envoy to NACK at runtime (e.g. malformed templates) will now be replaced with a direct response (HTTP 500) and report clear status conditions. This prevents fail-open scenarios where invalid policies could allow unintended traffic.
  • Add FIPS builds for all components
  • Add helm fields to the CRD chart to allow conditional install of extension CRDs. New fields installExtAuthCRDs & installRateLimitCRDs are available.
  • This change allows users to define actions in the RateLimitConfig spec’s raw.rateLimits field, with a GlooTrafficPolicy that references this resource in the spec’s glooRateLimit.global.rateLimitConfigRef field. Users can now specify rate limit descriptors and actions in the same RateLimitConfig resource.
  • [Upstream] CI: Adds support for running Gateway API Inference Extension conformance tests. (#11679)
  • [Upstream] Add InsecureSkipVerify option to backendconfigpolicy. This allows for TLS without verifying server certificates. (#11743)
  • [Upstream] Support traffic distribution modes to prefer endpoints close to the kgateway / waypoint with failover to other priorities. (#11793)
  • [Upstream] Updated kgateway agentgateway integration to support the latest agentgateway. (#11816)
  • [Upstream] Add option for preserving http1 header case to httplistenerpolicy (#11829)
  • [Upstream] Add option to preserve http1 header casing in BackendConfigPolicy (#11836)
  • [Upstream] Enable the IngressUseWaypoint feature by default. Users can still opt-out by setting an environment variable KGW_INGRESS_USE_WAYPOINTS to false. (#11857)
  • [Upstream] Adds topologySpreadConstraints to the Pod struct used in GatewayParameters in order to set the corresponding topologySpreadConstrains field in the gateway-proxy pod. (#11913)

Bug Fixes

  • Fixed a bug which caused the EDS for a backend to have 0 endpoints on the gateway.
  • Fixed gloo-agentgateway helm value merging for gloo-gateway deployer.
  • [Upstream] Adds retries to gateway controller and proxy syncer when updating Gateway status. (#11697)
  • [Upstream] Validation improvements for TrafficPolicy rate limit descriptors (#11803)
  • [Upstream] Fixed the agentgateway TCPRoutes. Fixed the label selector MCP route translation. (#11854)
  • [Upstream] Fix consistent CI failures in GIE conformance tests (#11858)
  • [Upstream] HTTPRoute status now correctly reflects error when referencing a missing extensionRef (#11883)

Cleanup

  • glooExtAuth.disable allows disabling all extAuth providers. Breaking change: glooJWT and glooRBAC use an empty struct value instead of bool value to disable the filters.
  • [Upstream] Endpoint-picker:
  • Rebuild InferencePool.status.parents deterministically, eliminating flapping.
  • Reconcile InferencePool status based on HTTPRoute, Service, and InferencePool events.
  • Honor HTTPBackendRef.namespace when matching pools.
  • Avoid data races in Service reconciliation by using a mutex to lock inferencePool IR errors. (#11621)
  • [Upstream] API validation tests now log the output from kubectl apply when an unexpected error occurs, making it easier to debug failing test cases. (#11772)
  • [Upstream] Inference: Added EPP fail-open support by refactoring the inference plugin to use static and subset load-balancing clusters. (#11810)
  • [Upstream] Removed knative dependency for calculating the service FQDN. (#11861)