1.13.0+ Upgrade Notice

Review and apply version-specific changes in Gloo Edge 1.13.x and Gloo Edge Enterprise 1.13.x before upgrading your Gloo Edge installation.

Feature changes

Review the following highlights of features changes in Gloo Edge version 1.13.

New or improved features:

• New! Aerospike integration: Now, you can use Aerospike as the backing database for your rate limiting or external auth servers. You must configure Aerospike when you install these servers. The default Redis backing database is unchanged. For more information, see the rate limiting or external auth docs.

• New! Canary upgrades for Gloo Edge Federation: Now, you can upgrade your Gloo Edge Federation installation in a canary model. For more information, see Canary Upgrade.

• Improved config validation: By default, Gloo Edge checks the configuration of Gloo custom resources to prevent invalid config. Now, configuration validation is also automatically checked for add-ons such as rate limiting and external auth custom resources. For more information, see Config Reporting & Validation.

Deprecated features:

• None

Removed features:

• None

Helm changes

New Helm fields:

• To enable the Aerospike integration, you can use several new Helm fields. For more information, see the docs.
• You can set TCP keepalive durations during installation with the gatewayProxies.NAME.tcpKeepaliveTimeSeconds field.
• You can disable leader election when running multiple instances of Gloo Edge with the gloo.disableLeaderElection field.
• You can now configure groupLookupSettings for LDAP external auth policies.
• You can now set circuitBreakers settings in the Helm chart.
• You can enable liveness probes (livenessProbe) for the rate limiter and external auth Helm charts.
• In the rate limiter Helm chart, you can now set redis.clustered to enable clustered mode.

Deprecated Helm fields:

• None

Removed Helm fields:

• None

CRD changes

New and updated CRDs:

• You can set base_interval and max_interval fields for retry policies in gateway, virtual service, and route resources.
• You can set maxStreamDuration as an option.
• You can set edsBlockingQueries in the ConsulUpstreamDiscoveryConfiguration settings.
• Federated resources have new status fields. You do not need to configure these fields.

Deprecated CRDs:

• The IgnoreProxyValidationFailure flag is deprecated because the Gloo Edge validation webhook now validates rate limit configuration by default.

Removed CRDs:

• None

CLI changes

New CLI commands or options:

• The glooctl check command has two new flags:
  • --resource-namespace: Set the namespace to check custom resources in.
  • --pod-selector: Set the labels for the pods to check in the installation namespace.

Changed behavior:

• The glooctl install gateway enterprise command requires a license key to succeed.

Upgrade process

The following steps describe the general process for upgrading Gloo Edge.

1. Follow steps 1 - 2 in Upgrade Steps to prepare for upgrading, and to upgrade glooctl.

2. Apply the new and updated CRDs. Replace the version with the specific patch version that you are upgrading to, such as 1.13.0 in the following examples.

   • Gloo Edge
   • Gloo Edge Enterprise

   helm repo update
   helm pull gloo/gloo --version 1.13.0 --untar
   kubectl apply -f gloo/crds
   

   helm repo update
   helm pull glooe/gloo-ee --version 1.13.0 --untar
   kubectl apply -f gloo-ee/charts/gloo/crds
   # If Gloo Federation is enabled
   kubectl apply -f gloo-ee/charts/gloo-fed/crds
   

3. Enable any new features that you want to use, such as Aerospike integration for rate limiting or Gloo Portal API key external authentication.

4. Continue to upgrade the Gloo Edge server components via Helm.