Release notes
Review summaries of the main changes in the Gloo 2.11 release.
Make sure that you review the breaking changes đĨ that were introduced in this release and the impact that they have on your current environment.
Introduction
The release notes include important installation changes and known issues. They also highlight ways that you can take advantage of new features or enhancements to improve your product usage.
For more information, see the following related resources:
- Changelog: A full list of changes, including the ability to compare previous patch and minor versions.
- Upgrade guide: Steps to upgrade from the previous minor version to the current version.
- Version reference: Information about Solo’s version support.
đĨ Breaking changes
Review details about the following breaking changes. To review when breaking changes were released, you can use the comparison feature of the changelog. The severity is intended as a guide to help you assess how much attention to pay to this area during the upgrade, but can vary depending on your environment.
đ¨ High
Review severe changes that can impact production and require manual intervention.
- No high-severity changes are currently reported.
đ Medium
Review changes that might have impact to production and require manual intervention, but possibly not until the next version is released.
- No medium-severity changes are currently reported.
âšī¸ Low
Review informational updates that you might want to implement but that are unlikely to materially impact production.
- No low-severity changes are currently reported.
đ§ New known issues
No new known issues are currently reported.
đ New features
Review the following new features that are introduced in version 2.13 and that you can enable in your environment.
Istio 1.30 support
You can now run Gloo Mesh Gateway with Istio 1.30. Istio 1.25 is no longer supported. For more information, see the version support matrix, and the Solo distribution of Istio changelog for 1.30.
New features in the Solo distribution of Istio 1.30 include the following.
đ Feature changes
Review the following changes that might impact how you use certain features in your environment.
đī¸ Removed features
Removed support for Istio 1.25
Istio 1.25 is no longer supported with Gloo Mesh Gateway version 2.13. For more information, see the version support matrix.
đ§ Known issues
The Solo team fixes bugs, delivers new features, and makes changes on a regular basis as described in the changelog. Some issues, however, might impact many users for common use cases. These known issues are as follows:
- Cluster names: Do not use underscores (
_) in the names of your clusters or in thekubeconfigcontext for your clusters. - Istio:
- If you use Istio versions versions 1.27.7, 1.28.4, 1.29.0 or later, and you installed the Gloo Mesh Gateway management plane into a namespace other than
gloo-mesh, you must allow that namespace by listing it in theDEBUG_ENDPOINT_AUTH_ALLOWED_NAMESPACESenvironment variable of your istiod installation. For more information, see the release notes. - Patch versions 1.26.0 and 1.26.1 of the Solo distribution of Istio lack support for FIPS-tagged images and ztunnel outlier detection. When upgrading or installing 1.26, be sure to use patch version
1.26.1-patch0and later only. - Istio patch versions 1.25.1 and 1.24.4 contain an upstream certificate rotation bug in which requests with more than one trusted root certificate cannot be validated. If you use Gloo Mesh (Gloo Platform APIs) to manage root certificate rotation and use Istio 1.25 or 1.24, be sure to use 1.25.2 or 1.24.5 and later only.
- Due to a lack of support for the Istio CNI and iptables for the Istio proxy, you cannot run Istio (and therefore Gloo Mesh Gateway) on AWS Fargate. For more information, see the Amazon EKS issue.
- If you use Istio versions versions 1.27.7, 1.28.4, 1.29.0 or later, and you installed the Gloo Mesh Gateway management plane into a namespace other than
- OTel pipeline: FIPS-compliant builds are not currently supported for the OTel collector agent image.
- Route name and matcher changes: When performing a bulk update for the name or matchers of a route in a RouteTable resource, the translation of the Istio VirtualService and EnvoyFilter might take some time to complete leading to policies temporarily not being applied to your routes. For more information about this issue and mitigation strategies, see Bulk route name and matcher updates.