Introduction

The release notes include important installation changes and known issues. They also highlight ways that you can take advantage of new features or enhancements to improve your product usage.

For more information, see the following related resources:

đŸ”Ĩ Breaking changes

Review details about the following breaking changes. The severity is intended as a guide to help you assess how much attention to pay to this area during the upgrade, but can vary depending on your environment.

🚨 High

Review severe changes that can impact production and require manual intervention.

🔔 Medium

Review changes that might have impact to production and require manual intervention, but possibly not until the next version is released.

  • No medium-severity changes are currently reported.

ℹī¸ Low

Review informational updates that you might want to implement but that are unlikely to materially impact production.

🌟 New features

Review the following new features that are introduced in version 2.7 and that you can enable in your environment.

Automated multicluster peering (beta)

In multicluster setups, you can configure Gloo Mesh to automate multicluster mesh peering by including the --set featureGates.ConfigDistribution=true setting in your management plane installation. Then, you use the istioctl multicluster expose command included in the Solo distribution of Istio to quickly create east-west gateways. The Gloo Mesh management plane watches for these east-west gateways, and generates one istio-remote resource in the management cluster for each connected workload cluster. Gloo Mesh then distributes the gateway to each cluster respectively. These gateways use the istio-remote GatewayClass, which allows the istiod control plane in each cluster to discover the east-west gateway addresses of other clusters.

To get started, follow the Gloo Operator guides to install an ambient or sidecar multicluster mesh.

For more information, see Lifecycle management in the service mesh options overview.

🔄 Feature changes

Review the following changes that might impact how you use certain features in your Gloo environment.

General availability of the Gloo Operator

The Gloo Operator has been promoted to the general availability (GA) feature maturity status in Gloo Mesh 2.8. You can use the Gloo Operator to easily manage the lifecycle of your ambient or sidecar service meshes in single or multicluster mesh setups. To get started, check out Install a managed ambient mesh with the Gloo Operator. For more information about feature status, see Gloo feature maturity.

🗑ī¸ Removed features

🚧 Known issues

The Solo team fixes bugs, delivers new features, and makes changes on a regular basis as described in the changelog. Some issues, however, might impact many users for common use cases. These known issues are as follows:

  • Cluster names: Do not use underscores (_) in the names of your clusters or in the kubeconfig context for your clusters.
  • Istio:
    • Due to a lack of support for the Istio CNI and iptables for the Istio proxy, you cannot run Istio (and therefore Gloo Mesh) on AWS Fargate. For more information, see the Amazon EKS issue.
      • In Gloo Mesh version 2.6 and later, ambient mode requires the Solo distribution of Istio version 1.22.3 or later (1.22.3-solo). In Gloo Mesh version 2.7 and later, multicluster setups require the Solo distribution of Istio version 1.24.3 or later (1.24.3-solo), including the Solo distribution of istioctl.
      • In Istio 1.22.0-1.22.3, the ISTIO_DELTA_XDS environment variable must be set to false. For more information, see this upstream Istio issue. Note that this issue is resolved in Istio 1.22.4.
      • Istio 1.20 is supported only as patch version 1.20.1-patch1 and later. Do not use patch versions 1.20.0 and 1.20.1, which contain bugs that impact several Gloo Mesh features that rely on Istio ServiceEntries.
    • OTel pipeline: FIPS-compliant builds are not currently supported for the OTel collector agent image.