Connectivity
Changed
- Use LoadBalancer Service on Azure.
- Change controller.service.type to LoadBalancer/NodePort, and introduce controller.service.public for public/internal service classification.
- Upgrade to ingress-nginx 0.33.0.
Fixed
- Fix template helpers issue converting port number for the webhook endpoint.
Changed
- Make healthcheck probes configurable.
- Make liveness probe more resilient.
Added
- Added dates to CHANELOG entries.
Info
- Existing v0.8.2 git tag got updated by mistake in attempt to make next release. This changelog entry was added to avoid any confusion, even though change made in the release is not so much customer relevant.
Changed
- Prefer CNAMEs record sets for AWS SDK configuration with explicit credentials.
Changed
- Align labels, use
app.kubernetes.io/name instead of k8s-app where possible.
k8s-app remains to be used for compatibility reasons, as selectors are not modifiable without recreating the Deployment.
- Sync with upstream - v1.5.0
- Bump Kong version - v2.0.4
- Bump Kong Ingress Controller version - v0.8.1
Changed
- Make forward options optional.
Changed
- Make NGINX IC Service
externalTrafficPolicy configurable and default to Local.
Changed
- Restrict PodSecurityPolicy volumes to only those required (removes wildcard).
- Tune
net.ipv4.ip_local_port_range to 1024 65535 as a safe sysctl. - Tune
net.core.somaxconn to 32768 via an initContainer with privilege escalation. - Use
4 worker processes by default. - Use upstream default of max-worker-connections of
16384. - Ignore NGINX IC Deployment replica count configuration when HorizontalPodAutoscaler is enabled.
- Drop unnecessary Helm release revision annotation from NGINX IC Deployment.
- Adjust README for display in the web interface context.
