Unveiling Advanced Features with Gloo Edge 1.15
We’re excited to share the release of Gloo Edge 1.15, which includes some standout features that our customers have been asking for:
- Support for Kubernetes 1.27
- Seamless integration with HashiCorp Vault as a secret store, especially on AWS
- Ability to perform TCP Passthrough based on old TLS ciphers
Let’s talk about how these features have been implemented and what it means for you!
Kubernetes 1.27
Gloo Edge support for Kubernetes 1.27 underscores its commitment to staying aligned with the latest trends and requirements in the Kubernetes ecosystem. Kubernetes continually evolves to meet the demands of modern application development, and as Kubernetes releases newer versions, it introduces enhancements, security fixes, and new features.
Compatibility with the latest Kubernetes version ensures that Gloo Edge users can take full advantage of the enhancements and improvements brought by the new release:
- Optimizing resource utilization
- Leveraging new networking features
- Benefiting from security patches
By seamlessly integrating with Kubernetes 1.27, Gloo Edge empowers users to stay ahead in their application deployment strategies while maintaining the highest levels of security and performance.
Store Secrets in Multiple Locations Such as Vault PKI
In the age of cloud computing, managing secrets and sensitive data is a critical task, and in the cloud, redundancy is critical to uptime and resilience. Previously, secrets have been stored inside the Kubernetes Cluster itself. HashiCorp Vault has emerged as a leader in secret management, providing a secure and centralized way to store, access, and distribute secrets. By leveraging the power of HashiCorp Vault (PKI), Gloo Edge enhances security and compliance, making it an ideal choice for enterprises operating in cloud environments.
Gloo Edge takes advantage of this by offering seamless integration with HashiCorp Vault PKI, particularly on Amazon Web Services (AWS).Through this integration, Gloo Edge users can tap into the robust capabilities of HashiCorp Vault for secret storage and retrieval. This ensures that sensitive information remains well-protected and easily accessible only to authorized parties.
TCP Passthrough Based on Ciphers
In the realm of secure communication, Transport Layer Security (TLS) protocols play a critical role. However, as technology evolves, certain TLS cipher suites become deprecated due to vulnerabilities. Gloo Edge addresses this need through its remarkable ability to perform TCP Passthrough based on old or deprecated TLS ciphers.
While moving to modern cipher suites is recommended, there can be instances where legacy systems or services necessitate the use of these deprecated ciphers.
This ensures that communication with legacy systems remains secure, even while utilizing outdated encryption methods. By facilitating secure connections with systems that may not support modern cipher suites, Gloo Edge strikes a balance between security and compatibility, allowing businesses to transition smoothly while maintaining the integrity of their services.
OCSP Stapling
Online Certificate Status Protocol (OCSP) stapling has emerged as a powerful technique within the realm of Transport Layer Security (TLS). OCSP stapling enhances the verification process of SSL/TLS certificates by allowing servers to proactively provide the status of their certificates’ validity, eliminating the need for clients to contact external OCSP responders. This not only reduces latency but also mitigates potential privacy concerns. An exciting development in this arena is that Gloo Edge now offers the ability to configure a static OCSP staple, further bolstering its security capabilities.
Staying Current with Gloo Edge 1.15
Gloo Edge has been the solution that many of our customers have relied on for their cloud native applications for years. Take the time to read more about Gloo Edge 1.15 in our docs and decide when upgrading to the latest version makes sense for you.