Introducing Gloo 1.4 – Enhanced Scalability, Kubernetes Ingress and Istio 1.6 Support, and Improved Dev to Ops Experience

Today we released version 1.4 of Gloo, our Envoy Proxy based API Gateway. In the past few months since our 1.3 release, we have been working with our end users and customers to deliver new functionality and enhance existing features to address a wider range of use cases. This release includes an update to both the open source and enterprise versions of Gloo.

Highlights of the release include:

  • Improvements to system scalability
  • Expanded support for Kubernetes Ingress 
  • Support for the latest Istio 1.6 release
  • Security enhancements
  • User experience enhancements for Dev and Ops
  • Plus more options for configuring Gloo 

Join us for a webinar on July 16th to learn more about this latest release, get a deep dive into the features and demos – Register today to save your seat. Meanwhile, keep reading to get an overview of the new release.


Improvements to System Scalability 

In this release we’ve made updates to improve the scalability of Gloo including managing multiple data planes with the ability set granular per gateway level external authentication and rate limiting policies along with improved status reporting between the multiple instances, and the ability to use multiple instances of Gloo to partition Ingress objects within a single cluster.


Expanded Support for the Kubernetes Ingress 

In addition to API Gateway, Gloo can be deployed as a Kubernetes Ingress Controller and in this release we’ve added configuration options including support for named ports on Kubernetes Ingress objects, ability to use multiple Gloo controllers to partition Ingress objects within a single cluster using the customIngressClass variable to the Gloo Helm Chart, and a fix to keep the  Ingress Controller (ingress pod) processing Ingress updates even when a Ingress backend is incorrectly referencing a service port. 


Support for Istio 1.6 

Gloo seamlessly integrates with service mesh environments and provides mTLS between the ingress traffic to the rest of the cluster. In this release, Gloo has been tested and validated to work with the latest Istio 1.6 release. Additionally, Gloo now supports ALPN on the upstream for more granular control on defining which protocol to use and helps with the integration to the latest version of Istio. Try the Gloo and Istio integration tutorial here


Security Enhancements 

In this release we expanded security capabilities to protect the Gloo system and applications in the environment including supporting TLS in the external auth service  instead of through an envoy sidecar to handle the TLS termination, the addition of audit logs for the Modsecurity Web Application Filter (WAF) as part of the access logs to assist debugging and auditing purposes, encrypted communication is now possible with mTLS between Gloo and Envoy instances for when these components are deployed to separate environments, and an update to the Gloo permissions reduces the surface area for risk by enabling it to run in a fully restricted Kubernetes environment. 


User Experience Improvements for Developers and Operations

Across the CLI and Admin UI we’ve made a number of improvements to expand the functionality of glooctl, expand observability capabilities and error handling to resolve system issues. 


Expanded Configuration Options for Gloo 

As a flexible control plane to Envoy Proxy, Gloo is built to support a wide range of deployment scenarios and use cases. In this release we’ve added a number of new options for the admins to customize the behavior of the Gloo environment and traffic handling.

  • Upstream reference by name: This allows virtual services, route tables, and upstreams to refer to an upstream by name only, without causing an error. Gloo will assume the upstream namespace is the namespace of the parent resource. 


Getting Started 

Give the latest Gloo release a try and we’d love to get your feedback in the community slack or file an issue/PR on Github. If you’re already using Gloo, get the upgrade instructions here and register for the upcoming webinar to learn more.