Announcing Contour v1.11.0

Steve Sloka & Daneyon Hansen

Dec 18, 2020

Contour continues to add new features to help you better manage ingress operations in a cluster. Our latest feature release, Contour 1.11.0, now includes support for a new operator aimed at managing the lifecycle of Contour and its corresponding Envoy instances.

Contour Operator

FEATURE STATE: Contour v1.11.0 alpha

Contour Operator provides a method for packaging, deploying, and managing Contour. The operator extends the functionality of the Kubernetes API to create, configure, and manage instances of Contour on behalf of users. It builds upon the basic Kubernetes resource and controller concepts, but includes domain-specific knowledge to automate the entire lifecycle of Contour.

In Kubernetes, controllers of the control-plane implement control loops that repeatedly compare the desired state of the cluster to its actual state. If the cluster’s actual state doesn’t match the desired state, then the controller takes action to fix the problem. Contour Operator is a custom Kubernetes controller that uses the Contour custom resource (CR) to manage Contour and its dependent components, i.e. the Envoy DaemonSet. The contours.operator.projectcontour.io Custom Resource Definition (CRD) defines the Contour CR. A Contour is handled by the Kubernetes API just like built-in objects, including interaction via kubectl and inclusion in role-based access control (RBAC) policies. The following example runs an instance of Contour in namespace projectcontour with 2 Deployment replicas:

cat <<EOF | kubectl apply -f -
apiVersion: operator.projectcontour.io/v1alpha1
kind: Contour
  name: contour-sample
spec: {}

No configuration, i.e. spec, is provided since projectcontour is the default namespace and 2 is the default number of replicas for a Contour. The default parameters of the Contour can be verified in the same way as any other Kubernetes resource:

$ kubectl get contour/contour-sample -o yaml
apiVersion: operator.projectcontour.io/v1alpha1
kind: Contour
  name: contour-sample
  namespace: default
    name: projectcontour
    removeOnDeletion: false
  replicas: 2

Contour Operator continues to monitor the Contour CR and provides status on whether the actual state matches the desired state. The following example indicates the Contour is available:

$ kubectl get contour/contour-sample
NAME             READY   REASON
contour-sample   True    ContourAvailable

The Contour is now ready to start serving Ingress and HTTPProxy resources.

Check out the Getting Started guide to learn how to start managing Contour using the operator. Learn more about the planned features of Contour Operator by reviewing the GitHub Issues.

XDS Resource v2 Removed

As mentioned in Contour 1.10 the v2 XDS resource version has been removed from Contour ahead of its removal from Envoy. Please see the XDS Migration Guide for upgrading your instances of Envoy/Contour.

Also note that this change applies to any External Auth servers that may be integrated, they need to support XDS version v3 with this release of Contour.

Community Thanks!

We’re immensely grateful for all the community contributions that help make Contour even better! For version 1.11, special thanks go out to the following contributors:

Related Content

Ready to try Contour?

Read our getting started documentation.