Announcing Contour v1.13.0
Feb 25, 2021
Contour continues to add new features to help you better manage ingress operations in a cluster. Our latest release, Contour 1.13.0, adds several new features. This post will focus on two of the features, support for Gateway API and global rate limiting.
FEATURE STATE: Contour v1.13.0 alpha
Contour now provides alpha support for Gateway API, an open source project to evolve service networking APIs within the Kubernetes ecosystem. Gateway API consists of multiple resources that provide user interfaces to expose Kubernetes applications- Services, Ingress, and more.
Support for Gateway API is implemented across Contour and Contour Operator. This approach aligns with the personas defined by Gateway API. The operator manages infrastructure-level resources, i.e. Gateway, while Contour manages application-level resources such as HTTPRoute.
Refer to the user guide for additional details and to start using Gateway API with Contour.
Global Rate Limiting
Contour now supports global rate limiting, where Envoy communicates with an external Rate Limit Service (RLS) over gRPC to make rate limit decisions for requests. Envoy is configured to produce 1+ descriptors for incoming requests, containing things like the client IP, header values, etc. Envoy sends these descriptors to the RLS, and the service returns a rate limiting decision to Envoy based on the descriptors and RLS configured rate limits.
To use global rate limiting with Contour, you’ll need to:
- Choose and deploy an RLS. There is an Envoy rate limit service implementation, but any service that implements the RateLimitService gRPC interface is supported.
- Configure Contour for the RLS.
- Add a global rate limit policy to your
- Define rate limits in your RLS config.
Refer to the Contour global rate limiting guide for using the feature with Envoy RLS as an example.
For more information, see:
- Contour rate limiting documentation
- HTTPProxy API reference
- Envoy HTTP global rate limit filter documentation
A big thanks to @skriss for designing and implementing this feature!
Refer to the v1.13.0 release notes for additional information.
We’re immensely grateful for all the community contributions that help make Contour even better! For version 1.13, special thanks go out to the following contributors:
This blog post covers local rate limiting support in Contour 1.12.
This blog post covers xDS Resource Server conversion from v2 to v3 in Contour v1.10.0.
This blog post covers External Authorization and Cross-Origin Resource Sharing (CORS) Support in Contour v1.9.0.