Envoy Proxy has announced the release of 1.17. The new version released on Jan. 11, 2021 brought a breaking change: v2 API is deprecated.

But you can still use it by:

  • Setting –bootstrap-version 2 on the CLI for a v2 bootstrap file.
  • Enabling the runtime envoy.reloadable_features.enable_deprecated_v2_api feature. This is implicitly enabled if a v2 –bootstrap-version is set.

Envoy’s support for v2 xDS will be removed in Q1 2021. Currently, Istio 1.8 is using the xDS v3 API, so you don’t need to worry about Istio adaptation to Envoy.

Let’s also take a look at the API lifecycle of Envoy.

  • Each major release of the Envoy API goes through four phases alpha -> stable -> deprecated -> removed, each phase lasting one year.
  • After stabilization, Envoy will have three major versions of the API: the stable version in use, the previous stable version that has been deprecated, and the new next major version (but only alpha) that is ready for development.
  • A new stable major release must deprecate the previous stable major release while removing the previous deprecated major release.

In addition, there are other noteworthy updates in this release as follows.

  • start_tls: added new transport socket which starts in clear-text but may programmatically be converted to use TLS.  It allows the termination of TLS at Envoy for protocols that negotiate TLS in-band.
  • tcp: added a new envoy.overload_actions.reject_incoming_connections action to reject incoming TCP connections
  • tls: added support for RSA certificates with 4096-bit keys in FIPS mode.
  • tracing: added SkyWalking tracer
  • Wasm: added Wasm extension support for HTTP and network filter, access loggers, and bootstrap extension. The Wasm support is still in an early experimental stage and not in community release notes.

A complete list of 1.17 features can be found in the Envoy community release notes.

Additional Resources

Envoy is an edge and service proxy that functions as a service mesh data plane. Tetrate is a major contributor to the open source project and created GetEnvoy to make it easy to install and upgrade Envoy.