This release includes several bug fixes and improvements to robustness. This release note describes what’s different between Istio 1.1.3 and Istio 1.1.4.
- Changed the default behavior for Pilot to allow traffic to outside the mesh, even if it is on the same port as an internal service.
This behavior can be controlled by the
Fixed egress route generation for services of type
Added support for configuring Envoy’s idle connection timeout, which prevents running out of memory or IP ports over time (Issue 13355).
Fixed a crashing bug in Pilot in failover handling of locality-based load balancing.
Fixed a crashing bug in Pilot when it was given custom certificate paths.
Fixed a bug in Pilot where it was ignoring short names used as service entry hosts (Issue 13436).
https_protocol_optionsto the envoy-metrics-service cluster configuration.
Fixed a bug in Pilot where it didn’t handle https traffic correctly in the fall through route case (Issue 13386).
Fixed a bug where Pilot didn’t remove endpoints from Envoy after they were removed from Kubernetes (Issue 13402).
Fixed a crashing bug in the node agent (Issue 13325).
Added missing validation to prevent gateway names from containing dots (Issue 13211).
Updated to the latest version of the Kiali add-on.
Updated to the latest version of Grafana.
Added validation to ensure Citadel is only deployed with a single replica (Issue 13383).
Added support to configure the logging level of the proxy and Istio control plane ((Issue 11847).
Allow sidecars to bind to any loopback address and not just 127.0.0.1 (Issue 13201).