OpenResty Edge™ Changelog
Admin, Log Server, Node
Mainline versions
22.4.24
bugfix
Fixed the bug caused by invalid JWS signature generated when issuing Let’s Encrypt certificate.change
Support for adding descriptions to partitions.feature
Support hourly granular billing model.change
Adjusted subtitle texts for dymetrics charts, add GSLB config doc link and adjusted config forms for GSLB.bugfix
Fix DNS pages permission check.change
Parallel processing of k8s events to avoid accumulation of events.feature
Enable version control for k8s upstreams.feature
Support OAuth2 validate.change
k8s upstream node update, no longer output error log when query port mapping returns 404.feature
Support for enabling the Edge default error pages.feature
Support staging gateway clusters.change
Rename [log_cluster] to [log_server] in the config.ini.change
changed the red button on the release page to gray.change
validate public/private IPv4 and set private IPv4 as required.bugfix
fixed the static files data not being refreshed because of caching.22.4.1
bugfix
Fixed the bug caused by invalid JWS signature generated when issuing Let’s Encrypt certificate.bugfix
Fixed broken links on the “help center” page.change
Moved Kubernetes, Multi-tier Network, Users & User groups, Gateway Partitions out of Global Config.feature
Added new action “remove request header“.feature
Added new action “enable hcaptcha“ and “enable edgecaptcha“.bugfix
Solve the problem that rollback failure does not return an error.change
Refactoring webhook functionality.feature
Support for uploading license usage using HTTP proxy.change
Disable configuration synchronization when license synchronization has failed for more than 24 hours.bugfix
Cannot use global user variables in access log format.change
Aggregate data for dynamic metrics to speed up queries.feature
Added the non-cross-request mode WAF and supports setting thresholds for WAF rule sets individually. Non-cross-request mode will be used by default.bugfix
fixed the bug that the global Let’s Encrypt certificate would be cleaned up by the scheduled task.change
Refactoring static file function and support whole site upload.bugfix
Enhanced access log file name checking to disallow the '/' character.change
The number of k8s upstream pods can be 0bugfix
k8s listens to processes handling ERROR events, optimizing the printing of error log messages.change
added 1yr option for dynamic metric filter.- feature: test new mainline versions.22.4.24
变更
前端页面调整,修正动态指标图表标题,添加 GSLB 配置文档链接以及配置表单修正。变更
k8s 上游节点变更优化并发执行能力,优化性能,防止事件累积。变更
k8s 上游节点更新,查询端口映射返回404时不再输出错误日志。变更
配置文件中的 [log_cluster] 重命名为 [log_server]。变更
前端页面调整,应用 release 页面的红色按钮改为灰色。变更
增加 public IPv4 和 private IPv4 的校验,并设置 private IPv4 为必填。修复
修复因为缓存导致的静态资源数据未实时更新的问题。22.4.1
修复
修复了签发 Let’s Encrypt 证书时生成非法 JWS 签名导致的错误变更
将 Kubernetes,多层网络,用户和用户组,网关分区从全局配置中移出。新增
支持新的动作 “enable hcaptcha” 和 “enable edge captcha”。新增
支持使用 HTTP 代理上报 License 信息。变更
当 License 信息上报失败超过 24 小时后,禁用节点的配置同步。修复
解决不能在 access log format 中使用全局用户变量的问题。新增
WAF 新增非跨请求模式,并且支持单独设定规则集的阈值。默认将使用非跨请求的模式。修复
修复了全局 Let’s Encrypt 证书会被定时任务清理的问题修复
增强访问日志文件名校验,不允许 “/” 字符。修复
k8s 监听进程处理 ERROR 事件, 优化打印错误日志信息。Stable versions
22.3.1
feature
Add log server heart beat check.feature
Delete synchronized data regularly.feature
Support the number of requests intercepted by rate limiting actions such as limit-request-rate in Dynamic Metrics.bugfix
Solve the problem that can not reload under certain circumstances.change
Add retries and alarms after global configuration initialization failure.feature
Support global config partition release.change
Add interface permission restrictions.bugfix
Resolve an error in the rm-resp-cookie action when there is no set-cookie in the return header.bugfix
Solve the problem that when k8s operation exists, the search for unreleased applications returns incorrectly.bugfix
Resolve the problem that the rm-resp-cookie action cannot delete multiple set-cookies with the same name.feature
Support application partition release.bugfix
Solve the problem of multiple releases with multiple release records when there are no changes.feature
Support configuring nginx and lua modules on the partitions level.bugfix
fixed the problem that node private ip was not saved correctly.feature
support the option Automatic updates by ACME when uploading certificates manually.change
allow underscore on domains of dns record.bugfix
countries of gateway cluster should not be mandatory.optimize
strengthen the verification of dns and dns records.bugfix
resolve the problem that HTTP forward proxy does not check the account.feature
support releasing applications to specified partitions.feature
support append or remove domain from application.bugfix
fix the problem that max_idle_timeout field of pgsql does not take affect.feature
New interface to search k8s upstream using namespace, service, port.feature
supported use manual uploaded private key for the ACME issued certificate.feature
added support for using user uploaded priv key when signing cert in ACME mode.feature
New interface to search k8s upstream using ip.feature
Add k8s upstream data cache to improve k8s upstream update performance.feature
k8s upstream new history search interface.feature
added nodes weight for k8s upstream.feature
k8s upstream support for named ports.bugfix
fixed some permission control.bugfix
When multiple k8s clusters are bound upstream of k8s, the nodes of some clusters can be empty.bugfix
The corresponding upstream node can be deleted correctly when deleting the deployment object of k8s.bugfix
k8s upstream update no longer does dns lookup.bugfix
k8s upstream updates use a timer mechanism to prevent concurrent operations from causing database locks.feature
New parameter in or-config.ini to set the time interval of k8s upstream update timer.feature
The log format supports new variables: $realip_remote_addr and $realip_remote_addr.bugfix
use the limit parameter if it in the meta.bugfix
fixed chart redraw after load data.bugfix
set-upstream-name prints an error log only if all upstream searches have failed.change
added standard tab for dynamic metrics.feature
added always_check mode in upstream health check.feature
added HEAD request method in upstream health check.21.12.2
bugfix
Allow the number of k8s upstream service nodes to be 0.change
Add k8s named port support.change
Add k8s node weight setting.feature
Search k8s upstream with ip.feature
k8s upstream change history list.optimize
k8s upstream service information into the cache.feature
The $internal_request variable is supported in the access log to distinguish between external and internal requests.feature
supported new action set access-log-off.feature
Support to close the access log of a request individually.feature
support HTTP/3 (experimental).feature
record DNS processing time in access log.feature
Dynamic metrics support logging of requests blocked by speed limit actions.feature
Alarm messages support email and webhook notifications.feature
Add heartbeat check for log server.feature
Add Edgelang directive: upstream-has-live-nodes.change
update WAF rules to 3.3.2.change
supported global static file name copy.change
support report MAC address of node.change
support more sorting fields in HTTP application.change
k8s add last error message field record.change
display page rules proxy edgelang content.change
Clean up synchronized data regularly.change
changed gateway partition HTTP2 Enabled display.change
added metrics sql template limit_traffic_status.change
added edit and delete button for Applications Overview Page Rules.change
added column status to the application audit log list.change
Add the disk usage of the log directory to node status.bugfix
Resolve the 5xx issue caused when modifying upstream within the app.bugfix
Repair the problem of not being able to send down the configuration due to upgrading openresty-plus alone.bugfix
removed float pane when session expires.bugfix
k8s Add normal user GET permission.bugfix
fixed the unit display of node health log disk usage.bugfix
fixed the problem that the page was refreshed when the hash link was jumped.bugfix
fixed the app data was not updated after clearing pending change.21.11.7
optimize
Optimized page templates.feature
The WAF Logs page has a new switch to control whether all WAF logs are displayed or only those that * exceed the threshold.feature
Support for printing the application ID (app_id) in the access log.feature
Support for enabling client authentication in page rules.feature
Support exporting http application.feature
support comparison between IPv6 addresses.feature
Support automatic cleanup of operation logs and release history.feature
support action disable access log.feature
Report Node's Architecture.feature
HTTP applications support the gRPC protocol.feature
Global configuration support for search audit logs.feature
Dynamic metrics support binary expression.feature
Admin Lua extensions support WAF hit event.change
Update the modification time of the application after modifying page rules and other content.change
Support limit request rate without key.change
removed namespace network on the Global Config page.change
Only show the requests that score reach threshold by default.change
IP List can be empty when creating global or application ip list.change
Display only the main version on the About page. Support clicking the Details button to expand it to * display versions of all components.change
Added Status Code 400 401 405 406 for action customize error page.change
Add mutually exclusive locks for application modifications and releases.bugfix
Solve the problem that gray apps cannot be found in "pending apps".bugfix
Resolve an error getting DNS records in applications with wildcard domains.bugfix
Add shared dict such as limit_rate.1.3.0
bugfix
Allow the number of k8s upstream service nodes to be 0.change
Add k8s named port support.optimize
Reduced configuration synchronization latency.optimize
optimized incremental configuration synchronization.optimize
Optimized database writes for health checks and upstream metrics.optimize
improvement: move the is_gray flag from gateway cluster level to gateway node level.Make it easier to change one gateway node to gray/main.feature
The request rate limit supports the use of HTTP request headers as key.feature
Support to config k8s upstream in application and global.feature
Support proxy protocol in tcp and tls applications.feature
Support LMDB backup for edge nodes.feature
Support for the Brotli compression of responses.feature
Support for purge cached resources in mlcache based on prefixes (for scenarios with custom use of mlcache Lua modules).feature
Support for ngx2edge tools.feature
Support for cleaning dynamic metrics data.feature
Support ECC for ACME (i.e. Let’s encrypt).feature
Support batch delete.feature
Show world map for DNS A/AAAA records.feature
Show blog articles in tab Help.feature
Remind user to refresh current page when new admin version is available.feature
Recompile tool: Support for parallel compilation of all HTTP/HTTPS applications.feature
New hit rule statistics chart in WAF log page.feature
Custom certificate issuers can show account information.feature
Added two builtin dymetrics: Request count and Request flow.feature
Added release log to global configuration.feature
Added IP-List for application level.feature
Add sidebar on applications’s config page like in global config page.feature
Add new action enable basic authentication, support creating global basic auth accounts and application basic auth accounts.feature
Add 'IP-address-match' operator to X-Forwarded-For.change
The host parameter of k8s supports the use of domain names.change
Skip domain match checking for default application.change
Show offline status of application.change
Rest api search_by_name support k8s upstreams.change
Need to delete load SSL certificate by IP addresses and load application by IP addresses configuration before deleting applications.change
Modified the k8s Token field so that it is not required at edit time.change
k8s upstream node watch thread add caching and concurrent execution capabilities to optimize performance.change
K8s upstream adds support for binding multiple k8s services.change
k8s background threads add support for dual admin and grayscale admin.change
FE: upgrade components to update the functions hints for EdgeLang editor.change
FE: update texts on Global change log page and rename it to Audit Log, also add Audit log table on the application’s release page.change
FE: lmdb backup page show processing nodes and adjust some wordings.change
FE: global error log page: filter nodes after selecting a gateway.change
FE: adjust editor height for Lua module and Lua extension.change
Convert toggle button with negation meaning labels to be affirmative.change
Changes to k8s upstream do not affect release.change
Change the way package_created_time is fetched.change
Apply pan-domain semantic change, multi-level domain matching is no longer supported. For example, *.foo.com will only match a.foo.com and not a.b.foo.com.change
Added operator ip match to first-x-forwarded-addr and last-x-forwarded-addr.change
Added column response status to app waf logs page.change
Add new filters operation, user and keyword to global changelog page.change
Add k8s node weight settings.change
Add interface to search k8s upstream using ip address.change
Add interface to search k8s upstream change history.change
Add an interface to search k8s upstream using namespace, service name, port number.bugfix
When updating the manually uploaded SSL certificate, the certificate also needs to be verified.bugfix
When multiple k8s clusters are configured, monitoring one k8s cluster will use the other k8s cluster configuration.bugfix
value of check_script field of the keepalived configuration should be full-path.bugfix
The offline http application will no longer automatically renew the certificate issued by ACME.bugfix
The "Rewrite Proxy URI Prefix" action does not encode the URI and may not be recognized upstream.bugfix
Solve the problem of not being able to add larger page templates.bugfix
Should finally retry the local machine When enabling gateway cluster level cache sharing and all cluster nodes failed.bugfix
Resize upstream health check shared memory.bugfix
Remove the second useless balancer when the interface is reduced to 1 upstream.bugfix
Log Server down cause incorrect sync status display.bugfix
k8s rest api data return format is not standardized.bugfix
Handling of IPv6 errors in address matching.bugfix
Fixing a mismatch in the results of searching for upstream names.bugfix
Fixed the problem that tag of gateway cluster not shown.bugfix
Fixed the bug when matching multiple IP lists in whitelist mode.bugfix
Fixed failure when uploading certificate by SDK / edge-cli.bugfix
Fixed bad condition of auto renew cert for application.bugfix
Fix to prevent unnecessary requests with undefined params when routing back to application list page.bugfix
Fix the problem that the pagination of expired certificates is invalid.bugfix
Fix the problem that global lua module can not be updated.bugfix
Fix the problem of missing configuration in application release log description.bugfix
Fix the problem of failure of adding gateway cluster conditions to global rewrite rules and global custom actions.bugfix
Fix search and select component error.bugfix
Fix HTTP response body match error in health check.bugfix
Fix failure to find pending apps after gray release.bugfix
Fix DNS runtime error when dns query for invalid domain.bugfix
Fix DNS record validation wrong on the web page.bugfix
Fix creating app with proxy to global upstream but not creating rule automatically.bugfix
Fix Append-proxy-header-value action submit with validation errors.bugfix
Fix an error in matching the IP address of X-Forwarded-For request header.bugfix
Added upstream recursive detection to prevent dead loops caused by it.bugfix
Add concurrent locks for application publish/rollback operations to avoid unexpected changes caused by concurrent operations.bugfix
A later defer resp-body under the same application will overwrite the previous one.1.1.0
optimize
k8s watch thread reset every 10 minutes.optimize
all filled domain names are automatically converted to lowercase.feature
support user to upload their custom IP database by uploading csv file.feature
support search global change log.change
when the internal k8s service is updated, the call to its own interface does not need to verify ssl.change
licensing method changes, support offline licensing.change
internal k8s service updates using https.change
internal k8s service update using port 443change
add admin_api_port config in ini.bugfix
when multiple k8s clusters are configured, monitoring one k8s cluster will use the other k8s cluster configuration.bugfix
the global changelog path is not decoded.bugfix
the global change log does not use the UTC time zone.bugfix
page rule conditions caseless option does not work.bugfix
gateway cluster healthcheck template rendering error.bugfix
fix nginx.conf template error.bugfix
fix bug of whitelist mode for ip-list.1.0.1
feature
the upstream health check supports determining whether the content of the response body contains the specified string.feature
the upstream health check adds PostgreSQL and MySQL check types.feature
support two edge-admin server at the same time, for high availability.feature
support qqzeng IP database.feature
support Lua extensions for admin.feature
support global dynamic metrics.feature
support for creating global IP lists and matching IP addresses with IP lists by name.feature
support enable gateway node health checker.feature
support application dynamic metrics.feature
support always_check option in the global upstreams health check.feature
dns banding to k8s cluster.feature
add new action: user-agent-is-mobile.feature
add intercept actions to the limit request rate action.change
page rule: Support multiple WAF rules take effect at the same time instead the overwriting the old WAF rule.change
only used the backup upstream when all upstream is retied or marked down by health check.change
enable ffi in global lua module.bugfix
fixed debug level waf rules that will cause other rules to fail to hit.bugfix
fix the problem that hcaptcha cache time cannot be modified.bugfix
fix the problem of wrong time unit of dns health check request timeout.bugfix
fix the problem of default binding port 80 when there is no http application.0.4.2
optimize
support filtering error logs by time range.optimize
optimize most of the GET interfaces. It takes only 100ms now instead of original 1.2 seconds for some interfaces.optimize
optimize EdgeLang compilation speed.optimize
optimise the concurrency control of health check, fixed “timer is not enough” error when there are many upstreams with health check enabled.optimize
optimise Application list loading time, the interface time is reduced by about 900ms.optimize
log up to 3 entries when no IP database token is provided.optimize
limit the request rate to the configuration update API to avoid multiple nodes doing whole synchronise at the same time.optimize
limit the frequency of repeated error messages, w hen sending queue is full, each worker print one log entry every 30 seconds at most.optimize
improved the performance of edge node, the QPS increased 26% in the simple proxy case.optimize
fix the problem that the some pages cannot be loaded when log-server crashes.optimize
add blacklist to global lua module and custom share zone.feature
upstream binding to service of k8s cluster.feature
support upstream health check for TCP/TLS applications.feature
support SRV type records in DNS application.feature
support per Application configurations of: client-max-body-size, proxy-cache-revalidate, proxy-cache-use-stale, gateway-gzip and enable-websocket.feature
support node level enabling QAT.feature
support displaying source code for WAF rule sets.feature
support decoded_proxy_authorization variable in the http forward proxy access log.feature
support calling third-party module from a third-party module.feature
support binding local IP.feature
support binding local IP when forwarding.feature
sticky Cookie support.feature
return details of failed upstream health check.feature
pick and disable WAF rule WAF ruleset under WAF log page.feature
keepalived integration, support high-availability on IP layer.feature
gateway binding to k8s cluster, so as to support edge-node auto approve from k8s cluster.feature
EdgeLang source code viewing support of hitting WAF rules in WAF log page.feature
DNS records management support in the application page.feature
DNS health check support enabling and configuring ports within independent record.feature
collect more upstream metrics (such as http status codes).feature
add WAF rules in v3.3feature
add the API for certbot plug-in.feature
add support to specifying customise certificate issuer, with EAB support for ACME services.feature
add new action sorted-query-string to EdgeLang.feature
add lua-resty-mlcache library to openresty-plus.change
switch to TimescaleDB for log server database (need to install TimescaleDB extension).change
split http and stream applications.change
remove the trusted_client and trusted_uid configurations.change
rearrange main navigation menu.change
move entrance of licences page from Gateway Cluster to the upper left corner besides logo in home page.change
apply pan-domain semantic change, multi-level domain matching is no longer supported. For example, -.foo.com will only match a.foo.com and not a.b.foo.com. (It is still compatible for the current version, but will be deprecated and removed in future versions.).bugfix
support binding local ipv6 address.bugfix
forward proxy support multiple ports.bugfix
fix the issue of global action modification triggering node binary upgrade.bugfix
fix the 500 response code issue when uploading certificate.bugfix
fix incorrect remote address in user session on Admin.bugfix
fix a failure case when manual uploading application level certificates: when application is wildcard domain and the certificate is non-wildcard domain will cause the failure.bugfix
do not report health check results repeatedly.bugfix
after DNS health check failed, the resolution result list will not returning failed IPs.22.3.1
新增
支持在动态指标中收集 limit-request-rate 等速率限制动作拦截的请求数。修复
解决特定情况下不能正常 reload 的问题。修复
解决当返回头没有 set-cookie 时, rm-resp-cookie 动作出错的问题。修复
解决当存在 k8s 操作,搜索未发布应用返回不正确的问题。修复
解决 rm-resp-cookie 动作不能删除多个重名 set-cookie 的问题。修复
解决没有变更时,多次发布有多个发布记录的问题。新增
支持分区级别的通用全局配置和配置全局 Lua 模块。新增
当手动上传证书时支持 由 ACME 自动更新 的选项。修复
修复了 PostgresSQL 连接池的 max_idle_timeout 配置不生效的问题。新增
新增使用命名空间,服务,端口搜索 k8s 上游的接口。新增
添加 k8s 上游数据缓存,改善 k8s 上游更新性能。新增
支持 k8s upstream 预设 node 权重。修复
当 k8s 上游绑定多个 k8s 集群的时候,某些集群的节点可以为空。修复
删除 k8s 的 deployment 对象的时候能够正确删除对应的上游节点。修复
k8s 上游更新使用定时器机制,防止并发操作导致数据库锁住。新增
or-config.ini 中新增设置 k8s 上游更新定时器的时间间隔的参数。新增
日志格式中支持新变量:$realip_remote_addr 和 $realip_remote_addr。修复
图表使用 meta 中的 limit 作为请求参数。修复
set-upstream-name 只有搜索所有的上游都失败后才会打印错误日志。新增
上游健康检查中新增 always_check 模式。21.12.2
修复
允许 k8s 上游服务 nodes 数量为0。修复
修复单独升级 openresty-plus 导致不能下发配置的问题。修复
修复 session 过期时,编辑弹框还在的问题。修复
修复 log disk usage 显示单位。新增
Access log 中记录 DNS 响应时间。新增
新增 Edgelang 指令: upstream-has-live-nodes。新增
访问日志中支持 $internal_request 变量,用于区分外部和内部请求。变更
支持 global static file name 复制。变更
增加 metrics SQL 模板 limit_traffic_status。变更
应用 Overview Page Rules 增加编辑和删除按钮。变更
显示 page rules proxy edgelang 内容。21.11.7
修复
解决在存在泛域名的应用中获取 DNS 记录出错的问题。修复
解决灰度应用无法在“未发布应用”中被找到的问题。新增
WAF Logs 页面新增开关控制显示全部 WAF 日志还是只显示超出阈值的。新增
Admin Lua 插件支持 WAF 命中事件。新增
支持动作 disable access log。新增
访问日志中支持打印应用 ID(app_id)。变更
支持 limit request rate 动作不指定具体的 key。变更
在 About 页面初始只展示主版本,点击详情按钮展开展示个组件版本。变更
为自定义错误页面增加状态码 400 401 405 406。变更
全局配置页面去掉了 namespace network。1.3.0
修复
允许 k8s 上游服务 nodes 数量为0。优化
node 灰度标识从网关集群级别,改为网关节点级别方便切换 node 节点是否灰度的标识。修复
Log Server 下线导致节点同步状态无法整成显示的问题。修复
keepalived 配置文件中 check_script 字段应该为全路径。修复
k8s rest api 数据返回格式不规范。修复
增加应用发布/回滚操作的并发锁,避免并发操作带来的配置错误。修复
已下线的 http 应用不应再自动更新 ACME 证书。修复
修复使用 SDK 或 edge-cli 无法上传证书的 BUG。修复
修复全局改写规则和全局自定义动作添加网关集群条件失败的问题。修复
修复了多个 IP 列表白名单匹配时的 BUG。修复
修复 X-Forwarded-For 请求头 IP 地址匹配出错的问题。修复
修复 HTTP 健康检查响应体匹配报错的问题。修复
修复 global lua module 不能更新的问题。修复
修复 Append-proxy-header-value 动作无法提交的问题。修复
新增了递归上游的检测选项,防止出现由此造成的死循环。修复
同一个应用下后面的 defer resp-body 会覆盖前面的 defer resp-body。修复
手动上传 SSL 证书更新时,也需要对上传的证书进行校验。修复
前端修复创建新应用时选择全局上游作为 proxy 上游时未自动创建页面规则。修复
开启网关集群级别的共享缓存时,如果所有节点都失败,应该最后重试一下本机。修复
当界面上删减至 1 个上游时,去除第二个没用的 balancer。修复
"重写代理 URI 前缀"动作没有对 URI 进行编码,可能导致上游不识别。新增
X-Forwarded-For 增加 IP 地址匹配的操作符。新增
tcp 和 tls 应用支持 proxy protocol。新增
DNS 页面显示 A/AAAA 记录的地图展示。新增
重新编译脚本支持并行编译所有的 HTTP/HTTPS 应用。新增
支持根据前缀清理 mlcache 中的缓存资源(适用于有自定义使用 mlcache Lua 模块的场景)。新增
页面支持分别配置应用内 k8s 上游及全局 k8s 上游。新增
新加动作 启用 Basic 认证, 支持创建全局 Basic 认证账号和应用级别 Basic 认证账号。新增
为 Let’s Encrypt 和 ACME 新增 ECC 证书支持。新增
请求速率限制支持使用 HTTP 请求头作为 key。新增
变量 first-x-forwarded-addr 和 last-x-forwarded-addr 支持操作符 IP 匹配以及 IP 不匹配。变更
search_by_name 的接口支持搜索 k8s 上游。变更
k8s 上游节点变更线程添加缓存和并发执行能力,优化性能。变更
k8s 上游发生变更,不影响 release。变更
k8s 后台线程添加双 admin 和灰度 admin 的支持。变更
增加全局变更日志的筛选条件 操作, 用户 以及日志关键字。变更
在应用编辑页面顶部显示 offline 状态。变更
应用泛域名语义变更,不再支持多级域名的匹配。比如 *.foo.com 只会匹配 a.foo.com 而不会匹配 a.b.foo.com.。变更
修改所有否定意思文案的开关选项为肯定,使之更易理解。变更
修改 package_created_time 的获取方式。变更
添加使用命名空间,服务名称,端口号搜索 k8s 上游的接口。变更
添加使用 ip 地址搜索 k8s 上游的接口。变更
设置 k8s 的 host 参数支持使用域名。变更
删除应用前需要先删除 Load SSL certificate by IP addresses 和 Load application by IP addresses 配置。变更
前端:升级组件以更新 EdgeLang 编辑器提示。变更
前端:全局错误日志页面改为先筛选集群再筛选节点。变更
前端:全局变更日志页面文案并改名为审计日志,在应用发布页面新增审计日志。变更
前端:调整 Lua 模块及 Lua 插件编辑器高度。变更
前端:备份功能显示正在处理的节点以及调整页面文案。1.1.0
修复
当配置了多个 k8s 集群的时候,监控某个 k8s 集群会使用其他的 k8s 集群配置。新增
支持用户通过上传 csv 文件使用自定义的 IP 数据库。变更
在 ini 中增加 admin_api_port 配置。变更
内部 k8s 服务更新的时候,调用自身的接口不需要验证 ssl。1.0.1
修复
修复没有 http 应用时默认绑定 80 端口的问题。修复
修复 hcaptcha 缓存时间不能修改的问题。修复
修复 dns 健康检查超时时间单位错误的问题。修复
修复 debug 级别的 waf 规则会导致其他规则无法命中问题。新增
IP 地理信息数据库支持 qqzeng 数据库。新增
支持同时部署并启用两个 admin server 服务,提高 admin 的可用性。新增
支持创建全局 IP 列表,并支持 IP 地址与指定名称 IP 列表进行匹配。新增
新增 user-agent-is-mobile 动作。新增
上游健康检查支持判断响应体内容是否包含指定字符串。新增
上游健康检查新增 PostgreSQL 和 MySQL 检查类型。新增
给 limit request rate 动作增加拦截动作。变更
页面规则内多个 WAF 规则会同时生效,原来是后面的 WAF 规则会覆盖前面的 WAF 规则。变更
备份上游重试顺序调整:当所有的上游节点全部都失败(健康检查失败,或者当前请求尝试过了)才会重试备份上游。0.4.2
优化
优化应用列表的加载时间,接口耗时减少 900ms 左右。优化
优化大部分的 Get 接口,实测原来 1.2 秒的接口现在只需要 100 ms。优化
优化 log-server 崩溃后,前端页面不能加载的问题。优化
优化 edge node 性能,简单反向代理场景 QPS 可以提升 26%。优化
限制重复错误消息频率,当 send queue 满了的时候,每个 worker 最多每 30 秒打印一条日志。优化
限制配置同步接口的请求频率,防止多台 node 节点同时全量同步导致 admin 节点无法服务。优化
如果健康检查的上游太多,可能会报 timer 不够的错误;优化了并发控制。优化
如果 ip database 没有 token,最多记录 3 条日志。优化
给 global-lua-module 和 custom share zone 增加黑名单。修复
DNS 健康检查失败之后,解析结果列表中依然会返回失败 IP。修复
admin 上用户 session 远程地址不对的问题。修复
应用级别证书手动上传证书校验:当应用为泛域名时,上传的非泛域名证书会校验失败的 BUG。修复
修复全局动作修改触发节点 binary upgrade 的问题。新增
WAF 日志页面支持禁用 WAF 规则集内的规则。新增
WAF 日志页面支持查看命中 WAF 规则的 edgelang 源码。新增
openresty-plus 新增 lua-resty-mlcache 库。新增
keepalived 集成,支持 IP 层的高可用。新增
http 正向代理访问日志支持 decoded_proxy_authorization。新增
gateway 绑定到 k8s 集群,以便自动批准 k8s 集群中的 edge-node。新增
EdgeLang 新增动作 sorted-query-string。新增
dns 健康检查支持每条记录单独开启和配置端口。新增
支持指定自定义证书签发商,新增了对 ACME 服务的 EAB 的支持。新增
支持在应用里配置 client-max-body-size,proxy-cache-revalidate,proxy-cache-use-stale,gateway-gzip 和 enable-websocket。变更
log server 切换时序库,需要安装时序库扩展,切换和归档方案看李庚 wiki。wiki 链接。变更
应用泛域名语义变更,不再支持多级域名的匹配。比如 -.foo.com 只会匹配 a.foo.com 而不会匹配 a.b.foo.com. (当前版本还保持兼容,但是未来版本会移除。)。变更
许可证入口位置从网管集群下移至主页面左上角 logo 旁。变更
去掉 trusted_client 和 trusted_uid 的配置。Python SDK
1.2.33
1.2.32
feature
added get_le_cert to get the status of Let's encrypt-issued certificates.change
put_le_cert supports the resign argument to trigger reissuing certificates with Let's encrypt.1.2.31
bugfix
the original parameters will be modified after the DNS application is added.1.2.30
feature
get information about the specified gateway node get_node.feature
update the information of the specified gateway node put_node.1.2.29
1.2.28
bugfix
fixed the problem that node_monitor can not change Node ID.1.2.27
1.2.26
1.2.25
1.2.24
change
The put_app supports setting the status of application.1.2.23
change
The Cache part of the page rule supports more configuration options.1.2.22
1.2.20
bugfix
the interface of search_upstream_by_ip, search_upstream_by_name, search_http_app_by_keyword, the page_size parameter does not work.1.2.19
1.2.17
change
The proxy parameter of put_rule supports to use the data format returned by the get interface.1.2.16
feature
Add interface to get version information get_version.1.2.15
change
Removed get_all_global_user_ids interface.1.2.33
1.2.32
1.2.31
1.2.30
1.2.29
1.2.28
1.2.27
1.2.26
1.2.25
1.2.24
1.2.23
1.2.22
1.2.20
修复
search_upstream_by_ip, search_upstream_by_name, search_http_app_by_keyword的page_size参数不起作用。1.2.19
1.2.17
变更
put_rule 接口的 proxy 参数支持直接使用 get 接口返回的数据格式。1.2.16
1.2.15
变更
删除 get_all_global_user_ids 接口。