v1.0.0

Summary

This is a major release for App Mesh Kubernetes Controller. It includes changes around bug fixes from previous versions, data model changes (backward incompatible), scale improvements and new features

Changes

• Custom resources supported:

  • Mesh: represents the Mesh object in AWS App Mesh. A service mesh is a logical boundary for network traffic between the services that reside within it. After you create your service mesh, you can create virtual services, virtual nodes, virtual routers, and routes to distribute traffic between the applications in your mesh.
  • VirtualNode: represents the Virtual Node object in AWS App Mesh. A virtual node acts as a logical pointer to a particular deployment in Kubernetes.
  • VirtualRouter: represent the Virtual Router object in AWS App Mesh and embeds App Mesh Route in it. Virtual routers handle traffic for one or more virtual services within your mesh. After you create a virtual router, you can create and associate routes for your virtual router that direct incoming requests to different virtual nodes.
  • VirtualService: represents the Virtual Service object in AWS App Mesh. A virtual service is an abstraction of a real service that is provided by a virtual node directly or indirectly by means of a virtual router.

• App Mesh injector has been merged with the controller and there will be a single binary moving forward that provides AppMesh CRD controller and webhooks for sidecar injections

• Decoupled Kubernetes resources from AWS App Mesh resource name. Now you can use awsName in resource spec to denote the resource in AWS App Mesh. For example, awsName for VirtualNode.

  • Note: The default generated awsName for VirtualNode is ${name}_${namespace} of k8s VirtualNode resource. It's using _ instead of - compared with old controller versions(<v1.0.0). If you want to reuse existing appMesh resources in AWS created by old controllers, you need to explicitly specify awsName in k8s VirtualNode resource.
  • Note: The default generated awsName for VirtualService is ${name}.${namespace} of k8s VirtualService resource. Compared with old controller versions(<v1.0.0), you shouldn't specify the k8s VirtualService's name to be the DNS name anymore. Explicitly specify awsName in k8s VirtualService resource if the DNS name your clients talk to didn't match this default generated awsName.

• Use typed references for defining relationships between resources within a Kubernetes cluster. For example, a VirtualRouter will have VirtualNodeRef instead of resource name

• Decoupled VirtualRouter from VirtualService. VirtualRouter will have a separate CRD that VirtualService can refer to. You can also use VirtualNode as VirtualService provider directly.

• Use namespaceSelector on Mesh to denote Mesh membership for resources within namespaces. Each individual resource no longer have meshName in spec.

• Use podSelector on VirtualNode to denote VirtualNode membership. Label selectors of two VirtualNodes within the same namespace should not overlap. Controller will reject such formation.

• Support to configure HTTP, GRPC and TCP timeouts on App Mesh virtual nodes and routes. There are two types of timeouts: per-request, which controls the amount of time that a requester will wait to complete a response, and idle, that controls the time at which the connection will be terminated if there are no active streams

• Support to use shared mesh. Shared mesh allows resources created by different accounts to communicate with each other in the same mesh.

• Additional minor changes:

  • DNSServiceDiscovery.hostName renamed to DNSServiceDiscovery.hostname
  • ServiceDiscovery.cloudMap renamed to ServiceDiscovery.awsCloudMap
  • VirtualRouter.spec.routes.[].http renamed to VirtualRouter.spec.routes.[].httpRoute(same change is done for tcp/https/grpc)
  • perRetryTimeoutMillis renamed to be perRetryTimeout with a defined Duration struct
  • virtualNode.spec.serviceDiscovery.awsCloudMap.attributes from map[string]string to be array of awsCloudMapAttribute
  • used same cases for acronyms (e.g. certificateAuthorityArns renamed to be certificateAuthorityARNs)

Helm Charts

https://hub.helm.sh/charts/aws/appmesh-controller

Image URIs

• 602401143452.dkr.ecr.us-west-2.amazonaws.com/amazon/appmesh-controller:v1.0.0
• 602401143452.dkr.ecr.ap-south-1.amazonaws.com/amazon/appmesh-controller:v1.0.0
• 602401143452.dkr.ecr.ca-central-1.amazonaws.com/amazon/appmesh-controller:v1.0.0
• 602401143452.dkr.ecr.eu-west-2.amazonaws.com/amazon/appmesh-controller:v1.0.0
• 602401143452.dkr.ecr.eu-west-3.amazonaws.com/amazon/appmesh-controller:v1.0.0
• 602401143452.dkr.ecr.sa-east-1.amazonaws.com/amazon/appmesh-controller:v1.0.0
• 602401143452.dkr.ecr.us-west-1.amazonaws.com/amazon/appmesh-controller:v1.0.0
• 602401143452.dkr.ecr.us-east-1.amazonaws.com/amazon/appmesh-controller:v1.0.0
• 602401143452.dkr.ecr.us-east-2.amazonaws.com/amazon/appmesh-controller:v1.0.0
• 602401143452.dkr.ecr.eu-west-1.amazonaws.com/amazon/appmesh-controller:v1.0.0
• 602401143452.dkr.ecr.eu-north-1.amazonaws.com/amazon/appmesh-controller:v1.0.0
• 602401143452.dkr.ecr.eu-central-1.amazonaws.com/amazon/appmesh-controller:v1.0.0
• 602401143452.dkr.ecr.ap-southeast-1.amazonaws.com/amazon/appmesh-controller:v1.0.0
• 602401143452.dkr.ecr.ap-southeast-2.amazonaws.com/amazon/appmesh-controller:v1.0.0
• 602401143452.dkr.ecr.ap-northeast-1.amazonaws.com/amazon/appmesh-controller:v1.0.0
• 602401143452.dkr.ecr.ap-northeast-2.amazonaws.com/amazon/appmesh-controller:v1.0.0
• 961992271922.dkr.ecr.cn-northwest-1.amazonaws.com.cn/amazon/appmesh-controller:v1.0.0
• 918309763551.dkr.ecr.cn-north-1.amazonaws.com.cn/amazon/appmesh-controller:v1.0.0
• 800184023465.dkr.ecr.ap-east-1.amazonaws.com/amazon/appmesh-controller:v1.0.0
• 558608220178.dkr.ecr.me-south-1.amazonaws.com/amazon/appmesh-controller:v1.0.0