istio
/
istio.io
mirror of https://github.com/istio/istio.io.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Add warning about breaking change in 1.9.5/1.8.6 (#9799) 

* Add warning about breaking change in 1.9.5/1.8.6

* fixes

* typo
This commit is contained in:
John Howard 2021-05-20 15:17:27 -07:00 committed by GitHub
parent 778b410748
commit 3e40cf9d3d
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 24 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
content/en/news/releases/1.10.x/announcing-1.10/upgrade-notes/index.md
View File

@ -83,3 +83,11 @@ If this behavior is not desired, it can be temporarily disabled with `--set valu
This option will be removed in future releases.
See the updated [Automatic sidecar injection](/docs/setup/additional-setup/sidecar-injection/) documentation for more information.
## Multicluster `.global` stub domain
As part of the fixes for [ISTIO-SECURITY-2021-006](/news/security/istio-security-2021-006/), the [previously deprecated](/news/releases/1.8.x/announcing-1.8/upgrade-notes/#multicluster-global-stub-domain-deprecation) `.global` stub domain for multicluster will no longer work.
This change can be temporarily disabled if desired by setting the environment variable `PILOT_ENABLE_LEGACY_AUTO_PASSTHROUGH=true` in Istiod. However, this is strongly discouraged, as it negates the fix to [ISTIO-SECURITY-2021-006](/news/security/istio-security-2021-006/).
Please follow the [Multicluster Installation documentation](/docs/setup/install/multicluster/) for more information.

8
content/en/news/releases/1.8.x/announcing-1.8.6/index.md
View File

@ -48,3 +48,11 @@ Istio contains a remotely exploitable vulnerability where an HTTP request path w
- **Fixed** the Kubernetes API server so it is now considered to be cluster-local by default . This means that any pod attempting to reach `kubernetes.default.svc` will always be directed to the in-cluster server. [Issue 31340](https://github.com/istio/istio/issues/31340)
- **Fixed** Istio operator to prune resources that do not belong to the specific Istio operator CR. [Issue 30833](https://github.com/istio/istio/issues/30833)
## Breaking Changes
As part of the fixes for [ISTIO-SECURITY-2021-006](/news/security/istio-security-2021-006/), the [previously deprecated](/news/releases/1.8.x/announcing-1.8/upgrade-notes/#multicluster-global-stub-domain-deprecation) `.global` stub domain for multicluster will no longer work.
This change can be temporarily disabled if desired by setting the environment variable `PILOT_ENABLE_LEGACY_AUTO_PASSTHROUGH=true` in Istiod. However, this is strongly discouraged, as it negates the fix to [ISTIO-SECURITY-2021-006](/news/security/istio-security-2021-006/).
Please follow the [Multicluster Installation documentation](/docs/setup/install/multicluster/) for more information.

8
content/en/news/releases/1.9.x/announcing-1.9.5/index.md
View File

@ -32,3 +32,11 @@ Istio contains a remotely exploitable vulnerability where an HTTP request path w
## Changes
- **Added** [security best practice for authorization policies](/docs/ops/best-practices/security/#authorization-policies)
## Breaking Changes
As part of the fixes for [ISTIO-SECURITY-2021-006](/news/security/istio-security-2021-006/), the [previously deprecated](/news/releases/1.8.x/announcing-1.8/upgrade-notes/#multicluster-global-stub-domain-deprecation) `.global` stub domain for multicluster will no longer work.
This change can be temporarily disabled if desired by setting the environment variable `PILOT_ENABLE_LEGACY_AUTO_PASSTHROUGH=true` in Istiod. However, this is strongly discouraged, as it negates the fix to [ISTIO-SECURITY-2021-006](/news/security/istio-security-2021-006/).
Please follow the [Multicluster Installation documentation](/docs/setup/install/multicluster/) for more information.