Announcing Istio 1.0.3
We’re pleased to announce the availability of Istio 1.0.3. Please see below for what’s changed.
Behavior changes
Validating webhook is now mandatory. Disabling it may result in Pilot crashes.
Service entry validation now rejects the wildcard hostname (
*
) when configuring DNS resolution. The API has never allowed this, howeverServiceEntry
was erroneously excluded from validation in the previous release. Use of wildcards as part of a hostname, e.g.*.bar.com
, remains unchanged.The core dump path for
istio-proxy
has changed to/var/lib/istio
.
Networking
Mutual TLS Permissive mode is enabled by default.
Pilot performance and scalability has been greatly enhanced. Pilot now delivers endpoint updates to 500 sidecars in under 1 second.
Default trace sampling is set to 1%.
Policy and telemetry
Mixer (
istio-telemetry
) now supports load shedding based on request rate and expected latency.Mixer client (
istio-policy
) now supportsFAIL_OPEN
setting.Istio Performance dashboard added to Grafana.
Reduced
istio-telemetry
CPU usage by 10%.Eliminated
statsd-to-prometheus
deployment. Prometheus now directly scrapes fromistio-proxy
.