Announcing Istio 1.6.6
Patch Release
This release contains bug fixes to improve robustness. This release note describes what’s different between Istio 1.6.5 and Istio 1.6.6.
BEFORE YOU UPGRADE
Things to know and prepare before upgrading.
DOWNLOAD
Download and install this release.
DOCS
Visit the documentation for this release.
SOURCE CHANGES
Inspect the full set of source code changes.
Changes
- Optimized performance in scenarios with large numbers of gateways. (Issue 25116)
- Fixed an issue where out of order events may cause the Istiod update queue to get stuck. This resulted in proxies with stale configuration.
- Fixed
istioctl upgrade
so that it no longer checks remote component versions when using--dry-run
. (Issue 24865) - Fixed long log messages for clusters with many gateways.
- Fixed outlier detection to only fire on user configured errors and not depend on success rate. (Issue 25220)
- Fixed demo profile to use port 15021 as the status port. (Issue #25626)
- Fixed Galley to properly handle errors from Kubernetes tombstones.
- Fixed an issue where manually enabling TLS/mTLS for communication between a sidecar and an egress gateway did not work. (Issue 23910)
- Fixed Bookinfo demo application to verify if a specified namespace exists and if not, use the default namespace.
- Added a label to the
pilot_xds
metric in order to give more information on data plane versions without scraping the data plane. - Added
CA_ADDR
field to allow configuring the certificate authority address on the egress gateway configuration and fixed theistio-certs
mount secret name. - Updated Bookinfo demo application to latest versions of libraries.
- Updated Istio to disable auto mTLS when sending traffic to headless services without a sidecar.