Announcing Istio 1.8.2

Patch Release

 January 14, 2021 |  2 minute read  

This release contains bug fixes to improve robustness. This release note describes what’s different between Istio 1.8.1 and Istio 1.8.2

BEFORE YOU UPGRADE

Things to know and prepare before upgrading.

DOWNLOAD

Download and install this release.

DOCS

Visit the documentation for this release.

SOURCE CHANGES

Inspect the full set of source code changes.

Changes

  • Improved WorkloadEntry auto-registration stability. (PR #29876)

  • Fixed the CA’s certificate signature algorithm to be the default algorithm corresponding to the CA’s signing key type. (Issue #27238)

  • Fixed Newer control plane installations were removing permissions for rbac.istio.io from istiod, causing older control planes relying on that CRD group to hang on restart. (Issue #29364)

  • Fixed empty service ports for customized gateway. (Issue #29608)

  • Fixed an issue causing usage of deprecated filter names in EnvoyFilter to overwrite other EnvoyFilters. (Issue #29858)(Issue #29909)

  • Fixed an issue causing EnvoyFilters that match filter chains to fail to properly apply. (PR #29486)

  • Fixed an issue causing a Secret named <secret>-cacert to have lower precedence than a Secret named <secret> for Gateway Mutual TLS. This behavior was accidentally inverted in Istio 1.8; this change restores the behavior to match Istio 1.7 and earlier. (Issue #29856)

  • Fixed an issue causing only internal ALPN values to be set during external TLS origination. (Issue #24619)

  • Fixed an issue causing client side application TLS requests sent to a PERMISSIVE mode enabled server to fail. (Issue #29538)

  • Fixed an issue causing the targetPort option to not take affect for WorkloadEntrys with multiple ports. (PR #29887)

Was this information useful?
Do you have any suggestions for improvement?

Thanks for your feedback!