GreyMatter.io
Twitter
GitHub
Support
Overview
Release Notes
Installation
Set up the CLI
Install on Kubernetes
Guides
Deploy a Service
Remove a Service
Security
Fabric
Data-Mesh
AWS
App Development Guide
Istio Discovery Guide
Usage
Application
Service Discovery
Traffic Control
Security
Telemetry
Platform Services
Troubleshooting
Reference
API
CLI
Setup
Standards and Compliance
Powered by GitBook

Release Notes

Grey Matter 1.6

Artifacts

Component

Version

Group

​gm-proxy​

1.6.1

Core

​gm-control​

1.6.1

Core

​gm-control-api​

1.6.1

Core

​gm-jwt-security​

1.3.0

Core

​gm-jwt-security-gov​

1.3.0

Core

​gm-dashboard​

5.0.0

Core

​gm-catalog​

2.0.0

Core

​gm-slo​

2.0.0

Core

​greymatter (CLI)​

3.0.0

Core

​sense-lad*​

1.0.0

Core

​gm-data​

1.2.1

Platform Service

​gm-apier​

2.0.5

Platform Service

*experimental

gm-proxy

Added

  • JWT Security TCP filter

  • Observables network filter (support for Kafka and file storage)

  • Replaced deciphernow with greymatter-io in go imports, docs, and build files.

  • Metrics TCP filter (with experimental support for Kafka)

  • TCP logger filter

  • JWT Keycloak filter

  • Exposed envoy bindings for and added HTTP & TCP metrics to /stats admin endpoint

Changed

  • Blacklist and whitelist terms changed to allow list and deny list

  • Clean up logging and version output

  • Added a direct means for copying/adding all headers from one header map to another.

  • Default Go toolchain is now the BoringSSL fork. Unofficial, but maintained by the core team.

  • Grey Matter network filters renamed as greymatter.filters.network.<filtername>

  • HTTP Observables EventChain field will now be populate with all eventIDs in the HTTP transaction chain

  • TCP and HTTP metrics filters have path defaults and allow turning off the server

  • HTTP Observables now detect websocket upgrades and emit observables on every websocket frame.

Fixed

  • Use interface types in header map constructors

  • Fixed a bug where some header values were not being copied completely (e.g. only one cookie could be set via the Set-Cookie header).

  • Fixed crash on setting headers in Decoder filter routines

  • Fixed memory leak of header map objects

  • Bazel configuration: test size set explicitly to prevent test warnings and errors

  • Avoid nil pointer dereference in oidc-validation filter

  • Jwt filter defaulting to 0 timeout and no cache

  • Fixed handling of setting duplicated headers, refactor header map handling

gm-control & gm-control-api

Added

  • Sidecar announcement Node information is passed to all resource Adapters

  • Filters set by users that are not supported by a sidecar will now be skipped with a warning

  • Set default XDS_INTERVAL to 5s

  • Traffic shadowing available via the rule.constraint.dark field

  • Docker image for gm-control-api contains the greymatter cli for easier debugging

  • Discovery manager to restart service discovery through admin API

  • pprof for debugging available from /admin API

  • CONTRIBUTING.md guidelines

  • Support for updated Grey Matter network filters

  • EDS updates to set health status for endpoints

  • Grey Matter network logger filter enabled by default

  • Adapter for sending catalog-specific XDS resources

  • Control API gRPC server implementation

Changed

  • Moved to xDS V3 protocol

  • CSB server now creates resource watches on a per stream basis

  • Cerebro logging now more human readable

  • API active filter arrays will now accept both periods and underscores in filter names

Fixed

  • Fixed redirects with trailing slash routes

  • Fixed service discovery not pulling in platform updates

  • Fixed CSB deadlocking when bulk requests come in

  • Fixed segmentation fault caused by connection close with resolve DNS set

Removed

  • --xds-disabled from control

  • No longer support xDS V2 resources

  • codeclimate no longer runs in this repo

gm-jwt-security

Changed

  • Serve docs as text/plain instead of text/html

Added

  • Initial Boring support

  • Ability to set the log level from the API

gm-jwt-security-gov

Added

  • Add /logging endpoint

Fixed

  • Use text/plain instead of text/html for docs page

gm-dashboard

Added

  • add feature flags

  • display all supported network filters in config pane

  • multi-mesh integration

    • ability to sort and filter by mesh

    • ability to sort and filter by mesh type

    • ability to view istio based services in mesh view

  • new ux for mesh list view

  • anomaly detection view (EXPERIMENTAL)

  • health widget (EXPERIMENTAL)

  • display jwt-keycloak metadata (EXPERIMENTAL)

Fixed

  • display active filters regardless of whether active_http_filters or active_network_filters use dot or underscore as the delimiter

  • config pane now renders selected service

  • ignore defaults in url state

  • Config pane close button ux

  • Bug where warning counts were not displayed in service view

gm-catalog

Added

  • Support for Istio mesh service discovery

  • Reporting of instance health statuses, including non-responsive instances

  • Expose all instance metadata reported from xDS, including the instance address

  • Extensions per mesh for data aggregation from various services (e.g. LAD)

  • Labeling of mesh assets with arbitrary key-value pairs

  • Ability to seed initial data via configured JSON or YAML file

  • Enable building with BoringSSL by setting `ENABLE_BORINGSSL=1`

Changed

  • Updated catalog structure to support multi-zone in multi-mesh

  • Generalized API to support multiple mesh types (e.g. Istio)

  • Updated API fields to use snake case over camel case formatting

  • Support consuming xDS v3 resources from Control

  • Make configuring a specific discovery cluster (i.e. `edge`) optional

gm-slo

Features

  • Support multi-mesh objectives

Deprecated

  • Remove business impacts

Fixes

  • Update alpine base image

  • Update npm dependencies

greymatter cli

Added

  • Support for CA certs via `api.ssltrust` and `catalog.ssltrust`

  • Enable building with BoringSSL by setting `ENABLE_BORINGSSL=1`

Changed

  • Replaced Catalog v1 support with Catalog v2 via `catalog-mesh` and `catalog-service` objects

sense-lad (experimental)

Initial release of Log Anomaly Detection functionality

Added

  • Persistent monitoring and storage of anomalous logs with heatmaps and adjacent lines

  • Automatic collection and training on new incoming Kubernetes logs delivered by Fluent Bit or FluentD

  • User controls for feedback, retraining, and tuning

  • Flood mitigation with graceful degradation and circuit breakers

  • Status and statistics

Changed

  • Upgraded PyTorch to 1.8.1 for performance improvements

  • Performance improvements in caching

Fixed

  • Bug in bounded simple queue injected into ThreadPoolExecutor was causing monitoring queue hangs

gm-data

Added

  • JWK support. Env var JWK can contain either a base64 encoded JWK file, or the location of a mounted plaintext JWK file. This exists to facilitate situations where the JWT signing keys originate in JWK format rather than PEM format, such as what happens with Keycloak.

  • Azure support. Set env vars: AZURE_ENDPOINT, AZURE_STORAGE_ACCOUNT, AZURE_STORAGE_ACCESS_KEY, AZURE_STORAGE_CONTAINER

Changed

  • Move up to Go1.16 for boring ssl

  • Require env variable GODEBUG=x509ignoreCN=0 to connect to servers without a proper SAN

  • Enable playground by default, and fix bug that prevented playground UI from working

gm-apier

Fixed

  • Prohibit local variable access in query string

Changed

  • Make query parsing error messages more descriptive

  • Update ROOT_PATH, DOCS_URL, and REDOC_URL defaults and docs

Known Bugs

  • If gm-control is asked to watch a Kubernetes namespace it does not have RBAC permissions for, it will crash.

Previous
Overview
Next - Installation
Set up the CLI
1
Last updated 1 month ago
Contents
Artifacts
gm-proxy
gm-control & gm-control-api
gm-jwt-security
gm-jwt-security-gov
gm-dashboard
gm-catalog
gm-slo
greymatter cli
sense-lad (experimental)
gm-data
gm-apier
Known Bugs