News How KrakenD Solves API Gateway Security Vulnerabilities

Return to blog's homepage

Blog categories

Product Updates

3 min read

KrakenD 0.8 released

by Albert Lombarte

KrakenD 0.8 is a significant release as it brings numerous code changes and functionality. The framework brings +100 commits, the gateway +50 commits and even more changes in the components. A lot of refactoring and component updates has taken place. The big picture is a move from a single binary application to become a package with several internal binaries.

See the details below.

KrakenD framework

The KrakenD framework brings +100 commits compared to 0.7. Several changes in the router functionality have been done: two new routers are available, being Chi and httpmux. Also, the Mux router has now the same features that the Gin router had (like multi-method). The router changes have been driven mostly thanks to the community.

The most significant changes are:

  • New routers! Chi and httpmux
  • Mux based routers add multiple methods in same URL pattern (thanks to the Mail.ru team, Спасибо!). Mux based features now are like the Gin’s ones
  • Added integration tests that complement the existing unit tests.
  • Mixing mandatory and optional query strings parameters is now possible
  • Error interface added
  • Shadow backends or Traffic mirroring is now available
  • Improved response headers
  • Bugfixing in sequential backends (cascading requests)
  • A detailed HTTP executor

Link to 0.8.0 release notes

KrakenD API Gateway

The KrakenD API Gateway binary comes with all the framework updates and all the component changes (listed in krakend-contrib), which is a considerable list!.

The project has split into a package for building the CE gateway and several binaries. It also brings now tons of integration tests!

The summary of changes is:

  • Updated to Go 1.12
  • Many improvements on the logging:
    • Startup logs
    • GELF formatter
    • Logstash logger integration
    • Added logging to the circuit breaker to warn every time the circuit is opened/closed (Thanks to Letgo, gràcies!)
    • Metrics log removed
  • Forbidden and unauthorized responses
  • New CEL module (JWT, request, and response), see below
  • Client headers are now case insensitive
  • Added a wildcard option to forward all query strings and headers to the backend
  • Possibility to include error details into the response
  • Etcd client updated to 3.3
  • Influx client updated
  • Reuse OAuth2 client sessions
  • JWK client supports local CA
  • Chained token rejecters

Between 0.7 and 0.8, we published an intermediate release 0.7.1 which only updated Go to 1.11.5. This release was to make sure the crypto/elliptic Go bug didn’t affect KrakenD.

Link to 0.8.0 release notes

Download KrakenD now

Middleware and other features

New middleware, changes and other components for KrakenD worth mentioning.

  • CEL module (docs): A new component to add additional logic using the Common Expression Language.

Components upgraded:

  • Circuit breaker
  • Influx
  • Etcd
  • Rate Limit
  • Metrics
  • Oauth2
  • JOSE
  • Spew
  • NewRelic
  • Opencensus
  • Logrus
  • Logstash
  • Consul
  • XML
  • RSS
  • gRPC
  • Bloomfilter

All the middleware and components are listed in our krakend-contrib repository.

Contributors

Special thanks to individuals of the open source community who helped us with this release, shown in no particular order:

Join now our #krakend channel at Gophers on Slack.

Enjoy KrakenD!

Categories: Product Updates
Scarf

Stay up to date with KrakenD releases and important updates