Announcing TSB 1.11
Introducing Tetrate Service Bridge (TSB) version 1.11.0
– TSB continues to empower enterprise connectivity with its latest advancements in segmentation, proxy reliability, and gateway failover.
With 1.11.0
, platform, security, and application teams gain greater control over infrastructure through Segmentation Policies
for resource and traffic isolation, seamless Kong Gateway migration with TSB Kong Extensions, and optimized gateway stability with Weighted Tier1 Gateway Failover. Additionally, TSB 1.11.0 enhances proxy adherence to Envoy Best Practices for improved security and reliability, alongside multiple UI and troubleshooting improvements to enhance user experience and simplify operations.
New Features and Improvements
- Segmentation Policies - Alpha Functionality for Early Access:
- TSB
1.11.0
includes an Alpha early access preview of the Segmentation feature, which allows platform admins, and in a future release app developers, to manage service to service traffic authorization policies, making it easier to control platform, security, and application boundaries for different teams and organizational needs. - This feature is in active development, and may change or be removed in future releases. To enable this capability in a non-production environment, please talk to your Tetrate support contact.
- TSB
- TSB Kong Extensions - Alpha Functionality for Early Access:
- TSB
1.11.0
includes an Alpha early access preview of TSB Kong Extension feature, which supports transitioning from Kong Gateway to TSB Gateway using thetetrate-kong-extender
sidecar, providing a drop-in replacement for Kong libraries and user-defined plugins, with support for mounting custom plugins via ConfigMap and maintaining a similar configuration interface. - This feature is in active development, and may change or be removed in future releases. To enable this capability in a non-production environment, please talk to your Tetrate support contact.
- TSB
- Configuration Profiles - Improved Alpha Functionality for Early Access:
- Configuration inheritance related issues found in the initial Alpha release of Configuration Profiles have been addressed, and the feature is now in an improved Alpha state.
- Configuration Profiles enable the creation of pre-set configuration templates that can be defined and attached at various hierarchy levels (Organization, Tenant, Workspace, Group).
- Configuration Profiles serve as default settings until overridden by more specific configurations down the TSB hierarchy. Next to defaults, Configuration Profile mandates allow settings to be enforced at a specific level in the hierarchy and prohibit overrides.
- Configuration Profiles API will undergo breaking changes in TSB
1.12
, so please use with extreme caution. To enable this capability in a non-production environment, please talk to your Tetrate support contact.
- Configuration inheritance related issues found in the initial Alpha release of Configuration Profiles have been addressed, and the feature is now in an improved Alpha state.
- Enhanced Edge Gateway Weighted Distribution & Failover:
- The Weighted Tier1 Gateway Failover feature ensures seamless traffic failover to the next prioritized cluster if an endpoint fails, improving reliability for weighted Tier1 Unified Gateway configurations.
- Enhanced Proxy Reliability with Envoy Best Practices:
- TSB Gateway proxies now follow Envoy Best Practices for edge configurations, enhancing security, reliability, and performance in line with recommended standards.
- Support for Maximum Connection Duration settings:
- In compliance with NIST.SP.800-204A::SM-DR14 specification, Workspace Traffic Settings now allow for the setting of Maximum Connection Duration and Maximum Stream Duration for HTTP and TCP Traffic for securely handlling certificate reissue. These settings can be applied to any Sidecar or Gateway.
- Troubleshooting Enhancements:
- Application Developers can now go through guided scenario based Troubleshooting workflows in the UI for common error conditions.
- UI users informed of any workspaces with configuration errors upon login
- User and System Audit events visualization is now available on the main topology view to quickly identify configuration changes.
- Cluster Proxy Tools have been updated to use Management Plane APIs to add a layer of access permissions for users.
- Service Tracing now has a Tree view for an alternate view of call traces
- Multiple UI improvements: We have made several UI improvements to enhance user experience, including:
- Service Dependencies can be highlighted from the main topology.
- A new setting for simple popups showing only the core metrics has been added to main topology.
- Workspace Propagation is now also available at the Workspace level for a scoped view in large deployments.
- All columns in table views now have sorting capabilities.
- SPIFEE IDs for Services added as part of a Service's attributes in the Topology and Metrics views.
Additional Enhancements
Refer to TSB 1.11 Release Notes for complete list of additional improvements in TSB 1.11
Deprecations
Feature | Deprecation Release | End of Life Release | Notes |
---|---|---|---|
Tier 1 Gateway | 1.10.0 | 1.14.0 | Migrate to Unified Gateway |
Ingress (Tier 2) Gateway | 1.10.0 | 1.14.0 | Migrate to Unified Gateway |
Egress Gateway | 1.10.0 | 1.14.0 | Migrate to Unified Gateway |
Applications | 1.11.0 | 1.13.0 | Discontinue use |
Upgrade Notes
Get Started with Tetrate Service Bridge
To get started with Tetrate Service Bridge:
- Review the Initial Requirements and identify the target platform
- Determine if you wish to:
- follow a quick demo installation
- perform a more-involved production-ready installation (Management Plane, Cluster Onboarding)
- apply an upgrade to an existing Tetrate Service Bridge deployment
Don't hesitate to reach out to your Tetrate support contact if you have any questions.
📄️ Announcing TSB 1.11
Tetrate Service Bridge 1.11 release overview
📄️ Release Notes
Version 1.11.0
📄️ Feature Status
Status of included features
📄️ Support Policy
TSB support policy, release schedule, and component version matrix