This document covers:
- New features or functionalities
- Enhancements to existing features or functionalities
- Open issues or known issues
- Fixed issues
vK8s PVC Storage on Regional Edges
Volterra Regional Edge sites the Volterra ADN now support Persistent Volume Claims (PVC) for vK8s pods.
Ability to Select a List of Sites for vK8s Objects
This feature provides the ability to select a list of sites (using the
ves-io/sites: site1,site2 annotation) for vK8s objects. This is an enhancement to the current ability to select a list of virtual sites(using the
ves.io/virtual-sites: vsite1,vsite2 annotation).
See vK8s Resource Management for more details.
Audit Logs for Operations on K8s Objects in vK8sThis feature enables audit logs for the Create/Update operations on K8s objects (such as deployment, service, etc.) in vK8s.
Ability to Test Alert Notifications
This feature enables user to test alert notifications to an alert receiver. Once an alert receiver is created, a verify API on the alert receiver will generate a test alert to that receiver.
API User/Client Rate Limiting
This feature introduces the support for rate limiting the number of API requests per user over a time period. Rate limiting per user is based on the user identification configured on the ratelimiter object. For more information, see Configure Rate Limiting.
Support TLS Fingerprinting in Service Policy Rules
This feature introduces the support for configuring a service policy rule to match TLS fingerprint and action. Actions are deny and rate-limit. For more information, see Configure TLS Fingerprinting.
Two Factor Authentication (2FA) VoltConsle Support
This feature introduces support for enabling 2FA for all plans for customers who use Volterra for authentication. This does not apply to tenants that use SSO for authentication.
API Tokens for Volterra APIs
This feature introduces support for API tokens to be used with Volterra APIs. This is in addition to the already supported API certificates. For more information, see Obtain Credentials.
Delegate Domains to Volterra
This feature introduces support for delegation of domains to Volterra for DNS management. When a domain is delegated to Volterra, all subsequent HTTP load balancer names created will result in the proper DNS RR records to be created. For more information, see Delegate Domains.
HTTPS Load Balancer Automatic SSL certificate Creation for Delegated Domains
This feature introduces support to enable automatic TLS certificate minting and verifying for a HTTPS load balancer provided a DNS domain is delegated to Volterra. For more information, see Create HTTP Load Balancer.
Support for GCP
This feature introduces support for site deployment in GCP using the Volterra Node GCP images.
CentOS Support for VMWare ImagesVolterra Node CentOS support is introduced on VMware ESXi hypervisors.
Verify Domain Ownership in the Bring Your Own Certificate (BYOC)Volterra will confirm domain ownership by verifying the domain in the virtual-host field matches that in the TLS certificates. If there is no match, the configuration is rejected.
Enable Wizard Forms for Alert NotificationsThis feature presents simplified configuration views for alert notifications.
Volterra Site on MiniKube, EKS, and AKSThis feature introduces the ability to deploy a Volterra node on MiniKube, EKS, and AKS for site creation and use in VoltConsole tenant.
vK8s: K8s Pod DeleteThis feature introduces support for pod deletion in vK8s and is supported using kubectl.
Support API TokenIn addition to certificates, this introduces support for API tokens for 3rd party/external API to access VoltConsole services.
Network policies to implicitly deny traffic is now the system default behavior the moment network policy is configured. Prior to R1.2, the behavior was an implicit allow. In case you have an existing network policy set with no explicit rule to allow the ingress or egress traffic, the traffic will be dropped.