These are the highlights of new features or additions to existing features in 8.0.0. For the complete list of all changes see this Github PR list.
Overview
- ATS 8.0.0 Release Notes
New Features
Proxy protocol v1 incoming connection support
- Moving to YAML for configuration
- Logging configuration - logging.yaml
- SSL/TLS incoming and outgoing configuration - ssl_server_name.yaml
- more configuration files to be converted in the future
- Logging configuration - logging.yaml
- SNI Config enables configuration of inbound and outbound TLS attributes on a per server name basis. This feature is configured via ssl_server_name.config.
- Openssl ASYNC_*_job support available during TLS handshake. Enabled via proxy.config.ssl.async.handshake.enabled. Crypto engines can be specified via an openssl.cnf file specifed in proxy.config.ssl.engine.conf_file.
- External manipulation of the cache via the Cache Tool.
- Body factory now supports default per custom set.
- Remap address specifications can now be in CIDR notation.
- Graceful shutdown. The "--drain" option is added on traffic_ctl server restart and stop.
Deprecated Features
Future Deprecated Features
- None
New Configuration Options
- proxy.config.ssl.server.TLSv1_3.cipher_suites - configures the cipher_suites for TLS v1.3 connections from client
- proxy.config.ssl.client.TLSv1_3.cipher_suites - configures the cipher_suites for TLSv1.3 connections to origin or next hop
- proxy.config.http.insert_forwarded - support for the Forwarded header.
- proxy.config.http.negative_caching_list - control the status codes that are negatively cached.
- proxy.config.http.insert_request_via_str - More control over the contents of the Via header.
- proxy.config.diags.debug.client_ip - enable debug messages for transactions from a specific IP address.
New Log Fields
- crec - error code which TS received
- ctec - error code which TS transmitted
- crsc - Cache Result Sub-Code. More specific code to complement the Cache Result Code.
New Metrics
New Promoted Plugins
- cache_promote - provides a means to control when an object should be allowed to enter the cache
- cachekey - allows some common cache key manipulations based on various HTTP request components
- lua - implement ATS plugin by writing Lua script instead of C code
- escalate - try an alternate origin when the origin server in the remap rule is either unavailable or returns specific HTTP error codes
New Plugins (in experimental)
- access_control - common use-cases related to providing access control to the objects stored in CDN cache
- fq_pacing - rate limit an individual TCP connection, based on Linux support for the Fair Queuing qdisc
- prefetch - increase the cache-hit ratio for a sequence of objects which URL paths follow a common pattern
- tls_bridge - enable secure transit via paired ATS instances
- traffic_dump - dump transactions in replay file format.
- uri_signing - implements the draft URI Signing protocol documented here: https://tools.ietf.org/html/draft-ietf-cdni-uri-signing-12
Existing Plugins
- The existing plugins were updated to be more stylistically correct and be better examples.
header_rewrite - the INBOUND condition was added.
Developer Notices
- C++17 is now required for building.
- A specific callback can be added to a hook only once.
- New internal libraries - BufferWriter, TextView
- Transaction and Session arguments are now separately reserved. Similar arguments are supported for TSVConn instances.