You can see the latest product updates for all of Google Cloud on the Google Cloud page, browse and filter all release notes in the Google Cloud console, or programmatically access release notes in BigQuery.
To get the latest product updates delivered to you, add the URL of this page to your feed reader, or add the feed URL directly.
November 08, 2023
Cloud Service Mesh advanced load balancing, which is in Preview, is updated to include failover health threshold configuration.
July 14, 2023
Read Envoy Security Bulletin CVE-2023-35945 about Envoy security vulnerabilities and update Envoy proxies in your Cloud Service Mesh installation to Envoy release 1.24.9, 1.25.8 or 1.26.3.
January 11, 2023
gRPC Java releases 1.51.0, 1.51.1, and 1.52.0 have an important bug that can cause them to stop receiving updates from Cloud Service Mesh. We encourage users of gRPC Java to avoid these releases and use the older v1.50.x until patch releases with fixes are available. See the public gRPC announcement for more information.
December 16, 2022
A new series of enhancements for handling locality load balancing in proxyless mesh deployments is now available in GA. These enhancements let you do the following:
Create and use a list of preferred load-balancing policies. With this feature, if your first preferred policy can't be used by a particular client, gRPC falls back to the next policy on the list.
Use a custom load-balancing policy that you created and deployed with gRPC. As part of a related gRPC enhancement, a new set of APIs lets you capture metrics about query cost and server utilization. You can use these APIs to fine-tune your custom policy.
For more information about using these features, see Locality load balancing.
November 23, 2022
Cloud Service Mesh deployment with automatic Envoy injection for GKE Pods currently installs Envoy version v1.24.0.
November 18, 2022
The backendServices API reference documentation now reflects that the outlierDetection object supports gRPC clients.
For more information about using the outlier detection feature with proxyless service mesh deployments, see the Outlier detection section of the Cloud Service Mesh documentation.
October 27, 2022
Cloud Service Mesh deployment with automatic Envoy injection for Google Kubernetes Engine Pods currently installs Envoy version 1.20.0.
September 23, 2022
Cloud Service Mesh now supports outlier detection for proxyless service mesh deployments. Outlier detection lets you identify and temporarily eject unhealthy hosts from the load-balancing pool. gRPC evaluates hosts based on success rate—the frequency with which a host successfully handles requests. When you configure outlier detection through Cloud Service Mesh, you can fine-tune how gRPC assesses hosts and how it handles outliers.
September 19, 2022
The Cloud Service Mesh service routing APIs are now in General Availability. The APIs simplify routing and service mesh configuration with new Mesh, Gateway, and Route resources.
May 18, 2022
Cloud Service Mesh for GKE now supports using the Kubernetes Gateway APIs to create a service mesh.
Cloud Service Mesh control plane logging and monitoring now supports request count by zone, in addition to DS API Connected Streams and request count.
May 02, 2022
Cloud Service Mesh's service routing APIs now include Gateway TLS routing.
March 14, 2022
A new client_zone label is added to the Connected Streams metric. The new label might introduce a breaking change. The change creates a stream discontinuity, which might have some effect on your monitoring, depending on whether you configured an alert on this metric.
February 24, 2022
Read Security Bulletin GCP-2022-008 about Envoy security vulnerabilities and update Envoy proxies in your Cloud Service Mesh installation to Envoy release 1.21.1.
February 15, 2022
Cloud Service Mesh is now integrated with Service Directory. After you register a service with Service Directory, the integration makes services in the service registry available to the applications in your mesh and to gateways configured by Cloud Service Mesh. Your service mesh and self- managed gateways can then send traffic to these services.
February 04, 2022
Cloud Service Mesh's new service routing APIs are available in preview. The new APIs simplify routing and service mesh configuration with new Mesh, Gateway, and Route resources.
Related to this change, ]new options are available for automated Envoy deployment](/service-mesh/legacy/load-balancing-apis/auto-vms-options).
December 16, 2021
December 13, 2021
Control plane observability is now in Preview. This lets you view logs and metrics for the Cloud Service Mesh control plane. For more information, see Control plane observability.
December 01, 2021
Cloud Service Mesh support for Client Status Discovery Service (CSDS) API is now in General Availability. The CSDS API lets you see which clients are connected to Cloud Service Mesh and to inspect the configuration that Cloud Service Mesh generates for its clients. For more information, see Understanding client status.
November 15, 2021
Cloud Service Mesh service security for GKE is now in General Availability. This provides the following:
Authentication and encryption using transport layer security (TLS) and mutual TLS (mTLS) for both Cloud Service Mesh with Envoy and proxyless gRPC applications. Server TLS policies and client TLS policies control whether services need to prove their identities to each other and use encrypted communication channels.
Authorization, based on characteristics of the client and the request. Authorization policies control whether a service is permitted to access another service, and which actions are allowed. Authorization is currently available only for Cloud Service Mesh with Envoy.
For more information, see the service security documentation and setup guides.
October 21, 2021
Cloud Service Mesh with internet NEGs of the type INTERNET_FQDN_PORT is now in General Availability. For full details, see Cloud Service Mesh with internet network endpoint groups.
October 20, 2021
Cloud Service Mesh security service with GKE is now in General Availability for proxyless gRPC services. The changes in this release include:
- Support for the Certificate Authority Service GA API, using CA pools instead of individual CAs.
- Promoting the network-services and network-security CLI/APIs to general availability.
- Security is enabled by default in gRPC libraries and the gRPC PSM bootstrap generator.
- Cloud Logging enhancements to aid in debugging run-time errors and conflicts. Support for proxyless gRPC and Envoy interoperability with security enabled.
- Config Connector support for proxyless gRPC security.
- Use of the new --enable-mesh-certificates GKE flag.
- Support for the GA version of WorkloadCertificateConfig and TrustConfig in GKE.
- Wallet example upgraded to use PSM security .
August 30, 2021
Cloud Service Mesh deployed with proxyless gRPC can now use the advanced traffic management features retry and session affinity.
July 15, 2021
Cloud Service Mesh can now use internet NEGs of the type INTERNET_FQDN_PORT to route traffic to private services that are reachable using hybrid connectivity, including named on-premises, multicloud, and internet services. For full details, see Cloud Service Mesh with internet network endpoint groups.
June 29, 2021
You can now use VPC Service Controls with Cloud Service Mesh. You can add projects to service perimeters that protect resources and services (like Cloud Service Mesh) from requests that originate outside the perimeter. To learn more about VPC Service Controls, see the VPC Service Controls overview.
June 02, 2021
Support for Go is added to Cloud Service Mesh service security with proxyless gRPC.
May 19, 2021
Cloud Service Mesh service security with GKE is now available in Public Preview. This provides the following:
Authentication and encryption using transport layer security (TLS) and mutual TLS (mTLS) for both Cloud Service Mesh with Envoy and proxyless gRPC applications. Server TLS policies and client TLS policies control whether services need to prove their identities to each other and use encrypted communication channels.
Authorization, based on characteristics of the client and the request. Authorization policies control whether a service is permitted to access another service, and which actions are allowed. Authorization is currently available only for Cloud Service Mesh with Envoy.
May 13, 2021
Fixed an issue where the Services user interface would display a warning if a service had a mix of healthy backend groups (x out of x healthy endpoints) and empty backend groups (0 out of 0 healthy endpoints). Now, services that have a mix of healthy backend groups and empty backend groups are shown as healthy.
May 07, 2021
gRPC's observability features can now be used with services that use Cloud Service Mesh, including monitoring and tracing metrics that help you solve issues with your deployment. For more details, see Observability with proxyless gRPC applications.
Proxyless gRPC applications can now use these advanced traffic management features:
- Circuit breaking
- Fault injection
- Max stream duration
For complete information, see Configure advanced traffic management with proxyless gRPC services.
April 22, 2021
Fixed an issue that caused unexpected behavior when handling malformed HTTP requests.
April 13, 2021
Cloud Service Mesh now supports the Client Status Discovery Service (CSDS) API, enabling you to see which clients are connected to Cloud Service Mesh and to inspect the configuration that Cloud Service Mesh generates for its clients. For more information, see Understanding client status.
April 12, 2021
Cloud Service Mesh now supports TCP-based services in GA. This brings service discovery, global load balancing, failover and many other Cloud Service Mesh capabilities to your non-HTTP services. See the setup guide to get started and the target proxies documentation for helpful background information.
March 22, 2021
Cloud Service Mesh support for xDS clients that connect and request configuration using the xDS v3 API is now Generally Available. All guides have been updated to use xDS v3.
January 21, 2021
Cloud Service Mesh support for xDS clients that connect and request configuration using the xDS v3 API is now in Preview.
January 05, 2021
Cloud Service Mesh now supports TCP-based services in Preview. This brings service discovery, global load balancing, failover and many other Cloud Service Mesh capabilities to your non-HTTP services. See the setup guide to get started and the target proxies documentation for helpful background information.
November 12, 2020
Cloud Service Mesh now supports multi-environment deployments. The hybrid connectivity network endpoint group (NEG) is in General Availability. The documentation includes an overview of the feature and a tutorial,Network edge services for multi-environment (on-premises, multi-cloud) deployments.
September 29, 2020
Automated Envoy deployment for Google Compute Engine VMs is now in General Availability.
September 03, 2020
Cloud Service Mesh can now be set up for GKE Pods with automatic Envoy injection.
August 26, 2020
Cloud Service Mesh supports advanced traffic management features with proxyless gRPC applications in General Availability. This release includes path- and header-based routing, as well as weight-based traffic splitting.
July 21, 2020
Cloud Service Mesh supports proxyless gRPC applications in General Availability. In this deployment model, gRPC applications can participate in a service mesh without needing a sidecar proxy.
July 07, 2020
Cloud Service Mesh now supports Automated Envoy deployment for Google Compute Engine VMs in Beta.
May 06, 2020
A new document is added to Cloud Service Mesh: Ingress traffic for your mesh.
April 15, 2020
A new document, Cloud Service Mesh features, is published.
November 15, 2019
Cloud Service Mesh traffic management with route rules and traffic policies is available in General Availability.
July 08, 2019
Cloud Service Mesh traffic management with route rules and traffic policies is available in Beta.
June 20, 2019
Cloud Service Mesh is available in GA.
March 15, 2019
Cloud Service Mesh is available in Beta.