Recently, we've introduced and updated some new features, including adding
max_pending_entriesto all logger plugins, supporting SCRAM Authentication forkafka-loggerplugin, etc. For more details, please read this month's newsletter.
Introduction
From its inception, the Apache APISIX project has embraced the ethos of open-source community collaboration, propelling it into the ranks of the most active global open-source API gateway projects. The proverbial wisdom of 'teamwork makes the dream work' rings true in our way and is made possible by the collective effort of our community.
From October 1st to October 31st, 9 contributors made 73 commits to Apache APISIX. We sincerely appreciate your contributions to Apache APISIX.
Contributor Statistics
Feature Highlights
1. Add max_pending_entries to All Logger Plugins
PR: https://github.com/apache/apisix/pull/12709
Contributor: Revolyssup
When external logging services like Kafka are slow or unavailable, a backlog of unsent log entries can rapidly accumulate, leading to memory spikes. This PR extends the existing max_pending_entries configuration from the kafka-logger plugin to all logger plugins. It provides a configurable queue limit. When reached, new logs are dropped, ensuring system stability.
2. Update Resource Name Length Limit for Routes
PR: https://github.com/apache/apisix/pull/11822
Contributor: csotiriou
This PR increases the maximum allowed length for a route's name. The limit has been extended to three times the previous default value. This change is necessary because when using the APISIX Ingress Controller, route names are automatically generated by concatenating the Kubernetes namespace with other identifiers, which can easily exceed the original length restriction.
3. Support SCRAM Authentication for kafka-logger Plugin
PR: https://github.com/apache/apisix/pull/12693
Contributor: Revolyssup
This PR adds support for SCRAM (Salted Challenge Response Authentication Mechanism) authentication to enhance security. While the underlying Kafka client library already supported SCRAM, the plugin itself was limited to only PLAIN authentication. This update bridges that gap, providing a more secure authentication option for connecting to Kafka clusters.
4. Refactor Secret Management with URI-Based Caching
PR: https://github.com/apache/apisix/pull/12682
Contributor: Revolyssup
This PR refactors apisix/secret.lua to use URL as the cache key, and we only cache the result of the fetch(uri) function. It also allows the LRU cache to support separate cache instances for successful and failed secret fetch operations, allowing independent cache configuration. Additionally, the fetch_secrets() API is simplified by removing redundant parameters, as keys are now resolved internally.
5. Add Support for Wildcard SNI Matching in SSL Configuration
PR: https://github.com/apache/apisix/pull/12668
Contributor: Revolyssup
This PR enhances APISIX's SSL SNI matching capability by adding support for complete wildcard (*) values. Previously, APISIX only supported exact domain matching (e.g., abc.test.com) and partial wildcards (e.g., .test.com), but lacked support for the universal wildcard.
This addition ensures compatibility with the Gateway API's HTTPSListener specification, meeting its core consistency test requirements for handling SSL connections with wildcard server name indications.
Recommended Blogs
We are glad to release Apache APISIX 3.14.1 with a bug fix to improve user experiences.
This release introduces several new features, including new AI proxy variables for logging, support for AI/ML API providers in AI plugins, route matching based on the request body, support for the KSUID algorithm in the request-id plugin, and more.