News KrakenD CE v2.10 released with new Docker official image, LRU cache, and more

Return to blog's homepage

Blog categories

Product UpdatesSecurity

4 min read

KrakenD CE v2.10 released with new Docker official image, LRU cache, and more

by Albert Lombarte

We’re excited to announce that KrakenD v2.10 is out now! This release brings new features, enhancements for developers, important deprecations, and critical fixes that improve your KrakenD experience. Let’s dive into what’s new:

Goodbye Docker image! Hello, Official Docker image!

As we announced a few days ago, KrakenD is now an official Docker image! 🎉

The old image devopsfaith/krakend is now deprecated and no longer maintained. Please rename your Docker image source to the official krakend image to continue receiving security updates and verified builds. Enterprise users will continue to use krakend/krakend-ee as before, no changes are required.

Starting from version 2.9.3, you should stop pulling from devopsfaith/krakend and pull KrakenD directly from Docker Hub using the new krakend image. The patch version 2.9.3 was the last one available on devopsfaith/krakend and 2.9.4, 2.10, and future versions are on the official image only:

docker pull krakend:2.10

🛑 Takeaways:

  • KrakenD Community Edition releases will be available only under the krakend Docker official image.
  • The :watch tag will not be maintained anymore for open source, but you can easily build it yourself.
  • Older versions (<2.9.3) remain under devopsfaith/krakend, but won’t receive any updates or patches.

Switch now to ensure your deployments stay secure, supported, and officially verified!

LRU Caching!

If you were using the cache component, it introduces a new LRU Cache algorithm. It means that you can limit the cache size and have automatic evictions when you surpass the limits. This option is much safer on installations where the cache size is hard to estimate.

To use the new LRU Cache, you must add two new parameters:

  • max_size: To control memory usage.
  • max_items: To limit the number of stored items.

See the documentation for the LRU cache, and add this option for extra safety.

More Lua Power with http_response

We’ve added the http_response function to the modifier/lua-endpoint, giving you more flexibility when handling and modifying extra HTTP responses programmatically. See the documentation.

OpenTelemetry Improvements

With the OpenTelemetry additions you can now:

  • Connect to insecure HTTP, not just HTTPS. This enhancement is especially useful for internal observability setups where encryption might not be required.
  • Add the new deploy_env attribute to identify your deployment environment (e.g., staging, production).
  • Override the global metric reporting period per exporter with custom_metric_reporting_period.

More on OpenTelemetry

Improved Logging and Auditing

A feature that has been asked over time is the Status Code Logging: KrakenD now logs the original backend status code in the application logs when there is an error. Example:

WARNING [BACKEND: GET /endpoint/foo -> POST /backend/bar][Client] Status: 403

In addition, the audit command adds new rules.

🚀 Summary of changes for CEv2.10

KrakenD is now an official Docker image! Plus LRU caching, Lua http_response flexibility, OTEL improvements, JWT x5t#s256, enhanced logging, and new audit rules.

  • Added an algorithm LRU Cache set through max_size and max_items attributes that sets eviction options.
  • Lua function http_response has been added to the modifier/lua-endpoint to add more flexibility.
  • Added support for insecure HTTP connections on OpenTelemetry (as opposed to only HTTPS)
  • Log the original status code from the backend in the application logger when there is an invalid status code.
  • The audit command has added a new rule recommending limiting the cached content.
  • Added a new attribute deploy_env to the OTEL component to identify the environment of the deployment (e.g., staging, production, etc.)
  • When getting errors from a backend, the status code is now logged as a warning in the console with a syntax like WARNING [BACKEND: GET /endpoint/foo -> POST /backend/bar][Client] Status: 403.
  • Added support for x5t#s256 key identification strategy in JWT Validation
  • Add an attribute custom_metric_reporting_period to OTEL allowing to set a custom reporting period for a specific exporter, overriding the global one.
  • Removed a non-printable character from the Docker entrypoint that raised an error message on execution
  • CORS component: Fix log pump to remove padding and size limit for the debug messages
  • The devopsfaith/krakend Docker container is no longer maintained because krakend is now an official Docker image. Please use the krakend image instead.

Upgrading to the latest version is always advised.

Compare versions
Upgrade to v2.10

Happy building! 🐙

Categories: Product UpdatesSecurity

Stay up to date with KrakenD releases and important updates