Releases: linkerd/linkerd2-proxy
Releases · linkerd/linkerd2-proxy
v2.122.0
This release addresses some issues reported around clients seeing max-concurrency errors by increasing the default in-flight request limit to 100K pending requests. Additionally, the proxy now sets an appropriate content-type when synthesizing gRPC error responses.
v2.121.0
This release changes error handling to teardown the server-side connection when an unexpected error is encountered. Additionaly, the outbound TCP routing stack can now skip redundant service discovery lookups when profile responses include endpoint information. Finally, the cache implementation has been updated to reduce latency by removing unnecessary buffers.
v2.120.0
This release modifies the outbound proxy to bypass service discovery and load balancing when the control plane does not provide a resolveable service name. The control plane may optionally provide endpoint metadata so that mTLS can be established, metrics can be labeled, etc, without further discovery. HTTP/2 clients and servers are now configured to send PING messages to validate that the peer application is able to serve requests.
v2.119.0
This release modifies the default idle timeout to 5s for outbound clients and 20s for inbound clients. This prevents idle clients from consuming memory at the cost of performing more discovery resolutions for periodic but infrequent traffic. This is intended to reduce the proxy's memory footprint, especially on Prometheus instances. The proxy's *ring* and rustls dependencies have also been updated.
v2.118.0
This release adds a support for the LINKERD2_PROXY_CORES environment variable. When set, the value may limit the proxy's runtime resources so that it does not allocate a thread per core available from the host operating system.
v2.117.0
This release adds an 'ingress mode' to support per-request routing for HTTP ingresses. Additionally, the performance impact of logging should be reduced when the proxy log level is not set to `debug` or `trace`.
v2.116.0
This release fixes a minor regression in outbound tap data, where the source TCP address was omitted. This release also improves logging: - uptime formatting is fixed to only display microsecond granularity, which fixes formatting/alignment inconsistencies. - The `off` log level is now special-cased to entirely disable the logging subsystem. This can substantially reduce memory usage.
v2.115.0
This release fixes several recent regressions: 1. The proxy could incorrectly emit inbound requests with absolute-form URIs. 2. Inbound tap metadata did not include source addresses or identities. 3. Gateway requests included the incorrect port in the `l5d-dst-canonical` header. 4. Gateway requests never included a `Host` header. Furthermore, support for the `LINKERD2_PROXY_OUTBOUND_PORTS_DISABLE_PROTOCOL_DETECTION` environment variable has been removed in anticipation of control plane changes that will provide this configuration via service profiles. This configuration is never set by the proxy injector, so this change does not pose any issues with regard to compatibility.
v2.114.0
This release overhauls the discovery and routing logic implemented by the proxy: instead of looking at HTTP request metadata for service discovery, the outbound proxy now exclusively use each connection's target IP:PORT. This eager resolution eliminates per-request cache binding; and supports using TrafficSplit with non-HTTP services. This has a few side effects: - The `l5d-dst-override` header is no longer honored. - When the application attempts to connect to a pod IP, the proxy no longer load balances these requests among all pods in the service. The proxy will now honor session-stickiness as selected by an application-level load balancer. - `TrafficSplits` are only applied when a client targets a service's IP. - The proxy no longer performs DNS "canonicalization" to translate relative host header names to a fully-qualified form.
v2.113.2-test
Fixes outbound caching