@dadjeibaah dadjeibaah released this Aug 13, 2018 · 2 commits to master since this release

Assets 5

Linkerd 1.4.6 adds even more watch state endpoints to Linkerd's debugging arsenal, allowing you to
inspect the state of Linkerd’s watches easily. This release adds watch state endpoints for the
Kubernetes ConfigMap interpreter as well as the Marathon and filesystem namers.

Full release notes:

  • HTTP/1.1 and HTTP/2
    • Allow HTTP/1.1 and HTTP/2 POST requests to be retryable.
    • Fix an issue where the x-forwarded-client-cert header was not always cleared on incoming requests.
  • Add TLS support for the io.l5d.etcd namer client.
  • Admin
    • Add new io.l5d.marathon, io.l5d.fs, and io.l5d.k8s.configMap watch state endpoints to allow diagnosis of Linkerd’s various watches.
  • Distributed Tracing
    • Add a new io.l5d.zipkin trace propagation plugin that writes Zipkin B3 trace headers to outgoing requests. Previously, Zipkin trace headers were ignored by Linkerd in order for Linkerd to not interfere with other tracing systems like Zipkin.
  • Namerd
    • Add an experimental io.l5d.destination interface which implements the Linkerd destination API.

@adleong adleong released this Jul 13, 2018 · 14 commits to master since this release

Assets 5

Linkerd 1.4.5 contains some minor bugfixes and introduces two much-requested features. First, it is
now possible to selectively disable Linkerd's admin endpoints, e.g., keep the UI functional but to
disable the shutdown endpoint. A huge thanks to Robert Panzer for all his hard work on this.

Second, we've added experimental support for the OpenJ9 JVM.
Preliminary tests with OpenJ9 exhibit a 3x reduction in startup time, a 40% reduction in memory
footprint, and a 3x reduction in p99 latency. You can find a Linkerd+OpenJ9 Docker image at
buoyantio/linkerd:1.4.5-openj9-experimental on Docker Hub.

Full release notes:

  • Add an OpenJ9 configuration for building a Docker image with the OpenJ9 JVM
  • Fix a NullPointerException when using the -validate flag
  • Fix an error where diagnostic tracing did not work when receiving a chunk encoded response
  • Admin
    • Add a security section to the admin config that controls which admin endpoints are enabled
  • HTTP/2
    • Fix a memory leak when there are a large number of reset streams
    • Allow HTTP/2 response classifiers to be loaded as plugins
  • Namerd
    • Fix a memory leak in the the io.l5d.mesh interpreter when idle services are reaped

@dadjeibaah dadjeibaah released this Jul 6, 2018 · 29 commits to master since this release

Assets 5

Linkerd 1.4.4 continues our focus on diagnostics, performance, and stability. This release features
several performance and diagnostics improvements, including better handling of HTTP/2 edge cases,
new watch state introspection for the Consul namer, and better isolation of admin page serving from
the primary data path. It also features a new, pluggable trace propagation module that allows for
easier integration with tracing systems like OpenTracing.

This release features contributions from Salesforce, Walmart, WePay, Comcast, ScalaConsultants,
OfferUp, Buoyant, and more. A big thank you to:

Full release notes:

  • Distributed Tracing
    • Refactor Linkerd's trace propagation module to be pluggable. This allows better integration with
      tracing systems like OpenTracing and allows users to write Linkerd trace propagation plugins for
      arbitrary tracing systems.
  • TLS
    • Deprecate the trustCerts config field in the client TLS section in favor of
      trustCertsBundle. This allows you to use multiple trust certs in one file and avoids the need
      for Linkerd to create temporary files.
  • HTTP, HTTP/2
    • Fix an issue where Linkerd sometimes interprets HTTP/1.0 response with no Content-Length as a
      chunked response.
    • Improve error messages by adding contextual routing information to a ConnectionFailed
      exception sent back to a client via Linkerd.
    • Add a gRPC standard-compliant response classifier.
    • Fix an issue where Linkerd doesn't add an l5d-err header in an HTTP/2 response.
    • Fix an issue where Linkerd does not handle HTTP/2 requests with invalid HTTP status codes
      correctly.
  • Consul
    • Add new watch state instrumentation feature to the io.l5d.consul namer.
    • Fix an issue where the io.l5d.consul namer sometimes does not retry ConnectionRefused
      exception.
    • Fix an issue where the io.l5d.consul namer returns a single IP for a service node instead of
      multiple IP addresses for a service node.
  • Admin
    • Fix an issue where Linkerd may slow down data plane requests when the admin server is under
      heavy load.
    • Improve performance of the Prometheus telemeter when serving metrics for a high cardinality
      of services.
    • Fix an issue where the intepreter_state endpoint was not available for interpreters that
      contained a transformer.
    • Fix the namer_state endpoint to expose namers that use transformers.
  • Namerd
    • Fix an issue where null values were accepted by the Dtab HTTP API.

@dadjeibaah dadjeibaah released this Jun 13, 2018 · 57 commits to master since this release

Assets 5

This is a follow up release that includes diagnostic tracing for H2 requests.

Full release notes:

  • Add diagnostic tracing for H2 requests, allowing Linkerd to add h2 request routing information at
    the end of h2 streams to downstream services.
  • Pass stack params to announcer plugins, allowing them to report metrics correctly.

@dadjeibaah dadjeibaah released this Jun 11, 2018 · 60 commits to master since this release

Assets 5

Linkerd 1.4.2 continues its focus on diagnostics and stability. This release introduces Diagnostic
Tracing, a feature that helps describe how Linkerd routes requests by displaying detailed routing information from each hop through your application. Stay tuned for a deep dive blog post about this feature coming soon.

We’re also excited to share improvements to Linkerd’s error handling. Previously, when Linkerd failed to route a request, it could fail with a notoriously confusing No Hosts Available error.
Now, these errors include more useful, informative diagnostic information to help explain the cause
of the failure.

Full release notes:

  • Diagnostics
    • Improve error reporting when receiving No Hosts Available exception. Linkerd returns a less cryptic user-friendly message that includes information such as alternative service name resolutions and dtabs used for name resolution.
    • Add a new diagnostic tracing feature. It allows Linkerd to add routing information to the response of a TRACE request forwarded to a service.
  • Fixes an issue where underscores in match patterns of io.l5d.rewrite no longer work.

@adleong adleong released this May 25, 2018 · 65 commits to master since this release

Assets 5

Linkerd 1.4.1 is focused on adding diagnostics and improved behavior in
production environments.

This release features contributions from Strava, Signal, OfferUp, Scalac,
Salesforce, and Buoyant. A big thank you to:

Full release notes:

  • Diagnostics:
    • Add watch state admin endpoints where you can inspect the current state of Linkerd's watches, including information such as time of last update and last known value. These can be extremely valuable for debugging communication between Linkerd and other components such as Namerd or Kubernetes.
      • Kubernetes namer watch state: /namer_state/io.l5d.k8s.json
      • Namerd interpreter watch state: /interpreter_state/io.l5d.namerd/<namespace>.json
      • Namerd mesh interpreter watch state: /interpreter_state/io.l5d.mesh/<root>.json
  • TLS:
    • Add the intermediateCertsPath config setting to client and server TLS. This allows you to specify a file containing intermediate CA certificates supporting the main certificate.
    • Allow the TLS protocols to be configured which enables the ability to use TLSv1.2 specific ciphers.
  • HTTP, HTTP/2:
    • Avoiding upgrading HTTP/1.0 requests to HTTP/1.1. This prevents servers from sending responses that the client cannot handle (e.g. chunk encoded responses).
    • Fix a bug where Linkerd was not writing the l5d-ctx-* headers on HTTP/2 requests..
    • Add support for adding a 'Forwarded' header to HTTP/2 requests.
  • Make Linkerd and Namerd honor the shutdown grace period when using the /admin/shutdown endpoint.
  • Pass stack params to announcer plugins, allowing them to report metrics correctly.
  • Add support for extracting substrings in path patterns. This allows you to, for example, configure TLS commonNames based on substrings of a path segment instead of the entire segment.
  • Add a TTL to Namerd's inactive cache so that Namerd will tear down watches on idle services.
  • Improve fallback behavior in the io.l5d.marathon namer so that fallback occurs if an app has no replicas.
  • Fix an ArrayIndexOutOfBoundsException in ForwardClientCertFilter.

@adleong adleong released this Apr 30, 2018 · 89 commits to master since this release

Assets 5

Linkerd 1.4.0 upgrades us to the latest versions of Finagle and Netty and
features lower memory usage for large payloads. Two new configuration options
have been introduced: client connection lifetimes and access log rotation
policy. One breaking change has been introduced around the configuration file
syntax for loggers. This release features contributions from ThreeComma,
ScalaConsultants, Salesforce, and Buoyant.

  • Breaking Change: Rename the loggers section of the Linkerd config to requestAuthorizers to match the name of the plugin type (#1900)
  • Tune Netty/Finagle settings to reduce direct memory usage (#1889). This should dramatically reduce direct memory usage when transferring large payloads.
  • Introduce a ClientSession configuration section that provides ways to control client connection lifetime (#1903).
  • Expose rotation policy configuration for http and http2 access logs (#1893).
  • Stop logging harmless reader discarded errors in k8s namer (#1901).
  • Disable autoloading of the default tracer in Namerd (#1902). This prevents Namerd from attempting to connect to a Zipkin collector that doesn't exist.
  • Upgrade to Finagle 18.4.0.
Pre-release

@adleong adleong released this Apr 24, 2018 · 90 commits to master since this release

Assets 4

Linkerd 1.4.0 upgrades Linkerd to use the latest and greatest of Finagle and Netty. It also introduces the ability to configure client connection lifetimes as well as access log rotation policy. This release features contributions from ThreeComma, ScalaConsultants, and Salesforce.

  • Breaking Change: The loggers section of the Linkerd config has been renamed to requestAuthorizers to match the name of the plugin type (#1900)
  • Tune Netty/Finagle settings to reduce direct memory usage (#1889).
  • Introduce ClientSession configuration section that provides ways to control client connection lifetime (#1903).
  • Expose rotation policy configuration for http and http2 access logs (#1893).
  • Stop logging harmless reader discarded errors in k8s namer (#1901).
  • Disable autoloading of the default tracer in Namerd (#1902).
  • Upgrade to Finagle 18.4.0.

@adleong adleong released this Apr 5, 2018 · 100 commits to master since this release

Assets 5

Linkerd 1.3.7 includes memory leak fixes, tons of improvements for Consul, and more! This release features contributions from ThreeComma, NCBI, WePay, Salesforce, Homeaway, Prosoft, and Buoyant.

  • Add support for more types of client certificates in the ForwardClientCertFilter (#1850).
  • Improve documentation on how to override the base Docker image (#1867).
  • Improve the efficientcy of the dtab delegator UI (#1862).
  • Add a command line flag for config file validation (#1854).
  • Fix a bug where the wrong timezone was being used in access logs (#1851).
  • Add the ability to explicitly disable TLS for specific clients (#1856).
  • Consul:
    • Add support for TLS-encrypted communication with Consul (#1842).
    • Fix a connection leak to Consul (#1877).
    • Fix a bug where Linkerd would timeout requests to non-existent Consul datacenters (#1863).
  • Remove many alarming but harmless error messages from Linkerd and Namerd logs (#1871, #1884, #1875).
  • Fix ByteBuffer memory leaks in HTTP/2 (#1879, #1858).
Pre-release

@adleong adleong released this Mar 31, 2018 · 101 commits to master since this release

Assets 4
  • Add support for more types of client certificates in the ForwardClientCertFilter (#1850).
  • Improve documentation on how to override the base Docker image (#1867).
  • Improve the efficientcy of the dtab delegator UI (#1862).
  • Add a command line flag for config file validation (#1854).
  • Fix a bug where the wrong timezone was being used in access logs (#1851).
  • Add the ability to explicitly disable TLS for specific clients (#1856).
  • Consul:
    • Add support for TLS-encrypted communication with Consul (#1842).
    • Fix a connection leak to Consul (#1877).
    • Fix a bug where Linkerd would timeout requests to non-existent Consul datacenters (#1863).
  • Remove many alarming but harmless error messages from Linkerd and Namerd logs (#1871, #1884, #1875).
  • Fix ByteBuffer memory leaks in HTTP/2 (#1879, #1858).