Skip to content

Latest commit

 

History

History
305 lines (188 loc) · 14.1 KB

CHANGELOG-3.2.md

File metadata and controls

305 lines (188 loc) · 14.1 KB
Raw

v3.2.17 (TBD)

See code changes and v3.2 upgrade guide for any breaking changes.

Fixed: v2

Fixed: v3

Security

v3.2.16 (2018-02-12)

See code changes and v3.2 upgrade guide for any breaking changes.

Fixed: v3

  • Fix mvcc "unsynced" watcher restore operation.
    • "unsynced" watcher is watcher that needs to be in sync with events that have happened.
    • That is, "unsynced" watcher is the slow watcher that was requested on old revision.
    • "unsynced" watcher restore operation was not correctly populating its underlying watcher group.
    • Which possibly causes missing events from "unsynced" watchers.

v3.2.15 (2018-01-22)

See code changes and v3.2 upgrade guide for any breaking changes.

Fixed

v3.2.14 (2018-01-11)

See code changes and v3.2 upgrade guide for any breaking changes.

Fixed

Improved

v3.2.13 (2018-01-02)

See code changes and v3.2 upgrade guide for any breaking changes.

Fixed

v3.2.12 (2017-12-20)

See code changes and v3.2 upgrade guide for any breaking changes.

Fixed

Added: clientv3

Other

v3.2.11 (2017-12-05)

See code changes and v3.2 upgrade guide for any breaking changes.

Fixed

Added

v3.2.10 (2017-11-16)

See code changes and v3.2 upgrade guide for any breaking changes.

Fixed

v3.2.9 (2017-10-06)

See code changes and v3.2 upgrade guide for any breaking changes.

Fixed(Security)

  • Compile with Go 1.8.4.
  • Update golang.org/x/crypto/bcrypt (see golang/crypto@6c586e1).
  • Fix discovery SRV bootstrapping to authenticate ServerName with *.{ROOT_DOMAIN}, in order to support sub-domain wildcard matching (see issue #8445 for more contexts).
    • For instance, etcd --discovery-srv=etcd.local will only authenticate peers/clients when the provided certs have root domain *.etcd.local as an entry in Subject Alternative Name (SAN) field.

v3.2.8 (2017-09-29)

See code changes and v3.2 upgrade guide for any breaking changes.

Fixed

  • Fix v2 client failover to next endpoint on mutable operation.
  • Fix grpc-proxy to respect KeysOnly flag.

v3.2.7 (2017-09-01)

See code changes and v3.2 upgrade guide for any breaking changes.

Fixed

  • Fix server-side auth so concurrent auth operations do not return old revision error.
  • Fix concurrency/stm Put with serializable snapshot
    • Use store revision from first fetch to resolve write conflicts instead of modified revision.

v3.2.6 (2017-08-21)

See code changes.

Fixed

  • Fix watch restore from snapshot.
  • Fix etcd_debugging_mvcc_keys_total inconsistency.
  • Fix multiple URLs for --listen-peer-urls flag.
  • Add --enable-pprof flag to etcd configuration file format.

v3.2.5 (2017-08-04)

See code changes and v3.2 upgrade guide for any breaking changes.

Changed

  • Use reverse lookup to match wildcard DNS SAN.
  • Return non-zero exit code on unhealthy endpoint health.

Fixed

  • Fix unreachable /metrics endpoint when --enable-v2=false.
  • Fix grpc-proxy to respect PrevKv flag.

Added

  • Add container registry gcr.io/etcd-development/etcd.

v3.2.4 (2017-07-19)

See code changes and v3.2 upgrade guide for any breaking changes.

Fixed

  • Do not block on active client stream when stopping server
  • Fix gRPC proxy Snapshot RPC error handling

v3.2.3 (2017-07-14)

See code changes and v3.2 upgrade guide for any breaking changes.

Fixed

  • Let clients establish unlimited streams

Added

  • Tag docker images with minor versions
    • e.g. docker pull quay.io/coreos/etcd:v3.2 to fetch latest v3.2 versions

v3.2.2 (2017-07-07)

See code changes and v3.2 upgrade guide for any breaking changes.

Improved

  • Rate-limit lease revoke on expiration.
  • Extend leases on promote to avoid queueing effect on lease expiration.

Fixed

  • Use user-provided listen address to connect to gRPC gateway.
    • net.Listener rewrites IPv4 0.0.0.0 to IPv6 [::], breaking IPv6 disabled hosts.
    • Only v3.2.0, v3.2.1 are affected.
  • Accept connection with matched IP SAN but no DNS match.
    • Don't check DNS entries in certs if there's a matching IP.
  • Fix 'tools/benchmark' watch command.

v3.2.1 (2017-06-23)

See code changes and v3.2 upgrade guide for any breaking changes.

Fixed

  • Fix backend database in-memory index corruption issue on restore (only 3.2.0 is affected).
  • Fix gRPC gateway Txn marshaling issue.
  • Fix backend database size debugging metrics.

v3.2.0 (2017-06-09)

See code changes and v3.2 upgrade guide for any breaking changes.

Improved

  • Improve backend read concurrency.

Added

  • Embedded etcd
    • Etcd.Peers field is now []*peerListener.
  • RPCs
    • Add Election, Lock service.
  • Native client etcdserver/api/v3client
    • client "embedded" in the server.
  • gRPC proxy
    • Proxy endpoint discovery.
    • Namespaces.
    • Coalesce lease requests.
  • v3 client
    • STM prefetching.
    • Add namespace feature.
    • Add ErrOldCluster with server version checking.
    • Translate WithPrefix() into WithFromKey() for empty key.
  • v3 etcdctl
    • Add check perf command.
    • Add --from-key flag to role grant-permission command.
    • lock command takes an optional command to execute.
  • etcd flags
    • Add --enable-v2 flag to configure v2 backend (enabled by default).
    • Add --auth-token flag.
  • etcd gateway
    • Support DNS SRV priority.
  • Auth
    • Support Watch API.
    • JWT tokens.
  • Logging, monitoring
    • Server warns large snapshot operations.
    • Add etcd_debugging_server_lease_expired_total metrics.
  • Security
    • Deny incoming peer certs with wrong IP SAN.
    • Resolve TLS DNSNames when SAN checking.
    • Reload TLS certificates on every client connection.
  • Release
    • Annotate acbuild with supports-systemd-notify.
    • Add nsswitch.conf to Docker container image.
    • Add ppc64le, arm64(experimental) builds.
    • Compile with Go 1.8.3.

Changed

Fixed

  • Allow v2 snapshot over 512MB.