v0.2.0
What's New in v0.2.0
Features
GTID-aware Read-Your-Own-Writes — After a write, the proxy captures the GTID from the primary's OK packet and waits for a replica to apply that transaction before routing the next read there. If no replica has caught up, the read falls back to the primary automatically. No application changes needed. Requires MySQL 8.0+ with GTID-based replication.
[mysql] gtid_aware_ryow = true
WAN Compression — zlib & zstd — Enable MySQL wire-protocol compression on backend connections. zstd (MySQL 8.0.18+, MariaDB 10.8+) delivers ~3–5× better compression ratio than the classic zlib option. Negotiated per-connection at handshake time; transparent to the client.
[[shared.replicas]] addr = "wan-replica:3306" compression = "zstd" # "off" | "zlib" | "zstd"
Embedded MCP Server — POST /mcp on the dashboard port exposes 7 structured tools so AI assistants (Claude, GitHub Copilot, GPT-4) can query live proxy data via JSON-RPC 2.0. Secured with HTTP Basic using the same credentials as the dashboard.
Verify checksums with turbineproxy-SHA256SUMS.
[mysql]
gtid_aware_ryow = true
WAN Compression — zlib & zstd — Enable MySQL wire-protocol compression on backend connections. zstd (MySQL 8.0.18+, MariaDB 10.8+) delivers ~3–5× better compression ratio than the classic zlib option. Negotiated per-connection at handshake time; transparent to the client.
[[shared.replicas]]
addr = "wan-replica:3306"
compression = "zstd" # "off" | "zlib" | "zstd"
Embedded MCP Server — POST /mcp on the dashboard port exposes 7 structured tools so AI assistants (Claude, GitHub Copilot, GPT-4) can query live proxy data via JSON-RPC 2.0. Secured with HTTP Basic using the same credentials as the dashboard.
Tool Returns
get_pool_stats Connection pool utilisation per backend
get_slow_queries Top queries by latency with p50/p95/p99
get_n1_candidates Queries flagged as N+1 patterns
get_index_advice Index recommendations from EXPLAIN analysis
get_backend_health Health, lag, and failover state per backend
get_query_rules Active routing rules with hit counters
get_rewrite_rules Active rewrite rules with hit counters
Fast-Forward Mode — Bypass the entire query pipeline (fingerprinting, rules, cache, RYOW, N+1 detection, SQLi scan) and route directly to the primary in a single hop. Transaction boundaries are still tracked. Designed for write-only pools, ETL jobs, and batch processors.
[mysql]
fast_forward = true
SSL Key Log — Write TLS session secrets in NSS Key Log Format for both frontend (client → proxy) and backend (proxy → database) TLS sessions. Compatible with Wireshark and ssldump. Debug environments only.
[frontend_tls]
ssl_keylog_file = "/tmp/sslkeys.log" # debug only
Metrics
Added turbineproxy_sqli_blocked_total counter to the Prometheus endpoint (GET /metrics).
Bug Fixes
build: build.rs now skips the npm run build step when dashboard/dist/index.html already exists or TURBINEPROXY_SKIP_DASHBOARD_BUILD=1 is set — fixes cross-compilation failures inside Docker containers that have no Node.js.
ci: Moved the Node.js / npm run build step before cross build in release.yml so the frontend is always built before the Rust binary.
Documentation
New feature guides: fast-forward, ssl-keylog, compression, gtid-ryow.
Rewritten MCP API reference covering both the embedded proxy MCP server and the standalone docs MCP server.
Updated TLS configuration guide with ssl_keylog_file examples.
Upgrade Notes
No breaking changes. All new config keys are optional with safe defaults:
Key Default Notes
mysql.gtid_aware_ryow false Requires MySQL 8.0+ with GTIDs
mysql.fast_forward false Disables all routing features when true
shared..compression "off" Per-backend; "zstd" requires MySQL 8.0.18+
frontend_tls.ssl_keylog_file "" Empty = disabled
shared..ssl_keylog_file "" Empty = disabled
Downloads
Platform Binary
Linux x86_64 (musl) turbineproxy-x86_64-unknown-linux-musl
Linux arm64 (musl) turbineproxy-aarch64-unknown-linux-musl
macOS Intel turbineproxy-x86_64-apple-darwin
macOS Apple Silicon turbineproxy-aarch64-apple-darwin
Verify checksums with turbineproxy-SHA256SUMS.