Incompatible behavior changes
Changes that are expected to cause an incompatibility if applicable; deployment changes are likely required
http: Remove the hop by hop TE header from downstream request headers if it’s not set to
trailers, else keep it. This change can be temporarily reverted by setting
stats: The runtime flag
envoy.reloadable_features.enable_include_histogramsis now enabled by default. This causes the
Stats::SinkPredicatesto filter histograms to be flushed to stat sinks.
Minor behavior changes
Changes that may cause incompatibilities for some users, but should not for most
QUIC: Port migration is default turned off. QUIC client connections will no longer attempt to migrate to a new port when connections is degrading. Can be manually turned on via port_migration.
adaptive concurrency filter stats: Multiply the gradient value stat by 1000 to make it more granular (values will range between 500 and 2000).
aws: AWS region string is now retrieved from environment and profile consistently within aws_request_signer and grpc_credentials/aws_iam extensions. Region field in aws_request_signer is now optional, explicitly configured xDS region will take preference. aws_request_signer documentation now reflects the region chain.
dns: Allowing <envoy_v3_api_field_extensions.common.dynamic_forward_proxy.v3.DnsCacheConfig.dns_min_refresh_rate>` to go as low as 1s.
http: Enable obsolete line folding in BalsaParser (for behavior parity with http-parser, the previously used HTTP/1 parser).
quic: Server preferred address is now sent to non-quiche quic clients when configured. This behavior can be disabled with runtime flag
upstream: Upstream now excludes hosts set to
DRAININGstate via EDS from load balancing and panic routing threshold calculation. This feature can be disabled by setting
Changes expected to improve the state of the world and are unlikely to have negative effects
UDP and TCP tunneling: fixed a bug where second HTTP response headers received would cause Envoy to crash in cases where
propagate_response_headersand retry configurations are enabled at the same time, and an upstream request is retried multiple times.
deps: Updated QUICHE dependencies to incorporate fixes for https://github.com/envoyproxy/envoy/issues/32401.
http: Fixed crash when HTTP request idle and per try timeouts occurs within backoff interval.
jwt_authn: Fixed JWT extractor, which concatenated headers with a comma, resultig in invalid tokens.
load balancing: Added randomization in host load-balancing initialization. This helps desynchronizing Envoys across a fleet by randomizing the scheduler starting point. This can be temporarily reverted by setting runtime guard
load balancing: Added randomization in locality load-balancing initialization. This helps desynchronizing Envoys across a fleet by randomizing the scheduler starting point. This can be temporarily reverted by setting runtime guard
proxy protocol: Fixed a crash when Envoy is configured for PROXY protocol on both a listener and cluster, and the listener receives a PROXY protocol header with address type LOCAL (typically used for health checks).
proxy_protocol: Fix crash due to uncaught exception when the operating system does not support an address type (such as IPv6) that is received in a proxy protocol header. Connections will instead be dropped/reset.
proxy_protocol: Fixed a bug where TLVs with non utf8 characters were inserted as protobuf values into filter metadata circumventing ext_authz checks when
failure_mode_allowis set to
router: Fix a timing issue when upstream requests are empty when decoding data and send local reply when that happends. This is controlled by
stateful_session: Support 0 TTL for proto-encoded cookies, which disables cookie expiration by Envoy.
tcp_proxy: When tunneling TCP over HTTP, closed the downstream connection (for writing only) when upstream trailers are read to support half close semantics during TCP tunneling. This behavioral change can be temporarily reverted by setting runtime guard
tls: Fix crash due to uncaught exception when the operating system does not support an address type (such as IPv6) that is received in an mTLS client cert IP SAN. These SANs will be ignored. This applies only when using formatter
tracers: use unary RPC calls for OpenTelemetry trace exports, rather than client-side streaming connections.
tracing: Dynatrace resource detector: Only log warning message when no enrichment attributes are found.
tracing: Prevent Envoy from crashing at start up when the OpenTelemetry environment resource detector cannot detect any attributes.
url matching: Fixed excessive CPU utilization when using regex URL template matcher.
xds: Reject xDS configurations where the rate-limit’s fill_rate is set to Infinity or NaN.
Removed config or runtime
Normally occurs at the end of the deprecation period
active health check: Removed
envoy.reloadable_features.keep_endpoint_active_hc_status_on_locality_updateruntime flag and legacy code paths.
envoy.reloadable_features.enable_aws_credentials_fileruntime flag and legacy code paths.
envoy.reloadable_features.allow_absolute_url_with_mixed_schemeruntime flag and legacy code paths.
envoy_reloadable_features_append_xfh_idempotentruntime flag and legacy code paths.
envoy.reloadable_features.http1_allow_codec_error_response_after_1xx_headersruntime flag and legacy code paths.
overload manager: removed
envoy.reloadable_features.overload_manager_error_unknown_actionand legacy code paths.
envoy.reloadable_features.count_unused_mapped_pages_as_freeruntime flag and legacy code paths.
envoy_reloadable_features_initialize_upstream_filtersand legacy code paths.
access log: added support for %UPSTREAM_CONNECTION_ID% for the upstream connection identifier.
aws_lambda: Added host_rewrite config to be used during signature.
aws_lambdafilter to support use as an upstream HTTP filter. This allows successful calculation of signatures after the forwarding stage has completed, particularly if the path element is modified.
aws_request_signingfilter to support use as an upstream HTTP filter. This allows successful calculation of signatures after the forwarding stage has completed, particularly if the path element is modified.
ext_proc: added metadata_options config API to enable sending and receiving metadata from/to the external processing server. Both typed and untyped dynamic metadata may be sent to the server. If receiving_namespaces is defined, returned metadata may be written to the specified allowed namespaces.
grpc reverse bridge: Change HTTP status to 200 to respect the gRPC protocol. This may cause problems for incorrect gRPC clients expecting the filter to preserve HTTP 1.1 responses. This behavioral change can be temporarily reverted by setting runtime guard
Envoy::ExecutionContext, which is notified by
ScopeTrackerScopeState’s constructor and destructor. This feature is disabled by default, it can be enabled by runtime feature flag
envoy.restart_features.enable_execution_context. For more details, please see https://github.com/envoyproxy/envoy/issues/32012.
quic: Added QUIC protocol option send_disable_active_migration to make the server send clients a transport parameter to discourage client endpoints from active migration.
redis: Added support for the
tcp_proxy: added an option to dynamically set a per downstream connection idle timeout period object under the key
envoy.tcp_proxy.per_connection_idle_timeout_ms. If this filter state value exists, it will override the idle timeout specified in the filter configuration and the default idle timeout.
upstream: Added selection_method option to the least request load balancer. If set to
FULL_SCAN, Envoy will select the host with the fewest active requests from the entire host set rather than choice_count random choices.
verify_signatureforeign function to verify cryptographic signatures.
listener: deprecated runtime key
overload.global_downstream_max_connectionsin favor of downstream connections monitor.