1.29.0 (January 16, 2024)
Incompatible behavior changes
Changes that are expected to cause an incompatibility if applicable; deployment changes are likely required
access_log: Added issuer in certificate_properties to the gRPC access log service(AlS).
grpc reverse bridge: Handle empty response bodies in
grpc_http1_reverse_bridge. This may cause problems for clients expecting the filter to crash for empty responses. This behavioral change can be temporarily reverted by setting runtime guard
http: Flip runtime flag
true. Name downgrading in the per filter config searching will be disabled by default. This behavior can be temporarily reverted by setting the flag to
falseexplicitly. See doc Http filter route specific config or issue https://github.com/envoyproxy/envoy/issues/29461 for more specific detail and examples.
http: Remove the hop by hop TE header from downstream request headers. This change can be temporarily reverted by setting
http2: Changes the default value of
true. This changes the codec used for HTTP/2 requests and responses. This behavior can be reverted by setting the feature to
http2: Discard the
Hostheader if the
:authorityheader was received to bring Envoy into compliance with https://www.rfc-editor.org/rfc/rfc9113#section-8.3.1 This behavioral change can be reverted by setting runtime flag
listener: Undeprecated runtime key
overload.global_downstream_max_connectionsuntil downstream connections monitor extension becomes stable.
stats connection_limit: Fixed tag extraction so that stat_prefix is properly extracted. This changes the Prometheus name from
stats dns_filter: Fixed tag extraction so that stat_prefix is properly extracted. This changes the Prometheus name from
stats rbac: Fixed tag extraction so that stat_prefix is properly extracted. This changes the Prometheus name from
Minor behavior changes
Changes that may cause incompatibilities for some users, but should not for most
admin: Switch no admin
aws: Added support to use HTTP async client to fetch the credentials from EC2 instance metadata and ECS task metadata providers instead of libcurl which is deprecated. By default this behavior is disabled. To enable set
config parsing, http cache filter: Replaces Protobuf hashing by human-readable string with a dedicated deterministic hashing algorithm. The performance of the hash operation is improved by
2-10xdepending on the structure of the message, which is expected to reduce config update time or startup time by 10-25%. The new algorithm is also used for
http_cache_filterhashing, which will effectively cause a one-time cache flush on update for users with a persistent cache. To enable this behavior set
generic_proxy: Update the stats prefix of generic proxy from
RequestHeaderMap. To get the protocol, please use
header_mutation: If per route configuration is configured at multiple levels (route, virtual host, and route table), all specified levels’ mutations are applied. Default order is from least to most specific level (i.e. most specific level wins).
http2: Flip the runtime guard
envoy.reloadable_features.defer_processing_backedup_streamsto be on by default. This feature improves flow control within the proxy by deferring work on the receiving end if the other end is backed up.
local_rate_limit: Added new configuration field rate_limited_as_resource_exhausted to allow for setting if rate limit gRPC response should be
RESOURCE_EXHAUSTEDinstead of the default
Changes expected to improve the state of the world and are unlikely to have negative effects
DNS: Fixed a race condition that when multiple requests with the same authority header are sent to Envoy, sometimes some requests may receive
no_healthy_upstreamfrom Envoy. The fix is guarded by runtime guard
envoy.reloadable_features.dns_cache_set_first_resolve_complete, which defaults to
access log: Fixed a bug where the omit_empty_values field was not honored for access logs specifying formats via text_format_source.
aws: Default credentials file location was relying on incorrect
~expansion. This fix now resolves to the correct path by using
HOMEenvironment variable, if the credentials file location is not explicitly specified.
buffer: Fixed a bug (https://github.com/envoyproxy/envoy/issues/28760) that the internal listener causes an undefined behavior due to the unintended release of the buffer memory.
docker: Updated base image to
ubuntu:22.04to fix Redis memory issue (https://github.com/envoyproxy/envoy/issues/31248).
dynamic_forward_proxy: Fixed a bug where the preresolved hostnames specified in the Dynamic Forward Proxy cluster config would not use the normalized hostname as the DNS cache key, which is the same key used for retrieval. This caused cache misses on initial use, even though the host DNS entry was pre-resolved. The fix is guarded by runtime guard
envoy.reloadable_features.normalize_host_for_preresolve_dfp_dns, which defaults to
ext_authz: Fixed a bug to ensure the proper functioning of the
with_request_bodyfeature within the per-route ExtAuthZ filter.
content_lengthrelated issues when body mutation by external processor is enabled. The
ext_procfilter removes the content length header in 1)``STREAMED BodySendMode`` 2)
BUFFERED_PARTIAL BodySendModeand 3)
BUFFERED BodySendMode + SKIP HeaderSendMode. This will enable chunked-encoding whenever feasible in HTTP1.1. Besides,
ext_procfilter keep content length header in
BUFFERED BodySendMode + SEND HeaderSendMode. It is now external processor’s responsibility to set the content length correctly matched to the mutated body. if those two doesn’t match, the mutation will be rejected and local reply with error status will be returned.
grpc: Fixed a bug in gRPC async client cache which intermittently causes CPU spikes due to busy loop in timer expiration.
oauth: Add default_expires_in configuration setting. The OAuth spec does not dictate that an authorization server must respond with an expiry. Envoy currently fails any OAuth flow if the expiry is not set. This setting allows you to provide a default in this case to ensure the OAuth flow can succeed.
otlp_stat_sink: Fixed a bug where histogram bucket counts were wrong. Additionally, the number of buckets is fixed and is now one element larger than the explicit bounds elements, as required by the specification.
quic: Fixed a bug in QUIC and HCM interaction which could cause
use-after-freeduring asynchronous certificates retrieval. The fix is guarded by runtime
quic: Fixed a bug in QUIC upstream port migration which could cause use-after-free upon STATELESS_RESET packets.
redis: Fixed a bug causing crash if incoming redis key does not match against a
catch_all_routeis not defined.
tracing: Fixed a bug that caused the Datadog tracing extension to drop traces that should be kept on account of an extracted sampling decision.
tracing: Fixed a bug where Datadog spans tagged as errors would not have the appropriate error property set.
tracing: Fixed a bug where child spans produced by the Datadog tracer would have an incorrect operation name.
upstream: Fixed a bug that the subset load balancer will always be used even if the subset load balancer config does not contain any subset selector.
upstream: Fixed a bug with upstream auto-config with HTTP/3 where certain network configurations would result in zombie streams left in the grid. Guarded by
xds: Fixed a bug (https://github.com/envoyproxy/envoy/issues/27702) that caused ADS initialization to fail on the first attempt and set a back-off retry interval of up to 1 second, if ADS is using an Envoy Cluster for the backend. The issue was fixed to ensure that ADS initialization happens after the Envoy Cluster it depends upon has been properly initialized. ADS that does not depend on an Envoy Cluster (i.e. GoogleGrpc) is not affected by this change.
Removed config or runtime
Normally occurs at the end of the deprecation period
access log: Removed the deprecated
envoy.reloadable_features.format_ports_as_numbersruntime flag and legacy code path.
grpc: Removed the deprecated
envoy.reloadable_features.service_sanitize_non_utf8_stringsruntime flag and legacy code path.
envoy.reloadable_features.expand_agnostic_stream_lifetimeand legacy code paths.
envoy.reloadable_features.sanitize_original_pathand legacy code paths.
envoy.reloadable_features.allow_compact_maglevand legacy code paths.
router: Removed the deprecated
envoy.reloadable_features.ignore_optional_option_from_hcm_for_route_configruntime flag and legacy code path.
router: Removed the deprecated
envoy.reloadable_features.prohibit_route_refresh_after_response_headers_sentruntime flag and legacy code path.
upstream: Removed the deprecated
envoy.reloadable_features.validate_detailed_override_host_statusesruntime flag and legacy code path.
CEL-attributes: Added attribute
connection.transport_failure_reasonfor looking up connection transport failure reason.
access_log: Added new access log command operator
%EMIT_TIME%to get the time when the log entry is emitted.
access_log: Added support for
%CONNECTION_ID%command operator for UDP session access log.
access_log: Added support for listener metadata in
attributes: Added support for listener metadata and listener direction in xDS attributes.
attributes: Added support for node data in
aws: Added support for AWS common utility to fetch metadata credentials from AWS STS by using
WebIdentityToken. To enable you need to set
trueso that web identity credentials provider can use http async client to fetch credentials. Web identity credentials provider cannot use current default libcurl credentials fetcher which is under deprecation and will soon be removed. Web identity credentials provider is not compatible with Grpc Credentials AWS IAM plugin which can only support deprecated libcurl credentials fetcher, see https://github.com/envoyproxy/envoy/pull/30626.
aws_request_signing: Added support for specifying the aws signing algorithm, either
AWS_SIGV4Avia signing_algorithm config API.
composite filter: Added composite filter’s matched action name to filter state with key
compression: Added qatzip compressor.
ext_authz: Forward filter_metadata selected by route_metadata_context_namespaces and typed_filter_metadata selected by route_typed_metadata_context_namespaces from the metadata of the selected route to external auth service. This metadata propagation is independent from the dynamic metadata from connection and request.
ext_authz: New config parameter charge_cluster_response_stats for not incrementing cluster statistics on ext_authz response. Default
true, no behavior change.
ext_authz_filter: Added with_request_body to optionally override the default behavior of sending the request body to the authorization server from the per-route filter.
filter state: Added config name of filter sending a local reply in filter state with key
envoy.filters.network.http_connection_manager.local_reply_owner. See the well-known filter state keys for more detail.
grpc async client: Added max_cached_entry_idle_duration to control the cached gRPC client eviction time in the cache.
grpc_http_bridge: Added ignore_query_parameters option for automatically stripping query parameters in request URL path.
internal_redirects: Added support to copy headers from the redirect response to the triggered request. See response_headers_to_copy.
jwt: The JWT authentication filter supports changing the routes when either the headers or the dynamic metadata are modified.
jwt: The JWT filter can now serialize non-primitive custom claims when maping claims to headers. These claims will be serialized as JSON and encoded as Base64.
lua: Added Lua extension of router cluster specifier plugin to support selecting cluster dynamically by Lua code.
ratelimit: Ratelimit supports optional additional prefix to use when emitting statistics with stat_prefix configuration flag.
ratelimit: Ratelimit supports setting the HTTP status that is returned to the client when the ratelimit server returns an error or cannot be reached with status_on_error configuration flag.
rbac filter: allow listed
HttpAttributesCelMatchInputto be used with the xDS matcher in the RBAC filter.
redis: Added support for the
redis: Added support for the watch command (aborts multi transactions if watched keys change).
set_metadata: Added support for injecting typed and untyped dynamic metadata with this filter, also adds the ability to add multiple namespaces with one filter and config to overwrite existing metadata is opt-in. untyped_metadata may now be used to configure the
stateful_session: Added strict mode to cookie and header based stateful session. If a destination encoded in cookie or in specified header respectively is not available, Envoy will return
503instead of selecting another destination from the cluster.
stats: Added per_endpoint_stats to get some metrics for each endpoint in a cluster.
stream info: Added time spent reading request headers to
tcp_proxy: Added support to TCP Proxy for recording the latency in
UpstreamTimingfrom when the first initial connection to the upstream cluster was attempted to when either the connection was successfully established or the filiter failed to initialize any connection to the upstream.
tracing: Added support for configuring resource detectors on the OpenTelemetry tracer.
tracing: Added support to configure a Dynatrace resource detector for the OpenTelemetry tracer.
tracing: Added support to configure a sampler for the OpenTelemetry tracer.
tracing: Provide initial span attributes to a sampler used in the OpenTelemetry tracer.
udp_proxy: Add access log options to allow recording an access log entry periodically for the UDP session, and allow recording an access log entry on the connection tunnel created successfully to upstream when UDP tunneling is configured.
upstream: Implmented API drop_overloads which can be used to drop certain percentage of traffic from Envoy.
zookeeper: Added support for emitting per opcode decoder error metrics via enable_per_opcode_decoder_error_metrics.