github linkerd/linkerd2 stable-2.9.1
on GitHub

latest releases: edge-24.11.2, edge-24.11.1, edge-24.10.5...
3 years ago

Warning: there is a known issue where upgrading to this release with the --prune flag as described in the Linkerd Upgrade documentation will delete certain Linkerd configuration and prevent you from performing any subsequent upgrades. It is highly recommended that you skip this version and instead upgrade directly to stable-2.9.3 or later. If you have already upgraded to this version, you can repair your installation by upgrading your CLI to stable-2.9.3 and using the linkerd repair command.

stable-2.9.1

This stable release contains a number of proxy enhancements: better support for
high-traffic workloads, improved performance by eliminating unnecessary endpoint
resolutions for TCP traffic and properly tearing down serverside connections
when errors occur, and reduced memory consumption on proxies which maintain many
idle connections (such as Prometheus' proxy).

On the CLI and control plane sides, it relaxes checks on root and intermediate
certificates (following X509 best practices), and fixes two issues: one that
prevented installation of the control plane into a custom namespace and one
which failed to update endpoint information when a headless service was
modified.

  • Proxy:

    • Addressed some issues reported around clients seeing max-concurrency errors
      by increasing the default in-flight request limit to 100K pending requests
    • Reduced the default idle connection timeout to 5s for outbound clients and
      for inbound clients to reduce the proxy's memory footprint, especially on
      Prometheus instances
    • Fixed an issue where the proxy did not receive updated endpoint information
      when a headless service was modified
    • Added HTTP/2 keepalive PING frames
    • Removed logic to avoid redundant TCP endpoint resolution
    • Fixed an issue where serverside connections were not torn down when an error
      occurred

  • CLI / Helm / Control Plane:

    • Fixed a CLI issue where the linkerd-namespace flag was not honored when
      passed to the install and upgrade commands
    • Fixed installing HA through the CLI (linkerd install --ha) that wasn't
      honoring some of the default settings found in values-ha.yml
    • Force the webhook pods (proxy-injector, sp-validator and tap) to be
      restarted when upgrading through the CLI, if a secret they rely on changes
    • Fixed multicluster installation using Helm (thanks @DaspawnW!)
    • Updated linkerd check so that it doesn't attempt to validate the subject
      alternative name (SAN) on root and intermediate certificates. SANs for leaf
      certificates will continue to be validated
    • Fixed an issue in the destination service where endpoints always included a
      protocol hint, regardless of the controller label being present or not
    • Removed the get and logs command from the CLI
    • No longer panic in rare cases when linkerd-config doesn't have an entry
      for Global configs (thanks @hodbn!)
Check out latest releases or
releases around linkerd/linkerd2 stable-2.9.1

Don't miss a new linkerd2 release

NewReleases is sending notifications on new releases.

Get notifications