1.37.0 (Pending)

Minor behavior changes

Changes that may cause incompatibilities for some users, but should not for most

  • ext_proc: Use one of a hard-coded set of error messages when a HeaderMutation fails. Removing request-specific details allows grouping by similar failure types. Detailed messages remain available in debug logs.

Bug fixes

Changes expected to improve the state of the world and are unlikely to have negative effects

  • connection pool: Fix a crash in the TCP connection pool that occurs during downstream connection teardown when large requests or responses trigger flow control.

  • lua: Fix a bug where Lua filters may result in Envoy crashes when setting response body to a larger payload (greater than the body buffer limit).

Removed config or runtime

Normally occurs at the end of the deprecation period

  • http: Removed runtime guard envoy.reloadable_features.http1_balsa_allow_cr_or_lf_at_request_start and legacy code paths.

  • http: Removed runtime guard envoy.reloadable_features.original_src_fix_port_exhaustion and legacy code paths.

  • jwt_authn: Removed runtime guard envoy.reloadable_features.jwt_fetcher_use_scheme_from_uri and legacy code paths.

  • quic: Removed runtime guard envoy.reloadable_features.http3_remove_empty_cookie and legacy code paths.

New features

  • logging: Added support for not-equal operator for access log filter rules, in ComparisonFilter.

  • lua: Added drainConnectionUponCompletion() to the Lua filter stream info API. This allows Lua scripts to mark connections for draining, which adds a Connection: close header for HTTP/1.1 or sends a GOAWAY frame for HTTP/2 and HTTP/3.

  • overload management: The fixed heap resource monitor can now calculate memory pressure as currently allocated memory divided by maximum heap size, giving more accurate and lower memory pressure values. This can avoid unnecessary load shedding or overload actions. To enable, set envoy.reloadable_features.fixed_heap_use_allocated to true. The default algorithm (heap_size - pageheap_unmapped - pageheap_free) does not discount for free memory in TCMalloc caches.

  • redis: Added cluster-scope command support with flexible response handling framework.

  • wasm: Added sign foreign function to create cryptographic signatures. See Wasm foreign functions for more details.