Skip to content

v1.37.0
Compare
Choose a tag to compare
@sergiitk sergiitk released this 08 Apr 17:24
· 1478 commits to master since this release
v1.37.0
3836caa

Behavior Changes

  • alts: make both GoogleDefaultChannelCredentials and ComputeEngineChannelCredentials choose ALTS for backends given by xDS TD. Changes for ComputeEngineChannelCredentials were missing, but they really should be the same.
  • api: added a convenient ServerBuilder.addServices() API that allows adding a list of services instead of iterating through list and calling addService().
  • api: deleted some NameResolver APIs that have been marked as deprecated since 1.21 release.
  • api: implemented admin interface API, which automatically loads available admin services in a given binary. Currently, it only includes Channelz and CSDS with dependencies required at runtime.
  • context: move pendingDeadline.cancel out of synchronized block.
  • netty: allow connection handshakes (e.g., TCP, TLS) to be interrupted by channel.shutdown(). Previously shutdownNow() was required for prompt shutdown if a connection was handshaking.
  • xds: change in parsing ADS responses for LDS, RDS, CDS, and EDS resources. Before this release, gRPC parsing logic for ADS response containing multiple resources was to stop resource processing on the first encountered error, followed by NACK with the details of this single error. With this change, the parsing logic processes all resources and collects all processing errors. If any error occurred, a NACK is issued with concatenated error messages of all errors encountered. The rationale and the detailed design can be found in gRFC A40 — ADS Parsing Logic Update: Continue After First Error.
  • xds: change system property name for reading bootstrap config from io.grpc.xds.bootstrapValue to io.grpc.xds.bootstrapConfig.
  • xds: circuit breaking, timeout and fault injection are enabled by default. Previously they were protected by environment variables.
  • xds: use the new server_listener_resource_name_template property from the bootstrap file for server side xDS processing as per the gRFC A36-xds-for-servers.md.

New Features

  • api: TlsChannelCredentials and TlsServerCredentials now support client certificates and custom KeyManagers/TrustManagers. grpc-netty fully supports these options. grpc-okhttp does not support keyfile-based configuration; you’d need to use a KeyManager. Most users of Netty’s SslContext and GrpcSslContexts should be able to migrate and are encouraged to do so, because this API does not have a Netty dependency and so is planned to become stable.
  • netty: added support for OpenJSSE.
  • okhttp: support compiling with okio 2.x API for Bazel users. grpc-okhttp was already compatible with okio 2 at runtime.
  • xds: XdsServingStatusListener has been implemented as per the gRFC A36-xds-for-servers.md.
  • xds: add proto leakage check at gradle build. Create a new Gradle task depends on shadowJar. It examines the outputs of shadowJar package prefix to make sure it is inside within the package.
  • xds: added CsdsService. It is safe for production but are Experimental APIs to resolve issues discovered as they see usage. The rationale and description of the new API can be found in gRFC A40: xDS Configuration Dump via Client Status Discovery Service in gRPC.
  • xds: implement gRPC server side validations and filterChain match of xDS configuration as per the gRFC A36-xds-for-servers.md.
  • xds: WeightedTargetLoadBalancer collect all failure child pickers to log more error details.

Bug Fixes

  • grpclb: gRPCLB would buffer RPCs indefinitely if failing to fallback because the resolver provides no fallback addresses. Now it turns into TRANSIENT_FAILURE for such cases.
  • xds: fix CdsLoadBalancer2 childLb shutdown behavior. Previously these childLbs are not properly shutdown, which might cause channel panic as client channel is referenced by those childLbs.
  • Fixed an UnsupportedOperationException incompatibility with Netty 4.1.60.Final (#7953). This allows users of grpc-netty that may be using Netty elsewhere in their application to upgrade their Netty version to avoid exposure to recent Netty CVEs. gRPC itself is not impacted by those CVEs.
  • grpclb: fixed a race between address update and LB stream recreation, which would cause channel panic if the resolver refreshes the result while gRPCLB is in LB stream backoff.
  • grpclb: gRPCLB ignored CONNECTING subchannels when aggregating the overall LB state, which would cause RPCs to fail prematurely if there are subchannels in its initial connection.
  • grpclb: now we allow multiple authorities in lb backends instead of flattening to the first authority.
  • interop-testing: fix alts handshaking race: add proper synchronization on the AltsTestServer object lock, this way, alts client and alts server won’t race on the AltsTestServer during Alts handshake negotiation.
  • xds: fixed a bug that would drop some node information (e.g., user-agent) when reporting to LRS (#7964).
  • xds: the xDS resolver did not clear its state when control plane resources were revoked before offloading the xDS LB plugin. It would treat the next update as duplicate if the control plane recovers and never comes back to use those resources. Now this is fixed.

Documentation

  • example-tls: ported to TlsChannelCredentials/TlsServerCredentials and no longer depends on Netty at compile time.
  • examples: add ALTS example README.md.

Dependencies

  • gradle: bumped protobuf-gradle-plugin version to 0.8.15
  • xds: envoy proto updated to commit ac9a26373. Added xDS v3 csds.proto with dependencies.

Acknowledgements

@spkrka Kristofer Karlsson
@njhill Nick Hill
@ulfjack Ulf Adams

Assets 2