Buoyant Enterprise for Linkerd

enterprise-2.15.3

May 20, 2024

The 2.15.3 stable point release includes a variety of bug fixes, usability improvements, and new diagnostic and configuration features. It also adjusts the default configuration of the HAZL load balancer to be more aggressive in shifting load to other zones.

Previous release: enterprise-2.15.2.

Who should upgrade?

  • Users who are using native sidecars should upgrade. This release contains several bugfixes related to native sidecars.
  • Users who are making heavy use of HTTPRoutes, or who are experiencing high memory usage in the policy controller accompanied by “Failed to patch HTTPRoute” error messages, should upgrade. This release fixes an issue with how the policy controller was interacting with the Kubnetes API for HTTPRoutes.
  • Users who are using multicluster should upgrade. This release fixes a panic in the service mirror controller as well as another minor issue.

How to upgrade

Please see the instructions in Upgrading BEL.

Note that in this release, we’ve moved the on-cluster storage for license keys from ConfigMaps to Secrets. Users with license keys in ConfigMaps will be automatically upgraded to a Secret. For more information on managing licenses, see Configuring license secret installation.

To upgrade with BEL’s lifecycle automation operator, you will need Buoyant Extension version v0.29.0 or later.

Full Changelog

CLI changes

  • Print license information to stderr instead of stdout
  • Install version edge-24.2.4 of viz and jaeger extensions, rather than pointing to non-existing BEL versions
  • Remove the need to include the --set license= flag on install commands
  • Add a diagnostics profile command (backported from linkerd2#12383)

Helm chart changes

  • Correct the minimum supported Kubernetes version in the BEL Helm charts to 1.22 (not 1.21)
  • Support arbitrary proxy parameters in Helm values (backported from linkerd2#12493)

Control plane changes

  • Move license storage from a ConfigMap to a Secret
  • Revert HAZL default load band parameters to the configuration used in BEL 2.15.1 and earlier, allowing HAZL to be more aggressive in shifting to other zones by default
  • Update HTTPRoutes CRD to include a port field in the route status parent ref (backported from linkerd2#12454)
  • Fix multiple issues with native sidecars (backported from linkerd2#12453)
  • Update policy controller to rename “patchs” metric to “patches” (backported from linkerd2#12533)

Extension changes

  • Fix panic in mulitcluster service mirror controller (backported from linkerd2#12406)
  • Avoid unnecessary headless endpoint mirrors cleanups during GC (backported from linkerd2#12500)

Proxy changes

CVE remediations and updates