Knative
knative-v1.21.3Orchestration & ManagementKnative Serving v1.21.3 is a patch release fixing memory leaks, a connection leak in the network prober, and adding a 3MiB webhook request body size limit.
security3MiB webhook body limit now enforced — test before upgrading
The webhook request body is now hard-limited to 3MiB. If your workloads send large Knative resource specs (e.g., Services with extensive annotations, large env var blocks, or embedded configs), they could start getting rejected after this upgrade. Audit your largest Knative Service manifests before rolling this out to production. Anything approaching or exceeding 3MiB in a single admission request will fail.
enhancementPatch memory and connection leaks — upgrade promptly
Two resource leaks are fixed here: a memory leak in expired matchers and an idle connection leak in the network prober. In long-running clusters with frequent reconciliation or active health-checking, these leaks accumulate. If you've noticed gradual memory growth in the Knative controller or networking components, this patch is the likely fix. No config changes needed — just upgrade.
Key changes (5)
- Webhook request body size capped at 3MiB to prevent oversized payload abuse
- Memory leak fixed in expired matchers within knative/pkg
- Idle connection leak fixed in the networking prober
- Non-constant format string error corrected in Serving
- Dependency bumps across knative/pkg, knative/networking, and knative/hack