RATATOSKRATATOSK
Sign in

Releases

AI-analyzed release notes for CNCF graduated and incubating projects.

Project: DragonflyClear ×

Dragonfly

Storage & DataJun 25, 2026

Dragonfly v2.5.0 is a feature release adding Hugging Face/ModelScope model downloads, a P2P injector webhook, download blocklisting, and broad rate limiting, alongside a breaking removal of deprecated V1 preheat API endpoints and health check consolidation to /healthy. It also ships numerous bug fixes and Nydus subproject improvements.

  • breakingV1 preheat API endpoints removed

    Applies unconditionally starting v2.5.0: the deprecated V1 preheat API endpoints have been removed. Any automation or integration still calling V1 preheat routes must migrate to the current preheat API before upgrading.

  • breakingHealth checks consolidated to /healthy

    Applies unconditionally starting v2.5.0: health checks are consolidated onto a single /healthy endpoint. Update load balancer, Kubernetes probe, and monitoring configs that point at old or multiple health check paths.

  • enhancementEmergency download blocklist

    Available now via Manager console: operators can configure a blocklist to disable specific downloads as an emergency brake. Blocked gRPC calls return PermissionDenied and blocked HTTP proxy calls return FORBIDDEN, useful for incident response.

  • enhancementRate limiting across gRPC and client paths

    Available now across Manager/Scheduler gRPC servers and clients: rate limiting covers bandwidth, upload/download requests, and adaptive limiting. Review limits before rollout to avoid unexpected throttling of legitimate traffic.

Key changes (8)
  • Breaking: deprecated V1 preheat API endpoints removed and health checks consolidated to a single /healthy endpoint.
  • New: Dragonfly Client can download model repositories directly from Hugging Face and ModelScope, accelerating Git LFS data via P2P and fetching metadata over Git protocol.
  • New: dragonfly-injector Mutating Admission Webhook auto-injects P2P capability into Pods via annotation policies, with Helm chart support.
  • New: configurable blocklist in Manager console lets operators disable specific downloads as an emergency measure (gRPC returns PermissionDenied, HTTP proxy returns FORBIDDEN).
  • New: rate limiting added across Manager/Scheduler gRPC servers and client-side bandwidth/request handling to protect source services.
  • New: dfctl CLI for managing local storage tasks (list, remove, preheat) against the Scheduler; dfdaemon can now infer upstream registry from containerd's ns query parameter.
  • Performance and reliability: improved parent peer selection before scheduling, buffered file export/download writes, tuned gRPC stream buffers for large transfers, and HTTP backend fixes (HTTP/1.1, HEAD retry logic, stripped auth headers on cross-origin redirects, fixed relative 307 redirect caching).
  • Plus several smaller fixes: Redis Lua script argument order for peer TTL, PostgreSQL SERIAL sequence handling after seeding, ExternalRedis TLS support, and Nydus subproject updates (prefetch-optimized blobs, DAX backend support, several builder/image-detection bug fixes).
Source

Dragonfly

Storage & DataJun 25, 2026

v2.4.4 is a routine maintenance release for Dragonfly, fixing three scheduler bugs around peer concurrency, memory leaks, and register delay, alongside a batch of dependency bumps. No security fixes or operator-facing breaking changes are included.

Key changes (5)
  • Scheduler fix removes a stale AnnouncePeer stream reference that was causing a transport memory leak
  • Scheduler now correctly enforces peer concurrency limits during preheat jobs
  • Scheduler skips the exponential backoff delay for super seed peers on register
  • Dependency bumps: containerd 1.7.32 to 1.7.33, go-redis/v9 9.19.0 to 9.21.0, mongo-driver 1.17.0 to 1.17.7, golang.org/x/crypto to 0.53.0, retry-go upgraded to v5, plus minor bumps to actions/checkout and gomega
  • Internal helper functions MustParseRange, ParseOneRange, and ParseURLMetaRange were removed as part of a code refactor (no external API impact)
Source

Dragonfly

Storage & DataMar 11, 2026

Dragonfly v2.4.3 is a pure maintenance release focusing on dependency updates and security patches, with no functional changes for users.

  • securityApply routine security updates

    This patch release includes dependency updates that may contain security fixes. Update your Dragonfly deployments to v2.4.3 during your next maintenance window. The upgrade should be seamless with no breaking changes or configuration updates required.

  • enhancementImproved observability with OpenTelemetry updates

    The OpenTelemetry library updates from v0.63.0 to v0.67.0 provide better tracing capabilities. If you're using distributed tracing with Dragonfly, you may see improved trace collection and reduced overhead after upgrading.

Key changes (5)
  • Updated OpenTelemetry libraries from v0.63.0 to v0.67.0 for improved observability
  • Upgraded Docker actions to v4.0.0 for GitHub CI/CD workflows
  • Bumped Golang system dependencies including oauth2 and sys packages
  • Updated d7y.io/api to v2.2.24 for latest API compatibility
  • Refreshed GitHub Actions dependencies for stale issue management
Source

Dragonfly

Storage & DataMar 9, 2026

Dragonfly v2.4.2 adds gRPC rate limiting and scheduler cluster configuration while improving security scores and fixing several configuration inconsistencies.

  • breakingUpdate configuration files for renamed fields

    The rateLimit configuration field was renamed to bandwidthLimit. Check your configuration files and update any references to use the new naming convention to avoid configuration parsing errors.

  • enhancementConfigure gRPC rate limiting for production

    The new gRPC rate limiting feature protects against resource exhaustion attacks. Review your current traffic patterns and configure appropriate rate limits in your Dragonfly configuration to prevent service degradation under load.

  • enhancementLeverage new scheduler cluster management

    With scheduler cluster de-registration support, implement proper cluster lifecycle management in your deployment scripts. This helps maintain cluster health and prevents orphaned schedulers from affecting performance.

Key changes (5)
  • Added gRPC server request rate limiting to prevent resource exhaustion
  • Introduced scheduler cluster de-registration support for better cluster management
  • Added seed client configuration support for improved peer connectivity
  • Refactored configuration naming for consistency (rateLimit → bandwidthLimit)
  • Upgraded API to v2.2.14 and multiple dependency updates for security patches
Source