Envoy
v1.36.8Networking & MessagingEnvoy v1.36.8 is a minor patch with one bug fix and two opt-in HTTP/2 observability features. No breaking changes or CVEs.
breakingHTTP/2 header histograms are temporary — don't build dashboards on them
The new http2_record_histograms feature and its runtime guard are explicitly scheduled for removal in a future Envoy release. If you enable them for debugging HTTP/2 header issues, treat the resulting metrics as short-lived. Don't wire them into permanent dashboards or alerts that would break on upgrade.
enhancementEnable HTTP/2 header histograms if you're debugging large header or cookie payloads
If you're seeing unexpectedly large HTTP/2 requests or cookie-related issues, flip envoy.reloadable_features.http2_record_histograms to get histograms on header entry count, byte size, and cookie metrics. Pair this with envoy.reloadable_features.http2_max_cookies_size_in_kb to enforce a hard cap on reassembled cookie header size — useful if you need to protect upstream services from oversized cookie headers.
主な変更 (4)
- RTDS runtime guard override deletion now correctly restores the process-wide default value instead of leaving it in a broken state
- New opt-in HTTP/2 header histograms (entry count, byte size, cookie length, cookie count) enabled via envoy.reloadable_features.http2_record_histograms
- New runtime flag envoy.reloadable_features.http2_max_cookies_size_in_kb to cap reassembled cookie header size; no limit enforced by default
- HTTP/2 histograms and their runtime guard are explicitly temporary — they will be removed in a future release