v2.124.1

This release addresses linkerd/linkerd2#5298 by backporting fixes to
origin-form uri handling (from 2a645b7) to the release/v2.124.0 tag.
This fix will be released as part of a stable-2.9.3 patch release.

v2.129.0

This release improves diagnostics about the proxy's failfast state:

* Warnings are now emitted when the failfast state is entered;
* The "max concurrency exhausted" gRPC message has been changed to
  more-clearly indicate a failfast state error; and
* Failfast recovery has been made more robust, ensuring that a service
  can recover indepenently of new requests being received.

Furthermore, metric labeling has been improved:

* TCP server metrics are now annotated with the original `target_addr`;
* The `tls` label is now set to true for inbound TLS connections that
  lack a client ID. This is mostly helpful to clarify inbound metrics on
  the `identity` controller;
* Outbound `tls` metrics could be reported incorrectly when a proxy was
  configured to not use identity. This has been corrected.

Finally, socket-level errors now include a _client_ or _server_ prefix
to indicate which side of the proxy encountered the error.

v2.128.0

This release primarily features an upgrade to the Tokio v1 ecosystem.

Additionally, the `LINKERD2_PROXY_TAP_DISABLED` configuration is no
longer honored. Now, the proxy's Tap API is disabled by default and it
is only enabled when the `LINKERD2_PROXY_TAP_SVC_NAME` configuration is
set (when identity is not disabled for the proxy).

v2.127.0

This release adds a new `/shutdown` admin endpoint that may only be
accessed over the loopback network. This allows batch jobs to gracefully
terminate the proxy on completion. The `linkerd-await` utility can be
used to automate this.

This release also includes ~33 non-user-facing changes, the most
important of which updates the Linkerd Transport Header preface to be
`transport.l5d.io/v1\r\n\r\n`.

v2.126.0

This release introduces a new "opaque transport" feature that allows the
proxy to securely transport server-speaks-first and otherwise opaque TCP
traffic.

Additionally, this release includes:

* A new default protocol detection timeout of 10s;
* New metrics that expose the identity certificate's expiration time;
* Eviction for stale transport metrics; and
* Fixes to ensure TCP streams are not interrupted by shutdown signals.

v2.125.0

This release features a change to the proxy's cache eviction strategy to
ensure that clients (and their load balancers) are reused by new
outbound connections. This can dramatically reduce memory consumption,
especially for busy HTTP/1.1 clients.

Also, the proxy's HTTP detection scheme has been made more robust.
Previously, the proxy would perform a only single read to determine
whether a TCP stream was HTTP, which could lead to false positives. Now,
the proxy reads until at least the first newline, which is what the HTTP
parser actually needs to make a proper determination. With this, the
default dispatch timeouts have been increased to 5s to accomodate
connection pools that may not issue an immediate request.

Furthermore, this release includes an upgrade to Tokio v0.3 and its
associated ecosystem.

v2.124.0

This release updates the proxy's `*ring*` dependency to pick up the
latest changes from BoringSSL.

Additionally, we've audited uses of non-cryptographic random number
generators in the proxy to ensure that each balancer/router intializes
its own RNG state.

v2.123.0

This release removes a potential panic: it was assumed that looking up a
socket's peer address was infallible, but in practice this call can
fail when a host is under high load. Now these failure only impact the
connection-level task and not the whole proxy proces.

Also, the `process_cpu_seconds_total` metric is now exposed as a float
so that its value may include fractional seconds with 10ms granularity.

v2.122.0

This release addresses some issues reported around clients seeing
max-concurrency errors by increasing the default in-flight request limit
to 100K pending requests.

Additionally, the proxy now sets an appropriate content-type when
synthesizing gRPC error responses.

v2.121.0

This release changes error handling to teardown the server-side
connection when an unexpected error is encountered.

Additionaly, the outbound TCP routing stack can now skip redundant
service discovery lookups when profile responses include endpoint
information.

Finally, the cache implementation has been updated to reduce latency by
removing unnecessary buffers.