backport 17.5.x: Update changelog for 17.5.0
Backport !7531 (merged) to 17.5.x versions
====
Copied from the original MR
grpc-go v1.67.0 (https://github.com/grpc/grpc-go/releases/tag/v1.67.0) caused two major problems for Gitaly and Praefect.
First, this version introduced a bug related to window header calculation. This bug makes Gitaly return ResourceExhausted errors occasionally even if the calls were successful.
For more information: #6385 (closed)
Second, clients and servers will now reject TLS connections that don't
support ALPN. This restriction deems Gitaly/Praefect not compatible with
some certain TCP load-balancers, such as Nginx, if TLS is enabled. The
problem will go away if customers place Gitaly/Prafect behind an HTTP/2
or gRPC load balancers. Unfortunately, L7 load-balancers are not
compatible with Gitaly/Praefect due to the Sidechannel Protocol.
Although this feature could be turned off by turning on the
GRPC_ENFORCE_ALPN_ENABLED
flag, it's annoying for our customers.
For more information: https://gitlab.com/gitlab-com/request-for-help/-/issues/2127
The first bug was fixed in v1.67.1 and back-ported to v1.66.3. The second bug (or feature?) has not been addressed upstream, yet. Although we are looking forward to a long-term solution so that Sidechannel is replaced by something else such as gRPC buffer pooling (#6560) or pure HTTP/2. It might take a while until an alternative solution lands.
Thus, this commit downgrades grpc-go back to 1.66.3. This version didn't introduce the new APLN enforcement and it contains the back-port of the first bug (https://github.com/grpc/grpc-go/pull/7660 and https://github.com/grpc/grpc-go/pull/7668).
Merge request reports
Activity
added bugfunctional groupgitaly typebug labels
assigned to @qmnguyen0711
2 Warnings No milestone was set, nor could it be detected from the issues this merge request closes. This merge request does not refer to an existing milestone. Reviewer roulette
Changes that require review have been detected! A merge request is normally reviewed by both a reviewer and a maintainer in its primary category and by a maintainer in all other categories.
To spread load more evenly across eligible reviewers, Danger has picked a candidate for each review slot. Feel free to override these selections if you think someone else would be better-suited or use the GitLab Review Workload Dashboard to find other available reviewers.
To read more on how to use the reviewer roulette, please take a look at the Engineering workflow and code review guidelines. Please consider assigning a reviewer or maintainer who is a domain expert in the area of the merge request.
Once you've decided who will review this merge request, mention them as you normally would! Danger does not automatically notify them for you.
Category Reviewer Maintainer None @jcaigitlab
(UTC-5, 12 hours behind author)
@echui-gitlab
(UTC+11, 4 hours ahead of author)
If needed, you can retry the
danger-review
job that generated this comment.Generated by
DangerEdited by ****mentioned in merge request !7531 (merged)
@echui-gitlab Could you have a look at this backport? Thank you
requested review from @echui-gitlab
started a merge train
mentioned in commit 28fb87fc