Release notesV2.4

Version 2.4 release notes

Loki 2.4 focuses on two items:

  • Making it easier to get your logs into Loki.
  • Making Loki easier to run and operate. Anyone not using Kubernetes or avoiding microservices should pay close attention: this release has a lot for you.

Features and enhancements

All in all, about 260 PR’s went into Loki 2.4, and we thank everyone for helping us make the best Loki yet.

For a full list of all changes please look at the CHANGELOG.

Upgrade Considerations

Please read the upgrade guide before updating Loki.

We made a lot of changes to Loki’s configuration as part of this release. We have tried our best to make sure changes are compatible with existing configurations, however some changes to default limits may impact users who didn’t have values explicitly set for these limits in their configuration files.

Here is a list of limit defaults that have changed:

confignew defaultold default
ingestion_rate_strategy“global”“local”
max_global_streams_per_user50000 (no limit)
max_query_length“721h”“0h” (no limit)
max_query_parallelism3214
max_streams_per_user0 (no limit)10000
reject_old_samplestruefalse
reject_old_samples_max_age“168h”“336h”
per_stream_rate_limit3MB-
per_stream_rate_limit_burst15MB-

We have enabled the in-memory FIFO cache by default when no existing external cache is configured. This helps improve Loki’s performance, however it will also allow Loki to consume more memory.

Bug fixes

2.4.1 bug fixes

2.4.1 fixes two important bugs in the 2.4.0 release:

  • PR 4687 owen-d: Eliminate a compactor panic when not using a tenant overrides file.
  • PR 4681 slim-bean: Correct the initialization of the read target. Incorrect initialization resulted in query gaps after a chunk was flushed and before the querier downloaded new index tables.

2.4.0 bug fixes

Here are some of the more important fixes in version 2.4.0:

  • PR 4598 kavirajk: Fix the IP matcher lexer to differentiate a filter from an identifier.
  • PR 4563 cyriltovena: Fixes the Series function to properly handle sharding.
  • PR 4518 slim-bean: Fixes a bug in which items are returned to a sync.Pool incorrectly.
  • PR 4411 slim-bean: Fixes a frontend bug which caused it to wait for results which would never arrive.
  • PR 4238 liguozhong: Fixes a distributor goroutine leak.

Security fixes

2.4.0 security fixes

Version 2.4.0 contains one security-related fix:

  • PR 4627 Explicitly define allowed HTTP methods on HTTP endpoints.

    A community user noticed that all Loki endpoints would respond to HTTP OPTIONS requests, and the proxy they placed in front of Loki responsible for HTTP authentication would pass OPTIONS requests unauthenticated to Loki, allowing users to make unauthenticated/unauthorized queries to Loki. The fix restricts the type of HTTP methods allowed on each endpoint and disallows OPTIONS requests.