Releases: openzipkin/zipkin
Zipkin 3.0.5
Zipkin 3.0.5 cleans up CVEs and supports Eureka authentication. We also allow those testing with Cassandra to disable SSL hostname verification. While this is a point version, quite a lot of work went into this. Please thank volunteers involved on gitter or otherwise!
Dependency updates
Most notably, this updates our docker image to use JRE 21.0.2_p13, and all recent java libraries. We audited the UI and were able to fix all CVEs identified by Trivy and used at runtime, with special thanks to @anuraaga on this. We also test with latest Elasticsearch 8.12.0, now. This was trickier than usual due to a JRE compatibility issue @reta discovered a workaround for, and will be resolved when ES 8.12.1 is out. Rag and Andriy made themselves available and are the reason this release is all polished.
Eureka authentication
Zipkin 2.27 added Eureka discovery support, but we missed a spot. Eureka supports BASIC authentication via user info embedded in the service url. e.g. http://user:password@localhost:8761/eureka/v2. This is also handled the same way in spring-cloud-netflix. By also allowing url-embedded credentials, folks can use the same properties with zipkin as they do elsewhere.
To achieve this, and test it fully, we updated the following:
- Our test eureka server image, ghcr.io/openzipkin/zipkin-eureka, to require authentication via
EUREKA_USERNAMEandEUREKA_PASSWORD - Our test armeria client image, ghcr.io/openzipkin/brave-example:armeria, to pass embedded credentials when looking up zipkin via
EUREKA_SERVICE_URL - Our main code (applicable to all zipkin packaging) to use embedded credentials when registering via
EUREKA_SERVICE_URL - Our docker-compose example to suggest how you can try the whole thing integrated.
Thanks for your patience with supporting this option, we hope you can tell that doing it right was a lot of work, and why we didn't just "wing it" earlier!
Disabling Cassandra hostname verification
Cassandra includes a setting for disabling hostname validation when using SSL, which is helpful for self-signed certificates.
Thanks to @priyavivek2307 and @ankit-gautam23 for review, you can disable this now, by setting the env CASSANDRA_SSL_HOSTNAME_VALIDATION=false
Full Changelog: https://github.com/openzipkin/zipkin/compare/3.0.4..3.0.5
Contributors
Assets 2
Zipkin 3.0.4
Zipkin 3.0.4 fixes a packaging bug which caused the UI to not load. Thanks @jinyulei0710 for reporting!
Contributors
Assets 2
Zipkin 3.0.3
Zipkin 3.0.3 updates its self-tracing to use the latest zipkin-reporter 3.2.1. It also enhances the Eureka example to include client tracing with Armeria services support.
Zipkin 3.0.2
Zipkin 3.0.2 removes a log warning from console output.
You may also be interested in the new homebrew formula. On mac or linux, you can now try zipkin via brew install zipkin
Zipkin 3.0
Zipkin 3.0 updates to Spring Boot 3 and floor JRE 17. The core library io.zipkin.zipkin2:zipkin now targets Java 8. This is a major version change for these reasons.
Apart from raising the server's Java target to 17, actual changes for Spring Boot 3 were a breeze. Upgrade breeze is not by accident, rather thanks to conscious thinking by the Spring Boot team. Please thank them for the good work!
On Java version changes
Recent releases of Zipkin use JRE 21 in docker images, as that's the latest LTS. The server now requires JRE 17 because that's the minimal Java target allowed by Spring Boot 3. JDK 17 no longer supports compilation below Java 8, which impacted our version range. The next notes cover impacts on the core library.
io.zipkin.zipkin2:zipkin now targets Java 8, formerly Java 6. Libraries who need to retain Java 6 or old Android versions should stay on 2.x or move to latest zipkin-reporter-brave which still supports Java 6. This should not impact many because known libraries that depend on zipkin require Java 8 or later.
Again, Zipkin Reporter 3 and Brave 6 no longer have a strict dependency on io.zipkin.zipkin2:zipkin so, still support Java 6.
Notable updates
As this is a major version update, we updated all server extensions we maintain, including:
- zipkin-aws (docker openzipkin/zipkin-aws)
- zipkin-gcp (docker openzipkin/zipkin-gcp)
- zipkin-storage-kafka (docker ghcr.io/openzipkin-contrib/zipkin-storage-kafka)
- zipkin-storage-forwarder (docker ghcr.io/openzipkin-contrib/zipkin-storage-forwarder)
We also opened a contrib repository for OpenTelemetry zipkin-otel. It is currently empty because the code changes requested haven't migrated, yet. Please watch this if interested or help make it similar to zipkin-gcp.
Also, based on popular demand, zipkin will be added to homebrew soon. Please track this PR for updates.
Finally, have a look at the community page if you are new to zipkin or want to reach out and let people know what's new. Let's look forward to many more years of stable simple tracing together!
Zipkin 2.27.0
Zipkin 2.27.0 adds Eureka integration and adds a docker HEALTHCHECK timeout to ensure abhorrent checks take no longer than one second. Thanks a lot to @anuraaga @rogierslag and @reta for support on this release.
Eureka
Eureka is a service registry originally started at Netflix. Zipkin can register itself in Eureka, allowing traced services to discover its listen address and health state. This is enabled when EUREKA_SERVICE_URL is set to a valid v2 endpoint of the Eureka REST API.
Example usage:
$ EUREKA_SERVICE_URL=http://localhost:8761/eureka/v2 java -jar zipkin.jarNote: Eureka server registration only includes host and port details. Tracers need to resolve this to the POST endpoint "/api/v2/spans". See our server documentation for more.
Note: This setting does not cause Zipkin to use Eureka to discover any configured dependencies such as Kafka or Elasticsearch. If you need something like this, please open an issue and discuss your setup.
Other service registries
We added Eureka first first due to popular demand. If you need Consul please find or open an issue. Consul should be easy as Zipkin is an Armeria app, and Armeria already supports it. Similar situation with ZooKeeper (which was how zipkin was originally discovered at Twitter!). Nacos has been requested, but not in a long time. If interested, please π the corresponding issue. We might need a hand with Nacos.
Full Changelog: 2.26.0...2.27.0
Contributors
Assets 2
Zipkin 2.26.0
Zipkin 2.26.0 supports Elasticsearch 8.x and drops testing for 6.x which is no longer supported by Elastic. It also sets the minimum server JRE to 11, despite the core jar remaining Java 1.6 compatible for instrumentation. Finally, this updates the UI's react dependencies.
Thanks @fazilali for adding the main code to support Elasticsearch 8.x, something in high demand! Also thanks to @tacigar for the continued hard work on the UI!
Full Changelog: 2.25.2...2.26.0
Contributors
Assets 2
Zipkin 2.25.2
Zipkin 2.25.2 adds the ppc64le architecture to our production zipkin and zipkin-slim images. It also fixes a couple docker crashes when run on Apple Silicon. Finally, we documented how to run the Elasticsearch Service Depedencies graph job ad-hoc, as it has been frequently asked about.
Special thanks to @NishikantThorat from Knative for the help progressing ppc64le, as well @anuraaga for lots of review support.
Full Changelog: 2.25.1...2.25.2
Contributors
Assets 2
Zipkin 2.25.1
Zipkin 2.25.1 sets a milestone where a trivy scan of our openzipkin/zipkin:2.25.1 docker image came clear of all vulnerabilities:
$ trivy image openzipkin/zipkin:2.25.1
2023-12-14T21:38:42.716+0700 INFO Vulnerability scanning is enabled
2023-12-14T21:38:42.717+0700 INFO Secret scanning is enabled
2023-12-14T21:38:42.717+0700 INFO If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2023-12-14T21:38:42.717+0700 INFO Please see also https://aquasecurity.github.io/trivy/v0.48/docs/scanner/secret/#recommendation for faster secret detection
2023-12-14T21:38:47.299+0700 INFO Detected OS: alpine
2023-12-14T21:38:47.299+0700 WARN This OS version is not on the EOL list: alpine 3.19
2023-12-14T21:38:47.299+0700 INFO Detecting Alpine vulnerabilities...
2023-12-14T21:38:47.301+0700 INFO Number of language-specific files: 1
2023-12-14T21:38:47.301+0700 INFO Detecting jar vulnerabilities...
openzipkin/zipkin:2.25.1 (alpine 3.19.0)
Total: 0 (UNKNOWN: 0, LOW: 0, MEDIUM: 0, HIGH: 0, CRITICAL: 0)There was a lot of PR review support and again we have @anuraaga to thank for being so available to keep things moving. We'd also like to thank @tacigar for progress on renovating the Lens UI, resulting in a significant drop in NPM vulnerabilities as well.
Full Changelog: 2.25.0...2.25.1
Contributors
Assets 2
Zipkin 2.25.0
Zipkin 2.25.0 was an infrastructure refactoring release with no significant main code changes from 2.24.4. This is a bridge version for those who extend zipkin with a few notable changes:
- New zipkin-activemq and zipkin-rabbitmq test images. Now, we have a test image for every combination of collector and storage.
- Removal of junit 4.x dependency. zipkin-junit is no longer published in favor of zipkin-junit5.
- Improved practice of AssertJ, JUnit Jupiter and SLF4J thanks to automated refactoring by @TeamModerne and great support by @timtebeek.
Full Changelog: 2.24.4...2.25.0
