@@ -10,10 +10,19 @@ Larger modules still graduate through later minor releases.
1010
1111## Current Release Goal
1212
13- Fluxheim ` 1.0.0 ` is the first gateway-ready baseline: static sites, SNI-backed
14- TLS vhosts, route redirects, location-style proxying, websocket-safe proxy
15- headers, directory listing, static aliases, cleartext ACME challenge
16- exceptions, default HTTP service packaging, and native systemd deployment.
13+ Fluxheim ` 1.6.x ` is the Pingora-exit line. Its goal is to remove Pingora from
14+ every normal Fluxheim build by replacing the server/listener/TLS, cache,
15+ load-balancer, stream, HTTP type/error, upstream pooling, and HTTP proxy runtime
16+ boundaries with Fluxheim-owned crates and standard Rust protocol libraries,
17+ while preserving behavior with baseline evidence and parity fixtures.
18+
19+ Historical milestones:
20+
21+ Fluxheim ` 1.0.0 ` was the first gateway-ready baseline: static sites,
22+ SNI-backed TLS vhosts, route redirects, location-style proxying,
23+ websocket-safe proxy headers, directory listing, static aliases, cleartext ACME
24+ challenge exceptions, default HTTP service packaging, and native systemd
25+ deployment.
1726
1827Fluxheim ` 1.1.0 ` added TLS policy hardening plus ACME runtime issuance and
1928renewal for Let's Encrypt and Actalis, so deployments do not depend on manual
@@ -121,16 +130,15 @@ game-server UDP proxying; DNS/GSLB traffic steering as a separate control-plane
121130track for health-aware DNS answers, regional policy, TTL behavior, failover,
122131and DNSSEC/evidence requirements; and xDS/Kubernetes/Consul discovery after
123132runtime backend mutation has proven safe locally.
124- ` 1.6 ` is planned as the shared Wasm extensibility release for the kinds of
125- operator policy normally solved with F5 iRules, nginx Lua/OpenResty, HAProxy
126- Lua/SPOE, and VCL-style cache logic. It should support conditional routing,
127- pool selection, persistence-key decisions, request denial/synthetic responses,
128- header mutation, logging/redaction, and cache policy through one sandboxed
129- runtime. It is not meant to be syntax-compatible with iRules or Lua, but it
130- should cover the same operational jobs with typed Fluxheim context and strict
131- resource limits. Sentinel Mesh/WireGuard, advanced certificate automation, and
132- larger application-server features remain later minor releases according to the
133- versioning plan.
133+ ` 1.6 ` is the Pingora-exit release line. It starts with baseline evidence,
134+ crate-boundary policy, runtime parity fixtures, dependency exception gates, and
135+ small Fluxheim-owned runtime proof primitives, then removes Pingora dependency
136+ surface profile by profile. The line should keep behavior stable while moving
137+ code into focused crates where that reduces review surface. Shared Wasm
138+ extensibility moves to ` 1.7 ` ; it should cover the operational jobs normally
139+ solved with F5 iRules, nginx Lua/OpenResty, HAProxy Lua/SPOE, and VCL-style
140+ cache logic, but only after the Pingora-free runtime boundary is stable. HTTP/3
141+ and QUIC remain a later Fluxheim-owned protocol milestone after that.
134142Future "edge firewall" and "TLS VPN gateway" modes are realistic only as
135143separate product modes, not as accidental load-balancer options. They would
136144need dedicated compile profiles, threat models, packet/routing ownership,
@@ -211,14 +219,14 @@ upstream TLS material loading, and load-balancer factory/background wiring are
211219tracked in the future native stream, load-balancer core, server/listener/TLS,
212220and HTTP proxy runtime milestones instead of being treated as forgotten
213221leftovers.
214- After the smaller ` 1.5 ` dependency-reduction work and the ` 1.6 ` Wasm runtime,
215- track two larger architecture lines separately : a Fluxheim-owned server
216- bootstrap/listener/TLS runtime to replace Pingora ` Server ` , service
217- registration, signal handling, hot-restart fd passing, and TLS listener
218- configuration where that control is worth the complexity; and a later
219- Fluxheim-owned HTTP proxy runtime to replace Pingora ` ProxyHttp ` /` Session ` with
220- a linear request/response pipeline. These are major-release-sized projects, not
221- minor cleanup items .
222+ After the smaller ` 1.5 ` dependency-reduction work, ` 1.6 ` owns the larger
223+ architecture cleanup : a Fluxheim-owned server bootstrap/listener/TLS runtime to
224+ replace Pingora ` Server ` , service registration, signal handling, hot-restart fd
225+ passing, and TLS listener configuration where that control is worth the
226+ complexity; plus a Fluxheim-owned HTTP proxy runtime to replace Pingora
227+ ` ProxyHttp ` /` Session ` with a linear request/response pipeline. The work is split
228+ across the ` 1.6.x ` line with baseline and parity gates instead of being treated
229+ as incidental cleanup .
222230Active load-balancer health checks should grow in focused slices before the
223231larger protocol/runtime work: first close the HTTP request-header gap, add the
224232standard gRPC Health Checking Protocol, add simple JSON field validation for
@@ -1675,7 +1683,7 @@ without parsing text fixtures for every module.
1675168324 . ** Future WASM Extensibility**
16761684 - Architecture and security plan documented in
16771685 [ WASM Extensibility] ( docs/wasm-extensibility.md ) .
1678- - Target release: ` 1.6 ` as one shared extension runtime, not a partial
1686+ - Target release: ` 1.7 ` as one shared extension runtime, not a partial
16791687 cache-only ` 1.2.x ` implementation.
16801688 - WASM support must be optional, compile-time gated, and disabled by
16811689 default. Planned features:
0 commit comments