Consul on Kubernetes 1.1.0
Enhanced Envoy Access Logging: Envoy access logs are now centrally managed via the
accessLogsfield within the ProxyDefaults CRD to allow operators to easily turn on access logs for all proxies within the service mesh. Refer to Access logs overview for more information.
Consul Envoy Extensions: The new Envoy extension system enables you to modify Consul-generated Envoy resources outside of the Consul binary. This will allow extensions to add, delete, and modify Envoy listeners, routes, clusters, and endpoints, enabling support for additional Envoy features without changes to the Consul codebase. The new
envoyExtensionsfield in the ProxyDefaults and ServiceDefaults CRDs enable built-in Envoy extensions. Refer to Envoy extensions overview for more information on how to use these extensions.
Envoy Proxy Debugging CLI Commands: This release adds a new command to quickly modify the log level of Envoy proxies for sidecars and gateways for easier debugging. Refer to consul-k8s CLI proxy log command docs for more information.
consul-k8s proxy log podnamecommand for displaying current log levels or updating log levels for Envoy in a given pod.
Connect inject now excludes the
openebsnamespace from sidecar injection by default. If you previously had pods in that namespace that you wanted to be injected, you must now set namespaceSelector as follows:
connectInject: namespaceSelector: | matchExpressions: - key: "kubernetes.io/metadata.name" operator: "NotIn" values: ["kube-system","local-path-storage"]
Note: Consul 1.14.x and 1.13.x are not supported. Please refer to Supported Consul and Kubernetes versions for more detail on choosing the correct
- Consul 1.15.x.
- Consul Dataplane v1.1.x. Refer to Envoy and Consul Dataplane for details about Consul Dataplane versions and the available packaged Envoy version.
- Kubernetes 1.23.x - 1.26.x
kubectl1.23.x - 1.26.x
- Helm 3.6+
For detailed information on upgrading, please refer to the Upgrades page
The following issues are known to exist in the v1.1.0 release:
- Pod Security Standards that are configured for the Pod Security Admission controller are currently not supported by Consul K8s. OpenShift 4.11.x enables Pod Security Standards on Kubernetes 1.25 by default and is also not supported. Support will be added in a future Consul K8s 1.0.x patch release.
The changelogs for this major release version and any maintenance versions are listed below.
Note: The following link takes you to the changelogs on the GitHub website.