Cluster Peering (GA): This version promotes Cluster Peering, a new model to federate Consul clusters for both service mesh and traditional service discovery, to General Availability. Cluster peering allows for service interconnectivity with looser coupling than the existing WAN federation. For more information, refer to the cluster peering documentation. Some notable improvements to Cluster Peering include:
Cluster Peering Failover: Cluster Peering now supports the ability to redirect to services running on cluster peers with service resolvers. More details for configuring failover across peers is provided in the Service Resolver failover stanza.
Control Plane traffic over Mesh Gateways: Cluster Peering now supports the establishing peering through Mesh Gateways. More detail on using Mesh Gateways for Cluster Peering are found in Enabling Peering Control Plane Traffic. Mesh Gateways are used by default for Cluster Peering on Kubernetes.
Simplified Service Mesh with Consul Dataplane: Support for a new
consul-dataplane, a lightweight process for managing Envoy proxies introduced in Consul v1.14.0. Consul Dataplane removes the need to run client agents on every node in a cluster for service discovery and service mesh. Instead, Consul deploys sidecar proxies that provide lower latency, support additional runtimes, and integrate with cloud infrastructure providers. Read more in Simplified Service Mesh with Consul Dataplane.
consul-dataplaneis only supported on clusters running on Consul on Kubernetes 1.0+.
- 1.14 adds a new
ports.grpc_tlsconfiguration option. This introduces a new port to better separate TLS config from the existing
ports.grpcconfig. The new
ports.grpc_tlsonly supports TLS encrypted communication. The existing
ports.grpcnow only supports plain-text communication.
- The gRPC TLS port default value to 8503
- Removes support for Envoy 1.20.x and adds Envoy 1.24.0 to support matrix.
Peeron prepared queries and exported services.
- Converts service mesh failover to use Envoy's aggregate clusters. This changes the names of some Envoy dynamic HTTP metrics.
For more detailed information, please refer to the upgrade details page and the changelogs.
The following issues are known to exist in the 1.14.0 release:
Prior to Consul 1.14, cluster peering and Consul service mesh were disabled by default. A breaking change was made in Consul 1.14 that enabled cluster peering and Consul service mesh by default. To disable both, set
connect.enabledto false. The changes to Consul service mesh in version 1.14 are incompatible with Nomad 1.4.2 and earlier. If you operate Consul service mesh using Nomad 1.4.2 or earlier, do not upgrade to Consul 1.14 until hashicorp/nomad#15266 is fixed.
For 1.14.0, there is a known issue with the
consul connect envoyCLI command. If the command is configured to use TLS for contacting the HTTP API, it will also incorrectly enable TLS for gRPC. Users should not upgrade to 1.14.0 if they are using plaintext gRPC connections in conjunction with TLS-encrypted HTTP APIs.
The changelogs for this major release version and any maintenance versions are listed below.
Note: These links take you to the changelogs on the GitHub website.