Consul
Consul 1.9.0
Release Highlights
Application-Aware Intentions: A new set of capabilities that extends Consul's intentions model to support Layer 7 request information. Intentions now provide the ability for operators to construct policies which evaluate application-layer information such as HTTP Path, Headers, or Method – in addition to service identity – when authorizing HTTP-based (HTTP/1.1, HTTP/2, gRPC) service-to-service communication.
Service Mesh Visualization: This addition provides a new topology tab to the Consul UI which displays topology diagrams and key service mesh metrics like request, error rates, and timing metrics. These new features will assist developers and operators in verifying configuration and troubleshooting issues within the service mesh. The UI also supports deep linking into your external metrics dashboards.
Improved Metrics and Grafana Dashboard: Consul 1.9 additionally updates several metrics to reduce cardinality in metric names in favor of the best practice of using labels instead and provides a Grafana dashboard template that exposes the most important metrics associated with the Consul datacenter for operators.
Custom Resources for Kubernetes: Consul now provides a Kubernetes-first experience through CRDs to allow practitioners to easily configure Consul service mesh via Kubernetes-style objects.
Deploy Consul in OpenShift: Enable installing Consul via Helm chart in OpenShift. We've now ensured that Consul Kubernetes runs on OpenShift securely by ensuring that Consul runs as non-root and also provided a set of SecurityContextConstraints to deploy Consul securely.
- Installing Consul on OpenShift should now be as simple as running a Helm install with the
global.openshift.enabled
set totrue
.
- Installing Consul on OpenShift should now be as simple as running a Helm install with the
Active Health Checks for Consul on Kubernetes: Consul service mesh now integrates with Kubernetes Readiness probes. This provides the ability to natively detect health status from Kubernetes via Readiness probe, and is then used for directing service mesh traffic.
Streaming: This feature introduces a major architectural enhancement in how update notifications for blocking queries are delivered within the cluster. Streaming results in very significant reduction of CPU and network bandwidth usage on Consul servers in large-scale deployments. Streaming is particularly helpful in scaling blocking queries in Consul clusters that have rapid changes in service state.
- Streaming is now available for the service health HTTP endpoint, and can be enabled through the
use_streaming_backend
client configuration option, andrpc.enable_streaming
option on the servers. We will continue to enable streaming in more endpoints in subsequent releases.
- Streaming is now available for the service health HTTP endpoint, and can be enabled through the
What's Changed
- Consul 1.9 is built with Go 1.15, which has dropped support for 32-bit binaries for Darwin/macOS, so we will no longer be issuing darwin_386 builds for Consul 1.9.x or newer.
- Drops support for Envoy versions 1.12.0, 1.12.1, 1.12.2, and 1.13.0
- Switches the default gateway port from 443 to 8443 to avoid assumption of Envoy running as root.
Refer to the changelog for additional information.
Changelogs
The changelogs for this major release version and any maintenance versions are listed below.
Note: These links will take you to the changelogs on the GitHub website.