1.3.3 (February 15, 2024)
FEATURES:
- helm: introduces
global.metrics.datadog
overrides to streamline consul-k8s datadog integration.
helm: introducesserver.enableAgentDebug
to expose agentenable_debug
configuration.
helm: introducesglobal.metrics.disableAgentHostName
to expose agenttelemetry.disable_hostname
configuration.
helm: introducesglobal.metrics.enableHostMetrics
to expose agenttelemetry.enable_host_metrics
configuration.
helm: introducesglobal.metrics.prefixFilter
to expose agenttelemetry.prefix_filter
configuration.
helm: introducesglobal.metrics.datadog.dogstatsd.dogstatsdAddr
to expose agenttelemetry.dogstatsd_addr
configuration.
helm: introducesglobal.metrics.datadog.dogstatsd.dogstatsdTags
to expose agenttelemetry.dogstatsd_tags
configuration.
helm: introduces requiredad.datadoghq.com/
annotations andtags.datadoghq.com/
labels for integration with Datadog Autodiscovery and Datadog Unified Service Tagging for Consul.
helm: introduces automated unix domain socket hostPath mounting for containerized integration with datadog within consul-server statefulset.
helm: introducesglobal.metrics.datadog.otlp
override options to allow OTLP metrics forwarding to Datadog Agent.
control-plane: addsserver-acl-init
datadog agent token creation for datadog integration. [GH-3407]
IMPROVEMENTS:
- Upgrade to use Go 1.21.7. [GH-3591]
- api-gateway: Apply
connectInject.initContainer.resources
to the init container for API gateway Pods. [GH-3531] - cni: When CNI is enabled, set ReadOnlyRootFilesystem=true and AllowPrivilegeEscalation=false for mesh pod init containers and AllowPrivilegeEscalation=false for consul-dataplane containers (ReadOnlyRootFilesystem was already true for consul-dataplane containers). [GH-3498]
- control-plane: Add
CaseInsensitive
flag to service-routers that allows paths and path prefixes to ignore URL upper and lower casing. [GH-3502] - helm: Change
/bin/sh -ec "<command>"
to/bin/sh -ec "exec <command>"
in helm deployments [GH-3548]
BUG FIXES:
- api-gateway: fix issue where external annotations and labels are being incorrectly deleted on services controlled by the API Gateway [GH-3597]
- mesh-gw: update capabilities on the security context needed for the dataplane container.
Adds NET_BIND_SERVICE to capabilities.add
Adds ALL to capabilities.drop unless .Values.meshGateway.hostNetwork is true [GH-3549]