github hashicorp/consul v1.11.0-beta1

pre-release3 years ago

1.11.0-beta1 (October 15, 2021)

FEATURES:

  • partitions: allow for partition queries to be forwarded [GH-11099]
  • sso/oidc: (Enterprise only) Add support for providing acr_values in OIDC auth flow [GH-11026]
  • ui: Added initial support for admin partition CRUD [GH-11188]

IMPROVEMENTS:

  • api: add partition field to acl structs [GH-11080]
  • audit-logging: (Enterprise Only) Audit logs will now include select HTTP headers in each logs payload. Those headers are: Forwarded, Via, X-Forwarded-For, X-Forwarded-Host and X-Forwarded-Proto. [GH-11107]
  • connect: Add low-level feature to allow an Ingress to retrieve TLS certificates from SDS. [GH-10903]
  • connect: update supported envoy versions to 1.19.1, 1.18.4, 1.17.4, 1.16.5 [GH-11115]
  • state: reads of partitions now accept an optional memdb.WatchSet
  • telemetry: Add new metrics for the count of KV entries in the Consul store. [GH-11090]
  • telemetry: Add new metrics for the count of connect service instances and configuration entries. [GH-11222]
  • ui: Add initial support for partitions to intentions [GH-11129]
  • ui: Add uri guard to prevent future URL encoding issues [GH-11117]
  • ui: Move the majority of our SASS variables to use native CSS custom
    properties [GH-11200]
  • ui: Removed informational panel from the namespace selector menu when editing
    namespaces [GH-11130]

BUG FIXES:

  • acl: (Enterprise only) Fix bug in 'consul members' filtering with partitions. [GH-11263]
  • acl: (Enterprise only) ensure that auth methods with namespace rules work with partitions [GH-11323]
  • acl: fixes the fallback behaviour of down_policy with setting extend-cache/async-cache when the token is not cached. [GH-11136]
  • connect: Fix upstream listener escape hatch for prepared queries [GH-11109]
  • grpc: strip local ACL tokens from RPCs during forwarding if crossing datacenters [GH-11099]
  • server: (Enterprise only) Ensure that servers leave network segments when leaving other gossip pools
  • telemetry: Consul Clients no longer emit Autopilot metrics. [GH-11241]
  • telemetry: fixes a bug with Prometheus consul_autopilot_healthy metric where 0 is reported instead of NaN on servers. [GH-11231]
  • ui: (Enterprise Only) Fix saving intentions with namespaced source/destination [GH-11095]
  • ui: Don't show a CRD warning for read-only intentions [GH-11149]
  • ui: Ensure all types of data get reconciled with the backend data [GH-11237]
  • ui: Fixed styling of Role remove dialog on the Token edit page [GH-11298]
  • ui: Gracefully recover from non-existant DC errors [GH-11077]
  • ui: Ignore reported permissions for KV area meaning the KV is always enabled
    for both read/write access if the HTTP API allows. [GH-10916]
  • ui: Topology - Fix up Default Allow and Permissive Intentions notices [GH-11216]
  • ui: hide create button for policies/roles/namespace if users token has no write permissions to those areas [GH-10914]
  • xds: ensure the active streams counters are 64 bit aligned on 32 bit systems [GH-11085]
  • xds: fixed a bug where Envoy sidecars could enter a state where they failed to receive xds updates from Consul [GH-10987]
  • Fixing SOA record to return proper domain when alt domain in use. [GH-10431]

Don't miss a new consul release

NewReleases is sending notifications on new releases.