consul v1.11.0-beta1 Release Notes

Release Date: 2021-10-15 // over 2 years ago
  • ๐Ÿ”‹ FEATURES:

    • partitions: allow for partition queries to be forwarded [GH-11099]
    • sso/oidc: (Enterprise only) Add support for providing acr_values in OIDC auth flow [GH-11026]
    • ๐Ÿ’ป ui: Added initial support for admin partition CRUD [GH-11188]

    ๐Ÿ‘Œ IMPROVEMENTS:

    • api: add partition field to acl structs [GH-11080]
    • audit-logging: (Enterprise Only) Audit logs will now include select HTTP headers in each logs payload. Those headers are: Forwarded, Via, X-Forwarded-For, X-Forwarded-Host and X-Forwarded-Proto. [GH-11107]
    • connect: Add low-level feature to allow an Ingress to retrieve TLS certificates from SDS. [GH-10903]
    • โšก๏ธ connect: update supported envoy versions to 1.19.1, 1.18.4, 1.17.4, 1.16.5 [GH-11115]
    • state: reads of partitions now accept an optional memdb.WatchSet
    • telemetry: Add new metrics for the count of KV entries in the Consul store. [GH-11090]
    • ๐Ÿ”ง telemetry: Add new metrics for the count of connect service instances and configuration entries. [GH-11222]
    • ๐Ÿ’ป ui: Add initial support for partitions to intentions [GH-11129]
    • ๐Ÿ’ป ui: Add uri guard to prevent future URL encoding issues [GH-11117]
    • ๐Ÿšš ui: Move the majority of our SASS variables to use native CSS custom properties [GH-11200]
    • ๐Ÿšš ui: Removed informational panel from the namespace selector menu when editing namespaces [GH-11130]

    ๐Ÿ› BUG FIXES:

    • acl: (Enterprise only) Fix bug in 'consul members' filtering with partitions. [GH-11263]
    • acl: (Enterprise only) ensure that auth methods with namespace rules work with partitions [GH-11323]
    • ๐Ÿ›  acl: fixes the fallback behaviour of down_policy with setting extend-cache/async-cache when the token is not cached. [GH-11136]
    • connect: Fix upstream listener escape hatch for prepared queries [GH-11109]
    • grpc: strip local ACL tokens from RPCs during forwarding if crossing datacenters [GH-11099]
    • server: (Enterprise only) Ensure that servers leave network segments when leaving other gossip pools
    • telemetry: Consul Clients no longer emit Autopilot metrics. [GH-11241]
    • telemetry: fixes a bug with Prometheus consul_autopilot_healthy metric where 0 is reported instead of NaN on servers. [GH-11231]
    • ui: (Enterprise Only) Fix saving intentions with namespaced source/destination [GH-11095]
    • โš  ui: Don't show a CRD warning for read-only intentions [GH-11149]
    • ๐Ÿ’ป ui: Ensure all types of data get reconciled with the backend data [GH-11237]
    • ๐Ÿšš ui: Fixed styling of Role remove dialog on the Token edit page [GH-11298]
    • ๐Ÿ’ป ui: Gracefully recover from non-existant DC errors [GH-11077]
    • ๐Ÿ’ป ui: Ignore reported permissions for KV area meaning the KV is always enabled for both read/write access if the HTTP API allows. [GH-10916]
    • 0๏ธโƒฃ ui: Topology - Fix up Default Allow and Permissive Intentions notices [GH-11216]
    • ๐Ÿ’ป ui: hide create button for policies/roles/namespace if users token has no write permissions to those areas [GH-10914]
    • xds: ensure the active streams counters are 64 bit aligned on 32 bit systems [GH-11085]
    • โšก๏ธ xds: fixed a bug where Envoy sidecars could enter a state where they failed to receive xds updates from Consul [GH-10987]
    • ๐Ÿ›  Fixing SOA record to return proper domain when alt domain in use. [GH-10431]