Change8

ent-changelog-1.18.0

Breaking Changes
📦 consul-connectView on GitHub →
2 breaking9 features🐛 5 fixes1 deprecations🔧 6 symbols

Summary

Version 1.18.0 shares the Consul Enterprise changelog and introduces several new features, including experimental v2 DNS support and HCP linking capabilities, alongside critical security updates.

⚠️ Breaking Changes

  • config-entries: Disabling request and idle timeouts using negative values in service router and service resolver config entries is now allowed.
  • telemetry: The value of `telemetry.disable_hostname` is now always respected when determining if gauge-type metrics should be prefixed with the hostname, fixing an issue where this was ignored if only the default metric sink was enabled.

Migration Steps

  1. Review the breaking change regarding `telemetry.disable_hostname` if you rely on metric hostname prefixing behavior when using only the default metric sink.
  2. If using experimental DNS features, note that the new implementation will become default in 1.19.
  3. If using Enterprise features, be aware of the new fault injection filter support.
  4. If linking clusters, use the new API/CLI introduced for HCP Consul Central linking.

✨ New Features

  • ACLs: Added policy bindtype to binding rules.
  • Agent: Introduced a new agent config `default_intention_policy` to decouple default intention behavior from ACLs.
  • Agent: (Enterprise Only) Added fault injection filter support for Consul Service Mesh.
  • Cloud: Added new API/CLI to initiate and manage linking a Consul cluster to HCP Consul Central.
  • DNS: Added experimental support for a refactored DNS server compatible with v1 and v2 Catalog. Enable using `v2dns` in the `experiments` agent config. This will be the default in Consul 1.19.
  • UI: Added a banner to prompt users to link their clusters to HCP.
  • UI: Added a redirect and warning message for unavailable UI when V2 is enabled.
  • UI: Added `V2CatalogEnabled` to the config passed to the UI.
  • V2: Prevented the use of v2 experiments in secondary datacenters for now.

🐛 Bug Fixes

  • DNS: Fixed SERVFAIL when resolving not found PTR records.
  • Raft: Fixed panic during downgrade from enterprise to OSS.
  • Server: Ensured controllers are automatically restarted on internal stream errors.
  • Server: Ensured internal streams are properly terminated on snapshot restore.
  • Snapshot Agent: (Enterprise only) Fixed a bug with static AWS credentials when one part (key ID or secret key) is from the config file and the other from an environment variable.

🔧 Affected Symbols

telemetry.disable_hostnameservice router config entriesservice resolver config entriesenvoy.config.core.v3.HeaderValueOption.appendenvoy.config.route.v3.HeaderMatcher.safe_regex_matchenvoy.type.matcher.v3.RegexMatcher.google_re2

⚡ Deprecations

  • DNS features deprecated in Consul 1.18.x are detailed in the [Consul 1.18.x Release Notes](https://developer.hashicorp.com/consul/docs/release-notes/consul/v1_18_x).