Change8

ent-changelog-1.19.0

Breaking Changes
📦 consul-connectView on GitHub →
1 breaking4 features🐛 3 fixes1 deprecations🔧 5 symbols

Summary

This release introduces a refactored, v1/v2 Catalog compatible DNS server by default and adds support for filesystem-based TLS certificates for API Gateways. It also addresses security vulnerabilities via dependency upgrades and modifies telemetry metric naming conventions.

⚠️ Breaking Changes

  • Telemetry state store usage metrics with a double `consul` element in the metric name have been removed. Consumers must use the same metric without the second `consul` (e.g., use `consul.state.config_entries` instead of `consul.consul.state.config_entries`).

Migration Steps

  1. If you rely on telemetry metrics named with a double `consul` element (e.g., `consul.consul.state.config_entries`), update your monitoring to use the metric name without the second `consul` (e.g., `consul.state.config_entries`).
  2. For snapshot agent configuration (Enterprise only), migrate top-level snapshot destinations (`local_storage`, etc.) to use the `backup_destinations` config object.

✨ New Features

  • DNS queries now default to a refactored DNS server that is v1 and v2 Catalog compatible. The legacy server can be disabled using `v1dns` in the `experiments` agent config.
  • API Gateway can leverage listener TLS certificates from the gateway's local filesystem by specifying the public certificate and private key path in the new `file-system-certificate` configuration entry.
  • Added `consul snapshot decode` CLI command to output a JSON object stream of all snapshot data.
  • Telemetry: Added `telemetry.disable_per_tenancy_usage_metrics` agent configuration option to disable setting tenancy labels on usage metrics, improving performance in clusters with many admin partitions or namespaces.

🐛 Bug Fixes

  • Resolved an issue where the new DNS version did not support partition or namespace being set to 'default' in the CE version.
  • Fixed error logs when failing to push metrics to HCP.
  • Handled ACL errors consistently when blocking query timeout is reached in streaming operations.

🔧 Affected Symbols

telemetry metrics (state store usage)dns serverapi-gateway listener TLS configurationsnapshot agent configurationconsul snapshot decode CLI

⚡ Deprecations

  • Snapshot agent (Enterprise only): Top level single snapshot destinations `local_storage`, `aws_storage`, `azure_blob_storage`, and `google_storage` in snapshot agent configuration files are deprecated. Users must use the `backup_destinations` config object instead.