From df7b7a6b3dc953ed3e864fd64dc281dfe7dd26e7 Mon Sep 17 00:00:00 2001 From: nrichu-hcp Date: Thu, 29 Sep 2022 13:58:43 -0400 Subject: [PATCH] draft release notes --- .../docs/release-notes/consul-k8s/v0_49_x.mdx | 66 +++++++++++++++++++ website/data/docs-nav-data.json | 4 ++ 2 files changed, 70 insertions(+) create mode 100644 website/content/docs/release-notes/consul-k8s/v0_49_x.mdx diff --git a/website/content/docs/release-notes/consul-k8s/v0_49_x.mdx b/website/content/docs/release-notes/consul-k8s/v0_49_x.mdx new file mode 100644 index 0000000000..9393c19f9c --- /dev/null +++ b/website/content/docs/release-notes/consul-k8s/v0_49_x.mdx @@ -0,0 +1,66 @@ +--- +layout: docs +page_title: 0.49.x +description: >- + Consul on Kubernetes release notes for version 0.49.x +--- + +# Consul on Kubernetes 0.49.0 + +## Release Highlights + +- **Consul CNI Plugin**: This release introduces the Consul CNI Plugin for Consul on Kubernetes, to allow for configuring traffic redirection rules without escalated container privileges such as `CAP_NET_ADMIN`. Refer to [Enable the Consul CNI Plugin](/docs/k8s/installation/install#enable-the-consul-cni-plugin) for more details. The Consul CNI Plugin is supported for Consul K8s 0.49.0+ and Consul 1.13.1+. + +- **Kubernetes 1.24 Support**: Add support for Kubernetes 1.24 where ServiceAccounts no longer have long-term JWT tokens. [[GH-1431](https://github.com/hashicorp/consul-k8s/pull/1431)] + +- **MaxInboundConnections in service-defaults CRD**: Add support for MaxInboundConnections on the Service Defaults CRD. [[GH-1437](https://github.com/hashicorp/consul-k8s/pull/1437)] + +- **API Gateway: ACL auth when using WAN Federation**: Configure ACL auth for controller correctly when deployed in secondary datacenter with federation enabled [[GH-1462](https://github.com/hashicorp/consul-k8s/pull/1462)] + +## What has Changed + +- **Kubernetes 1.24 Support for multiport applications require Kubernetes secrets**: Users deploying multiple services to the same Pod (multiport) on Kubernetes 1.24+ must also deploy a Kubernetes secret for each ServiceAccount associated with the Consul service. The name of the Secret must match the ServiceAccount name and be of type `kubernetes.io/service-account-token` +Example: + + ```yaml + apiVersion: v1 + kind: Secret + metadata: + name: svc1 + annotations: + kubernetes.io/service-account.name: svc1 + type: kubernetes.io/service-account-token + --- + apiVersion: v1 + kind: Secret + metadata: + name: svc2 + annotations: + kubernetes.io/service-account.name: svc2 + type: kubernetes.io/service-account-token + ``` + +## Supported Software + +- Consul 1.11.x, Consul 1.12.x and Consul 1.13.1+ +- Kubernetes 1.19-1.24 +- Kubectl 1.19+ +- Envoy proxy support is determined by the Consul version deployed. Refer to + [Envoy Integration](/docs/connect/proxies/envoy) for details. + +## Upgrading + +For detailed information on upgrading, please refer to the [Upgrades page](/docs/k8s/upgrade) + +## Known Issues +The following issues are know to exist in the v0.49.0 release: + +- Consul CNI Plugin currently does not support RedHat OpenShift as the CNI Plugin Daemonset requires additional SecurityContextConstraint objects to run on OpenShift. Support for OpenShift will be added in an upcoming release. + +## Changelogs + +The changelogs for this major release version and any maintenance versions are listed below. + +~> **Note:** The following link takes you to the changelogs on the GitHub website. + +- [0.49.0](https://github.com/hashicorp/consul-k8s/releases/tag/v0.49.0) diff --git a/website/data/docs-nav-data.json b/website/data/docs-nav-data.json index 6b94e594bd..5004b0c949 100644 --- a/website/data/docs-nav-data.json +++ b/website/data/docs-nav-data.json @@ -141,6 +141,10 @@ { "title": "Consul K8s", "routes": [ + { + "title": "v0.49.x", + "path": "release-notes/consul-k8s/v0_49_x" + }, { "title": "v0.48.x", "path": "release-notes/consul-k8s/v0_48_x"