mirror of https://github.com/status-im/consul.git
61 lines
4.1 KiB
Plaintext
61 lines
4.1 KiB
Plaintext
---
|
|
layout: docs
|
|
page_title: 1.0.x
|
|
description: >-
|
|
Consul on Kubernetes release notes for version 1.0.x
|
|
---
|
|
|
|
# Consul on Kubernetes 1.0
|
|
|
|
## Release Highlights
|
|
|
|
- ** Simplified Service Mesh Deployments with Consul Dataplane:** Consul client agents are no longer deployed by default, and Consul service mesh no longer uses Consul clients to operate. A new component `consul-dataplane` is now injected as a sidecar-proxy instead of plain Envoy. `consul-dataplane` manages the Envoy proxy process and proxies xDS requests from Envoy to Consul servers. All service mesh consul-k8s components are configured to talk directly to Consul servers.
|
|
|
|
- **Consul API Gateway 0.5.0 Support:** Support to run Consul API Gateway without clients and allow Consul API Gateway to directly connect to Consul servers.
|
|
|
|
## What's Changed
|
|
|
|
- `client.enabled` now defaults to `false`. Setting it to true will deploy client agents, however, none of the consul-k8s components will use clients for their operation. For Vault on Kubernetes using Consul deployed on Kubernetes as a storage backend, `client.enabled` should be set to `true` prior to upgrading.
|
|
- `externalServers.grpcPort` default is now 8502 instead of 8503.
|
|
- Consul snapshot agent runs as a sidecar to Consul servers. <EnterpriseAlert inline />
|
|
- `client.snapshotAgent` values are moved to `server.snapshotAgent`, with the exception of the following values: `client.snaphostAgent.replicas`, `client.snaphostAgent.serviceAccount`
|
|
- `global.secretsBackend.vault.consulSnapshotAgentRole` value is now removed. You should now use the `global.secretsBackend.vault.consulServerRole` for access to any Vault secrets.
|
|
- Support simplified default deployment values to allow for easier quick starts and testing:
|
|
* Set `server.replicas` to `1`. Formerly, this defaulted to `3`.
|
|
* `connectInject.enabled` now defaults to true.
|
|
* `dns.enabled` and `dns.enableRedirection` will now default to the value of `connectInject.transparentProxy.defaultEnabled`. Previously, `dns.enabled` defaulted to the value of `global.enabled` and `dns.enableRedirection` defaulted to the value to `false`.
|
|
* Set `connectInject.replicas` to 1
|
|
* Set `meshGateway.affinity` to null and `meshGateway.replicas` to 1
|
|
* Set `ingressGateways.defaults.affinity` to null and `ingressGateways.defaults.replicas` to 1
|
|
* Set `terminatingGateways.defaults.affinity` to null and `terminatingGateways.defaults.replicas` to 1
|
|
* `syncCatalog.consulNamespaces.mirroringK8S` now defaults to `true`. <EnterpriseAlert inline />
|
|
* `connectInject.consulNamespaces.mirroringK8S` now defaults to `true`. <EnterpriseAlert inline />
|
|
- `global.imageEnvoy` is now replaced with `global.imageConsulDataplane` for running the sidecar proxy. apiGateway.imageEnvoy` is now available for configuring the version of Envoy that the API Gateway uses.
|
|
|
|
## Supported Software
|
|
|
|
~> **Note:** Consul 1.13.x and 1.12.x is not supported. Please use Consul K8s 0.49.x if you want to use Consul 1.13.x or 1.12.x.
|
|
- Consul 1.14.x.
|
|
- Consul Dataplane v1.0.x. Refer to [Envoy and Consul Dataplane](/docs/connect/proxies/envoy#envoy-and-consul-dataplane) for details about Consul Dataplane versions and the available packaged Envoy version.
|
|
- Kubernetes 1.22.x - 1.25.x
|
|
- `kubectl` 1.22.x - 1.25.x
|
|
- Helm 3.6+
|
|
|
|
## Upgrading
|
|
|
|
For detailed information on upgrading, please refer to the [Upgrades page](/docs/k8s/upgrade)
|
|
|
|
## Known Issues
|
|
|
|
The following issues are known to exist in the v1.0.0 release:
|
|
|
|
- Pod Security Standards that are configured for the [Pod Security Admission controller](https://kubernetes.io/blog/2022/08/25/pod-security-admission-stable/) are currently not supported by Consul K8s. OpenShift 4.11.x enables Pod Security Standards on Kubernetes 1.25 [by default](https://connect.redhat.com/en/blog/important-openshift-changes-pod-security-standards) and is also not supported. Support will be added in a future Consul K8s 1.0.x patch release.
|
|
|
|
## Changelogs
|
|
|
|
The changelogs for this major release version and any maintenance versions are listed below.
|
|
|
|
~> **Note:** The following link takes you to the changelogs on the GitHub website.
|
|
|
|
- [1.0.0](https://github.com/hashicorp/consul-k8s/releases/tag/v1.0.0)
|