connect: Support Vault auth methods for the Connect CA Vault provider.connect: Consul will now generate a unique virtual IP for each connect-enabled service (this will also differ across namespace/partition in Enterprise).connect: Add low-level feature to allow an Ingress to retrieve TLS certificates from SDS.connect/ca: cease including the common name field in generated x509 non-CA certificates.config: warn the user if client_addr is empty because client services won't be listening.config: add dns_config.recursor_strategy flag to control the order which DNS recursors are queried.config: Support Check-And-Set (CAS) deletion of config entries.config: (Enterprise Only) Allow specifying permission mode for audit logs.cli: Add -cas and -modify-index flags to the consul config delete command to support Check-And-Set (CAS) deletion of config entries.checks: add failures_before_warning setting for interval checks.api: Enable setting query options on agent health and maintenance endpoints.agent: add variation of force-leave that exclusively works on the WAN.acl: replication routine to report the last error message.ui: Topology - New views for scenarios where no dependencies exist or ACLs are disabled.ui: Adds visible Consul version information.ui: Adds a copy button to each composite row in tokens list page, if Secret ID returns an actual ID.ui: Adding support of Consul API Gateway as an external source.ui: Add UI support to use Vault as an external source for a service.health-checks: add support for h2c in http2 ping health checks.ca: Add a configurable TTL to the AWS ACM Private CA provider root certificate.The configuration is supported by the Vault and Consul providers. ca: Add a configurable TTL for Connect CA root certificates.For more information refer to the Admin Partition documentation.
Admin Partitions (Consul Enterprise only) This version adds admin partitions, a new entity defining administrative and networking boundaries within a Consul deployment.rpc: authorize raft requests CVE-2021-37219.namespaces: (Enterprise only) Creating or editing namespaces that include default ACL policies or ACL roles now requires acl:write permission in the default namespace.cli: consul acl set-agent-token master has been replaced with consul acl set-agent-token recovery.See the Migrate Legacy ACL Tokens Learn Guide for more information. Before upgrading you should verify that nothing is still using the legacy ACL system. acl: The legacy ACL system that was deprecated in Consul 1.4.0 has been removed.
0 kommentar(er)
