open-consul/website/content/docs/release-notes/consul-k8s/v1_0_x.mdx

62 lines
4.4 KiB
Plaintext
Raw Normal View History

---
layout: docs
page_title: 1.0.x
description: >-
Consul on Kubernetes release notes for version 1.0.x
---
# Consul on Kubernetes 1.0
## Release Highlights
- ** Simplified Service Mesh Deployments with Consul Dataplane:** Consul client agents are no longer deployed by default, and Consul service mesh no longer uses Consul clients to operate. A new component `consul-dataplane` is now injected as a sidecar-proxy instead of plain Envoy. `consul-dataplane` manages the Envoy proxy process and proxies xDS requests from Envoy to Consul servers. All service mesh consul-k8s components are configured to talk directly to Consul servers.
- **Consul API Gateway 0.5.0 Support:** Support to run Consul API Gateway without clients and allow Consul API Gateway to directly connect to Consul servers.
## What's Changed
- `client.enabled` now defaults to `false`. Setting it to true will deploy client agents, however, none of the consul-k8s components will use clients for their operation. For Vault on Kubernetes using Consul deployed on Kubernetes as a storage backend, `client.enabled` should be set to `true` prior to upgrading.
- `externalServers.grpcPort` default is now 8502 instead of 8503.
- `sync-catalog` now communicates directly to Consul servers. When communicating to servers outside of Kubernetes, use the `externalServers.hosts` stanza as described in [Join External Servers to Consul on Kubernetes](/docs/k8s/deployment-configurations/servers-outside-kubernetes).
- Consul snapshot agent runs as a sidecar to Consul servers. <EnterpriseAlert inline />
- `client.snapshotAgent` values are moved to `server.snapshotAgent`, with the exception of the following values: `client.snaphostAgent.replicas`, `client.snaphostAgent.serviceAccount`
- `global.secretsBackend.vault.consulSnapshotAgentRole` value is now removed. You should now use the `global.secretsBackend.vault.consulServerRole` for access to any Vault secrets.
- Support simplified default deployment values to allow for easier quick starts and testing:
* Set `server.replicas` to `1`. Formerly, this defaulted to `3`.
* `connectInject.enabled` now defaults to true.
* `dns.enabled` and `dns.enableRedirection` will now default to the value of `connectInject.transparentProxy.defaultEnabled`. Previously, `dns.enabled` defaulted to the value of `global.enabled` and `dns.enableRedirection` defaulted to the value to `false`.
* Set `connectInject.replicas` to 1
* Set `meshGateway.affinity` to null and `meshGateway.replicas` to 1
* Set `ingressGateways.defaults.affinity` to null and `ingressGateways.defaults.replicas` to 1
* Set `terminatingGateways.defaults.affinity` to null and `terminatingGateways.defaults.replicas` to 1
* `syncCatalog.consulNamespaces.mirroringK8S` now defaults to `true`. <EnterpriseAlert inline />
* `connectInject.consulNamespaces.mirroringK8S` now defaults to `true`. <EnterpriseAlert inline />
- `global.imageEnvoy` is now replaced with `global.imageConsulDataplane` for running the sidecar proxy. apiGateway.imageEnvoy` is now available for configuring the version of Envoy that the API Gateway uses.
## Supported Software
~> **Note:** Consul 1.13.x and 1.12.x is not supported. Please use Consul K8s 0.49.x if you want to use Consul 1.13.x or 1.12.x.
- Consul 1.14.x.
- Consul Dataplane v1.0.x. Refer to [Envoy and Consul Dataplane](/docs/connect/proxies/envoy#envoy-and-consul-dataplane) for details about Consul Dataplane versions and the available packaged Envoy version.
- Kubernetes 1.22.x - 1.25.x
- `kubectl` 1.22.x - 1.25.x
- Helm 3.6+
## Upgrading
For detailed information on upgrading, please refer to the [Upgrades page](/docs/k8s/upgrade)
## Known Issues
The following issues are known to exist in the v1.0.0 release:
- Pod Security Standards that are configured for the [Pod Security Admission controller](https://kubernetes.io/blog/2022/08/25/pod-security-admission-stable/) are currently not supported by Consul K8s. OpenShift 4.11.x enables Pod Security Standards on Kubernetes 1.25 [by default](https://connect.redhat.com/en/blog/important-openshift-changes-pod-security-standards) and is also not supported. Support will be added in a future Consul K8s 1.0.x patch release.
## Changelogs
The changelogs for this major release version and any maintenance versions are listed below.
~> **Note:** The following link takes you to the changelogs on the GitHub website.
- [1.0.0](https://github.com/hashicorp/consul-k8s/releases/tag/v1.0.0)