Consul 1.10 adds exciting new features such as transparent proxy for service mesh, support for xDS v3, streaming, and observability enhancements.
We are pleased to announce the beta release of HashiCorp Consul 1.10. This release is yet another step forward in our effort to help organizations run Consul efficiently at scale and seamlessly integrate service mesh into their application workflows. Consul 1.10 contains a number of exciting features that we will review in this blog. If you are interested in trying out the beta, it is now available on our GitHub release page.
As with any service mesh, Consul facilitates secure service-to-service communication through sidecar proxies, typically Envoy. Previously, our goal was to allow users to be very prescriptive in the flow of traffic between these services by setting dedicated upstreams and guidance to the proxies for connectivity. While many users value this capability, others prefer to allow the mesh to govern itself and allow Envoy to infer the destination based on the application information.
This feature is known as Transparent Proxy and it is available today in Consul 1.10. Now users can have the proxy intercept and redirect traffic from applications running in virtual machines or Kubernetes without additional modifications.
Consul 1.10 will default to using xDS version 3 when configuring Envoy proxies newer than version 1.15. This is driven by the fact that xDS v2 was deprecated in Envoy 1.17. Consul will fall back to using xDS v2 for older versions.
Consul 1.9 introduced a major architectural enhancement in how update notifications for blocking queries are delivered within the cluster. The enhancement is called streaming and it significantly reduces CPU and network bandwidth usage for large-scale Consul deployments.
In Consul 1.10, streaming is now available for the service health HTTP endpoint and is enabled by default. Our goal is to make streaming the only mechanism for delivering blocking query updates. We appreciate feedback from beta users as we continue to enhance Consul’s ability to handle larger and larger deployments.
The new UI makes it easier for users to navigate Consul if they would prefer to not use the CLI. Additionally, we have made it even easier to take advantage of Consul’s Service Visualization UI, introduced in Consul 1.9.
Kubernetes users now have the ability to deploy Prometheus and Grafana via the Consul Helm chart. This will automatically integrate Prometheus with Consul’s Service Visualization UI for displaying traffic metrics between services. This is currently intended to be used for demo / non-production environments. Additionally, Consul Agent and Gateway metrics can be enabled with Helm and loaded into a Grafana dashboard.
Additionally, we have enabled users to expose Pod and Envoy metrics to Prometheus using Kubernetes annotations via a single endpoint. In the past, users needed to choose either Envoy or Pod metrics since the Prometheus annotations only allow users to scrape from a single Pod with a container on Kubernetes. You can read more about configuring metrics for Consul Kubernetes in our Observability docs.
We are excited for users to try this release of Consul and further expand their service mesh implementations. This release includes enhancements for all types of Consul users leveraging the product for service discovery and service mesh, across both containerized and non-containerized environments. Our goal with Consul is to enable an enterprise-ready, consistent control plane to discover and securely connect any application. For more information about Consul, please visit our documentation and to get started with the Consul 1.10 beta, please download operating system binaries from our release page or install the latest v0.32.0-beta1 Helm chart that supports the Consul 1.10 beta for Kubernetes.
We asked users how they are using HashiCorp Consul, here’s what they told us.
Get a walkthrough of the code and workflow for setting up NIA with Consul-Terraform-Sync (CTS) and A10 ADC.
The HashiCorp Cloud Platform (HCP) now has expanded capabilities for networking, single sign-on, and more. HCP will also support new configurations of HashiCorp Consul and HashiCorp Vault in the coming months.