Introducing Consul 1.4
Oct 23, 2018
Consul 1.4 adds multi-data center service mesh capabilities for enterprises and also features a simplified ACL system.
Founder & Co-CTO, HashiCorp
We're excited to announce the availability of Consul 1.4 which now turns Consul into a full service mesh that's enterprise ready and supports multiple data centers.
» Consul 1.2: Connect
When we first introduced the concept of Consul Connect in Consul 1.2 it was with the goal of expanding Consul from a tool that just focuses on service discovery and service configuration, to a tool that also looks at how to segment traffic between all of our different services, some of which might be running on-prem, some of which might be in the cloud, some are containerized, some are virtual machines—this is the whole breadth of infrastructure. So with 1.2, we introduced that original set of functionality we called Connect, which enabled us to segment traffic and use a TLS-based approach to do zero trust networking.
» Consul 1.3: Envoy
» Consul 1.4: Multi-DC service mesh
With 1.4 what we looked at is, what is it going to take to make that an enterprise-ready solution? So part of that was support for multiple data centers. With Consul 1.2, the segmentation was limited to only a single data center, but with Consul 1.4, we now support native multi-data center capability so that we can manage and secure traffic that's flowing between multiple cloud data centers, public and private data centers, maybe just different regions of the same cloud, and really do that effectively and seamlessly.
» Consul 1.4: Simplified ACL system
So part of that was supporting multiple data centers. The other part of it was looking at the limitations of Consul's ACL system in terms of defining and enforcing policies around what services are allowed to do what. Key values, service discovery, all of that surface area of Consul. In listening to our users, we heard that the existing ACL system was a little too complex, too difficult to get it to work at scale. So we took this opportunity to rewrite that and have a newer, simpler ACL system so that as part of now supporting multiple data centers, there's a simpler way of managing the policy around which services are allowed to do what.
All of that is now available as Consul 1.4 and we're very excited to be able to share that with the community.