Search the Community

We're excited to announce that HashiCorp Consul 1.18 is now generally available. This release introduces significant enhancements for HashiCorp Consul, our service networking solution designed to help users discover and securely connect any application across any cloud or runtime. These new capabilities aid organizations in increasing enterprise reliability and scale, facilitating easier deployment and management of distributed applications across various environments. This blog post will take a closer look at the key enhancements in Consul 1.18: Long-Term Support (LTS) releases for Consul Enterprise Fault injection for Consul Enterprise service mesh Consul ECS runtime enhancements: Transparent proxy, API gateways, and terminating gateways Enterprise reliability Two of Consul 1.18’s major new features enhance enterprise reliability, reduce maintenance burden, and enable service resiliency improvements. Long-Term Support releases (Enterprise) We’re pleased to introduce a Long-Term Support (LTS) release program for self-managed Consul Enterprise, starting with versions 1.15 and 1.18. This program designates the first major release of each calendar year, typically in late February, as an LTS release. The annual LTS release will receive critical fixes and security patches for two years as well as a hardened upgrade path to the next LTS release. Upgrading critical software is a balancing act: Action incurs engineering effort and risks, while inaction leaves vulnerabilities and defects open. Consul Enterprise LTS reduces both overhead and risk beyond the industry standard by providing critical fixes for an extra year without requiring major upgrades. For more information, refer to this blog post: Consul Enterprise Long-Term Support (LTS) improves operational efficiency. Fault injection for service mesh (Enterprise) Fault injection for service mesh enables organizations to explore and enhance their system resilience in microservice architectures. Teams can explore service behavior in response to problems with an upstream service by injecting faults without changing application code. For example, how does the ‘frontend’ service respond to latency from the ‘api’ service? Just configure the service mesh to cause the ‘api’ service to automatically add 3,000ms of latency to 100% of requests. The developers of the ‘frontend’ service can then iteratively modify and test their code to provide a better consumer experience when facing latency. Three fault types can be introduced to a specified percentage of HTTP or gRPC traffic to a service: Error code (e.g. 429 too many requests) Response latency (e.g. 5,000ms) Response rate limit (e.g. 1,000KiB/s) Faults can also be conditionally injected based on request header matching. Referencing the previous example, the service mesh could be configured to inject latency to ‘api’ service responses only when the X-FAULT-INJECTION-OPT-IN request header has the value true. Now, ‘frontend’ service developers can opt into latency in ‘api’ service responses by including that request header. Refer to the fault injection documentation for more information. Expanded runtime support Consul is designed to provide a unified solution across any cloud and any runtime, including: Virtual machines (VMs) and bare metal machines Kubernetes HashiCorp Nomad: A simple and flexible scheduler and orchestrator for managing containers and non-containerized applications Amazon ECS: Serverless container runtime AWS Lambda: Serverless function runtime Consul 1.18 includes several enhancements to the maturity of its Amazon ECS runtime adaptation: Amazon ECS: Transparent proxy support Transparent proxy mode is a feature available on some Consul runtimes (Kubernetes, VMs) that simplifies both: Security: All outbound traffic from, and inbound traffic to, a service must go through its local service mesh sidecar proxy. Therefore, the service mesh cannot be bypassed, ensuring enforcement of all policies — such as service-to-service authorization. Service onboarding: Services can reference their upstreams without needing to explicitly configure them in a Consul service definition. Consul 1.18 and Consul ECS 0.8 add support for transparent proxy mode for ECS on Amazon EC2 tasks. With transparent proxy mode enabled, all traffic to and from each application container will pass through the sidecar proxy container within the same task. Refer to the Consul ECS technical specifications and the EC2 with transparent proxy example deployment for more details. Amazon ECS: Expanded gateway support for mesh ingress and egress Consul service mesh provides built-in gateways for managing traffic coming into and out of the service mesh: API gateway for ingress traffic: Controls access from services outside the mesh into the mesh, including authorization, TLS settings, and traffic management. Terminating gateway for egress traffic: Controls access from services in the mesh to services outside the mesh, including authorization and TLS settings. Consul 1.18 and Consul ECS 0.8 add support for configuring API and terminating gateways as ECS tasks. Refer to the following deployments in the Consul ECS example repository for more details: API gateway on ECS example Terminating gateway on ECS example — with transparent proxy Terminating gateway on ECS example — with (m)TLS to the external service Next steps for HashiCorp Consul Our goal is for Consul to enable a consistent, enterprise-ready control plane to discover and securely connect any application. Consul 1.18 includes enhanced workflow management, reliability, and security for service networking. We are excited for users to try these new Consul updates and further expand their service discovery and service mesh implementations. Here’s how to get started: Learn more in the Consul documentation. Get started with Consul 1.18 on Kubernetes by installing the latest Helm chart, provided in the Consul Kubernetes documentation. For more information on Consul Enterprise LTS, refer to Consul Enterprise Long-Term Support (LTS) improves operational efficiency For more information on HashiCorp’s Long-Term Support policy, refer to HashiCorp Long-Term Support (LTS) releases​​​​ Try Consul Enterprise by starting a free trial. View the full article

We are pleased to announce a Long-Term Support (LTS) release program for HashiCorp Consul Enterprise, starting with versions 1.15 and 1.18. Going forward, the first major release of each calendar year, typically in late February, will be an LTS release. The challenge: balancing operational overhead and risk Organizations often face a dilemma related to maintaining and updating mission-critical software. On one side is the cost of action. No matter how technically simple or reliable an upgrade is, all upgrades involve effort and risk. To minimize risk, major upgrades may need months to plan, test, approve, and deploy. Frequent upgrades may be too costly in terms of operational burden. And every major upgrade has some risk, no matter how much due diligence is performed. On the other side is the cost of inaction. All software has defects and security vulnerabilities that are discovered and fixed in future versions. Without upgrading, organizations remain susceptible to emerging issues that introduce risk to their business. How can an organization balance the costs of action versus inaction in upgrading mission critical software, such as HashiCorp Consul? The solution: Long-Term Support releases With Consul Enterprise LTS releases, organizations can reduce both operational overhead and risk. It enables organizations to receive critical fixes in minor releases without having to upgrade their major version more than once a year. Consul Enterprise is the first of several HashiCorp commercial products to offer LTS releases with the following key characteristics: Extended maintenance: Two years of critical fixes provided through minor releases Efficient upgrades: Support for direct upgrades from one LTS release to the next, reducing major version upgrade risk and improving operational efficiency Consul Enterprise LTS releases offer several key advantages compared to the industry standard and to standard Consul releases, as shown in this table: Characteristic Industry standard Consul Enterprise standard release Consul Enterprise LTS release Release lifetime 7 - 15 months 12 months 24 months Maximum upgrade jump +2 major versions +2 major versions +3 major versions (from one LTS to the next) Average time between major version upgrades 3 - 6 months 4 - 8 months 12 months Getting started with Consul Enterprise LTS LTS is available now to all Consul Enterprise customers with self-managed deployments. To upgrade your Consul Enterprise deployment to an LTS version (1.15 or 1.18), refer to Consul’s upgrade documentation. If you currently have Consul Enterprise 1.15 deployed, you’re already running a maintained LTS version — no further action is required at this time. Once you’re running a maintained version of Consul Enterprise LTS, HashiCorp recommends upgrading once a year to the next LTS version. This upgrade pattern ensures your organization is always operating a maintained release, minimizes major version upgrades, and maximizes predictability for your planning purposes. For more information, refer to the Consul Enterprise LTS documentation and to HashiCorp’s multi-product LTS statement. Next steps for HashiCorp Consul Get started with Consul through our many tutorials for both beginners and advanced users. Learn more about Consul Enterprise’s capabilities by starting a free trial. View the full article