Search the Community

We are pleased to announce a Long-Term Support (LTS) release program for HashiCorp Vault Enterprise, starting with version 1.16 series. Going forward, the first major Vault release of each calendar year will be an LTS release. The challenge: Balancing operational overhead with timely upgrades Vault’s Enterprise product support policy has traditionally maintained N-2 releases, meaning that bugs and vulnerabilities will continue to be addressed in the current major version and the previous two. For example, once 1.16 is generally available, 1.15 and 1.14 will keep receiving patches, but 1.13 will no longer receive updates and is effectively no longer a supported version. The N-2 window presents a challenge for some customers to stay up to date as it requires updates to new major versions at least once a year. Customers often use Vault in a mission-critical workflow and may not have the resources to perform minimal-downtime upgrades (such as autopilot upgrades or, SOP upgrade procedure) or prepare necessary testing to certify a new version of Vault. However, customers who don’t upgrade miss out on critical fixes and security patches once they’re out of the N-2 window. The solution: Long-Term Support releases After receiving significant customer interest in longer support windows, we are happy to announce Long-Term Support (LTS) for Vault Enterprise. LTS helps customers reduce the time and effort required to upgrade their releases, lowering risk and improving operational efficiency by providing a single major version to receive critical bug and security fixes for up to two years. Vault Enterprise joins other HashiCorp commercial products in offering LTS with the following key characteristics: Extended maintenance: An additional year of minor releases containing fixes for critical bugs and security vulnerabilities, for a total of two years Efficient upgrades: Support for direct upgrades from one LTS release to the next, to support variable customer timelines and reduce operational overhead Getting started with Vault Enterprise LTS Vault Enterprise 1.16 release series is the first long-term support release of self-managed Vault. To upgrade your Vault Enterprise deployment to an LTS version (1.16.X), refer to Vault’s upgrade documentation. Once you’re running a maintained version of Vault Enterprise LTS, HashiCorp recommends upgrading once a year to the next LTS version. The next LTS Vault release will be 1.19. This upgrade pattern ensures your organization is always operating a maintained release, minimizes major version upgrades, and maximizes predictability for planning purposes. For more information, refer to the Vault Enterprise LTS documentation and to HashiCorp’s multi-product LTS statement. Next steps for HashiCorp Vault Get started with Vault through our many tutorials for both beginners and advanced users. Learn more about Vault Enterprise’s capabilities by starting a free trial. View the full article

Today, Canonical announced the general availability of Legacy Support, an Ubuntu Pro add-on that expands security and support coverage for Ubuntu LTS releases to 12 years. The add-on will be available for Ubuntu 14.04 LTS onwards. Long term supported Ubuntu releases get five years of standard security maintenance on the main Ubuntu repository. Ubuntu Pro expands that commitment to 10 years on both the main and universe repositories, providing enterprises and end users alike access to a vast secure open source software library. The subscription also comes with a phone and ticket support tier. Ubuntu Pro subscribers can purchase an extra two years of security maintenance and support with the new Legacy Support add-on. “We’re thrilled to offer our customers additional years of security maintenance and support for Ubuntu LTS releases”, said Maximilian Morgan, Global VP of Support Engineering at Canonical. “Drawing on 20 years of excellence in open source, Canonical delivers expert security maintenance and support for customers around the world. With Legacy Support, we empower organisations to navigate their operational needs and investments into open source with confidence, ensuring their systems remain available, secure, and supported for many years to come”. Ideal for stability and peace of mind Running the latest operating system (OS) offers new features and enhanced performance, which is a good choice for new deployments. However, for large, established production systems, the transition to a new OS version presents a challenge as it may involve updating the entire software stack running on top of it. This complexity is amplified by modern software architectures that incorporate containerisation, microservices, extensive data management features, as well as integration with third-party APIs. Given these multifaceted challenges, ensuring the system remains operational, secure, and supported is paramount. Organisations looking to gain peace of mind and stability while they plan and execute their migration strategy can trust Canonical. 12 years of timely security fixes and support Security maintenance is part of a continuous process that proactively protects systems. It includes regular vulnerability scanning, evaluation and patch management. With Ubuntu Pro, Canonical provides continuous vulnerability management for critical, high and medium Common Vulnerabilities and Exposures (CVEs) across all software packages shipped with Ubuntu. Canonical’s security team actively backports these crucial fixes to all supported Ubuntu LTS releases, giving enterprises and end users peace of mind to keep their systems secure without requiring a major upgrade. Support is a user-triggered service that comes into play when incidents occur or additional expertise is required to address complex issues. Customers looking to strengthen their business continuity strategy with open source expertise can rely on Canonical support for troubleshooting, break fixes, bug fixes and guidance. Available for Ubuntu 14.04 LTS Trusty Tahr and future LTS releases Ubuntu Pro coverage for Ubuntu 14.04 LTS will end in April 2024. With Legacy Support, organisations running their systems on top of Ubuntu 14.04 LTS can obtain an additional two years of expanded security maintenance and phone and ticket support. This enables IT managers to prepare a detailed upgrade plan for the next LTS, and software architects to concentrate on the application level with the support offered by Canonical’s team. Learn more about Ubuntu Pro and the Legacy Support add-on at https://ubuntu.com/pro, https://ubuntu.com/support or contact Canonical for more information. View the full article

We're excited to announce that HashiCorp Consul 1.18 is now generally available. This release introduces significant enhancements for HashiCorp Consul, our service networking solution designed to help users discover and securely connect any application across any cloud or runtime. These new capabilities aid organizations in increasing enterprise reliability and scale, facilitating easier deployment and management of distributed applications across various environments. This blog post will take a closer look at the key enhancements in Consul 1.18: Long-Term Support (LTS) releases for Consul Enterprise Fault injection for Consul Enterprise service mesh Consul ECS runtime enhancements: Transparent proxy, API gateways, and terminating gateways Enterprise reliability Two of Consul 1.18’s major new features enhance enterprise reliability, reduce maintenance burden, and enable service resiliency improvements. Long-Term Support releases (Enterprise) We’re pleased to introduce a Long-Term Support (LTS) release program for self-managed Consul Enterprise, starting with versions 1.15 and 1.18. This program designates the first major release of each calendar year, typically in late February, as an LTS release. The annual LTS release will receive critical fixes and security patches for two years as well as a hardened upgrade path to the next LTS release. Upgrading critical software is a balancing act: Action incurs engineering effort and risks, while inaction leaves vulnerabilities and defects open. Consul Enterprise LTS reduces both overhead and risk beyond the industry standard by providing critical fixes for an extra year without requiring major upgrades. For more information, refer to this blog post: Consul Enterprise Long-Term Support (LTS) improves operational efficiency. Fault injection for service mesh (Enterprise) Fault injection for service mesh enables organizations to explore and enhance their system resilience in microservice architectures. Teams can explore service behavior in response to problems with an upstream service by injecting faults without changing application code. For example, how does the ‘frontend’ service respond to latency from the ‘api’ service? Just configure the service mesh to cause the ‘api’ service to automatically add 3,000ms of latency to 100% of requests. The developers of the ‘frontend’ service can then iteratively modify and test their code to provide a better consumer experience when facing latency. Three fault types can be introduced to a specified percentage of HTTP or gRPC traffic to a service: Error code (e.g. 429 too many requests) Response latency (e.g. 5,000ms) Response rate limit (e.g. 1,000KiB/s) Faults can also be conditionally injected based on request header matching. Referencing the previous example, the service mesh could be configured to inject latency to ‘api’ service responses only when the X-FAULT-INJECTION-OPT-IN request header has the value true. Now, ‘frontend’ service developers can opt into latency in ‘api’ service responses by including that request header. Refer to the fault injection documentation for more information. Expanded runtime support Consul is designed to provide a unified solution across any cloud and any runtime, including: Virtual machines (VMs) and bare metal machines Kubernetes HashiCorp Nomad: A simple and flexible scheduler and orchestrator for managing containers and non-containerized applications Amazon ECS: Serverless container runtime AWS Lambda: Serverless function runtime Consul 1.18 includes several enhancements to the maturity of its Amazon ECS runtime adaptation: Amazon ECS: Transparent proxy support Transparent proxy mode is a feature available on some Consul runtimes (Kubernetes, VMs) that simplifies both: Security: All outbound traffic from, and inbound traffic to, a service must go through its local service mesh sidecar proxy. Therefore, the service mesh cannot be bypassed, ensuring enforcement of all policies — such as service-to-service authorization. Service onboarding: Services can reference their upstreams without needing to explicitly configure them in a Consul service definition. Consul 1.18 and Consul ECS 0.8 add support for transparent proxy mode for ECS on Amazon EC2 tasks. With transparent proxy mode enabled, all traffic to and from each application container will pass through the sidecar proxy container within the same task. Refer to the Consul ECS technical specifications and the EC2 with transparent proxy example deployment for more details. Amazon ECS: Expanded gateway support for mesh ingress and egress Consul service mesh provides built-in gateways for managing traffic coming into and out of the service mesh: API gateway for ingress traffic: Controls access from services outside the mesh into the mesh, including authorization, TLS settings, and traffic management. Terminating gateway for egress traffic: Controls access from services in the mesh to services outside the mesh, including authorization and TLS settings. Consul 1.18 and Consul ECS 0.8 add support for configuring API and terminating gateways as ECS tasks. Refer to the following deployments in the Consul ECS example repository for more details: API gateway on ECS example Terminating gateway on ECS example — with transparent proxy Terminating gateway on ECS example — with (m)TLS to the external service Next steps for HashiCorp Consul Our goal is for Consul to enable a consistent, enterprise-ready control plane to discover and securely connect any application. Consul 1.18 includes enhanced workflow management, reliability, and security for service networking. We are excited for users to try these new Consul updates and further expand their service discovery and service mesh implementations. Here’s how to get started: Learn more in the Consul documentation. Get started with Consul 1.18 on Kubernetes by installing the latest Helm chart, provided in the Consul Kubernetes documentation. For more information on Consul Enterprise LTS, refer to Consul Enterprise Long-Term Support (LTS) improves operational efficiency For more information on HashiCorp’s Long-Term Support policy, refer to HashiCorp Long-Term Support (LTS) releases​​​​ Try Consul Enterprise by starting a free trial. View the full article

We are pleased to announce a Long-Term Support (LTS) release program for HashiCorp Consul Enterprise, starting with versions 1.15 and 1.18. Going forward, the first major release of each calendar year, typically in late February, will be an LTS release. The challenge: balancing operational overhead and risk Organizations often face a dilemma related to maintaining and updating mission-critical software. On one side is the cost of action. No matter how technically simple or reliable an upgrade is, all upgrades involve effort and risk. To minimize risk, major upgrades may need months to plan, test, approve, and deploy. Frequent upgrades may be too costly in terms of operational burden. And every major upgrade has some risk, no matter how much due diligence is performed. On the other side is the cost of inaction. All software has defects and security vulnerabilities that are discovered and fixed in future versions. Without upgrading, organizations remain susceptible to emerging issues that introduce risk to their business. How can an organization balance the costs of action versus inaction in upgrading mission critical software, such as HashiCorp Consul? The solution: Long-Term Support releases With Consul Enterprise LTS releases, organizations can reduce both operational overhead and risk. It enables organizations to receive critical fixes in minor releases without having to upgrade their major version more than once a year. Consul Enterprise is the first of several HashiCorp commercial products to offer LTS releases with the following key characteristics: Extended maintenance: Two years of critical fixes provided through minor releases Efficient upgrades: Support for direct upgrades from one LTS release to the next, reducing major version upgrade risk and improving operational efficiency Consul Enterprise LTS releases offer several key advantages compared to the industry standard and to standard Consul releases, as shown in this table: Characteristic Industry standard Consul Enterprise standard release Consul Enterprise LTS release Release lifetime 7 - 15 months 12 months 24 months Maximum upgrade jump +2 major versions +2 major versions +3 major versions (from one LTS to the next) Average time between major version upgrades 3 - 6 months 4 - 8 months 12 months Getting started with Consul Enterprise LTS LTS is available now to all Consul Enterprise customers with self-managed deployments. To upgrade your Consul Enterprise deployment to an LTS version (1.15 or 1.18), refer to Consul’s upgrade documentation. If you currently have Consul Enterprise 1.15 deployed, you’re already running a maintained LTS version — no further action is required at this time. Once you’re running a maintained version of Consul Enterprise LTS, HashiCorp recommends upgrading once a year to the next LTS version. This upgrade pattern ensures your organization is always operating a maintained release, minimizes major version upgrades, and maximizes predictability for your planning purposes. For more information, refer to the Consul Enterprise LTS documentation and to HashiCorp’s multi-product LTS statement. Next steps for HashiCorp Consul Get started with Consul through our many tutorials for both beginners and advanced users. Learn more about Consul Enterprise’s capabilities by starting a free trial. View the full article