Skip to main content

Announcing HashiCorp Consul 1.7

Dec 10 2019Neena Pemmaraju

We're really excited to announce the availability of Consul 1.7.0. Consul is a multi-cloud service networking platform to connect and secure services across any runtime platform and public or private cloud.

This release includes the following features:

  • Namespaces (Consul Enterprise only): Namespaces help reduce operational challenges by removing restrictions around uniqueness of resource names across distinct teams. They enable operators to provide self-service through delegation of administrative privileges.
  • GCP Snapshot Storage (Consul Enterprise only): This allows Consul snapshots (created as backup for disaster recovery) to be stored in GCP.
  • AWS PCA as Certificate Authority for Consul: This release adds AWS PCA as a certificate authority option for Consul.

Release 1.7.0 is available for beta now, with general availability to follow. Please review the v1.7.0 changelog for a detailed list of changes. The binaries can be downloaded here.

»Namespaces

Note: This is a Consul Enterprise feature

Traditionally, Consul has utilized a single, global scope for resources within an environment. All resources share this single scope for naming. This creates challenges in large scale, multi-user environments as teams must ensure distinct services utilize either unique names or tags and service metadata to differentiate themselves from services belonging to another team. This introduces additional operational overhead to ensure no conflicts exist and can increase the risk of misconfigurations if this process is not automated. In addition, administrative privileges are centralized at the global level, which places additional burden on operators to manage simple, day-to-day administrative tasks required by individual teams.

Namespaces allow a Consul environment to be divided into one or more logical environments that provide resource separation and allow the re-use of service names or K/V prefixes across namespaces—removing the requirement to coordinate resource names between teams.

In addition, operators may sub-delegate administrative privileges for a given namespace to individual teams, enabling self-service for ACLs, tokens, policies, service registrations, K/V prefixes, and central configurations (a new feature for defining site-wide or service-specific Connect proxy configurations via the API) within the respective namespace.

With this feature, users will be able to:

  • Create, Update, Delete, and List Namespaces via the API, CLI, and UI
  • Create, Update, Delete, and List ACL Tokens, Roles, Policies, Auth Methods, and Binding Rules for a specific namespace
  • Delegate ACL administration for a Namespace to another user/token that doesn't have universal privileges
  • Register and discover services within a namespace
  • Create, Update, Delete, and List entries in the KV store within a namespace
  • Create, Update, Delete, and List sessions within a namespace
  • Create, Update, Delete, and List central config entries for a namespace.
  • Use DNS to discover services in particular namespaces

»GCP Snapshot Storage

Note: This is a Consul Enterprise feature

Consul Enterprise automatically saves and restores the state of Consul servers for disaster recovery. The snapshot feature enables point-in-time backups of the K/V store, ACLs, service catalogs, plus prepared queries, automated backup files rotation, and the ability to store the backup file in a cloud storage service like Amazon S3 or Azure Storage. With this release, we are adding the capability to store the backup in Google Cloud Platform (GCP).

»AWS Private CA as Certificate Authority for Consul

Consul provides an internal CA and can also use Vault to provide certificates. With this release, we are adding the ability to use AWS PCA as a CA for Consul.

»Conclusion

Thank you to our active community members who have been invaluable by adding new features, reporting bugs, and improving the documentation for Consul in this release!

Please also read this additional blog on the business value of the 1.7.0 release.

To see a live demo of these new features, watch the Consul 1.7 webinar here.

Sign up for the latest HashiCorp news

By submitting this form, you acknowledge and agree that HashiCorp will process your personal information in accordance with the Privacy Policy.

More blog posts like this one

HashiCorp at AWS re:Invent: Your blueprint to cloud success
November 07 2024 | Company
HashiCorp at AWS re:Invent: Your blueprint to cloud success

If you’re attending AWS re:Invent in Las Vegas, Dec. 2 - Dec. 6th, visit us for breakout sessions, expert talks, and product demos to learn how to take a unified approach to Infrastructure and Security Lifecycle Management.

Consul 1.20 improves multi-tenancy, metrics, and OpenShift deployment
October 15 2024 | Products & Technology
Consul 1.20 improves multi-tenancy, metrics, and OpenShift deployment

HashiCorp Consul 1.20 is a significant upgrade for the Kubernetes operator and developer experience, including better multi-tenant service discovery, catalog registration metrics, and secure OpenShift integration.

New SLM offerings for Vault, Boundary, and Consul at HashiConf 2024 make security easier
October 15 2024 | Products & Technology
New SLM offerings for Vault, Boundary, and Consul at HashiConf 2024 make security easier

The latest Security Lifecycle Management (SLM) features from HashiCorp Vault, Boundary, and Consul help organizations offer a smoother path to better security practices for developers.