ff26803ab3
SECURITY: - Fixed an XSS issue with Consul's built-in web UI where node names were not being properly escaped. BREAKING CHANGES: - Raft Protocol Now Defaults to 3 - Config Files Require an Extension - Deprecated Options Have Been Removed - `statsite_prefix` Renamed to `metrics_prefix` - `advertise_addrs` Removed - Escaping Behavior Changed for go-discover Configs - HTTP Verbs are Enforced in Many HTTP APIs - Unauthorized KV Requests Return 403 - Config Section of Agent Self Endpoint has Changed - Deprecated `configtest` Command Removed - Undocumented Flags in `validate` Command Removed - Metric Names Updated - Checks Validated On Agent Startup FEATURES: - Support for HCL Config Files - Support for Binding to Multiple Addresses - Support for RFC1434 DNS TXT records - Support for Running Subproccesses Directly Without a Shell - Sentinel Integration IMPROVEMENTS: - agent: Added support to detect public IPv4 and IPv6 addresses on AWS. - agent: Improved /v1/operator/raft/configuration endpoint which allows Consul to avoid an extra agent RPC call for the `consul operator raft list-peers` command. - agent: Improved ACL system for the KV store to support list permissions. This behavior can be opted in. For more information, see the ACL Guide]. - agent: Updates miekg/dns library to later version to pick up bug fixes and improvements. - agent: Added automatic retries to the RPC path, and a brief RPC drain time when servers leave. These changes make Consul more robust during graceful leaves of Consul servers, such as during upgrades, and help shield applications from "no leader" errors. These are configured with new `performance` options. - agent: Added a new `discard_check_output` agent-level configuration option that can be used to trade off write load to the Consul servers vs. visibility of health check output. This is reloadable so it can be toggled without fully restarting the agent. - api: Updated the API client to ride out network errors when monitoring locks and semaphores. - build: Updated Go toolchain to version 1.9.1. - cli: `consul lock` and `consul watch` commands will forward `TERM` and `KILL` signals to their child subprocess. - cli: Added support for autocompletion]. - server: Updated BoltDB to final version 1.3.1. - server: Improved dead member reap algorithm to fix edge cases where servers could get left behind. BUG FIXES: - agent: Fixed an issue where disabling both the http and https interfaces would cause a watch-related error on agent startup, even when no watches were defined. - agent: Added an additional step to kill health check scripts that timeout on all platforms except Windows, and added a wait so that it's not possible to run multiple instances of the same health check script at the same time. - cli: If the `consul operator raft list-peers` command encounters an error it will now exit with a non-zero exit code. - cli: CLI commands will now show help for all of their arguments. - server: Fixed an issue where the leader server could get into a state where it was no longer performing the periodic leader loop duties and unable to serve consistent reads after a barrier timeout error. Full (unabridged) changelog: https://github.com/hashicorp/consul/blob/v1.0.0/CHANGELOG.md |
||
---|---|---|
.. | ||
DESCR | ||
distinfo | ||
Makefile | ||
PLIST |