Dapr v0.11.0 is now available
We are super excited to announce the latest release of Dapr, v0.11.0! Dapr first released nearly a year ago now and this is another release on the path of getting Dapr production ready where we see more community contributions with each release. This post covers the highlights of the new features and enhancements in Dapr v0.11.0, including improvements to secure and configure Dapr enabled applications. Dapr is for developers, and with each release we hope this makes your app development a little easier building cloud native applications on whatever platform you are using.
As with any Dapr release, it is recommended to review the official release notes and especially the list of breaking changes introduced in each release.
We’d like to thank our amazing, engaged community for all of the collaboration around making this release possible through feature requests, feedback on proposals and of course, code contribution to the Dapr project. Thank you!
Declarative topic subscriptions for pub/sub
This feature expands on the Dapr pub/sub building block and enables developers to leverage any existing CNCF CloudEvents aware service as a target for Dapr subscription without the need to change their code. Using declarative topic subscriptions, system operators are also now able to re-configure their subscription configuration during deployment. To learn more, watch this demo video.
Service invocation across namespaces
Dapr namespaces allow you to create groupings of services to better manage distributed applications. A key capability the we’ve been hearing from the community, is the ability for service invocation to be enabled across different namespaces. Prior to this release, the name resolution of services was limited to the boundaries of the namespace. With this enhancement added in Dapr v0.11, services can now explicitly invoke methods on services in a different namespace. For more information read service invocation or watch this demo video.
Access control lists and SPIFFE identities for service invocation
One of the key areas that Dapr focuses on is providing you with the infrastructure to secure your applications. In the context of service invocation, this means having granular control over which service can invoke methods in another service. This control can now be achieved by defining access control lists as part of the Dapr configuration definitions. In addition, Dapr workload certificates are now SPIFFE SVID compliant and carry a strong SPIFFE identity for each workload. For more information read about access control lists or watch this demo video.
Scoping for secrets
In similar vain, to ensure multiple layers of access control to increase overall security of Dapr applications, we’ve added the ability to limit access to secrets. As part of the secrets API, you can now define secret scopes which enable granular control over access to the secrets defined in Dapr. With a combination of default
deny behavior, you have the flexibility to build complex access policies for your secrets. For more information watch this demo video.
Transitioning the Dapr project to an open governance model
Read this blog post to learn more about the next steps we are taking as part of our commitment for an open and inclusive Dapr community.
Dapr and Azure API Management integration
We recently announced the integration of Dapr with Azure API Management and so far we have seen a ton of amazing feedback on this. Go to this sample if you would like to try it yourself or watch this demo video.
See a detailed description of changes, fixes and new features in the Dapr v0.11.0 release notes.
We hope you enjoy this latest release and as always, raise issues on github and reach out to us to ask questions on Gitter or just give us your thoughts, we’d love to hear from you!