v0.8.1

0.8.1 (July 5, 2024)

IMPROVEMENTS

• Bump Consul image to 1.18.2[GH-320]
• Bump Consul Dataplane image to 1.4.2 [GH-320]
• Bump Consul ECS image to 0.8.1 [GH-320]

v0.8.0

0.8.0 (Feb 29, 2024)

BREAKING CHANGES

• Following are the changes made to the task definitions for mesh-task and gateway-task submodules to react to the changes made in this PR.
  • Removes the consul-ecs-control-plane container from the task definition and adds a new consul-ecs-mesh-init container which will be responsible for setting up mesh on ECS.
  • Adds a new container named consul-ecs-health-sync to the task definition which will be responsible for syncing back ECS container health checks into Consul. This container will wait for a successful exit of consul-ecs-mesh-init container before starting.
• Add support for transparent proxy in ECS tasks based on EC2 launch types. This feature automatically routes outgoing/incoming traffic to/from the application container to the sidecar proxy container deployed in the same task. Following are the changes made to the mesh-task submodule [GH-264]
  • Adds the following variables [GH-209]
    • enable_transparent_proxy - Defaults to true. Fargate based tasks should explicitly pass false to avoid validation errors during terraform planning phase.
    • enable_consul_dns - Defaults to false. Indicates whether Consul DNS should be configured for this task. Enabling this makes Consul dataplane start up a proxy DNS server that forwards requests to the Consul DNS server. var.enable_transparent_proxy should be true to enable this setting.
    • exclude_inbound_ports - List of inbound ports to exclude from traffic redirection.
    • exclude_outbound_ports - List of outbound ports to exclude from traffic redirection.
    • exclude_outbound_cidrs - List of additional IP CIDRs to exclude from outbound traffic redirection.
    • exclude_outbound_uids - List of additional process UIDs to exclude from traffic redirection.
  • Adds the CAP_NET_ADMIN linux capability to the mesh-init container when var.enable_transaparent_proxy is set to true. This is needed to modify iptable rules within the ECS task.
  • mesh-init container is run as a root user.
  • Assign a UID of 5995 for the consul-dataplane container and 5996 for the health-sync container. This is done to selectively exclude the traffic flowing through these containers from the redirection rules.
• Add support for configuring transparent proxy for gateway specific ECS EC2 tasks. Following are the changes made to the gateway-task submodule[GH-271]
  • Adds the following variables
    • enable_transparent_proxy - Defaults to true. Fargate based tasks should explicitly pass false to avoid validation errors during terraform planning phase.
    • enable_consul_dns - Defaults to false. Indicates whether Consul DNS should be configured for this task. Enabling this makes Consul dataplane start up a proxy DNS server that forwards requests to the Consul DNS server. var.enable_transparent_proxy should be true to enable this setting.
    • exclude_inbound_ports - List of inbound ports to exclude from traffic redirection.
    • exclude_outbound_ports - List of outbound ports to exclude from traffic redirection.
    • exclude_outbound_cidrs - List of additional IP CIDRs to exclude from outbound traffic redirection.
    • exclude_outbound_uids - List of additional process UIDs to exclude from traffic redirection.
  • Adds the CAP_NET_ADMIN linux capability to the mesh-init container when var.enable_transaparent_proxy is set to true. This is needed to modify iptable rules within the ECS task.
  • mesh-init container is run as a root user.
  • Assign a UID of 5995 for the consul-dataplane container and 5996 for the health-sync container. This is done to selectively exclude the traffic flowing through these containers from the redirection rules.

FEATURES

• Add support for provisioning API gateways as ECS tasks [GH-234]
  • Add api-gateway as an acceptable kind input.
  • Add custom_load_balancer_config input variable which can be used to feed in custom load balancer target group config that can be attached to the gateway's ECS task.
  • Add consul.hashicorp.com.gateway-kind as a tag to the gateway task's IAM Role. This field will hold the type of the gateway that is getting deployed to the ECS task and will be used by the configured IAM auth method to mint tokens
    with appropriate permissions when individual tasks perform a Consul login.
• Add support for provisioning Terminating gateways as ECS tasks [GH-236]
  • Add terminating-gateway as an acceptable kind input for the gateway submodule.
• examples/api-gateway: Add example terraform to demonstrate exposing mesh tasks in ECS via Consul API gateway deployed as an ECS task. [GH-235]
• examples/terminating-gateway: Add example terraform to demonstrate the use of terminating gateways deployed as ECS tasks to facilitate communication between mesh and non mesh services. [GH-238]
• examples/dev-server-ec2-transparent-proxy: Add example terraform to demonstrate Consul's transparent proxy feature for services deployed in ECS EC2 launch type tasks. [GH-265]
• examples/terminating-gateway-transparent-proxy: Add example terraform to demonstrate Consul's transparent proxy feature along with terminating gateways to access services that are present outside the mesh from mesh based services. [GH-279]

v0.7.3

0.7.3 (Feb 16, 2024)

IMPROVEMENTS

• Bump Consul image to 1.17.3[GH-290]
• Bump Consul Dataplane image to 1.3.3 [GH-290]
• Bump Consul ECS image to 0.7.3 [GH-291]

v0.6.2

0.6.2 (Feb 16, 2024)

IMPROVEMENTS

• Bump Consul image to 1.15.10[GH-289]
• Bump Consul ECS image to 0.6.2 [GH-292]

v0.8.0-rc1

0.8.0-rc1 (Feb 9, 2024)

BREAKING CHANGES

• Following are the changes made to the task definitions for mesh-task and gateway-task submodules to react to the changes made in this PR.
  • Removes the consul-ecs-control-plane container from the task definition and adds a new consul-ecs-mesh-init container which will be responsible for setting up mesh on ECS.
  • Adds a new container named consul-ecs-health-sync to the task definition which will be responsible for syncing back ECS container health checks into Consul. This container will wait for a successful exit of consul-ecs-mesh-init container before starting.
• Add support for transparent proxy in ECS tasks based on EC2 launch types. This feature automatically routes outgoing/incoming traffic to/from the application container to the sidecar proxy container deployed in the same task. Following are the changes made to the mesh-task submodule [GH-264]
  • Adds the following variables [GH-209]
    • enable_transparent_proxy - Defaults to true. Fargate based tasks should explicitly pass false to avoid validation errors during terraform planning phase.
    • enable_consul_dns - Defaults to false. Indicates whether Consul DNS should be configured for this task. Enabling this makes Consul dataplane start up a proxy DNS server that forwards requests to the Consul DNS server. var.enable_transparent_proxy should be true to enable this setting.
    • exclude_inbound_ports - List of inbound ports to exclude from traffic redirection.
    • exclude_outbound_ports - List of outbound ports to exclude from traffic redirection.
    • exclude_outbound_cidrs - List of additional IP CIDRs to exclude from outbound traffic redirection.
    • exclude_outbound_uids - List of additional process UIDs to exclude from traffic redirection.
  • Adds the CAP_NET_ADMIN linux capability to the mesh-init container when var.enable_transaparent_proxy is set to true. This is needed to modify iptable rules within the ECS task.
  • mesh-init container is run as a root user.
  • Assign a UID of 5995 for the consul-dataplane container and 5996 for the health-sync container. This is done to selectively exclude the traffic flowing through these containers from the redirection rules.
• Add support for configuring transparent proxy for gateway specific ECS EC2 tasks. Following are the changes made to the gateway-task submodule[GH-271]
  • Adds the following variables
    • enable_transparent_proxy - Defaults to true. Fargate based tasks should explicitly pass false to avoid validation errors during terraform planning phase.
    • enable_consul_dns - Defaults to false. Indicates whether Consul DNS should be configured for this task. Enabling this makes Consul dataplane start up a proxy DNS server that forwards requests to the Consul DNS server. var.enable_transparent_proxy should be true to enable this setting.
    • exclude_inbound_ports - List of inbound ports to exclude from traffic redirection.
    • exclude_outbound_ports - List of outbound ports to exclude from traffic redirection.
    • exclude_outbound_cidrs - List of additional IP CIDRs to exclude from outbound traffic redirection.
    • exclude_outbound_uids - List of additional process UIDs to exclude from traffic redirection.
  • Adds the CAP_NET_ADMIN linux capability to the mesh-init container when var.enable_transaparent_proxy is set to true. This is needed to modify iptable rules within the ECS task.
  • mesh-init container is run as a root user.
  • Assign a UID of 5995 for the consul-dataplane container and 5996 for the health-sync container. This is done to selectively exclude the traffic flowing through these containers from the redirection rules.

FEATURES

• Add support for provisioning API gateways as ECS tasks [GH-234]
  • Add api-gateway as an acceptable kind input.
  • Add custom_load_balancer_config input variable which can be used to feed in custom load balancer target group config that can be attached to the gateway's ECS task.
  • Add consul.hashicorp.com.gateway-kind as a tag to the gateway task's IAM Role. This field will hold the type of the gateway that is getting deployed to the ECS task and will be used by the configured IAM auth method to mint tokens
    with appropriate permissions when individual tasks perform a Consul login.
• Add support for provisioning Terminating gateways as ECS tasks [GH-236]
  • Add terminating-gateway as an acceptable kind input for the gateway submodule.
• examples/api-gateway: Add example terraform to demonstrate exposing mesh tasks in ECS via Consul API gateway deployed as an ECS task. [GH-235]
• examples/terminating-gateway: Add example terraform to demonstrate the use of terminating gateways deployed as ECS tasks to facilitate communication between mesh and non mesh services. [GH-238]
• examples/dev-server-ec2-transparent-proxy: Add example terraform to demonstrate Consul's transparent proxy feature for services deployed in ECS EC2 launch type tasks. [GH-265]
• examples/terminating-gateway-transparent-proxy: Add example terraform to demonstrate Consul's transparent proxy feature along with terminating gateways to access services that are present outside the mesh from mesh based services. [GH-279]

v0.7.2

0.7.2 (Jan 25, 2024)

IMPROVEMENTS

• Improve bootstrap time of mesh-task/gateway-task containers by reducing the health check interval defined in the container definition. [GH-267]
• Add consul.hashicorp.com.gateway-kind as a tag to the gateway task's IAM Role. This field will hold the type of the gateway that is getting deployed to the ECS task and will be used by the configured IAM auth method to mint tokens with appropriate permissions when individual tasks perform a Consul login.
• Bump Consul ECS image version to 0.7.2
• Bump Consul Dataplane's image version to 1.3.2
• Bump Consul image version to 1.17.2

v0.7.1

0.7.1 (Dec 19, 2023)

IMPROVEMENTS

• Bump Consul ECS image version to 0.7.1
• Bump Consul Dataplane's image version to 1.3.1

BUG FIXES

• Fixes a bug in the health check logic of the consul-ecs-control-plane container in mesh-task and gateway-task submodule. Because of the bug, the ECS agent tries to start up the consul-dataplane container before the consul-ecs-control-plane container writes the Consul ECS binary to a shared volume. [GH-241]

v0.7.0

BREAKING CHANGES

• Adopt the architecture described in Simplified Service Mesh with Consul Dataplane for ECS.[GH-199]
• Following changes are made to the mesh-task submodule: [GH-188]
  • Remove consul-client container definition from the ECS task definition.
  • Rename mesh-init container to consul-ecs-control-plane and the mesh-init command to control-plane.
  • Remove the sidecar-proxy container and replace it with the consul-dataplane container.
  • Remove the consul-ecs-health-sync container definition.
  • Remove the following input variables
    • envoy_image
    • checks
    • retry_join
    • consul_http_addr
    • client_token_auth_method_name
    • gossip_key_secret_arn
    • consul_server_ca_cert_arn
    • consul_agent_configuration
    • enable_acl_token_replication
    • consul_datacenter
    • consul_primary_datacenter
  • Add the following input variables
    • skip_server_watch: To prevent the consul-dataplane and consul-ecs-control-plane containers from watching the Consul servers for changes. Useful for situations where Consul servers are behind a load balancer.
    • consul_dataplane_image: Consul Dataplane's Docker image.
    • envoy_readiness_port: Port that is exposed by Envoy which can be hit to determine its readiness.
    • consul_server_hosts: Address of Consul servers. Can be an IP, DNS name or an exec= string specifying the script that outputs IP address(es).
    • tls_server_name: The server name to use as the SNI host when connecting via TLS to Consul's HTTP and gRPC interfaces.
    • ca_cert_file: Path of the CA certificate file for Consul's internal HTTP and gRPC interfaces.
    • consul_ca_cert_arn: ARN of the Secrets Manager secret containing the Consul server CA certificate for Consul's internal gRPC and HTTP interfaces.
    • consul_grpc_ca_cert_arn: ARN of the Secrets Manager secret containing the Consul server CA certificate for Consul's internal gRPC communications. Overrides var.consul_ca_cert_arn.
    • consul_https_ca_cert_arn: ARN of the Secrets Manager secret containing the CA certificate for Consul server's HTTP interface. Overrides var.consul_ca_cert_arn.
    • http_config: Contains HTTP specific TLS settings.
    • grpc_config: Contains gRPC specific TLS settings.
  • Add IAM policies to fetch consul_ca_cert_arn, consul_grpc_ca_cert_arn and consul_https_ca_cert_arn from Secrets manager.
  • Add consulServers field to local.config which gets passed to the control-plane container.
• Rename acl-controller submodule to controller. Following are the changes made to the same: [GH-188]
  • Rename consul-acl-controller container to consul-ecs-controller.
  • Pass the CONSUL_ECS_CONFIG_JSON(which contains the configuration for configuring Consul on ECS) to the consul-ecs-controller container similar to how it is being done in the mesh-task submodule.
  • Remove the following CLI flags that were getting passed to the existing command
    • -iam-role-path
    • -partitions-enabled
    • -partition
  • Remove the following variables
    • consul_server_http_addr
    • consul_server_ca_cert_arn
  • Add the following variables
    • consul_ca_cert_arn: ARN of the Secrets Manager secret containing the Consul server CA certificate for Consul's internal gRPC and HTTP interfaces.
    • consul_grpc_ca_cert_arn: ARN of the Secrets Manager secret containing the Consul server CA certificate for Consul's internal gRPC communications. Overrides var.consul_ca_cert_arn.
    • consul_https_ca_cert_arn: ARN of the Secrets Manager secret containing the CA certificate for Consul server's HTTP interface. Overrides var.consul_ca_cert_arn.
    • consul_server_hosts: Address of Consul servers. Can be an IP, DNS name or an exec= string specifying the script that outputs IP address(es).
    • tls: Whether to enable TLS for the controller to Consul server traffic.
    • tls_server_name: The server name to use as the SNI host when connecting via TLS to Consul's HTTP and gRPC interfaces.
    • http_config: Contains HTTP specific TLS settings for controller to Control plane traffic.
    • grpc_config: Contains gRPC specific TLS settings for controller to Control plane traffic.
  • Add IAM policies to fetch consul_ca_cert_arn, consul_grpc_ca_cert_arn and consul_https_ca_cert_arn from Secrets manager.
• Following changes are made to the gateway-task submodule: [GH-189]
  • Remove consul-client container definition from the ECS task definition.
  • Rename mesh-init container to consul-ecs-control-plane and the mesh-init command to control-plane.
  • Remove the sidecar-proxy container and replace it with the consul-dataplane container.
  • Remove the consul-ecs-health-sync container definition.
  • Remove the following input variables
    • envoy_image
    • retry_join
    • consul_http_addr
    • client_token_auth_method_name
    • gossip_key_secret_arn
    • consul_server_ca_cert_arn
    • consul_agent_configuration
    • enable_acl_token_replication
    • consul_datacenter
    • consul_primary_datacenter
    • audit_logging
  • Add the following input variables
    • skip_server_watch: To prevent the consul-dataplane and consul-ecs-control-plane containers from watching the Consul servers for changes. Useful for situations where Consul servers are behind a load balancer.
    • consul-dataplane-image: Consul Dataplane's Docker image.
    • envoy_readiness_port: Port that is exposed by Envoy which can be hit to determine its readiness.
    • consul_server_hosts: Address of Consul servers. Can be an IP, DNS name or an exec= string specifying the script that outputs IP address(es).
    • tls_server_name: The server name to use as the SNI host when connecting via TLS to Consul's HTTP and gRPC interfaces.
    • consul_ca_cert_arn: ARN of the Secrets Manager secret containing the Consul server CA certificate for Consul's internal gRPC and HTTP interfaces.
    • consul_grpc_ca_cert_arn: ARN of the Secrets Manager secret containing the Consul server CA certificate for Consul's internal gRPC communications. Overrides var.consul_ca_cert_arn.
    • consul_https_ca_cert_arn: ARN of the Secrets Manager secret containing the CA certificate for Consul server's HTTP interface. Overrides var.consul_ca_cert_arn.
    • http_config: Contains HTTP specific TLS settings for the consul-ecs-control-plane to Consul server traffic.
    • grpc_config: Contains gRPC specific TLS settings for the consul-ecs-control-plane to Consul server traffic.
  • Add IAM policies to fetch consul_ca_cert_arn, consul_grpc_ca_cert_arn and consul_https_ca_cert_arn from Secrets manager.
  • Add consulServers field to local.config which gets passed to the control-plane container.
• Following are the changes made to dev-server submodule: [GH-191]
  • Remove the following variables:
    • gossip_encryption_enabled
    • generate_gossip_encryption_key
    • gossip_key_secret_arn
• Add changes to the dev-server-ec2 and dev-server-fargate examples to adopt the changes made to mesh-task submodule. [GH-191]
• Add changes to the mesh-gateways example to adopt the Consul Dataplane based architeture on ECS. [GH-192]
• Add changes to the admin-partitions example to adopt the Consul Dataplane based architeture on ECS. [GH-193]

IMPROVEMENTS

• examples/cluster-peering: Add example terraform to illustrate Consul's cluster peering usecase on ECS. [GH-194]
• examples/service-sameness: Add example terraform to illustrate Consul's service sameness group usecase on ECS. [GH-202]
• examples/locality-aware-routing: Add example terraform to demonstrate Consul's locality aware routing feature between ECS tasks [GH-219]

v0.7.0-rc1

BREAKING CHANGES

• Adopt the architecture described in Simplified Service Mesh with Consul Dataplane for ECS.[GH-199]
• Following changes are made to the mesh-task submodule: [GH-188]
  • Remove consul-client container definition from the ECS task definition.
  • Rename mesh-init container to consul-ecs-control-plane and the mesh-init command to control-plane.
  • Remove the sidecar-proxy container and replace it with the consul-dataplane container.
  • Remove the consul-ecs-health-sync container definition.
  • Remove the following input variables
    • envoy_image
    • checks
    • retry_join
    • consul_http_addr
    • client_token_auth_method_name
    • gossip_key_secret_arn
    • consul_server_ca_cert_arn
    • consul_agent_configuration
    • enable_acl_token_replication
    • consul_datacenter
    • consul_primary_datacenter
  • Add the following input variables
    • skip_server_watch: To prevent the consul-dataplane and consul-ecs-control-plane containers from watching the Consul servers for changes. Useful for situations where Consul servers are behind a load balancer.
    • consul_dataplane_image: Consul Dataplane's Docker image.
    • envoy_readiness_port: Port that is exposed by Envoy which can be hit to determine its readiness.
    • consul_server_hosts: Address of Consul servers. Can be an IP, DNS name or an exec= string specifying the script that outputs IP address(es).
    • tls_server_name: The server name to use as the SNI host when connecting via TLS to Consul's HTTP and gRPC interfaces.
    • ca_cert_file: Path of the CA certificate file for Consul's internal HTTP and gRPC interfaces.
    • consul_ca_cert_arn: ARN of the Secrets Manager secret containing the Consul server CA certificate for Consul's internal gRPC and HTTP interfaces.
    • consul_grpc_ca_cert_arn: ARN of the Secrets Manager secret containing the Consul server CA certificate for Consul's internal gRPC communications. Overrides var.consul_ca_cert_arn.
    • consul_https_ca_cert_arn: ARN of the Secrets Manager secret containing the CA certificate for Consul server's HTTP interface. Overrides var.consul_ca_cert_arn.
    • http_config: Contains HTTP specific TLS settings.
    • grpc_config: Contains gRPC specific TLS settings.
  • Add IAM policies to fetch consul_ca_cert_arn, consul_grpc_ca_cert_arn and consul_https_ca_cert_arn from Secrets manager.
  • Add consulServers field to local.config which gets passed to the control-plane container.
• Rename acl-controller submodule to controller. Following are the changes made to the same: [GH-188]
  • Rename consul-acl-controller container to consul-ecs-controller.
  • Pass the CONSUL_ECS_CONFIG_JSON(which contains the configuration for configuring Consul on ECS) to the consul-ecs-controller container similar to how it is being done in the mesh-task submodule.
  • Remove the following CLI flags that were getting passed to the existing command
    • -iam-role-path
    • -partitions-enabled
    • -partition
  • Remove the following variables
    • consul_server_http_addr
    • consul_server_ca_cert_arn
  • Add the following variables
    • consul_ca_cert_arn: ARN of the Secrets Manager secret containing the Consul server CA certificate for Consul's internal gRPC and HTTP interfaces.
    • consul_grpc_ca_cert_arn: ARN of the Secrets Manager secret containing the Consul server CA certificate for Consul's internal gRPC communications. Overrides var.consul_ca_cert_arn.
    • consul_https_ca_cert_arn: ARN of the Secrets Manager secret containing the CA certificate for Consul server's HTTP interface. Overrides var.consul_ca_cert_arn.
    • consul_server_hosts: Address of Consul servers. Can be an IP, DNS name or an exec= string specifying the script that outputs IP address(es).
    • tls: Whether to enable TLS for the controller to Consul server traffic.
    • tls_server_name: The server name to use as the SNI host when connecting via TLS to Consul's HTTP and gRPC interfaces.
    • http_config: Contains HTTP specific TLS settings for controller to Control plane traffic.
    • grpc_config: Contains gRPC specific TLS settings for controller to Control plane traffic.
  • Add IAM policies to fetch consul_ca_cert_arn, consul_grpc_ca_cert_arn and consul_https_ca_cert_arn from Secrets manager.
• Following changes are made to the gateway-task submodule: [GH-189]
  • Remove consul-client container definition from the ECS task definition.
  • Rename mesh-init container to consul-ecs-control-plane and the mesh-init command to control-plane.
  • Remove the sidecar-proxy container and replace it with the consul-dataplane container.
  • Remove the consul-ecs-health-sync container definition.
  • Remove the following input variables
    • envoy_image
    • retry_join
    • consul_http_addr
    • client_token_auth_method_name
    • gossip_key_secret_arn
    • consul_server_ca_cert_arn
    • consul_agent_configuration
    • enable_acl_token_replication
    • consul_datacenter
    • consul_primary_datacenter
    • audit_logging
  • Add the following input variables
    • skip_server_watch: To prevent the consul-dataplane and consul-ecs-control-plane containers from watching the Consul servers for changes. Useful for situations where Consul servers are behind a load balancer.
    • consul-dataplane-image: Consul Dataplane's Docker image.
    • envoy_readiness_port: Port that is exposed by Envoy which can be hit to determine its readiness.
    • consul_server_hosts: Address of Consul servers. Can be an IP, DNS name or an exec= string specifying the script that outputs IP address(es).
    • tls_server_name: The server name to use as the SNI host when connecting via TLS to Consul's HTTP and gRPC interfaces.
    • consul_ca_cert_arn: ARN of the Secrets Manager secret containing the Consul server CA certificate for Consul's internal gRPC and HTTP interfaces.
    • consul_grpc_ca_cert_arn: ARN of the Secrets Manager secret containing the Consul server CA certificate for Consul's internal gRPC communications. Overrides var.consul_ca_cert_arn.
    • consul_https_ca_cert_arn: ARN of the Secrets Manager secret containing the CA certificate for Consul server's HTTP interface. Overrides var.consul_ca_cert_arn.
    • http_config: Contains HTTP specific TLS settings for the consul-ecs-control-plane to Consul server traffic.
    • grpc_config: Contains gRPC specific TLS settings for the consul-ecs-control-plane to Consul server traffic.
  • Add IAM policies to fetch consul_ca_cert_arn, consul_grpc_ca_cert_arn and consul_https_ca_cert_arn from Secrets manager.
  • Add consulServers field to local.config which gets passed to the control-plane container.
• Following are the changes made to dev-server submodule: [GH-191]
  • Remove the following variables:
    • gossip_encryption_enabled
    • generate_gossip_encryption_key
    • gossip_key_secret_arn
• Add changes to the dev-server-ec2 and dev-server-fargate examples to adopt the changes made to mesh-task submodule. [GH-191]
• Add changes to the mesh-gateways example to adopt the Consul Dataplane based architeture on ECS. [GH-192]
• Add changes to the admin-partitions example to adopt the Consul Dataplane based architeture on ECS. [GH-193]

IMPROVEMENTS

• examples/cluster-peering: Add example terraform to illustrate Consul's cluster peering usecase on ECS. [GH-194]
• examples/service-sameness: Add example terraform to illustrate Consul's service sameness group usecase on ECS. [GH-202]

v0.6.1

• Bump Consul OSS image version to 1.15.4 and Consul enterprise version to 1.15.4-ent (#185)
• Bump envoy image to 1.23.10 (#185)