DC/OS 1.11.2 was released on May 18, 2018.
DC/OS 1.11.2 includes the following:
Issues Fixed in DC/OS 1.11.2
- COPS-3195 - Mesos: Fixed an issue where the authentication token refresh would not be performed. Enterprise
- DCOS-14199 - Consolidated the Exhibitor bootstrapping shortcut by atomically reading and writing the ZooKeeper PID file.
- DCOS-20514 - Added licensing information to the diagnostics bundle. Enterprise
- DCOS-20568 - Fixed diagnostics bundle creation bug regarding insufficient service account permissions. Enterprise
- DCOS-21596 - If a local user account matches an LDAP username that exists within an LDAP group, the local user account is now automatically added to the LDAP group. Enterprise
- DCOS-21611 - The IP detect script and fault domain detect script can be changed with a config upgrade.
- DCOS-22128 - Fixed an issue in the Service view of DC/OS UI, when cluster has pods with not every container mounting a volume Enterprise
- DCOS-22041 - Admin Router: Fixed a race condition in the permission data cache. Enterprise
- DCOS-22133 - DC/OS IAM: Fixed a rare case where the database bootstrap transaction would not insert some data. Enterprise
- DCOS_OSS-2317 - Consolidated pkgpanda’s package download method.
- DCOS_OSS-2335 - Increased the Mesos executor re-registration timeout to consolidate an agent failover scenario.
- DCOS_OSS-2360 - DC/OS Metrics: metric names are sanitized for better compatibility with Prometheus.
- DCOS_OSS-2378 - DC/OS Net: Improved stability of distribution protocol over TLS.
- DC/OS UI: Incorporated multiple fixes and improvements.
Notable Changes in DC/OS 1.11.2
- MARATHON-8090 - Reverted the Marathon configuration change for GPU resources which was introduced in 1.11.1 release.
- QUALITY-2006 - RHEL 7.4 with Docker EE 17.06.2 is supported.
- QUALITY-2007 - RHEL 7.4 with Docker 17.12.1-ce is supported.
- QUALITY-2057 - CentOS 7.4 with Docker EE 17.06.2 is supported.
Security Enhancements in DC/OS 1.11.2
- DCOS-21465 - Updated python3-saml for CVE-2017-11427. Enterprise
- DCOS-21958 - Admin Router on master nodes no longer supports the older TLS 1.1 protocol and 3DES encryption algorithm by default. Enterprise
Note: New Docker versions are supported on RHEL 7.4. See compatibility matrix for further information.
About DC/OS 1.11
DC/OS 1.11 includes many new capabilities, with a focus on:
- Managing clusters across multiple clouds Enterprise
- Production Kubernetes-as-a-service
- Enhanced data security Enterprise
- Updated data services
Provide feedback on the new features and services at: support.mesosphere.com.
New Features and Capabilities
- Multi-region management - Enables a DC/OS Cluster to span multiple datacenters, clouds, and remote branches while providing a unified management and control cluster. View the documentation. Enterprise
- Linked clusters - A cluster link is a unidirectional relationship between one cluster and another. You add and remove links from one cluster to another cluster using the DC/OS CLI. Once a link is set up, you can easily switch between clusters using the CLI or UI. View the documentation. Enterprise
- Fault domain awareness - Use fault domain awareness to make your services highly available and to allow for increased capacity when needed. View the documentation. Enterprise
- Decommission node - Support for permanently decommissioning nodes makes it easier to manage “spot” cloud instances, allowing for immediate task rescheduling. View the documentation
- Edge-LB 1.0. View the documentation. Enterprise
- IPv6 is now supported for Docker containers.
- Performance improvements to the DC/OS network stack - All networking components (minuteman, navstar, spartan) are aggregated into a single systemd unit called
dcos-net. Read this note to learn more about the re-factoring of the network stack.
- The configuration parameter
dns_forward_zonesnow takes a list of objects instead of nested lists (DCOS_OSS-1733). View the documentation to understand its usage.
- Secrets Management Service
- Secrets can now be binary files in addition to environment variables.
- Hierarchical access control is now supported.
- The DC/OS metrics component now produces metrics in Prometheus format. View the documentation.
- Unified logging API provides simple access to container (task) and system component logs. View the documentation.
- DC/OS Storage Service 0.1 (beta) - DSS users will be able to dynamically create volumes based upon profiles or policies to fine-tune their applications storage requirements. This feature leverages the industry-standard Container Storage Interface (CSI) to streamline the development of storage features in DC/OS by Mesosphere and our community and partner ecosystems. View the documentation.Beta Enterprise
- Pods now support persistent volumes. View the documentation.Beta
Note: Because these storage features are beta in 1.11, they must be explicitly enabled in the config.yaml file when installing DC/OS. Beta features are not recommended for production usage, but are a good indication of the direction the project is headed.
Updated DC/OS Data Services
- TLS encryption for DC/OS Kafka, DC/OS Cassandra, DC/OS Elastic, and DC/OS HDFS is now supported. Enterprise
- Fault domain awareness for DC/OS Kafka, DC/OS Cassandra, DC/OS Elastic and DC/OS HDFS. Use fault domain awareness to make your services highly available and to allow for increased capacity when needed. Enterprise
- New API endpoint to pause a node for DC/OS Kafka, DC/OS Cassandra, DC/OS Elastic, and DC/OS HDFS. Use this endpoint to relaunch a node in an idle command state for debugging purposes.
- New DC/OS Kafka ZooKeeper service. View the documentation.
- You can now select a DC/OS data service version from a dropdown menu in the DC/OS UI.
- Improved scalability for all DC/OS data services.