Release Notes for 1.11.5

Release notes for DC/OS 1.11.5

DC/OS 1.11.5 was released on September 12, 2018.

Notable Changes in DC/OS 1.11.5

DC/OS 1.11.5 includes the following components:

Issues Fixed in DC/OS 1.11.5

Customer Advisory

The customer advisory information is available here.

Note: The support website requires a login credential to access the customer advisory information.

GUI

  • COPS-3051/DCOS-39662 - Fix deployment state in Marathon-LB debug page.
  • COPS-3573/DCOS-39720 - Enable service endpoints on UCR.
  • DCOS-21049 - Add dcos:secrets:list:default:/ secret permission to access DC/OS UI.
  • DCOS-38595 - Fix display error messages in framework configuration form.
  • DCOS-39877 - Remove flickering filter issue in tasks view.
  • DCOS-40523 - Enable empty environment variables reducer to support empty values.
  • DCOS-40577 - Fix dashboard permissions and node tab with correct ACLs for users (non-super users and remote users).
  • DCOS_OSS-3801 - Add support for Docker parameters in Metronome jobs.
  • Update DC/OS UI for 1.11+v1.19.0. Open Source
  • Update DC/OS UI for 1.11+v1.19.0+1c67f4b5. Enterprise

Marathon

  • COPS-3505/MARATHON-8326 - Add wipe=true support for pod’s instances endpoint to automatically drain and decomission agent nodes.
  • MARATHON-7568 - Prevent ZK credentials leak in /v2/info.
  • MARATHON-8084 - Clean up Marathon API POST header.
  • MARATHON-8368 - Fix offer rejection statistics error when maintenance mode is enabled.

Mesos

  • COPS-3616/DCOS-39973/DCOS-40162 - Fix container launch failures that occurred due to Mesos-bridge running out of IPs.
  • COPS-3750/DCOS-41224 - Fix for UCR container cleanup EBUSY issue, which restarts EdgeLB tasks.
  • DCOS-38225 - Prevent task loss by fixing error handling failures of Mesos-IAM interaction. Enterprise
  • DCOS-40410 - Bump Mesos to nightly 1.5.x eacabd7.

Networking

  • COPS-3279/COPS-3576/DCOS-37703/DCOS-39721 - Fix erroneous values in service addresses stats. Bump dcos-net.
  • COPS-3472/DCOS-38932 - Enable access to Marathon app via overlap network.
  • COPS-3520/DCOS-39999 - Fix DC/OS OSS build failure that occurred due to segmentation violation.
  • DCOS-39707 - Fix clustering issues with etcd.
  • DCOS_OSS-3697 - Fix connectivity issue between bridge and overlay networks.
  • DCOS_OSS-3841 - Update CNI plugin versions to v0.7.1.

Platform

  • COPS-3568/DCOS-39883 - Add permissions to dcos_diagnostics_master to read marathon state.
  • DCOS-22194 - Fix dcos-metrics pkgpanda build to utilize Docker.
  • DCOS-37454 - Fix Prometheus inconsistent output with stored metrics.

Security Enterprise

  • COPS-2988 - Provide access permissions with full capabilities to the user.
  • COPS-3195 - Fix cluster authentication issues running in strict mode and issues arising from transient errors in the ip-detect script.
  • COPS-3485/DCOS_OSS-3937 - Prevent loss of ZK myid configuration file by recreating the deleted myid configuration file and restarting exhibitor
  • DCOS-38655 - Force all login requests through Admin Router.
  • DCOS-39259 - Add error handling for StartTLS in case of socket failure.
  • DCOS-39260 - Fix LDAP login failure after upgrade from 1.11.1 to 1.11.3.
  • DCOS_OSS-3932 - Update Java version from 8u151 to 8u181.

Storage

  • DCOS-39891 - Add a new permission to dcos_diagnostics_master service account user during bootstrap.

About DC/OS 1.11

DC/OS 1.11 includes many new capabilities with a focus on:

  • Managing clusters across multiple clouds Enterprise
  • Production Kubernetes-as-a-service
  • Enhanced data security Enterprise
  • Updated data services

Provide feedback on the new features and services at: support.mesosphere.com.

New Features and Capabilities

Platform

  • Multi-region management - Enables a DC/OS Cluster to span multiple datacenters, clouds, and remote branches while providing a unified management and control cluster. View the documentation. Enterprise
  • Linked clusters - A cluster link is a unidirectional relationship between one cluster and another. You add and remove links from one cluster to another cluster using the DC/OS CLI. Once a link is set up, you can easily switch between clusters using the CLI or UI. View the documentation. Enterprise
  • Fault domain awareness - Use fault domain awareness to make your services highly available and to allow for increased capacity when needed. View the documentation. Enterprise
  • Decommission node - Support for permanently decommissioning nodes makes it easier to manage “spot” cloud instances, allowing for immediate task rescheduling. View the documentation
  • UCR

Networking

  • Edge-LB 1.0. View the documentation. Enterprise
  • IPv6 is now supported for Docker containers.
  • Performance improvements to the DC/OS network stack - All networking components (minuteman, navstar, spartan) are aggregated into a single systemd unit called dcos-net. Read this note to learn more about the re-factoring of the network stack.
  • The configuration parameter dns_forward_zones now takes a list of objects instead of nested lists (DCOS_OSS-1733). View the documentation to understand its usage.

Security Enterprise

  • Secrets Management Service
    • Secrets can now be binary files in addition to environment variables.
    • Hierarchical access control is now supported.

Monitoring

Storage

  • DC/OS Storage Service 0.1 (beta) - DSS users will be able to dynamically create volumes based upon profiles or policies to fine-tune their applications storage requirements. This feature leverages the industry-standard Container Storage Interface (CSI) to streamline the development of storage features in DC/OS by Mesosphere and our community and partner ecosystems. View the documentation.Beta Enterprise
  • Pods now support persistent volumes. View the documentation.Beta

Note: Because these storage features are beta in 1.11, they must be explicitly enabled in the config.yaml file when installing DC/OS. Beta features are not recommended for production usage, but are a good indication of the direction the project is headed.

Updated DC/OS Data Services

  • TLS encryption for DC/OS Kafka, DC/OS Cassandra, DC/OS Elastic, and DC/OS HDFS is now supported. Enterprise
  • Fault domain awareness for DC/OS Kafka, DC/OS Cassandra, DC/OS Elastic and DC/OS HDFS. Use fault domain awareness to make your services highly available and to allow for increased capacity when needed. Enterprise
  • New API endpoint to pause a node for DC/OS Kafka, DC/OS Cassandra, DC/OS Elastic, and DC/OS HDFS. Use this endpoint to relaunch a node in an idle command state for debugging purposes.
  • New DC/OS Kafka ZooKeeper service. View the documentation.
  • You can now select a DC/OS data service version from a dropdown menu in the DC/OS UI.
  • Improved scalability for all DC/OS data services.