DC/OS version 1.11.11 was released on June 5, 2019.
DC/OS 1.11.11 includes the following components:
DC/OS is a distributed operating system that enables you to manage resources, application deployment, data services, networking, and security in an on-premise, cloud, or hybrid cluster environment.
Issues Fixed in DC/OS 1.11.11
The issues that have been fixed in DC/OS 1.11.11 are grouped by feature, functional area, or component. Most change descriptions include one or more issue tracking identifiers for reference.
- DCOS-42928, DCOS_OSS-5105 - Use
docker psinstead of
docker upin diagnostics, since
docker upis an invalid Docker command.
- DCOS_OSS-1502 - There were couple issues caused by unused volumes for removed containers. It is recommended to use Docker prune commands to avoid the occurrence of such issues. This release uses
docker-gccommand to remove the unused volumes.
- DCOS-51751 - The configuration parameters
exhibitor_azure_account_keyfor Exhibitor are marked as
secret. These configuration parameters will not be revealed in
user.config.yamlon cluster nodes. In this release, the configuration parameters will appear only in
user.config.full.yamlwhich has stricter read permissions and is not included in DC/OS diagnostics bundles.
- DCOS-54087 - In the previous releases, UI overrides
concurrencyPolicyfield in schedule to always be
ALLOW. In this release, the
concurrencyPolicyfield is fixed for UI to keep the value intact, thus allowing other concurrency policies other than
- DCOS-15890 - The pre-flight check on advanced installer shows misleading information. This release improves the context of an error message, in case Docker is not running at the start of installation.
- DCOS-53077 - Fixed a number of issues that caused some DC/OS components to crash when
/tmpis mounted with the
- MARATHON-8596 - Marathon health checks is a deprecated feature and users are strongly recommended to switch to Mesos health checks for scalability reasons. However, there are number of issues when excessive number of Marathon health checks (HTTP and TCP) would overload parts of Marathon. This release introduces a new parameter
--max_concurrent_marathon_health_checksthat defines the maximum number (256 by default) of Marathon health checks (HTTP/S and TCP). These health checks can be executed concurrently. Remember that setting a large value here and using many services with Marathon health checks will overload Marathon thus leading to internal timeouts and unstable behavior.
- DCOS-49711 - This release fixes the failure of
systemdnetwork directory did not exist.
- DCOS_OSS-4970, DCOS_OSS-5061 - If a container is using port mapping functionality (such as a container in bridge mode) and if there is a VIP listening on the same port as the host port in port mapping then the VIP traffic doesn’t work. This happens because the iptable rules for port mapper kicks in before the VIP iptable rule. This release fixes a conflict between VIP port and port mapping.
- COPS-2861 - Users often encounter an issue where pkgpanda will attempt to extract a package tarball into
/opt/mesosphere/packages, but it fails due to the tarball only having been partially downloaded. This causes the entire DC/OS install process to fail. This release validates tarballs and/or retry a failed package download in DC/OS bootstrap.
- COPS-3889, COPS-4296, COPS-4628, DCOS-49982 - An error occurred when trying to use UCR with a Docker image via Docker Hub and Nexus 3 Docker registry is configured as a proxy to the Docker Hub. This release adds a support for Docker registry V2 Schema 2 because some major registries may start to deprecate V2 Schema 1 in the near future.
- COPS-3961, DCOS_OSS-4316 - Updated REX-Ray version to 0.11.4.
- DCOS_OSS-4097, DCOS_OSS-5106 - In the previous releases, pkgpanda relied on the fact that the
useraddcommand creates a matching group for a newly-created user. This assumption worked because it was set in the
/etc/login.defs. For more information read the useradd command. This release explicitly creates user groups for all users.
- DCOS_OSS-4613 - If you run the
dcos_generate_configcommand with the
--validateoption, the command validates the configuration settings in your config.yaml file. In some cases, this option issued warning messages that validation failed for parameters that are no longer used. For example, some SSH parameters, such as
ssh_user, have been deprecated. Previously, if you ran
--validateoption to check your configuration settings and these parameters were not specified, the command reported that the validation of configuration parameters had failed. With this release, the
--validateoption does not return validation failure messages for parameters that are no longer required for installation.
- DCOS-45468 - Changed Admin Router’s service endpoint to support Marathon app definitions that use the container networking mode. See network API migration for more information.
- DCOS-52210 - Update to
urllib1.24.2 due to a security vulnerability in version 1.24.1.
- DCOS_OSS-4868 - Updated to OpenSSL 1.0.2r.
About DC/OS 1.11
DC/OS 1.11 includes many new capabilities with a focus on:
- Managing clusters across multiple clouds. Enterprise
- Production Kubernetes-as-a-service.
- Enhanced data security. Enterprise
- Updated data services.
Provide feedback on the new features and services at support.mesosphere.com.
New Features and Capabilities in DC/OS 1.11
- Multi-region management - Enables a DC/OS cluster to span multiple datacenters, clouds, and remote branches while providing a unified management and control cluster. View the documentation. Enterprise
- Linked clusters - A cluster link is a unidirectional relationship between one cluster and another. You can add and remove links from one cluster to another cluster using the DC/OS CLI. Once a link is set up, you can easily switch between clusters using the CLI or UI. View the documentation. Enterprise
- Fault domain awareness - Use fault domain awareness to make your services highly available and to allow for increased capacity when needed. View the documentation. Enterprise
- Decommission nodes - Support for permanently decommissioning nodes makes it easier to manage
spotcloud instances, allowing for immediate task rescheduling. View the documentation
- Edge-LB 1.0. View the documentation. Enterprise
- IPv6 is now supported for Docker containers.
- Performance improvements to the DC/OS network stack - All networking components (minuteman, navstar, spartan) are aggregated into a single systemd unit called
dcos-net. Read this note to learn more about the re-factoring of the network stack.
- The configuration parameter
dns_forward_zonesnow takes a list of objects instead of nested lists (DCOS_OSS-1733). View the documentation to understand its usage.
- Secrets Management Service
- Secrets can now be binary files in addition to environment variables.
- Hierarchical access control is now supported.
- The DC/OS metrics component now produces metrics in Prometheus format. View the documentation.
- Unified logging API provides simple access to container (task) and system component logs. View the documentation.
- DC/OS Storage Service 0.1 (beta) - DSS users will be able to dynamically create volumes based upon profiles or policies to fine-tune their applications storage requirements. This feature leverages the industry-standard Container Storage Interface (CSI) to streamline the development of storage features in DC/OS by Mesosphere and our community and partner ecosystems. View the documentation.Enterprise
- Pods now support persistent volumes. View the documentation.Beta
Updated DC/OS Data Services
- TLS encryption for DC/OS Kafka, DC/OS Cassandra, DC/OS Elastic, and DC/OS HDFS is now supported. Enterprise
- Fault domain awareness for DC/OS Kafka, DC/OS Cassandra, DC/OS Elastic and DC/OS HDFS. Use fault domain awareness to make your services highly available and to allow for increased capacity when needed. Enterprise
- New API endpoint to pause a node for DC/OS Kafka, DC/OS Cassandra, DC/OS Elastic, and DC/OS HDFS. Use this endpoint to relaunch a node in an idle command state for debugging purposes.
- New DC/OS Kafka ZooKeeper service. View the documentation.
- You can now select a DC/OS data service version from a dropdown menu in the DC/OS UI.
- Improved scalability for all DC/OS data services.