DC/OS 1.11.8 was released on December 6, 2018.
DC/OS 1.11.8 includes the following components:
- Apache Mesos 1.5.x change log.
- Marathon 1.6.567 change log.
- Metronome 0.4.5 change log.
Issues Fixed in DC/OS 1.11.8
GUI
- COPS-3360, DCOS-43934 - Updates to the DC/OS UI provide better rendering for elements such as environment variables, secrets, labels, and version information.
- DCOS-37791, DCOS-42504 - For improved scalability, the DC/OS UI starts loading state information immediately after users log on.
Marathon
- COPS-3764 - The upgrade to Marathon 1.6.x enables successful secret validation for secrets included in a Marathon JSON app definition file.
Mesos
- COPS-3573 - Service endpoints for layer-4 load balancing (
l4lb
) addresses with UCR and CNI can be configured and deployed by using the DC/OS UI or through the DC/OS CLI. A fix ensures that the configuration done through the DC/OS UI is not overwritten by using the DC/OS CLI. - COPS-3953 - The Mesos fetcher process automatically retries downloading files using their associated URI if the previously-downloaded and cached versions of the files are not found.
- DCOS-41248 - Changes to
dcos-log
prevent agents from overwheming thejournald
logging facility with messages from endpoints and API requests. - DCOS-43544 - Logic changes enable nested containers to run under the same user account as the user associated with their parent container by default. For nested containers in a pod, the default executor’s user–that is, the user running the top-level container–has been the framework user. In a scenario where the framework user is a normal user but the nested container user is
root
, the change in this release enables the second-level nested containers to run as the same user–for example, theroot
user–as the parent top-level container instead of as the framework user by default. - DCOS-43593 - This release fixes an issue that could cause Mesos master endpoints—such as
reserveResources
orcreateVolume
—to fail during authorization. For example, before implementing this fix, the authorization requests for an endpoint might fail or be incomplete if there’s extreme load on the IAM service. The change in this release ensures that authorization requests for an endpint are complete before continuing. - DCOS-43670, DCOS-44827 - The
cgroups
event listener code is used to poll events for a container. An update to this code ensures that the listener closes the file descriptor after read operations are complete. The fix prevents a race condition that can leave the container in an ISOLATING or PROVISIONING state.
Metronome
- DCOS-45564, DCOS_OSS-2535 - This release adds support for enhancements and issues fixed in Metronome 0.4.5.
- DCOS_OSS-3616 - Metronome initialization improvements prevent Metronome from being in an incomplete state that could cause Mesos offers and associated resources to be held in reserve waiting for the offer to be accepted or declined.
Networking
- COPS-3924 - The distributed layer-4 load-balancer (dcos-l4lb) network component waits to route traffic until a scale out operation is complete or its health check has passed.
- COPS-4034, DCOS_OSS-4398 - This release prevents
dcos-net
from continously restartingsystemd-networkd
on a bare-metal server with bond interfaces. - COPS-4087 - For applications that use Docker containers with a Virtual IP address, backend port mapping resolves access to the application by using the
host_IP:port_number
instead of thecontainer_ip:port_number
.
About DC/OS 1.11
DC/OS 1.11 includes many new capabilities with a focus on:
- Managing clusters across multiple clouds. Enterprise
- Production Kubernetes-as-a-service.
- Enhanced data security. Enterprise
- Updated data services.
Provide feedback on the new features and services at support.mesosphere.com.
New Features and Capabilities in DC/OS 1.11
Platform
- Multi-region management - Enables a DC/OS cluster to span multiple datacenters, clouds, and remote branches while providing a unified management and control cluster. View the documentation. Enterprise
- Linked clusters - A cluster link is a unidirectional relationship between one cluster and another. You can add and remove links from one cluster to another cluster using the DC/OS CLI. Once a link is set up, you can easily switch between clusters using the CLI or UI. View the documentation. Enterprise
- Fault domain awareness - Use fault domain awareness to make your services highly available and to allow for increased capacity when needed. View the documentation. Enterprise
- Decommission nodes - Support for permanently decommissioning nodes makes it easier to manage
spot
cloud instances, allowing for immediate task rescheduling. View the documentation - UCR
- Support for Docker image garbage collection. View the documentation.
- Support for Docker image pull secrets. View the documentation. An example for Docker credentials is here. Enterprise
Networking
- Edge-LB 1.0. View the documentation. Enterprise
- IPv6 is now supported for Docker containers.
- Performance improvements to the DC/OS network stack - All networking components (minuteman, navstar, spartan) are aggregated into a single systemd unit called
dcos-net
. Read this note to learn more about the re-factoring of the network stack. - The configuration parameter
dns_forward_zones
now takes a list of objects instead of nested lists (DCOS_OSS-1733). View the documentation to understand its usage.
Enterprise
Security- Secrets Management Service
- Secrets can now be binary files in addition to environment variables.
- Hierarchical access control is now supported.
Monitoring
- The DC/OS metrics component now produces metrics in Prometheus format. View the documentation.
- Unified logging API provides simple access to container (task) and system component logs. View the documentation.
Storage
- DC/OS Storage Service 0.1 (beta) - DSS users will be able to dynamically create volumes based upon profiles or policies to fine-tune their applications storage requirements. This feature leverages the industry-standard Container Storage Interface (CSI) to streamline the development of storage features in DC/OS by Mesosphere and our community and partner ecosystems. View the documentation.Enterprise
- Pods now support persistent volumes. View the documentation.Beta
Updated DC/OS Data Services
- TLS encryption for DC/OS Kafka, DC/OS Cassandra, DC/OS Elastic, and DC/OS HDFS is now supported. Enterprise
- Fault domain awareness for DC/OS Kafka, DC/OS Cassandra, DC/OS Elastic and DC/OS HDFS. Use fault domain awareness to make your services highly available and to allow for increased capacity when needed. Enterprise
- New API endpoint to pause a node for DC/OS Kafka, DC/OS Cassandra, DC/OS Elastic, and DC/OS HDFS. Use this endpoint to relaunch a node in an idle command state for debugging purposes.
- New DC/OS Kafka ZooKeeper service. View the documentation.
- You can now select a DC/OS data service version from a dropdown menu in the DC/OS UI.
- Improved scalability for all DC/OS data services.