Skip to content

Commit

Permalink
Formatting changes
Browse files Browse the repository at this point in the history
  • Loading branch information
Traci Morrison committed Oct 7, 2019
1 parent f3a3d85 commit 845c654
Showing 1 changed file with 56 additions and 95 deletions.
151 changes: 56 additions & 95 deletions ee/ucp/release-notes.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -28,7 +28,7 @@ upgrade your installation to the latest release.
2019-10-07

### UI
* Fixes a UI issue that caused incorrect line breaks at pre-logon banner notification (ENGORG-2678)
* Fixes a UI issue that caused incorrect line breaks at pre-logon banner notification (ENGORC-2678)
* Users have an option to store sessionToken per window tab session. (ENGORC-2597)

### Kubernetes
Expand Down Expand Up @@ -70,7 +70,7 @@ upgrade your installation to the latest release.
* The `azure-ip-count` variable is now exposed at install time, allowing a User
to customize the number of IP addresses UCP provisions for each node.
Additional information can be found
[here](/ee/ucp/admin/install/cloudproviders/install-on-azure/#adjust-the-ip-count-value)
[here](/ee/ucp/admin/install/cloudproviders/install-on-azure/#adjust-the-ip-count-value).

### Security
* Upgraded Golang to 1.12.9.
Expand Down Expand Up @@ -142,21 +142,15 @@ more information see
### Deprecations
The following features are deprecated in UCP 3.2:

- Collections
- The ability to create a nested collection of more than 2 layers deep within the root /Swarm/collection is
now deprecated and will not be included in future versions of the product. However, current nested collections
with more than 2 layers are still retained.
- Docker recommends a maximum of two layers when creating collections within UCP under the shared cluster
collection designated as /Swarm/. For example, if a production collection called /Swarm/production is created
under the shared cluster collection /Swarm/, only one level of nesting should be created, for
example, /Swarm/production/app/. See Nested collections for more details.
- UCP `stop` and `restart`
- Additional upgrade functionality has been included which eliminates the need for these commands.
- `ucp-agent-pause`
- `ucp-agent-pause` is no longer supported. To pause UCP reconciliation on a specific node, for example, when repairing unhealthy `etcd` or `rethinkdb` replicas, you can use swarm node labels as shown in the following example:
```
docker node update --label-add com.docker.ucp.agent-pause=true <NODE>
```
#### Collections

- The ability to create a nested collection of more than 2 layers deep within the root /Swarm/collection is now deprecated and will not be included in future versions of the product. However, current nested collections with more than 2 layers are still retained.
- Docker recommends a maximum of two layers when creating collections within UCP under the shared cluster collection designated as /Swarm/. For example, if a production collection called /Swarm/production is created under the shared cluster collection /Swarm/, only one level of nesting should be created, for example, /Swarm/production/app/. See Nested collections for more details.
- UCP `stop` and `restart`. Additional upgrade functionality has been included which eliminates the need for these commands.
- `ucp-agent-pause` is no longer supported. To pause UCP reconciliation on a specific node, for example, when repairing unhealthy `etcd` or `rethinkdb` replicas, you can use swarm node labels as shown in the following example:
```
docker node update --label-add com.docker.ucp.agent-pause=true <NODE>
```
- Windows 2016 is formally deprecated from Docker Enterprise 3.0. EOL of Windows Server 2016 support will occur in Docker
Enterprise 3.1. Upgrade to Windows Server 2019 for continued support on Docker Enterprise.
- Support for updating the UCP config with `docker service update ucp-manager-agent --config-add <Docker config> ...`
Expand All @@ -168,87 +162,54 @@ Refer to [UCP backup information](/ee/admin/backup/back-up-ucp/) for detailed UC

If your cluster has lost quorum and you cannot recover it on your own, please contact Docker Support.

- Browser support
#### Browser support

In order to optimize user experience and security, support for Internet Explorer (IE) version 11 is not provided for Windows 7 with UCP version 3.2. Docker recommends updating to a newer browser version if you plan to use UCP 3.2, or remaining on UCP 3.1.x or older until EOL of IE11 in January 2020.

- Kubernetes
- Integrated Kubernetes Ingress
- You can now dynamiclly deploy L7 routes for applications, scale out multi-tenant ingress for shared clusters,
and give applications TLS termination, path-based routing, and high-performance L7 load-balancing in a
centralized and controlled manner.
- Updated Kubernetes to version 1.14.
- Enhancements:
- PodShareProcessNamespace
- The PodShareProcessNamespace feature, available by default, configures PID namespace sharing within a pod. See [Share Process Namespace between Containers in a Pod](https://kubernetes.io/docs/tasks/configure-pod-container/share-process-namespace/) for more information.
- https://github.com/kubernetes/kubernetes/pull/66507
- Volume Dynamic Provisioning
- Combined `VolumeScheduling` and `DynamicProvisioningScheduling`.
- Added allowedTopologies description in kubectl.
- ACTION REQUIRED: The DynamicProvisioningScheduling alpha feature gate has been removed. The VolumeScheduling beta feature gate is still required for this feature. - https://github.com/kubernetes/kubernetes/pull/67432
- TokenRequest and TokenRequestProjection
- Enable these features by starting the API server with the following flags:
* --service-account-issuer
* --service-account-signing-key-file
* --service-account-api-audiences
- https://github.com/kubernetes/kubernetes/pull/67349
- Removed `--cadvisor-port flag` from kubelet
- ACTION REQUIRED: The cAdvisor web UI that the kubelet started using `--cadvisor-port` was removed
in 1.12. If cAdvisor is needed, run it via a DaemonSet.
- https://github.com/kubernetes/kubernetes/pull/65707
- Support for Out-of-tree CSI Volume Plugins (stable) with API
- Allows volume plugins to be developed out-of-tree.
- Not require building volume plugins (or their dependencies) into Kubernetes binaries.
- Not requiring direct machine access to deploy new volume plugins (drivers).
- https://github.com/kubernetes/enhancements/issues/178
- Server-side Apply leveraged by the UCP GUI for the yaml create page
- Moved "apply" and declarative object management from kubectl to the apiserver. Added "field ownership".
- https://github.com/kubernetes/enhancements/issues/555
- The PodPriority admission plugin
- For `kube-apiserver`, the `Priority` admission plugin is now enabled by default when using `--enable-admission-plugins`. If using `--admission-control` to fully specify the set of admission plugins, the `Priority` admission plugin should be added if using the `PodPriority` feature, which is enabled by default in 1.11.
- The priority admission plugin:
- Allows pod creation to include an explicit priority field if it matches the computed
priority (allows export/import cases to continue to work on the same cluster, between
clusters that match priorityClass values, and between clusters where priority is unused
and all pods get priority:0)
- Preserves existing priority if a pod update does not include a priority value and the old
pod did (allows POST, PUT, PUT, PUT workflows to continue to work, with the admission-set value
on create being preserved by the admission plugin on update)
- https://github.com/kubernetes/kubernetes/pull/65739
- Volume Topology
- Made the scheduler aware of a Pod's volume's topology constraints, such as zone or node.
- https://github.com/kubernetes/enhancements/issues/490
- Docs pr here: kubernetes/website#10736
- Admin RBAC role and edit RBAC roles
- The admin RBAC role is aggregated from edit and view. The edit RBAC role is aggregated from a
separate edit and view.
- https://github.com/kubernetes/kubernetes/pull/66684
- API
- `autoscaling/v2beta2` and `custom_metrics/v1beta2` implement metric selectors for Object and Pods
metrics, as well as allow AverageValue targets on Objects, similar to External metrics.
- https://github.com/kubernetes/kubernetes/pull/64097
- Version updates
- Client-go libraries bump
- ACTION REQUIRED: the API server and client-go libraries support additional non-alpha-numeric
characters in UserInfo "extra" data keys. Both support extra data containing "/" characters or
other characters disallowed in HTTP headers.
- Old clients sending keys that were %-escaped by the user have their values unescaped by new API servers.
New clients sending keys containing illegal characters (or "%") to old API servers do not have their values unescaped.
- https://github.com/kubernetes/kubernetes/pull/65799
- audit.k8s.io API group bump
- The audit.k8s.io API group has been bumped to v1.
- Deprecated element metav1.ObjectMeta and Timestamp are removed from audit Events in v1 version.
- Default value of option --audit-webhook-version and --audit-log-version are changed from `audit.k8s.io/v1beta1` to `audit.k8s.io/v1`.
- https://github.com/kubernetes/kubernetes/pull/65891
### Kubernetes

- Integrated Kubernetes Ingress
- You can now dynamiclly deploy L7 routes for applications, scale out multi-tenant ingress for shared clusters, and give applications TLS termination, path-based routing, and high-performance L7 load-balancing in a centralized and controlled manner.
- Updated Kubernetes to version 1.14.

#### Enhancements

- PodShareProcessNamespace
- The PodShareProcessNamespace feature, available by default, configures PID namespace sharing within a pod. See [Share Process Namespace between Containers in a Pod](https://kubernetes.io/docs/tasks/configure-pod-container/share-process-namespace/) for more information. [kubernetes #66507](https://github.com/kubernetes/kubernetes/pull/66507)
- Volume Dynamic Provisioning
- Combined `VolumeScheduling` and `DynamicProvisioningScheduling`.
- Added allowedTopologies description in kubectl.
- ACTION REQUIRED: The DynamicProvisioningScheduling alpha feature gate has been removed. The VolumeScheduling beta feature gate is still required for this feature. [kubernetes #67432](https://github.com/kubernetes/kubernetes/pull/67432)
- TokenRequest and TokenRequestProjection [kubernetes #67349](https://github.com/kubernetes/kubernetes/pull/67349)
- Enable these features by starting the API server with the following flags:
- `--service-account-issuer`
- `--service-account-signing-key-file`
- `--service-account-api-audiences`
- Removed `--cadvisor-port flag` from kubelet
- ACTION REQUIRED: The cAdvisor web UI that the kubelet started using `--cadvisor-port` was removed in 1.12. If cAdvisor is needed, run it via a DaemonSet. [kubernetes #65707](https://github.com/kubernetes/kubernetes/pull/65707)
- Support for Out-of-tree CSI Volume Plugins (stable) with API
- Allows volume plugins to be developed out-of-tree.
- Not require building volume plugins (or their dependencies) into Kubernetes binaries.
- Not requiring direct machine access to deploy new volume plugins (drivers). [kubernetes #178](https://github.com/kubernetes/enhancements/issues/178)
- Server-side Apply leveraged by the UCP GUI for the yaml create page
- Moved "apply" and declarative object management from kubectl to the apiserver. Added "field ownership". [kubernetes #555](https://github.com/kubernetes/enhancements/issues/555)
- The PodPriority admission plugin
- For `kube-apiserver`, the `Priority` admission plugin is now enabled by default when using `--enable-admission-plugins`. If using `--admission-control` to fully specify the set of admission plugins, the `Priority` admission plugin should be added if using the `PodPriority` feature, which is enabled by default in 1.11.
- Allows pod creation to include an explicit priority field if it matches the computed priority (allows export/import cases to continue to work on the same cluster, between clusters that match priorityClass values, and between clusters where priority is unused and all pods get priority:0)
- Preserves existing priority if a pod update does not include a priority value and the old pod did (allows POST, PUT, PUT, PUT workflows to continue to work, with the admission-set value on create being preserved by the admission plugin on update). [kubernetes #65739](https://github.com/kubernetes/kubernetes/pull/65739)
- Volume Topology
- Made the scheduler aware of a Pod's volume's topology constraints, such as zone or node. [kubernetes #490](https://github.com/kubernetes/enhancements/issues/490)
- Admin RBAC role and edit RBAC roles
- The admin RBAC role is aggregated from edit and view. The edit RBAC role is aggregated from a separate edit and view. [kubernetes #66684](https://github.com/kubernetes/kubernetes/pull/66684)
- API
- `autoscaling/v2beta2` and `custom_metrics/v1beta2` implement metric selectors for Object and Pods metrics, as well as allow AverageValue targets on Objects, similar to External metrics. [kubernetes #64097](https://github.com/kubernetes/kubernetes/pull/64097)
- Version updates
- Client-go libraries bump
- ACTION REQUIRED: the API server and client-go libraries support additional non-alpha-numeric characters in UserInfo "extra" data keys. Both support extra data containing "/" characters or other characters disallowed in HTTP headers.
- Old clients sending keys that were %-escaped by the user have their values unescaped by new API servers. New clients sending keys containing illegal characters (or "%") to old API servers do not have their values unescaped. [kubernetes #65799](https://github.com/kubernetes/kubernetes/pull/65799)
- audit.k8s.io API group bump. The audit.k8s.io API group has been bumped to v1.
- Deprecated element metav1.ObjectMeta and Timestamp are removed from audit Events in v1 version.
- Default value of option --audit-webhook-version and --audit-log-version are changed from `audit.k8s.io/v1beta1` to `audit.k8s.io/v1`. [kubernetes #65891](https://github.com/kubernetes/kubernetes/pull/65891)

### Known issues

Expand Down

0 comments on commit 845c654

Please sign in to comment.