Release notes for UCP v1.1.1

Updates release notes for UCP v1.1.1, with some grammatical edits to earlier versions.
2016-05-16 12:56:25 -07:00 · 2016-05-16 12:56:25 -07:00 · 19b8334bb4
parent 78d9e6a0ce
commit 19b8334bb4
1 changed files with 107 additions and 49 deletions
--- a/release_notes.md
+++ b/release_notes.md
@ -12,76 +12,139 @@ weight=110

 # UCP Release Notes

-## Version 1.1.0
+**Upgrading**

-(4 May 2016)
+[Learn how to upgrade to the latest version](installation/upgrade.md)
+
+## Version 1.1.1

 **Features**

 * Core
-  * UCP and DTR are now using a unified authentication service,
-  * Users and teams created in UCP are displayed in DTR under the 'Datacenter'
-  organization,
-  * All controllers joined to the cluster now have replicated CAs. For this,
-  you need to copy the root key material to controllers joined to the cluster,
-  * All UCP components were compiled with Go 1.5.4 and 1.6 to address a
-  security vulnerability in Go,
-  * When joining nodes to the cluster, UCP automatically runs
-  'engine-discovery' to configure the Docker Engine for multi-host networking,
-  * If you're using Docker Engine 1.11 with default configurations, when joining
-  new nodes to the cluster multi-host networking is automatically configured
-  without needing to restart the Docker daemon.
+  * Upgraded Swarm to 1.2.2
+  * added `passwd` command to docker/ucp-auth image which allows admins to 
+  reset their passwords. Note for security purposes it is NOT recommended to 
+  give users access to host machines running UCP controllers.
+
+* docker/ucp image
+  * Added `--kv-timeout` flag to `install` command which configures election 
+  timeout latency of UCP key-value store (e.g. for cross-availability zones or 
+  data centers). More info: https://coreos.com/etcd/docs/latest/tuning.html
+  * Added `--insecure-fingerprint` flag to `join` command which bypasses TLS
+  verification when adding new nodes. Note for security purposes this is NOT 
+  recommended for normal UCP deployments.

-* docker/dtr image
-  * Added the 'backup' command to create backups of controller nodes,
-  * Added the 'restore' command, to restore a controller node from a backup,
-  * Added the 'regen-certs' command, to regenerate keys and certificates used on
-  a controller node. You can use this for changing the SANS on the certificates
-  or in case a CA is compromised,
-  * Added the 'stop' and 'restart' commands, to stop and start UCP containers.
-
 * UI
-  * Now you can deploy apps from the UI using a docker-compse.yml file,
-  * There's a new setting to prevent users from deploying containers to the UCP
-  controller nodes,
-  * Improved usability of LDAP configuration settings,
-  * Images page no longer shows the sha256 id of each image ID,
-  * User profiles now display default permissions,
-  * Improved feedback when creating users and teams with invalid characters,
-  * Added horizontal scrollbar to wide pages.
+  * Can now enter private registry credentials when using "Pull image" in UI.
+  * Added disable account checkbox in "Edit User" screen to facilitate easier 
+  switching from managed auth to LDAP auth and vice-versa.
+  * Added checkbox for de-anonymizing usage reports.
+  * Now displays an error when "Pull image" in UI fails.
+  * New UI options to show/hide columns and filter system/stopped containers.

 **Bug Fixes**

-* Improved messages when installing UCP on a host with firewall rules,
-* Images page no longer shows images generated from intermediate builds,
-* Images page no longer hangs when pulling an image,
+* Fixes a known issue from UCP 1.1.0 where the cluster fails to join additional 
+nodes after upgrading from an older version of UCP.
+* Upgrading from UCP 1.0.x now correctly preserves users/teams/orgs.
+* Upgrading from UCP 1.0.x now puts correct version labels on containers
+* Errors reported by UCP k-v store are now more informative.
+* Restore command now ensures backup is uncorrupted, UCP cluster is healthy and 
+is running the same or later UCP version in order to proceed successfully.
+* LDAP domain names are now case-insensitive for easier syncing.
+* Fixes error by which user could get unintended "access denied" message 
+when deploying a container in UI due to cached permission labels
+
+**Misc**
+
+* It is no longer necessary to add `--swarm-experimental` flag at installation
+in order to enable container rescheduling as this Swarm feature is now GA.
+* UCP now recommends a minimum of 2 GB of RAM per host (up from 1.5 GB).
+* During installation, UCP now warns you to only restart the Docker Engine 
+after joining all controller nodes to the cluster (known issue in v1.1.0)
+
+**Known Issues**
+
+* When running on Docker Engines prior to 1.11.1-cs2, containers with 
+`restart=always` on overlay networks may not resume properly when the daemon
+is restarted on a UCP controller node. It is highly recommended to upgrade your
+Engines, particularly when using overlay networks or running UCP and DTR in HA 
+configuration on the same nodes.
+* When attempting to restore a v1.1.0 backup on a new cluster installed with 
+the `fresh-install` flag, the restore operation process may fail due to 
+engine-discovery configuration issues. It is recommended to take a new set of 
+backups after upgrading to v1.1.1.
+
+## Version 1.1.0
+
+**Features**
+
+* Core
+  * UCP and DTR are now using a unified authentication service
+  * Users and teams created in UCP are displayed in DTR under the 'Datacenter'
+  organization
+  * All controllers joined to the cluster now have replicated CAs. For this,
+  you need to copy the root key material to controllers joined to the cluster,
+  * All UCP components were compiled with Go 1.5.4 and 1.6 to address a
+  security vulnerability in Go
+  * When joining nodes to the cluster, UCP automatically runs
+  'engine-discovery' to configure the Docker Engine for multi-host networking
+  * If you're using Docker Engine 1.11 with default configurations, when joining
+  new nodes to the cluster multi-host networking is automatically configured
+  without needing to restart the Docker daemon
+
+* docker/ucp image
+  * Added the 'backup' command to create backups of controller nodes
+  * Added the 'restore' command, to restore a controller node from a backup
+  * Added the 'regen-certs' command, to regenerate keys and certificates used on
+  a controller node. You can use this for changing the SANS on the certificates
+  or in case a CA is compromised
+  * Added the 'stop' and 'restart' commands, to stop and start UCP containers
+
+* UI
+  * Now you can deploy apps from the UI using a docker-compse.yml file
+  * There's a new setting to prevent users from deploying containers to the UCP
+  controller nodes
+  * Improved usability of LDAP configuration settings
+  * Images page no longer shows the sha256 id of each image ID
+  * User profiles now display default permissions
+  * Improved feedback when creating users and teams with invalid characters
+  * Added horizontal scrollbar to wide pages
+
+**Bug Fixes**
+
+* Improved messages when installing UCP on a host with firewall rules
+* Images page no longer shows images generated from intermediate builds
+* Images page no longer hangs when pulling an image
 * Scaling a container from the UI now preserves parameters like 'net' and
-'privileged',
-* Fixed `docker ps --filter` to filter containers correctly.
+'privileged'
+* Fixed `docker ps --filter` to filter containers correctly


 **Misc**

 * All UCP containers now have the 'com.docker.ucp.version' label with their
-upstream version or UCP version,
+upstream version or UCP version
 * When running docker/ucp in interactive mode, the parameters and environment
-variables passed to the command are displayed,
+variables passed to the command are displayed
 * Renamed 'external-ucp-ca' flag to 'external-server-cert' for clarity.
-The first is deprecated but still available.
+The former name is deprecated but still available
+* Since UCP now makes use of overlay networking, make sure ports 4789 and 7946
+are open when deploying your cluster.

-**Known issues**
+**Known Issues**

 * After upgrading to version `1.1.0`, if you join new nodes to the cluster,
 a success message is displayed, but that node will not be part of the
 cluster. As a workaround, join new controller nodes before upgrading, or
-perform a fresh installation of UCP 1.1.0.
+perform a fresh installation of UCP 1.1.0
 * If you have an active login session in UCP and do an upgrade, you should force
-refresh the browser or you may run into UI errors.
+refresh the browser or you may run into UI errors
 * When joining replicas to the cluster, you may be prompted to restart the
 Docker daemon on that node. For a faster installation, only restart the Docker
-daemon after joining all replicas.
+daemon after joining all replicas
 * When deploying applications from the UI, using the `host` network option
-might cause errors. If this happens, deploy the application from the CLI.
+might cause errors. If this happens, deploy the application from the CLI

 **Component Versions**

@ -92,11 +155,6 @@ UCP 1.1.0 uses:
 * Docker Swarm: 1.1.3
 * etcd 2.2.5
 * RethinkDB 2.3.0
-
-
-**Upgrading**
-
-[Learn how to upgrade to the latest version](installation/upgrade.md)

 ## Version 1.0.4

@ -117,7 +175,7 @@ navigated to their profile page.
 Fixes a security issue by which a non-admin user account can gain admin-level
 privileges via the UCP API.

-**Known issues**
+**Known Issues**

 Non-admin users might have an error when navigating to their profile page. This
 happens when the user is part of a team that has a label applied to it.