docker
/
docs
mirror of https://github.com/docker/docs.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

UCP relnotes updates (#1163) 

* Buildkit support update

* Added K8s ingress blurb
This commit is contained in:
paigehargrave 2019-06-10 16:19:58 -04:00 committed by GitHub
parent 9ac016bb51
commit f4277a3bfb
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 64 additions and 54 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

118
ee/ucp/release-notes.md
View File

@ -77,6 +77,10 @@ Error log information can be accessed for troubleshooting.
- You can now manually control worker node upgrades.
- User workloads no longer experience downtime during an upgrade.
### Buildkit
- You can now use a UCP client bundle with buildkit.
## Deprecations
The following features are deprecated in UCP 3.2:
@ -100,84 +104,90 @@ The following features are deprecated in UCP 3.2:
In order to optimize user experience and security, support for Internet Explorer (IE) version 11 is not provided for Windows 7 with UCP version 3.2. Docker recommends updating to a newer browser version if you plan to use UCP 3.2, or remaining on UCP 3.1.x or older until EOL of IE11 in January 2020.
## Kubernetes
Updated Kubernetes to version 1.14.
- Enhancements:
- PodShareProcessNamespace
- Integrated Kubernetes Ingress
- You can now dynamiclly deploy L7 routes for applications, scale out multi-tenant ingress for shared clusters,
and give applications TLS termination, path-based routing, and high-performance L7 load-balancing in a
centralized and controlled manner.
- The PodShareProcessNamespace feature, available by default, configures PID namespace sharing within a pod.
- Updated Kubernetes to version 1.14.
- Enhancements:
- PodShareProcessNamespace
- The PodShareProcessNamespace feature, available by default, configures PID namespace sharing within a pod.
See [Share Process Namespace between Containers in a Pod](https://kubernetes.io/docs/tasks/configure-pod-container/share-process-namespace/) for more information.
- https://github.com/kubernetes/kubernetes/pull/66507
- Volume Dynamic Provisioning
- https://github.com/kubernetes/kubernetes/pull/66507
- Volume Dynamic Provisioning
- Combined `VolumeScheduling` and `DynamicProvisioningScheduling`.
- Added allowedTopologies description in kubectl.
- ACTION REQUIRED: The DynamicProvisioningScheduling alpha feature gate has been removed.
- Combined `VolumeScheduling` and `DynamicProvisioningScheduling`.
- Added allowedTopologies description in kubectl.
- ACTION REQUIRED: The DynamicProvisioningScheduling alpha feature gate has been removed.
The VolumeScheduling beta feature gate is still required for this feature)
https://github.com/kubernetes/kubernetes/pull/67432
- TokenRequest and TokenRequestProjection
- TokenRequest and TokenRequestProjection
- Enable these features by starting the API server with the following flags:
* --service-account-issuer
* --service-account-signing-key-file
* --service-account-api-audiences
- https://github.com/kubernetes/kubernetes/pull/67349
- Removed `--cadvisor-port flag` from kubelet
- Enable these features by starting the API server with the following flags:
* --service-account-issuer
* --service-account-signing-key-file
* --service-account-api-audiences
- https://github.com/kubernetes/kubernetes/pull/67349
- Removed `--cadvisor-port flag` from kubelet
- ACTION REQUIRED: The cAdvisor web UI that the kubelet started using `--cadvisor-port` was removed
- ACTION REQUIRED: The cAdvisor web UI that the kubelet started using `--cadvisor-port` was removed
in 1.12. If cAdvisor is needed, run it via a DaemonSet.
- https://github.com/kubernetes/kubernetes/pull/65707
- Support for Out-of-tree CSI Volume Plugins (stable) with API
- https://github.com/kubernetes/kubernetes/pull/65707
- Support for Out-of-tree CSI Volume Plugins (stable) with API
- Allows volume plugins to be developed out-of-tree.
- Not require building volume plugins (or their dependencies) into Kubernetes binaries.
- Not requiring direct machine access to deploy new volume plugins (drivers).
- https://github.com/kubernetes/enhancements/issues/178
- Server-side Apply leveraged by the UCP GUI for the yaml create page
- Allows volume plugins to be developed out-of-tree.
- Not require building volume plugins (or their dependencies) into Kubernetes binaries.
- Not requiring direct machine access to deploy new volume plugins (drivers).
- https://github.com/kubernetes/enhancements/issues/178
- Server-side Apply leveraged by the UCP GUI for the yaml create page
- Moved "apply" and declarative object management from kubectl to the apiserver. Added "field ownership".
- https://github.com/kubernetes/enhancements/issues/555
- The PodPriority admission plugin
- Moved "apply" and declarative object management from kubectl to the apiserver. Added "field ownership".
- https://github.com/kubernetes/enhancements/issues/555
- The PodPriority admission plugin
- For `kube-apiserver`, the `Priority` admission plugin is now enabled by default when using `--enable-admission-plugins`. If using `--admission-control` to fully specify the set of admission plugins, the `Priority` admission plugin should be added if using the `PodPriority` feature, which is enabled by default in 1.11.
- The priority admission plugin:
- Allows pod creation to include an explicit priority field if it matches the computed
- For `kube-apiserver`, the `Priority` admission plugin is now enabled by default when using `--enable-admission-plugins`. If using `--admission-control` to fully specify the set of admission plugins, the `Priority` admission plugin should be added if using the `PodPriority` feature, which is enabled by default in 1.11.
- The priority admission plugin:
- Allows pod creation to include an explicit priority field if it matches the computed
priority (allows export/import cases to continue to work on the same cluster, between
clusters that match priorityClass values, and between clusters where priority is unused
and all pods get priority:0)
- Preserves existing priority if a pod update does not include a priority value and the old
- Preserves existing priority if a pod update does not include a priority value and the old
pod did (allows POST, PUT, PUT, PUT workflows to continue to work, with the admission-set value
on create being preserved by the admission plugin on update)
- https://github.com/kubernetes/kubernetes/pull/65739
- Volume Topology
- https://github.com/kubernetes/kubernetes/pull/65739
- Volume Topology
- Made the scheduler aware of a Pod's volume's topology constraints, such as zone or node.
- https://github.com/kubernetes/enhancements/issues/490, Docs pr here: kubernetes/website#10736
- Admin RBAC role and edit RBAC roles
- The admin RBAC role is aggregated from edit and view. The edit RBAC role is aggregated from a
- Made the scheduler aware of a Pod's volume's topology constraints, such as zone or node.
- https://github.com/kubernetes/enhancements/issues/490, Docs pr here: kubernetes/website#10736
- Admin RBAC role and edit RBAC roles
- The admin RBAC role is aggregated from edit and view. The edit RBAC role is aggregated from a
separate edit and view.
- https://github.com/kubernetes/kubernetes/pull/66684
- API
- `autoscaling/v2beta2` and `custom_metrics/v1beta2` implement metric selectors for Object and Pods
- https://github.com/kubernetes/kubernetes/pull/66684
- API
- `autoscaling/v2beta2` and `custom_metrics/v1beta2` implement metric selectors for Object and Pods
metrics, as well as allow AverageValue targets on Objects, similar to External metrics.
- https://github.com/kubernetes/kubernetes/pull/64097
- Version updates
- Client-go libraries bump
- ACTION REQUIRED: the API server and client-go libraries support additional non-alpha-numeric
- https://github.com/kubernetes/kubernetes/pull/64097
- Version updates
- Client-go libraries bump
- ACTION REQUIRED: the API server and client-go libraries support additional non-alpha-numeric
characters in UserInfo "extra" data keys. Both support extra data containing "/" characters or
other characters disallowed in HTTP headers.
- Old clients sending keys that were %-escaped by the user have their values unescaped by new API servers.
- Old clients sending keys that were %-escaped by the user have their values unescaped by new API servers.
New clients sending keys containing illegal characters (or "%") to old API servers do not have their values unescaped.
- https://github.com/kubernetes/kubernetes/pull/65799
- audit.k8s.io API group bump
- The audit.k8s.io API group has been bumped to v1.
- Deprecated element metav1.ObjectMeta and Timestamp are removed from audit Events in v1 version.
- Default value of option --audit-webhook-version and --audit-log-version are changed from `audit.k8s.io/v1beta1`
- https://github.com/kubernetes/kubernetes/pull/65799
- audit.k8s.io API group bump
- The audit.k8s.io API group has been bumped to v1.
- Deprecated element metav1.ObjectMeta and Timestamp are removed from audit Events in v1 version.
- Default value of option --audit-webhook-version and --audit-log-version are changed from `audit.k8s.io/v1beta1`
to `audit.k8s.io/v1`.
- https://github.com/kubernetes/kubernetes/pull/65891
- Known issues
- Backwards-incompatible changes in the Kube API that might affect user workloads will require warnings/documentation in the UCP release notes for Amberjack (list of deprecated features and APIs TBD).
- Does anything need to be noted for Kube 1.12 (deprecations, etc. that is not covered for 1.13?)
- https://github.com/kubernetes/kubernetes/pull/65891
- Known issues
- Backwards-incompatible changes in the Kube API that might affect user workloads will require warnings/documentation in the UCP release notes for Amberjack (list of deprecated features and APIs TBD).
- Does anything need to be noted for Kube 1.12 (deprecations, etc. that is not covered for 1.13?)
# Version 3.1