- Ephemeral containers are now possible when using the Docker Swarm scheduler.
- Admin Console Audit Log Enhancements
- Replicated now ships with a more powerful embedded Audit Log that supports programmatic access, powerful structured search, and CSV exports.
- We split this out to help make Replicated more manageable, more supportable, and better optimized for multi-node infrastructure.
- Help Center articles have been added for Searching the Embedded Audit Log and Programmatic Audit Log API Access.
- The advanced audit log ships with 5 new containers. A small amount of additional memory is required on the Replicated master node to support these containers.
- The Admin Console will display an “Initializing Components” screen while starting the audit log, if it’s not already running during an installation.
- The advanced audit log is currently supported in the Replicated scheduler. Support for Kubernetes and Swarm will be added in an upcoming release.
- Unify logging format for all three Replicated containers.
- Changed level of expected log line “failed to render sse event err=“write unix /var/run/replicated/replicated.sock->@: write: broken pipe”” from info to debug.
- Replicated will now report the proper “stopped” status when a container with no event subscriptions fails to start.
- Fixed an issue where some logging is going to stdout rather than stderr from the replicated process.
- Removed sensitive data from console settings debug log. This was being inadvertendly logged if the server was reconfigured to run in debug mode.
- Stopped Replicated from reverting to an old TLS certificate when configured via
/etc/replicated.conf and upgrading from Replicated versions prior to 2.10.0.
- Fixed an issue that causes the application to fail to start on older versions of Docker including 1.9.1.
- Removed a panic that could cause Replicated to restart when using the Replicated scheduler under certain conditions.
- Fixed an issue where some debug log lines were visible when at level info and above in the replicated process.
- Allowed snapshot restore to complete even when restoring empty directories.
- Fixed an issue that caused replicated to crash when loading certain application yaml files that used
none as a value.
- Resolved an issue that caused multi-line environment variables to fail to parse, preventing the application from starting.
- Fixed an issue that causes the Integration API to be unavailable on installations upgraded to 2.13.0 from a prior release after removing the premkit container.
- Expand auditing to track over 150 different UI and CLI actions in the Audit Log.
- Premkit will now use a directory in /tmp for its data volume instead of an root level directory. This data will be recreated if lost, it’s safe to delete at runtime.
- In the Replicated scheduler environment variables, we’ve renamed the
static_val key to
static_val name will continue to work, but you’ll start to see warnings to update it.
- Preflight check will now only dial the on-premises registry with TLS. This prevents a harmless error in the logs
http: TLS handshake error from <HOST>:<PORT>: EOF.
- Removed an expected error log line
open /var/lib/replicated/db/cipher: no such file or directory.
- Upgrade BoltDB to v1.3.1 to fix a bug with file allocation. BoltDB is an internal dependency of Replicated on-prem components.
- Replicated now waits for work to finish before exiting when receiving a shutdown signal. The time waited can be configured by setting the parameter
shutdown_cleanup_wait. Default is
- The Replicated easy install script will now set the Docker storage driver to loop-lvm on RHEL and CentOS servers with an XFS filesystem. The storage driver will be left as overlay or overlay2 only when the minimum requirements are met.
- Fixed an issue that causes the user to re-enter the login username on the “Secure the Admin Console” page when updating the LDAP authentication credentials.
- Fixed an issue that causes config items to unexpectedly be visible when chaining conditional items with template functions in the when property.
- Fixed an issue that causes the Replicated 1.2 installation script to install the latest Docker version. The correct docker version is 1.12.3 for most Linux distributions.
- Fixed an issue that causes all application settings applied after an update has been downloaded to revert after that update is applied to the vendor application.
- Fixed an issue that prevents XSS injection from the vendor application’s config.item.description property in the config settings screen of the on-prem admin console.
- Fixed an issue in the operator transport that resulted in increased memory footprint over time.
- Fixed an issue that could cause custom metrics time series data to be inadvertently included in payloads sent to Replicated APIs.
- Fixed an issue where symbolic links included in the snapshot would not be restored pointing at the correct target, resulting in broken links on the file system.
- Fixed an issue where snapshot restore would restore only one volume when multiple volumes are included in the snapshot.
- Fixed an issue where changes to app name in yaml were not reflected on the admin dashboard when a new version is applied.
- Fixed an issue in 2.12.0 that caused LDAP auth to fail when no restricted group is specified.
- Replicated now supports LDAP and Active Directory configurations that require multiple domains or organizational units. This works with the Admin Console security settings and the LDAP Integration API.
- Additional YAML fields have been added to the Replicated scheduler to support SELinux.
- SELinux support was also added to the Kubernetes scheduler in Replicated.
- The easy install script will now install Docker 17.06.2, unless otherwise specified.
- Install scripts now supports the
replicated_tag flag to set the version for all Replicated components.
- Added a new LDAP Server Type selector to the Admin Console password screen.
- Upgraded Replicated core components to use the latest
debian:stretch base images.
- When using the Replicated scheduler, all node addresses will be added to the
no_proxy environment variables in every application container.
- The file
/var/log/upstart/docker.log was missing from the support bundle.
- Resolved an issue that was preventing custom monitors from appearing in the Admin Console of new browser sessions.
- When the snapshots tile was hidden from the Admin Console, the “reload” button could not be dismissed.
- Removed an extra (duplicated) field from the Console Settings snapshots section.
- Fixed an issue that prevented the CA from being properly restored on remote nodes.
- If a required, interim release is not present during an airgap update, the Admin Console would report that it was unable to reach api.replicated.com. This is now the correct message.
- Fixed a crash when templates are used in a config group
- Fixed an issue that caused incorrect text to be displayed by default in the port field of the Admin Console LDAP interface.
- Fixed some cases where Replicated was not settings the
no_proxy variable when using the Replicated scheduler.
- Removed a lock that could cause replicated-operator and replicated to lose communication when using the Replicated scheduler.
- Fixed an issue that caused some user entities returned by the Identity Integration API to be missing groups for Active Directory servers.
- Updated our install scripts to properly support RHEL 6.
- Remote node operators will no longer attempt to pull containers that are disabled by the ‘when’ condition.
- The Replicated snapshot feature has several highly-anticipated updates, including:
- Kubernetes Support
- Incremental Snapshots, with files being deduplicated across future snapshots.
- S3 and SFTP Configuration Options
- Note: Snapshots taken in 2.10.4 and earlier will not be compatible with this. We recommend a snapshot before and after upgrading to be safe.
- Default preflight checks will no longer include a check for linux distribution and version.
- Status messages sent to the Integration API while waiting for the ready-state command to complete will now be displayed on the admin console.
- Replaced the
replicatedctl -v and
replicatedctl --version flags with a
version subcommand that will print the Replicated client version.
replicatedd -v and
replicatedd --version flags to print the Replicated server version.
scheduler/container/<container> directory is no longer missing from the support bundle when
support_files are included in a container definition.
- Self-signed TLS certificate changes are now applied straight away.
- The migration script from 1.2 to 2.x no longer causes aborts when an http proxy is set via the user input prompt.
- The migration script from 1.2 to 2.x no longer causes the app name to be erased from the admin console.
- The admin console no longer references or uses unnecessary assets.
- Fixed an issue in the support bundle that was causing errors to be logged when support commands or support files are empty in the yaml.
- Cert/key generation after a restore is now generated against the correct CA.
- The Proxy settings save and apply functionality in the admin console has been fixed when running on a systemd server.
- Fixed an issue that prevents configuration settings from being saved when Replicated’s encryption cipher changes after a restore.
- Error statuses sent to the Integration API before polling for the ready state will now correctly stop the app startup sequence and show the error message.
- Missing Docker Upstart logs have been added to the support bundle.
- The messaging on the Settings screen save modal has been improved to indicate that an application restart will occur when clicking the confirm button for the Replicated native scheduler.
- Fixed an issue that prevented viewing preflight checks in the UI when
ShouldBypassPreflightChecks is enabled in the replicated.conf file.
- Fixed an issue that prevented old images from being removed with the Swarm scheduler.
- Fixed an issue where remote operators were not pulling images in parallel.
- Prevented a race condition that would occur on a high number of clustered nodes with parallel pulls enabled.
- Fixed an issue where IP addresses could not be set as hostnames for self-signed certificates.