Release Notes¶
Considerations
A limitation in MKE 3.5.7 and MKE 3.5.8 can cause issues in clusters that deploy more than 120 nodes.
If you plan to run a cluster with more than 120 nodes, Mirantis strongly recommends that you upgrade to MKE 3.5.9. If, however, it is imperative that you run one of the affected MKE versions with 121+ nodes, contact Mirantis support to secure a workaround.
In upgrading to MKE 3.6.x, be aware that MKE 3.6.0 runs a version of etcd that is older than the version Mirantis includes with MKE 3.5.6. As such, MKE 3.5.6 and later can only be upgraded to MKE 3.6.1 or later.
The etcd component, by design, will not accept a downgrade of itself.
Kube-proxy in IPVS mode is inoperable when running MKE 3.5.4 or 3.5.5 on kernel version 5.11 or later. A workaround solution is available upon request.
Upgrading from one MKE minor version to another minor version can result in the downgrading of MKE middleware components. For more information, refer to the middleware versioning tables in the release notes of both the source and target MKE versions.
CentOS 8 entered EOL status as of 31-December-2021. For this reason, Mirantis no longer supports CentOS 8 for all versions of MKE. We encourage customers who are using CentOS 8 to migrate onto any one of the supported operating systems, as further bug fixes will not be forthcoming.
MKE 3.5.9 current
Patch release for MKE 3.5 introducing the following key features:
Enablement of read-only root filesystem for select MKE containers
Addition of option to limit kernel capabilities in Interlock 3.3.10
Calico components metrics collection
Addition of SAML proxy configuration to auth settings in MKE web UI
Addition of option to disable LDAP referral URL chasing
MKE 3.5.8
Patch release for MKE 3.5 introducing the following key features:
Enablement of read-only root filesystem for select MKE containers
Health checks added to
ucp-sf-notifiercontainerThe
ucp-kube-ingress-controllercontainer now runs as non-rootThe
ucp-sf-notifiercontainer now runs as non-rootThe
ucp-hardware-infocontainer now runs as non-rootk8s components are non-root
MKE 3.5.7
Patch release for MKE 3.5 introducing the following key features:
Interlock update to 3.3.8
--kube-protect-kernel-defaultsinstall optionkube_api_server_auditingconfiguration optionConfiguration options for disabling profiling
support CLI command options for node support dumps
Configuration options for system hardening
MKE web UI Banner design update
etcd storage quota UI notification
Self ports no longer checked during upgrade (Linux only)
MKE 3.5.6
Patch release for MKE 3.5 introducing the following key features:
Interlock 3.3.7
NVIDIA settings disablement
Support bundle API endpoint
Improved Image Pruning section in the MKE web UI
MKE 3.5.5
Patch release for MKE 3.5 introducing the following key features:
Port name field added to Create Ingress Object dialog in the MKE web UI
Network information included in the support bundle
Improved backup command logging
Added etcd storage size parameter
MKE 3.5.4
Patch release for MKE 3.5 introducing the following key features:
Concurrent LDAP and SAML use support
MKE web UI dark mode
Prevent removing secrets at uninstall time
Image pruning support in the MKE web UI
etcd cluster defragmentation
GCP support (technical preview)
MKE 3.5.3
Patch release for MKE 3.5 introducing the following key features:
Account lockout
Image pruning
Interlock proxy NGINX debugging mode
Calico 3.19.3
MKE 3.5.2
Patch release for MKE 3.5 introducing the following key feature:
The MKE web UI now supports the addition of multiple paths in a rule on the Kubernetes > Ingress > Create Ingress Object page.
MKE 3.5.1
Patch release for MKE 3.5 introducing the following key features:
DesiredStrictAffinitylogging at the debug levelImprovements to the MKE web UI
MKE 3.5.0
Initial MKE 3.5.0 release introducing the following key features:
OpenID Connect (OIDC)
Swarm-only mode
OpsCare
NGINX Ingress Controller
Mutual Transport Layer Security (mTLS)
IPVS and eBPF networking options
Deprecation notes
A list of features deprecated in MKE 3.5.x.