Release Notes

Warning

In correlation with the end of life (EOL) date for MKE 3.5.x, Mirantis stopped maintaining this documentation version as of 2023-NOV-22. The latest MKE product documentation is available here.

Considerations

  • A limitation in MKE 3.5.7 and MKE 3.5.8 can cause issues in clusters that deploy more than 120 nodes.

    If you plan to run a cluster with more than 120 nodes, Mirantis strongly recommends that you upgrade to MKE 3.5.9. If, however, it is imperative that you run one of the affected MKE versions with 121+ nodes, contact Mirantis support to secure a workaround.

  • In upgrading to MKE 3.6.x, be aware that MKE 3.6.0 runs a version of etcd that is older than the version Mirantis includes with MKE 3.5.6. As such, MKE 3.5.6 and later can only be upgraded to MKE 3.6.1 or later.

    The etcd component, by design, will not accept a downgrade of itself.

  • Kube-proxy in IPVS mode is inoperable when running MKE 3.5.4 or 3.5.5 on kernel version 5.11 or later. A workaround solution is available upon request.

  • Upgrading from one MKE minor version to another minor version can result in the downgrading of MKE middleware components. For more information, refer to the middleware versioning tables in the release notes of both the source and target MKE versions.

  • CentOS 8 entered EOL status as of 31-December-2021. For this reason, Mirantis no longer supports CentOS 8 for all versions of MKE. We encourage customers who are using CentOS 8 to migrate onto any one of the supported operating systems, as further bug fixes will not be forthcoming.

MKE 3.5.12 current

Patch release for MKE 3.5 introducing the following key features:

  • Improvements have been made to the performance of the MKE image tagging API in large clusters with many nodes.

MKE 3.5.11

Patch release for MKE 3.5 introducing the following key features:

  • Added ability to filter organizations by name in MKE web UI

  • Improved Kubernetes role creation error handling in MKE web UI

  • Increased SAML proxy feedback detail

  • Upgrade verifies that cluster nodes have minimum required MCR

  • kube-proxy now binds only to localhost

  • Enablement of read-only rootfs for specific containers

  • Added MKE web UI capability to add OS constraints to swarm services

  • Added ability to set support bundle collection windows

  • Added ability to set line limit of log files in support bundles

MKE 3.5.10

Patch release for MKE 3.5 introducing the following key features:

  • Enablement of read-only root filesystem for select MKE containers

  • Enablement of stack traces collection with support bundles

  • Enablement of node type selection with support bundles

  • Improved support for custom containerd root

  • Support bundles with custom options now carry custom preface

  • Addition of referral chasing LDAP parameter

MKE 3.5.9

Patch release for MKE 3.5 introducing the following key features:

  • Enablement of read-only root filesystem for select MKE containers

  • Addition of option to limit kernel capabilities in Interlock 3.3.10

  • Calico components metrics collection

  • Addition of SAML proxy configuration to auth settings in MKE web UI

  • Addition of option to disable LDAP referral URL chasing

MKE 3.5.8

Patch release for MKE 3.5 introducing the following key features:

  • Enablement of read-only root filesystem for select MKE containers

  • Health checks added to ucp-sf-notifier container

  • The ucp-kube-ingress-controller container now runs as non-root

  • The ucp-sf-notifier container now runs as non-root

  • The ucp-hardware-info container now runs as non-root

  • k8s components are non-root

MKE 3.5.7

Patch release for MKE 3.5 introducing the following key features:

  • Interlock update to 3.3.8

  • --kube-protect-kernel-defaults install option

  • kube_api_server_auditing configuration option

  • Configuration options for disabling profiling

  • support CLI command options for node support dumps

  • Configuration options for system hardening

  • MKE web UI Banner design update

  • etcd storage quota UI notification

  • Self ports no longer checked during upgrade (Linux only)

MKE 3.5.6

Patch release for MKE 3.5 introducing the following key features:

  • Interlock 3.3.7

  • NVIDIA settings disablement

  • Support bundle API endpoint

  • Improved Image Pruning section in the MKE web UI

MKE 3.5.5

Patch release for MKE 3.5 introducing the following key features:

  • Port name field added to Create Ingress Object dialog in the MKE web UI

  • Network information included in the support bundle

  • Improved backup command logging

  • Added etcd storage size parameter

MKE 3.5.4

Patch release for MKE 3.5 introducing the following key features:

  • Concurrent LDAP and SAML use support

  • MKE web UI dark mode

  • Prevent removing secrets at uninstall time

  • Image pruning support in the MKE web UI

  • etcd cluster defragmentation

  • GCP support (technical preview)

MKE 3.5.3

Patch release for MKE 3.5 introducing the following key features:

  • Account lockout

  • Image pruning

  • Interlock proxy NGINX debugging mode

  • Calico 3.19.3

MKE 3.5.2

Patch release for MKE 3.5 introducing the following key feature:

  • The MKE web UI now supports the addition of multiple paths in a rule on the Kubernetes > Ingress > Create Ingress Object page.

MKE 3.5.1

Patch release for MKE 3.5 introducing the following key features:

  • DesiredStrictAffinity logging at the debug level

  • Improvements to the MKE web UI

MKE 3.5.0

Initial MKE 3.5.0 release introducing the following key features and enhancements:

  • OpenID Connect (OIDC)

  • Swarm-only mode

  • OpsCare

  • NGINX Ingress Controller

  • Mutual Transport Layer Security (mTLS)

  • IPVS and eBPF networking options

  • Kubernetes 1.21.3

Deprecation notes

A list of features deprecated in MKE 3.5.x.