Detail on the new features and enhancements introduced in MKE 3.5.9 includes:

[MKE-9374] Enablement of read-only root filesystem for select MKE containers

The following MKE containers are now configured with read-only root filesystems:

  • ucp-kubelet

  • ucp-auth-store

  • ucp-auth-api

  • ucp-auth-worker

  • ucp-sf-notifier

  • ucp-kv

  • ucp-kube-scheduler

  • ucp-swarm-manager

[MKE-9679] Addition of option to limit kernel capabilities in Interlock 3.3.10

A new setting allows users to restrict the capabilities of the kernel in Interlock 3.3.10.

[MKE-9552] Calico components metrics collection

MKE Prometheus now collects metrics from Calico components.

[MKE-9545] Addition of SAML proxy configuration to auth settings in MKE web UI

MKE administrators can now configure a proxy server for SAML metadata requests in the MKE web UI at Admin Settings > Authentication & Authorization, in the SAML section.

[MKE-9654] Addition of option to disable LDAP referral URL chasing

A new setting allows users to circumvent the referral URL default behavior that occurs when a referral URL is received as a result of an LDAP search request.