Skip to content

v1.0.6
Compare
Choose a tag to compare
@smarterclayton smarterclayton released this 13 Sep 21:34
· 30981 commits to master since this release
v1.0.6
2695cdc

UPDATE: Added a v1.0.6 binary for linux/386. Has not been tested, please report any issues.

Migrating from 1.0.x

  • Origin v1.0.6 recommends the use of Docker v1.7.2+ due to bugs in docker exec that can result in hangs.
  • Cluster roles have changed - please run oadm policy reconcile-cluster-roles --confirm after you upgrade if you see an error like OpenShift client error: User "system:serviceaccount:test:builder" cannot create localsubjectaccessreviews in project "test"

API Changes

  • The Template parameters now support displayName which is an optional field to use from user interfaces when your template is shown
  • Secrets can now be added to custom builds and mounted at user-specified locations

Pending removal

  • Support for v1beta3 from the API and from client commands will be removed in 1.0.7 (1.1 rc0)
  • Builds marked only with the build label will no longer be considered part of their parent build config in 1.0.7. You can see a list of affected builds by running oc get builds --all-namespaces and looking for builds that only have the build label, not openshift.io/build. See #3502.
  • The spec.rollingParams.updatePercent field on deployment configs will no longer be recognized in 1.0.7. Use maxUnavailable and maxSurge instead.

Routing

  • The default hostname for a route has been changed to be <route-name>-<namespace>.<suffix> - this allows TLS wildcards on <suffix> to properly work
  • A new F5 BigIP router plugin has been added, allowing F5 routers to be dynamically configured. Documentation coming soon!
  • The router can be configured to serve a subset of the routes in your deployment
    • Pass --namespace to the router command to select routes in a single namespace
    • Pass --labels=<selector> or --fields=<selector> to select only routes with the provided labels or fields
    • Pass --project-labels=* to show routes in all labels the router's service account is granted access to, --project-labels=<selector> to filter that list by label, or --namespace-labels=<selector> to filter all labels (when the router service account has that permission)
      • Note: the label list is updated every 10 minutes or when the router restarts, so new projects may not instantly get served
  • Both the F5 and template routers now allow only the first route (by creation timestamp) with a given host or generated host (when you omit the Host field) to claim that route name. If multiple routes with the same host but different paths are defined, all routes in the same namespace as the oldest route with that host will be included. If the oldest route is deleted, and the next oldest route is in a different namespace, only routes in that other namespace will be served.

Builds

  • oc start-build --commit=<commit> will trigger a build of the exact Git commit specified.
  • Add --env var support to oc new-build, allowing you to set environment variables on your S2I builds.
  • Add --wait to oc start-build, allowing you to wait for the build completion without viewing the logs.

Remote execution

  • oc rsh now accepts commands and arguments after the pod is specified, like
oc rsh <pod> <command> [<arguments>]

The behavior more closely mimics the ssh command. A TTY is automatically allocated if your current shell passes one, otherwise you can specify -t to force a TTY or -T to disable it.

  • A number of stability and hangs have been resolved with oc exec and oc rsh. However, Docker 1.6.2 has a known issue with hangs to remote shells via docker exec, so we recommend upgrading your Docker to a 1.7 or 1.8 build.

Web Console

  • Deploy, rollback, retry, and cancel deployments from the web console
  • Cancel running builds from the web console
  • Improvements to layout and readability at mobile resolutions
  • Allow the login page to be customized

Fixes

  • Upgraded the integrated etcd to v2.1.2
  • Upgraded the internal Docker registry v2.0.1
  • Fixed hangs when using oc exec without a TTY
  • Node IP can be passed as a config option on the node, allowing it to be set distinct from the node hostname for listening on other interfaces
  • Add the Kubernetes master service address (the first address in the service CIDR range) to the generated certificates to allow pods to verify TLS connections to the API
  • Preserve permissions during image builds
  • Recover panics in the API server instead of allowing the server to crash
  • Make the OpenShift SDN MTU configurable
  • Fix a panic in oc import-image when an error occurs
  • Suggest --search and --list when calling oc new-app with no arguments
  • When running oc scale against a deployment config with no deployments, set the replicas directly
Assets 6