New features that affect upgrades from 1.1.x
This release includes new features and new requirements that affect the upgrade process. The following list provides an overview of the changes that are addressed during this upgrade.
- RHEL/CentOS 7.4 is added; RHEL/CentOS 7.1 is withdrawn. The upgrade process includes a step for updating the operating system.
- On RHEL/CentOS 7.4, there may be a file locking defect in NFS 4.1. To avoid the issue, delegate hosts are configured to use NFS 4.0.
- The upgrade (and install) process now requires downloading packages from
Zenoss manually. The required software and images
are no longer available from the online Zenoss
repository or Docker Hub. For more information, see
Downloading and staging required files.
The packages to download include a yum repository mirror that contains the required dependencies of Docker CE and Control Center. An operating system or kernel upgrade can install newer versions of the dependencies included in the mirror, and when you attempt to upgrade Docker CE or Control Center, yum will stop when it finds the newer versions. A new appendix in this document includes workarounds for the most common dependency conflicts.
- This release includes a new feature, serviced and application audit logging. By default, audit logging requires 10GB of storage on the master host. The upgrade process includes a procedure for adding space to the master host, if necessary. For more information about audit logging, refer to the Control Center Reference Guide.
- A new configuration variable, SERVICED_LOG_PATH, sets the location for audit logs. The default location is /var/log/serviced.
- When storage becomes critically low, Control Center initiates an emergency shutdown of applications and services while sufficient resources remain to take action to avoid data loss. This feature requires specific minimum amounts of space in the Control Center thin pool for application data.
- This release replaces Docker 1.9.0 with Docker Community Edition (CE) 17.09.0.
- The following new configuration variables are available in
/etc/default/serviced, for tuning TCP/IP communications between
ZooKeeper ensemble hosts and Control Center:
- The Control Center RPM package includes a script that adds the serviced user group to a host, if necessary. Users must be members of the serviced group to use the command-line interface. For more information, see User access control.
- The minimum kernel version for Control Center hosts is 3.10.0-327.36.2. For optimal results, the most recent kernel is recommended. To prevent dependency issues, updating the kernel or operating system is a step in the Docker update procedure.
- The serviced configuration file includes many new variables since version 1.1.1, and some deprecated variables. For more information, see Control Center configuration variables.
- All delegate communications are authenticated. To enable this feature, all existing hosts must install unique credentials, which are generated on the master host. The installation steps are included in the startup procedures.
- With delegate authentication, Control Center can control administrative and DFS access permissions at the resource pool level. During the upgrade, all existing resource pools are given both administrative and DFS access permissions. The post-upgrade chapter includes an optional procedure for removing permissions from a resource pool.
- In previous releases, the SERVICED_NFS_CLIENT variable was set on delegate hosts to prevent access to the DFS. In this release, SERVICED_NFS_CLIENT is deprecated in favor of setting DFS access permission at the resource pool level. To ease the transition to the new functionality, delegate host configurations that include the SERVICED_NFS_CLIENT variable are still supported.
- This release includes a new resource pool feature, the ability to set the length of time the scheduler waits for a disconnected delegate host to rejoin its pool before moving the services scheduled for the delegate to a different host in the pool. This feature is useful for remote resource pools that are connected through a high-latency, wide-area network. For more information, see Setting the connection timeout of a resource pool.
- Among other changes since version 1.9.0, Docker 17.09.0 includes a new storage subsystem. The initial startup takes a little longer, as the old layout is replaced with the new layout.
For more information about this release, refer to the Control Center Release Notes.