Changelog History
Page 1
-
v2.0.0 Changes
August 31, 20202.0
๐ Kubernetes support has landed! You can now manage the deployment of applications atop Kubernetes clusters using the familiar Portainer UX. This release is a big one & introduces a total of 101 changes to Portainer, meaning it needs to be tested in your environment before upgrading your production instances of Portainer 1.xx to Portainer 2.0.
NOTE: There are a number of breaking changes, and changes to functionality that require analysis, specifically a re-engineering of the application templates feature, removal of support for VMWare VIC, and removal of support for externally defined endpoints.
๐ฅ Breaking Changes:
- ๐ We have released CE 2.0 as
portainer/portainer-ce
to ensure auto-updaters (like watchtower) don't expose users to risks by automatically updating on release. - โฌ๏ธ Extensions have now been removed; there is now no ability to use RBAC, Registry Manager, or External Authentication extensions in CE 2.0 (Extension customers will be communicated directly with a free license for the upcoming Portainer Business Edition). EXTENSION USERS, DO NOT UPGRADE TO PORTAINER CE 2.0
- ๐ท Host jobs are now an edge-exclusive feature: #3745
- โ Support for external endpoints has been removed along with the
--external-endpoints
flag. WARNING: migrating to this version with external endpoints defined will render them un-manageable: #3832 - ๐ Support for VIC environments has been removed: #3834
- โช The
--no-snapshot
flag has been removed, instances migrating with this flag will revert to default snapshot interval: #3804 - ๐ The
--no-auth
flag was removed as part of support for setting a custom timeout: #3846 - ๐ The
--no-analytics
flag will be kept to allow migration of instances running a previous version of Portainer with this flag enabled, to version 2.0 where enabling this flag will have no effect. - ๐ Changed templates syntax to support versioning, a migration tool can be found here for your convenience: #3708
- ๐ The
--sync-interval
flag was removed as part of the removal of external endpoints: #3832 - Removed template management features & the
--templates-file
flag. NOTE: Users will no longer be able to create container templates via UI: #3707
๐ Security:
- ๐ Enforced the security setting "disable the use of bind mounts" when set via API: #4106
- Disabled Container Capabilities for non-admins: #4105
- Enforce use of TLS 1.2 and recommended ciphers: #4070
- Prevent non-admin users from running containers using the host namespace PID: #4068
- โ Added a setting to disable the creation of stacks by non-admin users: #4067
- โ Added a setting to disable device mapping by non admin users: #4066
- Ensure users cannot create privileged containers via the API: #4065
- ๐ Disabled ability for a regular user to re-create/edit/duplicate containers if a related security setting is enabled: #4069
Kubernetes:
- ๐ Introduce support for Kubernetes: #1637
- โ Added the ability to apply taints and labels to nodes: #4005
- โ Added the ability to expose an application via ingress: #4004
- โ Added the ability to set placement constraints/preferences when deploying/editing an application: #4003
- โ Added the ability to set the auto-scale policy of an application: #4002
- โ Added the ability to use existing volumes when creating an application: #4001
- โ Added the ability to download application/stack logs: #3998
- โ Added support for multi-container pod applications: #4010
- โ Added a link to the kubernetes endpoint configuration in the sidebar: #4179
- โ Added checks when reducing the Quota assigned to a RP: #4144
- โ Added form validation for placement constraints: #4213
- โจ Enhanced the used by column for volumes: #4012
- ๐ Allow an administrator user to see which node the API is running on: #3996
- ๐ Allow an administrator user to see which node hosts the leader components for
kube-scheduler
andkube-controller-manager
: #3995 - ๐ Allow an administrator user to see the status of the underlying cluster components: #3992
- ๐ Allow any user to see the provisioner associated to any volume: #3997
- ๐ Allow any user to inspect the tolerations and affinities associated to an application deployed inside or outside of Portainer: #3994
- ๐ Allow any user to see the underlying workload associated to an application: #3993
- ๐ Allow any user to see how an application (deployed inside or outside of Portainer) is exposed through an Ingress resource: #3991
- ๐ Allow any user to inspect the auto-scaling policy (if any) associated to an application deployed inside or outside of Portainer.: #3989
- ๐ Allow any user to see which application is using a volume directly in the volume list view: #3988
- ๐ Allow any user to list all the storage used in their cluster with the total size used for each storage.: #3999
- Prevent resource assignment when editing a resource pool, if not permitted at creation time: #4206
- Prevent admins from making changes to "system" namespaces: #4145
- ๐ Prevent deployment/editing of resources inside a system namespace: #4000
- Prevent submitting invalid data via environment variables: #4045
- ๐ Fixed port mapping not showing in the port mapping datatable: #3990
- ๐ Fixed enabling auto-scaling policy on an application so as to default to the current instance count: #4183
- ๐ Fixed LDAP Auth not working with underscore Usernames: #4141
- โ Removed the kubernetes RC banner: #4204
๐ Analytics:
- ๐ Replaced Google Analytics with our own custom telemetry leveraging Matomo: #3742
After careful consideration of GDPR rules and the GDPR compliance recommendations provided by Matomo (the telemetry tool we are using for analytics) it was determined we will use the opt-out data collection mechanism. The reason for this assessment is that we are not collecting ANY personally identifiable data (all data is anonymized), and the data we collect is solely for our Legitimate business interests, and is not sold or provided to any 3rd parties.
For the sake of clarity, we do not collect ANY user identifiable or personal information at any time, all statistics collected are anonymous and we have no way of identifying the Portainer instances reporting, nor the users using the application.
PLEASE ALSO NOTE: The
--no-analytics
flag will be kept to allow migration of instances running a previous version of Portainer with this flag enabled, to version 2.0 where enabling this flag will have no effect.๐ For more information, please refer to our updated privacy policy
Authentication & UAC:
- โ Integrated the external authentication extension: #4150
- Ensure a unique identifier for volumes and UAC: #3869
- โ Add the ability to set a custom user session timeout: #3846
- ๐ Allow setting access on gitlab registries when there are multiple defined: #3839
- โ Remove the code snippet associated to authentication login retry: #3516
Home & Dashboard:
- ๐ Fixed error thrown when moving from app templates view to home view & endpoints not loaded: #4228
- ๐ Fixed endpoint tags not being shown in the dashboard: #4218
Templates:
- โ Add support for custom templates: #3861
Routes
- โ Added a parent route
/docker/
to docker routes: #4178 - โ Add the ability to access different endpoints via Portainer URL: #454
Azure ACI:
- ๐ Always allocate a Public IP for containers deployed via ACI: #4040
- Provide a simple ACI container instance details view: #3960
- ๐ฆ Expose the public IP associated to an ACI container: #3959
Stacks:
- โ Added the ability to stop & start stacks: #1639
Services:
- โ Added the ability to edit a service's networks: #1807
Networks:
- ๐ Fix MacVLAN IP address exclusion: #3918
- ๐ Support excluding multiple IP addresses for a MacVLAN network: #3954
Edge:
- โ Add a new CLI flag to automatically enable Edge compute features: #3915
- โ Add the ability to override the Edge endpoint checking interval at the endpoint level: #3843
- Hide the URL associated to Edge endpoints in the endpoint list: #3637
Extensions:
Containers:
- โ Added default/override UX for Entrypoint & CMD, updated placeholder for CMD and added support for specifying entrypoint via CMD: #3604, #4018, #2284
- ๐ Fixed issue when recreating a container that was previously on the bridge with mapped ports, and changing the network to container: #2316
- ๐ Fixed issue with resetting container resource limits to unlimited: #2679
- ๐ Fixed issue with adding extra hosts: #3237
- ๐ Support publishing the same ports/port ranges on multiple IP addresses: #3523
UX:
- โก๏ธ Update the endpoint initialization view to only show local Docker/Kubernetes and agent options: #4014
- ๐ Changed the "about" page from being static content, to a sidebar menu option that redirects to our official help/about page: #4254
- ๐ Fixed improper grammar in Create Container, Create Stack, Create Edge Stack views: #4160
- ๐ Fixed sizing of checkboxes to correctly match their icon: #3971
- Ignore protocol and trailing slash when entered in registry URLs: #3965
- Auto-select the username field on the login view: #3953
- ๐ Renamed security settings to Docker security settings: #4198
- ๐ Make node label inputs wide to support larger values: #3214
- Sort volumes alphabetically: #3635
- ๐ Use correct icons for Containers and Volumes: #3596
- โ Add missing
s
to the command copied by the edge endpointcopy command
button: #3880
๐ Users
- Prevent the removal of the original administrator user: #3882
- โ Add the ability to change the username of a user: #3831
Cookies:
- Replaced cookie usage with localstorage: #4064
๐ณ Dockerfile:
- ๐ Introduce workaround to support running develop build on Windows platform: #4043
- ๐ฆ Expose port 8000 for edge agent: #3963
Agent:
- Automatically detect the platform where an agent is running: #4129
Dependencies:
- ๐ We have released CE 2.0 as
-
v1.24.1 Changes
July 23, 20201.24.1
๐ This release focuses on security, with multiple fixes as well as the introduction of new administrative security settings.
๐ Security
- ๐ Disable the ability to re-create/edit/duplicate a container, if related security setting is enabled: #4032
- โ Add a setting to disable device mapping for non admin users: #3958
- Prevent non-admin users from running containers with host namespace pid: #3936
- Ensure users cannot create privileged containers via the API: #3931
- โ Add a setting to disable the creation of stacks for non-admin users: #3930
- ๐ Use TLS1.2 protocol when running Portainer with
--ssl
: #2359
๐ Deprecated features reminder
๐ The following features are considered deprecated in 1.24.* versions, and will be removed in a future version of Portainer. They will no longer receive enhancements or support. Refer to our documentation for up-to-date removal information.
--external-endpoints
- ๐
--sync-interval
--no-auth
--templates-file
--no-snapshot
Extensions
- โ Add the ability to update an expired license with a new valid license: #4080
Cookies
- โ Remove cookie usage to comply with upcoming sameSite change in FireFox: #3847
- ๐ Change filters from cookies to local storage to avoid sending large requests: #3190
Containers
- ๐ Fix table sort reverting to default setting: #3049
Registry Manager
- Correctly hide empty GitLab repositories after deleting them via RM extension: #3760
-
v1.24.0
May 29, 2020 -
v1.23.2 Changes
March 19, 20201.23.2
๐ This release introduces the new support offerings & a few bug fixes and will be the final release before major release (v2).
๐ณ Docker/Libcompose bugs that may affect you
๐ In release testing, we discovered several bugs with Docker & the Libcompose library which will affect you if you wish to use Portainer/Portainer agent on Windows. You can read more about these in our blog post.
Authentication
- ๐ Fixed issue where LDAP user provisioning did not correctly apply permissions: #3532
Containers
- ๐ Fixed issue where containers in certain states are not shown: #3146
- ๐ Prevent error shown when creating a container on windows: #2681
๐ Support
- โ Add new support offerings to the support view: #3607
Minor changes
-
v1.23.1 Changes
February 23, 20201.23.1
๐ This release reduces the required API version of the software to revert the breaking changes with snapshots and web-hooks introduced in v1.23 and also brings changes to improve user experience.
๐ณ Docker version backwards compatibility
- โฌ๏ธ Reduced the required API version to support Docker versions > 18.03: #3457
Ownership
- ๐ Fixed an issue where non-admins could not manage resources associated to services they own: #3453
Authentication
- ๐ Bring support for Anonymous LDAP binding: #3443
Containers
- Introduce container healthcheck information to the home and dashboard views: #3488
- โ Add support for DNS declaration in container creation view: #2726
Templates
- ๐ Fixed minor issue with volume drop-down selector in template deployment: #3501
๐ Improved User Experience
- Teams and users are now sorted alphabetically in drop-down selectors: #3385
- ๐ Fixed an issue with the services list where clicking a services check-box makes the related tasks show: #3063
- ๐ป Disable/Hide elements in the UI that are not useful to Helpdesk or Readonly RBAC users: #3421
- โ Added a suggestion for git accounts with 2FA to use personal-access tokens in stack deploy view: #3464
- Corrected improper grammar in access control elements: #3525
- โ Removed redundant port declaration from edge-agent commands in UI: #3466
Minor Changes
- โ Add dependency management to the back-end of Portainer: #3413
-
v1.23.0 Changes
December 05, 20191.23.0
๐ This release introduces a rework of ownership, several improvements to RBAC as well as an overhaul for the registry browse and push/pull functionality (including support for Gitlab registries).
๐ฅ Breaking Changes
๐ Required Docker API version was incremented as part of the ownership rewrite, this is a breaking change of snapshots and offline mode for users who manage any endpoints with a Docker API version < 1.40. If you don't require snapshots & offline mode for any of the endpoints you manage, then it is recommended to upgrade for security improvements included in this release. More info in this issue: #3457
๐ณ The push/pull rewrite introduces a potential breaking change of the registry management extension & push/pull functionality for users with a Docker API version < 1.28.
You can find which API version an endpoint has within the Swarm view (for swarm endpoints) or Host view (for non-swarm endpoints).
Known issues
0๏ธโฃ If you are on an older API version and are running Portainer as a container, then Portainer may log an API version error each time a snapshot is run (default is every 5 minutes). A workaround is to increase the time between snapshots, this can be adjusted in Portainer settings.
๐ Security
- ๐ Fixed an invalid check with previous mitigation of security issue: #3224
- ๐ฒ Avoid logging password hash when admin password is set: #2844
- ๐ Fixed issue where a non-admin creating volume with same name as an admin-only stack gives them ownership: #3273
Ownership, RBAC & Authentication
- ๐ Fixed issue where administrator stacks show as limited for RBAC users: #3348
- ๐ Fixed issue where permissions weren't updated on team deletion: #3298
- ๐ Fixed issue where an RBAC user removing a service makes related stack disappear for all RBAC users: #3351
- ๐ Fixed issue where endpoint-admins cannot manage resources restricted to other users: #3346
- ๐ Fixed issue where restricted stack shows assigned to administrators for other non-admin users: #3352
- ๐ Fixed issue where a user in a helpdesk team & standard team results in read-only: #3366
- ๐ Fixed issue where disabling the RBAC extension leaves users with previous role's abilities: #3344
- ๐ Fixed issue where endpoint admin & standard RBAC users can't attach to containers: #3347
- ๐ Fixed issue where RBAC users lose their abilities after a page refresh: #3338
- ๐ Fixed issue where RBAC doesn't assign permissions to newly autoprovisioned users: #3427
- ๐ป Clean up browser cache on session expired: #3300
- ๐ Allow setting access control rules via service labels: #1257
Registries
- Overhaul of the registry push/pull feature: #3122
- ๐ง Introduce debugging for registry management configuration: #3269
- ๐ Support Gitlab registry with registry manager extension: #2956
- โ Remove unneeded checkboxes in repositories list when using registry manager: #2836
- ๐ Performance improvement of the registry manager: #2958
- ๐ Fixed issue where Portainer was unable to fetch tags from a local registry: #2879
- ๐ Allow inspect of layers of images in a private registry: #2808
Extensions
- Introduce offline extension activation: #3080
- โก๏ธ Automatically update Portainer extensions at startup: #3340
๐ Improved User Experience
- ๐ Fixed issue where image auto suggest on multinode swarm suggests the same image multiple times: #3422
- ๐ Allow empty labels on containers: #2646
- Replace volume selector with type-ahead in container app-template form: #3370
- Render empty env vars correctly on duplicate/edit of a container: #2112
- โ Add edge key to edge agent commands in UI: #3117
- ๐ Make the recreate & duplicate/edit buttons unavailable when RBAC enabled: #3418
Networks
- ๐ Fixed issue where docker network aliases are not persisted on duplicate/edit: #2118
- ๐ Fixed issue where container name from container network not persisted on duplicate/edit: #2657
- ๐ Make system networks public to allow use by non-admins: #3364
Stacks
- ๐ Fixed issue where an invalid stack name results in 2 unusable stacks: #2020
- ๐ Fixed issue where concurrent stack creation allocated same ID for all stacks: #2633
Containers
- ๐ Prevent situation where user can try and recreate container that is set to auto-remove: #3247
- ๐ Allow a port range to be specified in container deployment: #734
- ๐ Fixed recreate issue with container image from GCR registry in Portainer: #1962
Minor Changes
-
v1.22.2 Changes
November 06, 20191.22.2
๐ This release addresses a few issues preventing users from using Portainer correctly.
RBAC
- ๐ Fix an issue preventing non-administrator users to login: #3313
Containers
- ๐ Fix an issue preventing non-administrator users from starting a container: #3259
Stacks
- ๐ Fix an issue preventing non-administrator users from managing resources associated to a stack they own: #3259
-
v1.22.1 Changes
October 11, 20191.22.1
๐ This release addresses multiple security issues in Portainer and aims to increase the stability of endpoints in Portainer, particularly agent enabled endpoints as discussed in this issue: #2535
๐ Security
- ๐ณ Prevent non-admin management of admin only docker resources: #3224
- Prevent non-admin access to admin API endpoints: #3226
- Patched XSS vulnerability in the multi-select component: #3228
- ๐ป Patched XSS vulnerability in the volume browser: #3229
- Prevent Bind-mount restriction bypass: #3231
- Prevent host filesystem management bypass: #3234
- โ Added admin setting to mitigate potential volume browse vulnerability: #3236
Endpoints
- Mark endpoint down, only when it is unreachable [Backend]: #2940
- Refresh the view after failing to connect to an endpoint: #3083
- Ping triggered by frontend now brings endpoint up when previously marked as down: #3088
Authentication
- ๐ Fixed issue where
--admin-password-file
does not set up the admin user correctly: #2816 - ๐ Fixed issue where OKTA was not working with Portainer: #2957
- ๐ Fixed issue with large JWT breaking authentication when Portainer is behind a reverse proxy: #2960
- ๐ Fixed issue with private registry auth preventing setting access to users/teams: #3034
- ๐ Fixed panic with internal auth when Oauth enabled: #3171
๐ Improved User Experience
- โก๏ธ Introduced Portainer version update notification: #1649
- Display a single overlay network instead of one per host: #2021
- ๐ Show ENTRYPOINT in container details: #2924
- ๐ Improve the search functionality within Portainer: #3053
- โ Added error message for an agent already paired to another instance: #3098
- ๐ Update endpoint creation screen to reflect recommended deployment: #3147
Stack creation
- ๐ Fixed error preventing access to git repo with https: #1845
Services
- โ Add the service rollback feature to service details view: #3005
- ๐ Fixed issue where mounted volumes are not persisted in the UI: #3062
Containers
- Prevent MAC address collisions: #1645
- โช Prevent container table sort from reverting to default setting: #3049
Swarm Information
- Display node labels in Swarm Visualizer view: #1740
โช Workarounds
- โ Removed volume directive from Windows Dockerfile to workaround Docker deployment issue: #3132
Minor Changes
- ๐ Fix error when building Portainer locally with Yarn: #3007
-
v1.22.0 Changes
August 08, 2019๐ฅ Breaking changes
โ Adding/removing endpoints to endpoint groups cannot be done through the EndpointGroupUpdate API operation anymore, instead two news operations have been introduced:
- EndpointGroupAddEndpoint
- EndpointGroupDeleteEndpoint
๐ See the API documentation at https://app.swaggerhub.com/apis/deviantony/Portainer/1.22.0 for more information
1.22.0
๐ This release adds support for the edge agent. As part of this, the Portainer agent repository is now open source! You can access it here.
๐ Security
- โก๏ธ Update the lodash library version to fix a potential vulnerability: #3039
- โก๏ธ Update the lodash-es library version to fix a potential vulnerability: #3040
- โก๏ธ Update the lodash.template library version to fix a potential vulnerability: #3041
๐ Edge agent support
- โ Added support for the edge agent: #3030
Endpoints
- ๐ Fixed issue with Endpoints showing as down in the UI when switching between agent endpoints: #2624
- 0๏ธโฃ Increased snapshot default timeout: #3037
๐ Improved User Experience
- โ Added shift click ability to resource tables: #344
- ๐ Fixed an issue with UI settings not being persisted on logout: #2932
- โ Added pagination to the endpoints view: #2977
- โ Added auto-refresh to resource tables: #1472
- โ Added loading indicator to authentication screen: #2998
- Clarified add to team feature in user creation view: #3009
- โก๏ธ Updated app loading text: #3046
Containers
- ๐ Fixed an issue with building an image from a container sometimes creating two images (one of them unnamed): #3013
- Clarified network usage in container stats: #3002
- ๐ง Clarify port configuration in container creation view: #3000
- ๐ Fixed minor JavaScript issue with port configuration when using the Edit/Duplicate feature: #1261
Registries
- ๐ Fixed issue with registries view not showing in sidebar when using
no-auth
flag: #2757 - Disabled the browse registry link on Quay registries (due to Quay limitation): #2970
Project
- โ Add support for async/await in the project: #2944
- โ Integrated StaleBot into the Portainer repository to manage stale issues: #2764
- Clarified the bug report template: #3020
Swarm Information
- Sort nodes from left to right based on node role: #2862
- Display engine labels in node details view: #2964
Minor changes
- ๐ Fixed Zip files corrupting when downloaded from a Docker volume: #2661
- ๐ Fixed issue with default sort on tables no longer being applied: #3006
- โ Removed unneeded checkbox in service details view: #2979
- โก๏ธ Updated js-yaml version: #2930
๐จ Refactor
-
v1.21.0 Changes
June 04, 2019๐ฅ Breaking changes
๐ The following API endpoints were removed:
- โก๏ธ
EndpointAccessUpdate
- โก๏ธ
EndpointGroupAccessUpdate
- โก๏ธ
RegistryAccessUpdate
In order to associate access to an Endpoint, EndpointGroup or Registry, you can use the following API endpoints:
- โก๏ธ
EndpointUpdate
- โก๏ธ
EndpointGroupUpdate
- โก๏ธ
RegistryUpdate
โก๏ธ See more details about the updated API here: https://app.swaggerhub.com/apis/deviantony/Portainer/1.21.0
Known issues
The team leader function currently does not work as expected. The team leader is a user with elevated permissions that allows them to add new users to the Portainer internal authentication directory. At the moment, the team leader is not able to add new users.
๐ Moving forward, as Portainer recommends external authentication, the need for the team leader has been removed so this function will be deprecated.
๐ You can contribute to the discussion about this deprecation here: #2922
1.21.0
๐ This release adds support for Windows 1903: #2894
๐ Security
- โก๏ธ Update the JQuery library version to fix a potential vulnerability: #2895
Extensions
NOTE : Please be aware that after enabling the RBAC extension, all existing access associated to endpoint and endpoint groups will be switched to read-only for security reasons. You'll need to update the access via the UI according to your needs.
Integrations
- Storidge integration GA: #2711
Containers
- โ Add the ability to attach to running containers: #592, #2908
- ๐ง Clarify the port configuration section in the container creation view: #2864
- ๐ Fix an issue preventing the usage of
vi
and other tools in the container console: #322
NOTE : In order to use the new container attach feature with the agent, you will need to update the agent to version >= 1.3.0. See agent release notes here: https://github.com/portainer/agent-public/releases/tag/1.3.0
Webhooks
- โ Add the ability to specify a tag when using a service webhook to update the image associated to a service: #2752
Secrets
- Prevent the creation of labels with empty names when creating a secret: #2837
๐ User management
- Display a more informative message on user creation error: #2819
- ๐ Fix an issue where team leader count was not updated after removing a user from a team: #2810
Services
- ๐ Fix an issue allowing the user to click on task stats/console actions outside of an agent enabled environment: #2765
Host
- ๐ Fix an issue where Engine labels would be displayed as [Object object]: #2857
MOTD
- Introduce new design for MOTD: #2917
๐ท Build system
๐ Analytics
- Set the
anonymizeIp
property for GA: #2919
๐จ Refactor
- ๐จ Refactor API imports paths from
github.com/portainer/portainer
togithub.com/portainer/portainer/api
: #2788 - ๐ Fix a minor linting issue: #2760
CI
Minor changes
- โก๏ธ