We are pleased to announce the latest GA patch update to Universal Control Plane (v1.1.3)! You can find more detailed info on the changes in the UCP release notes. As always, you can either upgrade your current deployment or you can install a new deployment of UCP. Please note there are both security and performance enhancements with this patch, so we encourage you to update as soon as possible.
The security update in this patch fixes an issue discovered by our development team during internal testing. The issue allowed a malicious user with limited privileges could escalate their privileges to perform unauthorized actions on the cluster via the API. This issue affects deployments of Universal Control Plane versions 1.1.2 or prior, and can only be used to gain access to the system by someone who already has a UCP account.
The performance update shows significant improvement to speed of cluster operations (e.g.
docker run and
docker-compose up when large numbers of overlay networks are deployed in the environment.
Some of the additional changes in UCP version 1.1.3:
New features: Non-admin users cannot edit/delete UCP/DTR volumes, View-Only default permissions now prohibit certain actions related to Images/Networks/Volumes
Bug fixes: Container rescheduling with overlay networks, LDAP admin sync when migrating from DTR 1.4.3. to 2.0.x, GUI-created volumes populating labels field, UI sidebar visibility, UCP/DTR config preservation on restart
As with previous versions, UCP 1.1.3 does not use the built-in orchestration features of Engine 1.12’s swarm-mode. Instead, it will run the classic Swarm 1.2.5 with swarm-join and swarm-master containers on the cluster.
Feel free to leave any feedback on this release here on the forums or through your Docker field rep.