- Access AWS Resources from On-Demand Spark Clusters – You can now configure on-demand Spark clusters in your Domino workspace to access AWS resources using temporary credentials issued by AWS. To enable this feature, your Domino deployment must use single sign-on (SSO) with a trusted identity provider (IdP). To learn more about this feature, please refer to the corresponding documentation.
- Access Data in External Data Volumes – Your Domino projects can now access data stored in external storage volumes, like Network File Systems. External data volumes are supported in Jobs (including Scheduled Jobs), Workspaces, Apps, Launchers, and on-demand Spark clusters. To learn more about this feature, please refer to the external data volumes documentation.
- Domino 4.3.3 is now compatible with Istio (version 1.5+), which provides TLS encryption for service-to-service communication inside the Domino cluster. Domino installation tools can be configured to install Istio 1.7 controllers and agents, or Domino can be installed in a cluster that is already running Istio 1.5+.
- Domino now supports adding custom tolerations to the Kubernetes workloads it deploys, allowing compute nodes to have Domino-specific taints that prevent non-Domino pods in a multi-tenant cluster from being scheduled on them.
- The next generation containerized environment image builder is now in limited availability for Domino 4.3.3.
- Domino user roles and authorization have been overhauled to introduce new user types, streamline access control, and assist with license management. Read more about user roles in the updated administrator’s guide. Note that if you use SSO role synchronization, you must add the new
Practitionerrole to your users in SSO, or they may lose access to some features.
Upgrades & Enhancements
- Organize multiple sets of credentials using labels in the “Git Credentials” section of your Domino account settings.
- Receive immediate notifications if there are authentication or access problems when using git repositories in Jobs or Workspaces.
- On-demand Spark cluster usage is now recorded and included in run export data.
Project collaborators with the “Collaborator” role can now modify hardware tiers and environments.
Fixed HTTP to HTTPS redirect behavior in the Domino login flow that will trigger an unsecure redirect warning beginning in Chrome v88. Users of Chrome with automatic updating enabled will need to upgrade to Domino 4.3.3+ prior to January 19, 2021, when v88 is scheduled to become the new stable version of Chrome, to avoid seeing this warning on login.
Workarounds for earlier versions of Domino are:
- Do not upgrade to Chrome v88 stable
- Unset the
#mixed-forms-interstitialfeature flag in
- Ignore the warning at login and click
Upgrading to Domino 4.3.3 is the recommended path.
- Fixed a UI issue that visually obscured Job results.
- Fixed an issue that impaired the readability of a Run’s status.
- Fixed an issue that prevented Goals from being linked to a Domino project.
- Fixed an issue that prevented searching of Goals when linking a goal.
- Fixed an issue that caused the base image in an environment to revert back to the default global environment when editing an environment.
- Fixed a UI issue that displayed an incorrect value for the number of PVCs provisioned when utilizing a Spark cluster. The correct number of PVCs, however, were correctly provisioned.
- Fixed an issue that incorrectly allowed an environment to use itself as the base image.
- Fixed an issue that caused resource consumption to be displayed with incorrect units when viewing resource usage for a Job.
- Fixed an issue that prevented archived Workspaces and Jobs from displaying in Domino.
- Fixed an issue that caused Domino to display an incorrect number of Spark executors when launching a workspace with a Spark cluster. The specified number of Spark executors, however, were correctly allocated to the workspace.
- Fixed an issue that prevented workspaces from properly detecting file changes when performing volume recovery.
- Fixed an issue that prevented workspace recovery with a salvaged volume if a re-login to Domino was required.
- Fixed an issue that prevented image source projects from being downloaded.
- Fixed a pagination issue that caused search results from being properly displayed in the Environments dashboard.
- Fixed an issue that prevented environment search in the Environments dashboard if the name of the environment contained special characters.
- Fixed an issue that impaired workspace search in the Workspaces dashboard if the name of the workspace contained special characters.
- Fixed an issue that prevented workspaces from launching if a user was removed from an Okta group with credential propagation enabled.
- Fixed an issue that prevented the Usage chart for a project from displaying recent usage data.
- Fixed a UI issue in the workspace launch modal that impaired workspace launches.
- Fixed an issue that caused the asset count to display an incorrect value in the Project Portfolio view of the Domino Control Center.
- Fixed an issue that prevented Jobs from being scheduled if the job utilized an on-demand Spark cluster.
- Fixed an issue that prevented project ownership from being transferred to an organization.
- Fixed an issue that caused a 500 error in the Domino REST API when publishing an app using the Domino Python wrapper.
- Fixed an issue that prevented models from being exported as an endpoint to the SageMaker API.
- Fixed an issue that prevented the Jira credential panel from appearing in your Domino account settings.
- Fixed an issue that prevented git repo service providers from being added or selected when adding git repo credentials.
- Fixed an issue that caused Domino to become unresponsive when adding Jira credentials.
- Fixed an issue that prevented Bitbucket repositories from being imported and prevented the creation of projects when using a Bitbucket repository that required credentials.
- Fixed an issue that prevented anonymous users from using Launchers associated with public Domino projects.
- Fixed an issue that impacted file permissions in imported / exported projects.