Domino 4.3.3 (December 2020)

Access AWS Resources from On-Demand Spark Clusters – You can now configure on-demand Spark clusters in your Domino workspace to access AWS resources using temporary credentials issued by AWS. To enable this feature, your Domino deployment must use single sign-on (SSO) with a trusted identity provider (IdP). To learn more about this feature, see the corresponding documentation.

Access Data in External Data Volumes – Your Domino projects can now access data stored in external storage volumes, like Network File Systems. External data volumes are supported in Jobs (including Scheduled Jobs), Workspaces, Apps, Launchers, and on-demand Spark clusters. To learn more about this feature, see the external data volumes documentation.

Domino 4.3.3 is now compatible with Istio (version 1.5+), which provides TLS encryption for service-to-service communication inside the Domino cluster. Domino installation tools can be configured to install Istio 1.7 controllers and agents, or Domino can be installed in a cluster that is already running Istio 1.5+.

Domino now supports adding custom tolerations to the Kubernetes workloads it deploys, allowing compute nodes to have Domino-specific taints that prevent non-Domino pods in a multi-tenant cluster from being scheduled on them.

The next generation containerized environment image builder is now in limited availability for Domino 4.3.3.

Domino user roles and authorization have been overhauled to introduce new user types, streamline access control, and assist with license management. Read more about user roles in the updated administrator’s guide. If you use SSO role synchronization, you must add the new Practitioner role to your users in SSO, or they may lose access to some features.

The default volume size in Domino 4.3.3 is 5 GB.

Organize multiple sets of credentials using labels in the “Git Credentials” section of your Domino account settings.

Receive immediate notifications if there are authentication or access problems when using git repositories in Jobs or Workspaces.

On-demand Spark cluster usage is now recorded and included in run export data.

Project collaborators with the “Collaborator” role can now modify hardware tiers and environments.

Fixed HTTP to HTTPS redirect behavior in the Domino login flow that will trigger an unsecure redirect warning beginning in Chrome v88. Users of Chrome with automatic updating enabled will need to upgrade to Domino 4.3.3+ prior to January 19, 2021, when v88 is scheduled to become the new stable version of Chrome, to avoid seeing this warning on login.

Restrict contributors from adding additional contributors to a project. To learn more, see the <code>Authorization</code> feature flags in the Domino administrator’s guide.

Fixed a UI issue that visually obscured Job results.

Fixed an issue that impaired the readability of a Run’s status.

Fixed an issue that prevented Goals from being linked to a Domino project.

Fixed an issue that prevented searching of Goals when linking a goal.

Fixed an issue that caused the base image in an environment to revert back to the default global environment when editing an environment.

Fixed a UI issue that displayed an incorrect value for the number of PVCs provisioned when utilizing a Spark cluster. The correct number of PVCs, however, were correctly provisioned.

Fixed an issue that incorrectly allowed an environment to use itself as the base image.

Fixed an issue that caused resource consumption to be displayed with incorrect units when viewing resource usage for a Job.

Fixed an issue that prevented archived Workspaces and Jobs from displaying in Domino.

Fixed an issue that caused Domino to display an incorrect number of Spark executors when launching a workspace with a Spark cluster. The specified number of Spark executors, however, were correctly allocated to the workspace.

Fixed an issue that prevented workspaces from properly detecting file changes when performing volume recovery.

Fixed an issue that prevented workspace recovery with a salvaged volume if a re-login to Domino was required.

Fixed an issue that prevented image source projects from being downloaded.

Fixed a pagination issue that caused search results from being properly displayed in the Environments dashboard.

Fixed an issue that prevented environment search in the Environments dashboard if the name of the environment contained special characters.

Fixed an issue that impaired workspace search in the Workspaces dashboard if the name of the workspace contained special characters.

Fixed an issue that prevented workspaces from launching if a user was removed from an Okta group with credential propagation enabled.

Fixed an issue that prevented the Usage chart for a project from displaying recent usage data.

Fixed a UI issue in the workspace launch modal that impaired workspace launches.

Fixed an issue that caused the asset count to display an incorrect value in the Project Portfolio view of the Domino Control Center.

Fixed an issue that prevented Jobs from being scheduled if the job utilized an on-demand Spark cluster.

Fixed an issue that prevented project ownership from being transferred to an organization.

Fixed an issue that caused a 500 error in the Domino REST API when publishing an app using the Domino Python wrapper.

Fixed an issue that prevented models from being exported as an endpoint to the SageMaker API.

Fixed an issue that prevented the Jira credential panel from appearing in your Domino account settings.

Fixed an issue that prevented git repo service providers from being added or selected when adding git repo credentials.

Fixed an issue that caused Domino to become unresponsive when adding Jira credentials.

Fixed an issue that prevented Bitbucket repositories from being imported and prevented the creation of projects when using a Bitbucket repository that required credentials.

Fixed an issue that prevented anonymous users from using Launchers associated with public Domino projects.

Fixed an issue that impacted file permissions in imported / exported projects.

When a project owner without the Practitioner role attempts to publish an app, this might leave the app stuck in a “Never Started” state.

Model API applications deployed through Export to the External Registry will run, but they throw an exception.

When using the Domino CLI and it is configured to use the API blob upload mode, you cannot start a new workspace after uploading projects.

When you set the Central Config option com.cerebro.domino.whitelabel.jsonConfig={"hideSearchableProjects":true} you can still see the create searchable projects option in the application.

The cursors appear in the wrong location when editing compute environments using Chrome browser on Windows.

In an upgraded deployment, the role for new users is incorrectly set as a Lite User.

Roles cannot be assigned through SAML assertion to users when performing a Domino upgrade.

When launching a workspace in an offline environment, it fails due to the istio-shutdown container.

When creating or editing a file in a DFS project, a blank page opens instead of the file editor.

Users with the "Practitioner" role cannot create a project.

Domino runs do not execute properly if a file in a linked repository contains non-ASCII characters.

The Support button that is used to contact Domino Technical Support is missing.

When using a Spark cluster, the data frame cannot be read properly.

Creating a new model causes a 500 error.

Project settings are not being properly propagated to Spark clusters.

If externalRolesEnabled is on in the Central Configuration, you can edit your role, which is overwritten the next time you login.

Periodic usage report emails are not being set.

The Usage statistics chart for a project shows only the first non-zero value.

When the feature flag Enable Jira Integration features is set to true, the Jira credential panel is not shown. Instead, a message is shown that reads as follows: Domino organizations and user membership are managed centrally by your company identity administrator and are automatically synced with Domino. Organizations cannot be managed directly in Domino.

When using Git repo credentials, if you add a repository, you will receive an error that the Git provider must be added and the Git provider dropdown and Add repository button are disabled.

When adding Jira credentials, the system sends an unrecoverable error and the server crashes.

When you add a Bitbucket credential, it is added as bitbucket.com which prohibits you from importing the repository or making a project with a Bitbucket repository that requires credentials.

Launcher users are able to access project files and can import an un-exported file.

When restarting a Workspace through the Update Settings modal, External Data Volumes are not mounted in the new Workspace. Follow the steps to mount External Data Volumes. This issue is fixed in Domino 5.9.0.