gist:9db8e88a1e0f6d054c33f256416a4f63

1.11.1 vs 1.3.2 universe configs
diff --git a/repo/packages/M/marathon-lb/8/config.json b/repo/packages/M/marathon-lb/8/config.json
index aef8a4cc..6e25fe94 100644
--- a/repo/packages/M/marathon-lb/8/config.json
+++ b/repo/packages/M/marathon-lb/8/config.json
@@ -19,6 +19,11 @@
           "minimum": 1,
           "type": "number"
         },
+        "haproxy_global_default_options": {
+          "description": "Default global options for HAProxy.",
+          "type": "string",
+          "default": "redispatch,http-server-close,dontlognull"
+        },
         "haproxy-group": {
           "default": "external",
           "description": "HAProxy group parameter. Matches with HAPROXY_GROUP in the app labels.",
@@ -58,6 +63,26 @@
           "description": "Name for this LB instance",
           "type": "string"
         },
+        "parameters": {
+            "description": "Docker parameters",
+            "type": "array",
+            "items": {
+               "type": "object",
+               "properties": {
+                   "key": {
+                       "type": "string"
+                   },
+                   "value": {
+                       "type": "string"
+                   }
+               },
+               "required": [
+                   "key",
+                   "value"
+               ]
+           },
+           "default": []
+        },
         "role": {
           "default": "slave_public",
           "description": "Deploy marathon-lb only on nodes with this role.",
@@ -67,20 +92,45 @@
           "description": "TLS Cert and private key for HTTPS.",
           "type": "string"
         },
+        "strict-mode": {
+          "default": false,
+          "description": "Enable strict mode. This requires that you explicitly enable each backend with `HAPROXY_{n}_ENABLED=true`.",
+          "type": "boolean"
+        },
         "sysctl-params": {
           "default": "net.ipv4.tcp_tw_reuse=1 net.ipv4.tcp_fin_timeout=30 net.ipv4.tcp_max_syn_backlog=10240 net.ipv4.tcp_max_tw_buckets=400000 net.ipv4.tcp_max_orphans=60000 net.core.somaxconn=10000",
           "description": "sysctl params to set at startup for HAProxy.",
           "type": "string"
         },
+        "container-syslogd": {
+          "default": false,
+          "description": "Enable verbose syslogd logging to container stdout. This will also capture all HAProxy http connection and other logs.",
+          "type": "boolean"
+        },
+        "max-reload-retries": {
+          "default": 10,
+          "description": "Max reload retries before failure. Reloads happen every --reload-interval seconds. Set to 0 to disable or -1 for infinite retries.",
+          "type": "integer"
+        },
+        "reload-interval": {
+          "default": 10,
+          "description": "When retry-reload enabled, wait this long before attempting another reload.",
+          "type": "integer"
+        },
         "template-url": {
           "default": "",
           "description": "URL to tarball containing a directory templates/ to customize haproxy config.",
           "type": "string"
         },
         "marathon-uri": {
-          "default": "http://master.mesos:8080",
+          "default": "http://marathon.mesos:8080",
           "description": "URI of Marathon instance",
           "type": "string"
+        },
+        "secret_name": {
+          "description": "Name of the Secret Store credentials to use for DC/OS service authentication. This should be left empty unless service authentication is needed.",
+          "type": "string",
+          "default": ""
         }
       },
       "required": ["cpus", "mem", "haproxy-group", "instances", "name"],
diff --git a/repo/packages/M/marathon-lb/8/marathon.json.mustache b/repo/packages/M/marathon-lb/8/marathon.json.mustache
index cfa2c8b7..b8b84fab 100644
--- a/repo/packages/M/marathon-lb/8/marathon.json.mustache
+++ b/repo/packages/M/marathon-lb/8/marathon.json.mustache
@@ -9,7 +9,23 @@
     "docker": {
       "image": "{{resource.assets.container.docker.marathon-lb-docker}}",
       "network": "HOST",
-      "privileged": true
+      "privileged": true,
+      "parameters": [
+      {{#marathon-lb.parameters}}
+        {
+          "key": "{{key}}",
+          "value": "{{value}}"
+        },
+      {{/marathon-lb.parameters}}
+        {
+          "key": "label",
+          "value": "created_by=marathon"
+        },
+        {
+          "key": "label",
+          "value": "dcos_pkg_name=marathon-lb"
+        }
+      ]
     }
   },
   {{#marathon-lb.role}}
@@ -52,6 +68,11 @@
     "--min-serv-port-ip-per-task", "10101",
     "--max-serv-port-ip-per-task", "10150",
   {{/marathon-lb.auto-assign-service-ports}}
+  {{#marathon-lb.strict-mode}}
+    "--strict-mode",
+  {{/marathon-lb.strict-mode}}
+    "--max-reload-retries", "{{marathon-lb.max-reload-retries}}",
+    "--reload-interval", "{{marathon-lb.reload-interval}}",
     "--group", "{{marathon-lb.haproxy-group}}"
   ],
   "requirePorts":true,
@@ -59,9 +80,25 @@
   "uris": [ "{{marathon-lb.template-url}}" ],
   {{/marathon-lb.template-url}}
   "env": {
+    {{#marathon-lb.secret_name}}
+    "DCOS_SERVICE_ACCOUNT_CREDENTIAL": { "secret": "serviceCredential" },
+    {{/marathon-lb.secret_name}}
+    {{#marathon-lb.haproxy_global_default_options}}
+    "HAPROXY_GLOBAL_DEFAULT_OPTIONS": "{{marathon-lb.haproxy_global_default_options}}",
+    {{/marathon-lb.haproxy_global_default_options}}
     "HAPROXY_SSL_CERT": "{{marathon-lb.ssl-cert}}",
+    {{#marathon-lb.container-syslogd}}
+    "HAPROXY_SYSLOGD": "{{marathon-lb.container-syslogd}}",
+    {{/marathon-lb.container-syslogd}}
     "HAPROXY_SYSCTL_PARAMS": "{{marathon-lb.sysctl-params}}"
   },
+  {{#marathon-lb.secret_name}}
+  "secrets": {
+    "serviceCredential": {
+      "source": "{{marathon-lb.secret_name}}"
+    }
+  },
+  {{/marathon-lb.secret_name}}
   "ports": [
   {{#marathon-lb.bind-http-https}}
     80,
diff --git a/repo/packages/M/marathon-lb/8/package.json b/repo/packages/M/marathon-lb/8/package.json
index 66388dbf..7c0119c0 100644
--- a/repo/packages/M/marathon-lb/8/package.json
+++ b/repo/packages/M/marathon-lb/8/package.json
@@ -1,14 +1,15 @@
 {
-  "packagingVersion": "2.0",
+  "packagingVersion": "4.0",
   "name": "marathon-lb",
-  "version": "1.3.2",
+  "version": "1.11.1",
+  "minDcosReleaseVersion": "1.9",
   "scm": "https://github.com/mesosphere/marathon-lb",
   "description": "HAProxy configured using Marathon state",
   "maintainer": "support@mesosphere.io",
   "tags": ["loadbalancer", "service-discovery", "reverse-proxy", "proxy", "haproxy"],
-  "preInstallNotes": "We recommend a minimum of 0.5 CPUs and 256 MB of RAM available for the Marathon-LB DCOS Service.",
-  "postInstallNotes": "Marathon-lb DCOS Service has been successfully installed!\nSee https://github.com/mesosphere/marathon-lb for documentation.",
-  "postUninstallNotes": "Marathon-lb DCOS Service has been uninstalled and will no longer run.",
+  "preInstallNotes": "We recommend at least 2 CPUs and 1GiB of RAM for each Marathon-LB instance. \n\n*NOTE*: For additional ```Enterprise Edition``` DC/OS instructions, see https://docs.mesosphere.com/administration/id-and-access-mgt/service-auth/mlb-auth/“,
+  “postInstallNotes”: “Marathon-lb DC/OS Service has been successfully installed!\nSee https://github.com/mesosphere/marathon-lb for documentation.“,
+  “postUninstallNotes”: “Marathon-lb DC/OS Service has been uninstalled and will no longer run.“,
   “licenses”: [
     {
       “name”: “Apache License Version 2.0”,
diff --git a/repo/packages/M/marathon-lb/8/resource.json b/repo/packages/M/marathon-lb/8/resource.json
index 6bf9608d..de9b900b 100644
--- a/repo/packages/M/marathon-lb/8/resource.json
+++ b/repo/packages/M/marathon-lb/8/resource.json
@@ -7,7 +7,7 @@
   “assets”: {
     “container”: {
       “docker”: {
-        “marathon-lb-docker”: “mesosphere/marathon-lb:v1.3.2"
+        “marathon-lb-docker”: “mesosphere/marathon-lb:v1.11.1"
       }
     }
   }
drewkerrigan/gist:9db8e88a1e0f6d054c33f256416a4f63
