All Versions
109
Latest Version
Avg Release Cycle
29 days
Latest Release
56 days ago

Changelog History
Page 7

  • v0.10.0-rc1 Changes

    October 10, 2019

    ๐Ÿ”‹ FEATURES:

    • Consul Connect : Nomad may now register Consul Connect services and
      manages an Envoy proxy sidecar to provide secured service-to-service
      communication.
    • Network Namespaces : Task Groups may now define a shared network
      namespace. Each allocation will receive its own network namespace and
      loopback interface. Ports may be forwarded from the host into the network
      namespace.
    • Host Volumes : Nomad expanded support of stateful workloads through locally mounted storage volumes.
    • ๐Ÿ’ป UI Allocation File Explorer : Nomad UI enhanced operability with a visual file system explorer for allocations.

    ๐Ÿ‘Œ IMPROVEMENTS:

    • ๐Ÿš€ core: Added rolling deployments for service jobs by default and max_parallel=0 disables deployments [GH-6191]
    • ๐Ÿ”ง agent: Allowed the job GC interval to be configured [GH-5978]
    • agent: Added log_level to be reloaded on SIGHUP [GH-5996]
    • ๐Ÿ’ป api: Added follow parameter to file streaming endpoint to support older browsers [GH-6049]
    • โฌ†๏ธ client: Upgraded go-getter to support GCP links [GH-6215]
    • ๐Ÿšš client: Remove consul service stanza from job init --short jobspec [GH-6179]
    • drivers: Exposed namespace as NOMAD_NAMESPACE environment variable in running tasks [GH-6192]
    • ๐Ÿ‘ท metrics: Added job status (pending, running, dead) metrics [GH-6003]
    • โฑ metrics: Added status and scheduling ability to client metrics [GH-6130]
    • ๐Ÿ”ง server: Added an option to configure job GC interval [GH-5978]
    • ๐Ÿ’ป ui: Added allocation filesystem explorer [GH-5871]
    • ๐Ÿ’ป ui: Added creation time to evaluations table [GH-6050]

    ๐Ÿ› BUG FIXES:

    • ๐Ÿ cli: Fixed nomad run ... on Windows so it works with unprivileged accounts [GH-6009]
    • ๐Ÿ–จ client: Fixed a bug in client fingerprinting on 32-bit nodes [GH-6239]
    • ๐Ÿ›  client: Fixed a bug where completed allocations may re-run after client restart [GH-6216]
    • ๐Ÿ›  client: Fixed failure to start if another client is already running with the same data directory [GH-6348]
    • ๐Ÿ›  devices: Fixed a bug causing CPU usage spike when a device is detected [GH-6201]
    • ๐Ÿณ drivers/docker: Set gc image_delay default to 3 minutes [GH-6078]
    • ๐Ÿ’ป ui: Fixed navigation via clicking recent allocation row [GH-6087]
  • v0.10.0-connect1

    July 09, 2019
  • v0.10.0-beta1

    September 06, 2019
  • v0.9.7 Changes

    December 04, 2019

    ๐Ÿ› BUG FIXES:

    • core: Fixed server panic caused by a plan evicting and preempting allocs on a node [GH-6792]
  • v0.9.6 Changes

    October 07, 2019

    ๐Ÿ”’ SECURITY:

    • core: Redacted replication token in agent/self API endpoint. The replication token is a management token that can be used for further privilege escalation. CVE-2019-12741 [GH-6430]
    • core: Fixed a bug where a user may start raw_exec task on clients despite driver being disabled. CVE-2019-15928 [GH-6227] [GH-6431]
    • enterprise/acl: Fix ACL access checks in Nomad Enterprise where users may query allocation information and perform lifecycle actions in namespaces they are not authorized to. CVE-2019-16742 [GH-6432]

    ๐Ÿ‘Œ IMPROVEMENTS:

    • client: Reduced memory footprint of nomad logging and executor processes [GH-6341]

    ๐Ÿ› BUG FIXES:

    • core: Fixed a bug where scheduler may schedule an allocation on a node without required drivers [GH-6227]
    • client: Fixed a bug where completed allocations may re-run after client restart [GH-6216] [GH-6207]
    • client: Fixed a panic that may occur when an nomad alloc exec is initiated while process is terminating [GH-6065]
    • devices: Fixed a bug causing CPU usage spike when a device is detected [GH-6201]
    • drivers: Fixed port mapping for docker and qemu drivers [GH-6251]
    • drivers/docker: Fixed a case where a nomad alloc exec would never time out [GH-6144]
    • ui: Fixed a bug where allocation log viewer doesn't show all content. [GH-6048]
  • v0.9.5 Changes

    August 21, 2019

    ๐Ÿ”’ SECURITY:

    • client/template: Fix security vulnerabilities associated with task template rendering (CVE-2019-14802), introduced in Nomad 0.5.0 [GH-6055] [GH-6075]
    • client/artifact: Fix a privilege escalation in the exec driver exploitable by artifacts with setuid permissions (CVE-2019-14803) [GH-6176]

    BACKWARDS INCOMPATIBILITIES:

    • client/template: When rendering a task template, only task environment variables are included by default. [GH-6055]
    • client/template: When rendering a task template, the plugin function is no longer permitted by default and will raise an error. [GH-6075]
    • client/template: When rendering a task template, path parameters for the file function will be restricted to the task directory by default. Relative paths or symlinks that point outside the task directory will raise an error. [GH-6075]

    ๐Ÿ‘Œ IMPROVEMENTS:

    • core: Added create and modify timestamps to evaluations [GH-5881]

    ๐Ÿ› BUG FIXES:

    • api: Fixed job region to default to client node region if none provided [GH-6064]
    • ui: Fixed links containing IPv6 addresses to include required square brackets [GH-6007]
    • vault: Fix deadlock when reloading server Vault configuration [GH-6082]
  • v0.9.4 Changes

    July 30, 2019

    ๐Ÿ‘Œ IMPROVEMENTS:

    • api: Inferred content type of file in alloc filesystem stat endpoint [GH-5907]
    • api: Used region from job hcl when not provided as query parameter in job registration and plan endpoints [GH-5664]
    • core: Deregister nodes in batches rather than one at a time [GH-5784]
    • core: Removed deprecated upgrade path code pertaining to older versions of Nomad [GH-5894]
    • core: System jobs that fail because of resource availability are retried when resources are freed [GH-5900]
    • core: Support reloading log level in agent via SIGHUP [GH-5996]
    • client: Improved task event display message to include kill time out [GH-5943]
    • client: Removed extraneous information to improve formatting for hcl parsing error messages [GH-5972]
    • driver/docker: Added logging defaults to use json-file log driver with log rotation [GH-5846]
    • metrics: Added namespace label as appropriate to metrics [GH-5847]
    • ui: Added page titles [GH-5924]
    • ui: Added buttons to copy client and allocation UUIDs [GH-5926]
    • ui: Moved client status, draining, and eligibility fields into single state column [GH-5789]

    ๐Ÿ› BUG FIXES:

    • core: Ensure plans are evaluated against a new enough snapshot index [GH-5791]
    • core: Handle error case when attempting to stop a non-existent allocation [GH-5865]
    • core: Improved job spec parsing error messages for variable interpolation failures [GH-5844]
    • core: Fixed a bug where nomad log and exec requests may time out or fail in tls enabled clusters [GH-5954].
    • client: Fixed a bug where consul service health checks may flap on client restart [GH-5837]
    • client: Fixed a bug where too many check-based restarts would deadlock the client [GH-5975]
    • client: Fixed a bug where successfully completed tasks may restart on client restart [GH-5890]
    • client: Fixed a bug where stats of external driver plugins aren't collected on plugin restart [GH-5948]
    • client: Fixed an issue where an alloc remains in pending state if nomad fails to create alloc directory [GH-5905]
    • client: Fixed an issue where client may kill running allocs if the client and the leader are restarting simultaneously [[GH-5906](//github.com/hashicorp/nomad/issues/5906)]
    • client: Fixed regression that prevented registering multiple services with the same name but different ports in Consul correctly [GH-5829]
    • client: Fixed a race condition when performing local task restarts that would result in incorrect task not found errors on Windows [GH-5899]
    • client: Reduce CPU usage on clients running many tasks on Linux [GH-5951]
    • client: Updated consul-template dependency to address issue with anonymous requests [GH-5976]
    • driver: Fixed an issue preventing local task restarts on Windows [GH-5864]
    • driver: Fixed an issue preventing external driver plugins from launching executor process [GH-5726]
    • driver/docker: Fixed a bug mounting relative paths on Windows [GH-5811]
    • driver/exec: Upgraded libcontainer dependency to avoid zombie runc:[1:CHILD]] processes [GH-5851]
    • metrics: Added metrics for raft and state store indexes. [GH-5841]
    • metrics: Upgrade prometheus client to avoid label conflicts [GH-5850]
    • ui: Fixed ability to click sort arrow to change sort direction [GH-5833]
  • v0.9.4-rc1

    July 23, 2019
  • v0.9.3 Changes

    June 12, 2019

    ๐Ÿ› BUG FIXES:

    • core: Fixed a panic that occurs if a job is updated with new task groups [GH-5805]
    • core: Update node's StatusUpdatedAt when node drain or eligibility changes [GH-5746]
    • core: Fixed a panic that may occur when preempting jobs for network resources [GH-5794]
    • core: Fixed a config parsing issue when client metadata contains a boolean value [GH-5802]
    • core: Fixed a config parsing issue where consul, vault, and autopilot stanzas break when using a config directory [GH-5817]
    • api: Allow sumitting alloc restart requests with an empty body [GH-5823]
    • client: Fixed an issue where task restart attempts is not honored properly [GH-5737]
    • client: Fixed a panic that occurs when a 0.9.2 client is running with 0.8 nomad servers [GH-5812]
    • client: Fixed an issue with cleaning up consul service registration entries when tasks fail to start. [GH-5821]
  • v0.9.2 Changes

    June 05, 2019

    ๐Ÿ”’ SECURITY:

    • driver/exec: Fix privilege escalation issue introduced in Nomad 0.9.0. In Nomad 0.9.0 and 0.9.1, exec tasks by default run as nobody but with elevated capabilities, allowing tasks to perform privileged linux operations and potentially escalate permissions. (CVE-2019-12618) [GH-5728]

    BACKWARDS INCOMPATIBILITIES:

    • api: The api package removed Config.SetTimeout and Config.ConfigureTLS functions, intended to be used internally only. [GH-5275]
    • api: The job deployments endpoint now filters out deployments associated with older instances of the job. This can happen if jobs are purged and recreated with the same id. To get all deployments irrespective of creation time, add all=true. The nomad job deploymentCLI also defaults to doing this filtering. [GH-5702]
    • client: The format of service IDs in Consul has changed. If you rely upon Nomad's service IDs (not service names; those are stable), you will need to update your code. [GH-5536]
    • client: The format of check IDs in Consul has changed. If you rely upon Nomad's check IDs you will need to update your code. [GH-5536]
    • client: On startup a client will reattach to running tasks as before but will not restart exited tasks. Exited tasks will be restarted only after the client has reestablished communication with servers. System jobs will always be restarted. [GH-5669]

    ๐Ÿ”‹ FEATURES:

    • core: Add nomad alloc stop command to reschedule allocs [GH-5512]
    • core: Add nomad alloc signal command to signal allocs and tasks [GH-5515]
    • core: Add nomad alloc restart command to restart allocs and tasks [GH-5502]
    • code: Add nomad alloc exec command for debugging and running commands in a alloc [GH-5632]
    • core/enterprise: Preemption capabilities for batch and service jobs
    • ui: Preemption reporting everywhere where allocations are shown and as part of the plan step of job submit [GH-5594]
    • ui: Ability to search clients list by class, status, datacenter, or eligibility flags [GH-5318]
    • ui: Ability to search jobs list by type, status, datacenter, or prefix [GH-5236]
    • ui: Ability to stop and restart allocations [GH-5734]
    • ui: Ability to restart tasks [GH-5734]
    • vault: Add initial support for Vault namespaces [GH-5520]

    ๐Ÿ‘Œ IMPROVEMENTS:

    • core: Add -verbose flag to nomad status wrapper command [GH-5516]
    • core: Add ability to filter job deployments by most recent version of job [GH-5702]
    • core: Add node name to output of nomad node status command in verbose mode [GH-5224]
    • core: Reduce the size of the raft transaction for plans by only sending fields updated by the plan applier [GH-5602]
    • core: Add job update auto_promote flag, which causes deployments to promote themselves when all canaries become healthy [GH-5719]
    • api: Support configuring http.Client used by golang api package [GH-5275]
    • api: Add preemption related fields to API results that return an allocation list. [GH-5580]
    • api: Add additional config options to scheduler configuration endpoint to disable preemption [GH-5628]
    • cli: Add acl token list command [GH-5557]
    • client: Reduce unnecessary lost nodes on server failure [GH-5654]
    • client: Canary Promotion no longer causes services registered in Consul to become unhealthy [GH-4566]
    • client: Allow use of maintenance mode and externally registered checks against Nomad-registered consul services [GH-4537]
    • driver/exec: Fixed an issue causing large memory consumption for light processes [GH-5437]
    • telemetry: Add client.allocs.memory.allocated metric to expose allocated task memory in bytes. [GH-5492]
    • ui: Colored log support [GH-5620]
    • ui: Upgraded from Ember 2.18 to 3.4 [GH-5544]
    • ui: Replace XHR cancellation by URL with XHR cancellation by token [GH-5721]

    ๐Ÿ› BUG FIXES:

    • core: Fixed accounting of allocated resources in metrics. [GH-5637]
    • core: Fixed disaster recovering with raft 3 protocol peers.json [GH-5629], [GH-5651]
    • core: Fixed a panic that may occur when preempting service jobs [GH-5545]
    • core: Fixed an edge case that caused division by zero when computing spread score [GH-5713]
    • core: Change configuration parsing to use the HCL library's decode, improving JSON support [GH-1290]
    • core: Fix a case where non-leader servers would have an ever growing number of waiting evaluations [GH-5699]
    • cli: Fix output and exit status for system jobs with constraints [GH-2381] and [GH-5169]
    • client: Fix network fingerprinting to honor manual configuration [GH-2619]
    • client: Job validation now checks that the datacenter field does not contain empty strings [GH-5665]
    • client: Fix network port mapping related environment variables when running with Nomad 0.8 servers [GH-5587]
    • client: Fix issue with terminal state deployments being modified when allocation subsequently fails [GH-5645]
    • driver/docker: Fix regression around image GC [GH-5768]
    • metrics: Fixed stale metrics [GH-5540]
    • vault: Fix renewal time to be 1/2 lease duration with jitter [GH-5479]