All Versions
53
Latest Version
Avg Release Cycle
30 days
Latest Release
53 days ago

Changelog History
Page 1

  • v0.10.2

    December 04, 2019

    NOTES:

    • cli: Our nomad_0.10.2_darwin_amd64_notarized release has been signed and notarized according to Apple's requirements. In the future, darwin releases will be signed and notarized with our standard naming convention.

      Prior to this release, MacOS 10.15+ users attempting to run our software may see the error: "'nomad' cannot be opened because the developer cannot be verified." This error affected all MacOS 10.15+ users who downloaded our software directly via web browsers, and was caused by changes to Apple's third-party software requirements.

      MacOS 10.15+ users should plan to upgrade to 0.10.2+.

    🔋 FEATURES:

    • Nomad Monitor: New nomad monitor command allows remotely following the logs of any Nomad Agent (clients or servers). See https://nomadproject.io/docs/commands/monitor.html
    • Docker Container Cleanup: Nomad will now automatically remove Docker containers for tasks leaked due to Nomad or Docker crashes or bugs.

    👌 IMPROVEMENTS:

    • agent: Added support for running under Windows Service Manager [GH-6220]
    • api: Added StartedAt field to Node.DrainStrategy [GH-6698]
    • api: Added JSON representation of rules to policy endpoint response [GH-6017]
    • api: Update policy endpoint to permit anonymous access [GH-6021]
    • build: Updated to Go 1.12.13 [GH-6606]
    • cli: Show full ID in node and alloc individual status views [GH-6425]
    • client: Enable setting tags on Consul Connect sidecar service [GH-6448]
    • client: Added support for downloading artifacts from Google Cloud Storage [GH-6692]
    • command: Added -tls-server-name flag [GH-6370]
    • command: Added nomad monitor command to stream logs at a specified level for debugging [GH-6499]
    • quota: Added support for network bandwidth quota limits in Nomad enterprise

    🐛 BUG FIXES:

    • core: Ignore server config values if server is disabled [GH-6047]
    • core: Added semver constraint for strict Semver 2.0 version comparisons [GH-6699]
    • core: Fixed server panic caused by a plan evicting and preempting allocs on a node [GH-6792]
    • api: Return a 404 if endpoint not found instead of redirecting to /ui/ [GH-6658]
    • api: Decompress web socket response body if gzipped on error responses [GH-6650]
    • api: Fixed a bug where some FS/Allocation API endpoints didn't return error messages [GH-6427]
    • api: Return 40X status code for failing ACL requests, rather than 500 [GH-6421]
    • cli: Made scoring column orders consistent nomad alloc status [GH-6609]
    • cli: Fixed a bug where nomad alloc exec fails if stdout is being redirected and not a TTY [GH-6684]
    • cli: Fixed a bug where a cli user may fail to query FS/Allocation API endpoints if they lack node:read capability [GH-6423]
    • client: client: Return empty values when host stats fail [GH-6349]
    • client: Fixed a bug where a client may not restart dead internal processes upon client's restart on Windows [GH-6426]
    • consul/connect: Fixed registering multiple Connect-enabled services in the same task group [GH-6646]
    • drivers: Fixed a bug where client may panic if a restored task failed to shutdown cleanly [GH-6763]
    • driver/exec: Fixed a bug where exec tasks can spawn processes that live beyond task lifecycle [GH-6722]
    • driver/docker: Added mechanism for detecting running unexpectedly running docker containers [GH-6325]
    • scheduler: Changes to devices in resource stanza should cause rescheduling [GH-6644]
    • scheduler: Fixed a bug that allowed inplace updates after affinity or spread were changed [GH-6703]
    • ui: Fixed client sorting [GH-6817]
    • vault: Allow overriding implicit Vault version constraint [GH-6687]
    • vault: Supported Vault auth role's new fields, token_period and token_explicit_max_ttl [GH-6574], [GH-6580]
  • v0.10.2-rc1

    November 22, 2019

    0.10.2 (November 22, 2019)

    🔋 FEATURES:

    • Nomad Monitor : New nomad monitor command allows remotely following
      👀 the logs of any Nomad Agent (clients or servers). See
      📄 https://nomadproject.io/docs/commands/monitor.html
    • 🐳 Docker Container Cleanup : Nomad will now automatically remove Docker
      🐳 containers for tasks leaked due to Nomad or Docker crashes or bugs.

    👌 IMPROVEMENTS:

    • 🏁 agent: Added support for running under Windows Service Manager [GH-6220]
    • api: Added StartedAt field to Node.DrainStrategy [GH-6698]
    • api: Added JSON representation of rules to policy endpoint response [GH-6017]
    • ⚡️ api: Update policy endpoint to permit anonymous access [GH-6021]
    • ⚡️ build: Updated to Go 1.12.13 [GH-6606]
    • cli: Show full ID in node and alloc individual status views [GH-6425]
    • client: Enable setting tags on Consul Connect sidecar service [GH-6448]
    • 👍 client: Added support for downloading artifacts from Google Cloud Storage [GH-6692]
    • command: Added -tls-server-name flag [GH-6370]
    • 🔊 command: Added nomad monitor command to stream logs at a specified level for debugging [GH-6499]
    • 👍 quota: Added support for network bandwidth quota limits in Nomad enterprise

    🐛 BUG FIXES:

    • core: Ignore server config values if server is disabled [GH-6047]
    • core: Added semver constraint for strict Semver 2.0 version comparisons [GH-6699]
    • 💻 api: Return a 404 if endpoint not found instead of redirecting to /ui/ [GH-6658]
    • 🌐 api: Decompress web socket response body if gzipped on error responses [GH-6650]
    • 🛠 api: Fixed a bug where some FS/Allocation API endpoints didn't return error messages [GH-6427]
    • api: Return 40X status code for failing ACL requests, rather than 500 [GH-6421]
    • cli: Made scoring column orders consistent nomad alloc status [GH-6609]
    • 🛠 cli: Fixed a bug where nomad alloc exec fails if stdout is being redirected and not a TTY [GH-6684]
    • 🛠 cli: Fixed a bug where a cli user may fail to query FS/Allocation API endpoints if they lack node:read capability [GH-6423]
    • client: client: Return empty values when host stats fail [GH-6349]
    • 🏁 client: Fixed a bug where a client may not restart dead internal processes upon client's restart on Windows [GH-6426]
    • ⏪ drivers: Fixed a bug where client may panic if a restored task failed to shutdown cleanly [GH-6763]
    • 🛠 driver/exec: Fixed a bug where exec tasks can spawn processes that live beyond task lifecycle [GH-6722]
    • 🐳 driver/docker: Added mechanism for detecting running unexpectedly running docker containers [GH-6325]
    • 🛠 nomad: Fixed registering multiple connect enabled services in the same task group [GH-6646]
    • ⏱ scheduler: Changes to devices in resource stanza should cause rescheduling [GH-6644]
    • ⚡️ scheduler: Fixed a bug that allowed inplace updates after affinity or spread were changed [GH-6703]
    • vault: Allow overriding implicit Vault version constraint [GH-6687]
    • vault: Supported Vault auth role's new fields, token_period and token_explicit_max_ttl [GH-6574], [GH-6580]
  • v0.10.1

    November 04, 2019

    🐛 BUG FIXES:

    • core: Fixed server panic when upgrading from 0.8 -> 0.10 and performing an inplace update of an allocation. [GH-6541]
    • api: Fixed panic when submitting Connect-enabled job without using a bridge network [GH-6575]
    • client: Fixed client panic when upgrading from 0.8 -> 0.10 and performing an inplace update of an allocation. [GH-6605]
  • v0.10.0

    October 22, 2019

    🔋 FEATURES:

    • Consul Connect: Nomad may now register Consul Connect services and manages an Envoy proxy sidecar to provide secured service-to-service communication.
    • Network Namespaces: Task Groups may now define a shared network namespace. Each allocation will receive its own network namespace and loopback interface. Ports may be forwarded from the host into the network namespace.
    • Host Volumes: Nomad expanded support of stateful workloads through locally mounted storage volumes.
    • UI Allocation File Explorer: Nomad UI enhanced operability with a visual file system explorer for allocations.

    👌 IMPROVEMENTS:

    • core: Added rolling deployments for service jobs by default and max_parallel=0 disables deployments [GH-6191]
    • agent: Allowed the job GC interval to be configured [GH-5978]
    • agent: Added log_level to be reloaded on SIGHUP [GH-5996]
    • api: Added follow parameter to file streaming endpoint to support older browsers [GH-6049]
    • client: Upgraded go-getter to support GCP links [GH-6215]
    • client: Remove consul service stanza from job init --short jobspec [GH-6179]
    • drivers: Exposed namespace as NOMAD_NAMESPACE environment variable in running tasks [GH-6192]
    • metrics: Added job status (pending, running, dead) metrics [GH-6003]
    • metrics: Added status and scheduling ability to client metrics [GH-6130]
    • server: Added an option to configure job GC interval [GH-5978]
    • ui: Added allocation filesystem explorer [GH-5871]
    • ui: Added creation time to evaluations table [GH-6050]

    🐛 BUG FIXES:

    • cli: Fixed nomad run ... on Windows so it works with unprivileged accounts [GH-6009]
    • client: Fixed a bug in client fingerprinting on 32-bit nodes [GH-6239]
    • client: Fixed a bug where completed allocations may re-run after client restart [GH-6216]
    • client: Fixed failure to start if another client is already running with the same data directory [GH-6348]
    • devices: Fixed a bug causing CPU usage spike when a device is detected [GH-6201]
    • drivers: Allowd user-defined environment variable keys to contain dashes [GH-6080]
    • driver/docker: Set gc image_delay default to 3 minutes [GH-6078]
    • driver/docker: Improved docker driver handling of container creation or starting failures [GH-6326], [GH-6346]
    • ui: Fixed a bug where the allocation log viewer would render HTML or hide content that matched XML syntax [GH-6048]
    • ui: Fixed a bug where allocation log viewer doesn't show all content in Firefox [GH-6466]
    • ui: Fixed navigation via clicking recent allocation row [GH-6087]
    • ui: Fixed a bug where the allocation log viewer would render HTML or hide content that matched XML syntax [GH-6048]
    • ui: Fixed a bug where allocation log viewer doesn't show all content in Firefox [GH-6466]
  • v0.10.0-rc1

    October 10, 2019

    🔋 FEATURES:

    • Consul Connect : Nomad may now register Consul Connect services and
      manages an Envoy proxy sidecar to provide secured service-to-service
      communication.
    • Network Namespaces : Task Groups may now define a shared network
      namespace. Each allocation will receive its own network namespace and
      loopback interface. Ports may be forwarded from the host into the network
      namespace.
    • Host Volumes : Nomad expanded support of stateful workloads through locally mounted storage volumes.
    • 💻 UI Allocation File Explorer : Nomad UI enhanced operability with a visual file system explorer for allocations.

    👌 IMPROVEMENTS:

    • 🚀 core: Added rolling deployments for service jobs by default and max_parallel=0 disables deployments [GH-6191]
    • 🔧 agent: Allowed the job GC interval to be configured [GH-5978]
    • agent: Added log_level to be reloaded on SIGHUP [GH-5996]
    • 💻 api: Added follow parameter to file streaming endpoint to support older browsers [GH-6049]
    • ⬆️ client: Upgraded go-getter to support GCP links [GH-6215]
    • 🚚 client: Remove consul service stanza from job init --short jobspec [GH-6179]
    • drivers: Exposed namespace as NOMAD_NAMESPACE environment variable in running tasks [GH-6192]
    • 👷 metrics: Added job status (pending, running, dead) metrics [GH-6003]
    • ⏱ metrics: Added status and scheduling ability to client metrics [GH-6130]
    • 🔧 server: Added an option to configure job GC interval [GH-5978]
    • 💻 ui: Added allocation filesystem explorer [GH-5871]
    • 💻 ui: Added creation time to evaluations table [GH-6050]

    🐛 BUG FIXES:

    • 🏁 cli: Fixed nomad run ... on Windows so it works with unprivileged accounts [GH-6009]
    • 🖨 client: Fixed a bug in client fingerprinting on 32-bit nodes [GH-6239]
    • 🛠 client: Fixed a bug where completed allocations may re-run after client restart [GH-6216]
    • 🛠 client: Fixed failure to start if another client is already running with the same data directory [GH-6348]
    • 🛠 devices: Fixed a bug causing CPU usage spike when a device is detected [GH-6201]
    • 🐳 drivers/docker: Set gc image_delay default to 3 minutes [GH-6078]
    • 💻 ui: Fixed navigation via clicking recent allocation row [GH-6087]
  • v0.10.0-connect1

    July 09, 2019
  • v0.10.0-beta1

    September 06, 2019
  • v0.9.7

    December 04, 2019

    🐛 BUG FIXES:

    • core: Fixed server panic caused by a plan evicting and preempting allocs on a node [GH-6792]
  • v0.9.6

    October 07, 2019

    🔒 SECURITY:

    • core: Redacted replication token in agent/self API endpoint. The replication token is a management token that can be used for further privilege escalation. CVE-2019-12741 [GH-6430]
    • core: Fixed a bug where a user may start raw_exec task on clients despite driver being disabled. CVE-2019-15928 [GH-6227] [GH-6431]
    • enterprise/acl: Fix ACL access checks in Nomad Enterprise where users may query allocation information and perform lifecycle actions in namespaces they are not authorized to. CVE-2019-16742 [GH-6432]

    👌 IMPROVEMENTS:

    • client: Reduced memory footprint of nomad logging and executor processes [GH-6341]

    🐛 BUG FIXES:

    • core: Fixed a bug where scheduler may schedule an allocation on a node without required drivers [GH-6227]
    • client: Fixed a bug where completed allocations may re-run after client restart [GH-6216] [GH-6207]
    • client: Fixed a panic that may occur when an nomad alloc exec is initiated while process is terminating [GH-6065]
    • devices: Fixed a bug causing CPU usage spike when a device is detected [GH-6201]
    • drivers: Fixed port mapping for docker and qemu drivers [GH-6251]
    • drivers/docker: Fixed a case where a nomad alloc exec would never time out [GH-6144]
    • ui: Fixed a bug where allocation log viewer doesn't show all content. [GH-6048]
  • v0.9.5

    August 21, 2019

    🔒 SECURITY:

    • client/template: Fix security vulnerabilities associated with task template rendering (CVE-2019-14802), introduced in Nomad 0.5.0 [GH-6055] [GH-6075]
    • client/artifact: Fix a privilege escalation in the exec driver exploitable by artifacts with setuid permissions (CVE-2019-14803) [GH-6176]

    BACKWARDS INCOMPATIBILITIES:

    • client/template: When rendering a task template, only task environment variables are included by default. [GH-6055]
    • client/template: When rendering a task template, the plugin function is no longer permitted by default and will raise an error. [GH-6075]
    • client/template: When rendering a task template, path parameters for the file function will be restricted to the task directory by default. Relative paths or symlinks that point outside the task directory will raise an error. [GH-6075]

    👌 IMPROVEMENTS:

    • core: Added create and modify timestamps to evaluations [GH-5881]

    🐛 BUG FIXES:

    • api: Fixed job region to default to client node region if none provided [GH-6064]
    • ui: Fixed links containing IPv6 addresses to include required square brackets [GH-6007]
    • vault: Fix deadlock when reloading server Vault configuration [GH-6082]