« Changelog History


Nomad v0.9.2 Release Notes

Release Date: 2019-06-05 // almost 5 years ago

  • 🔒 SECURITY:

    • driver/exec: Fix privilege escalation issue introduced in Nomad 0.9.0. In Nomad 0.9.0 and 0.9.1, exec tasks by default run as nobody but with elevated capabilities, allowing tasks to perform privileged linux operations and potentially escalate permissions. (CVE-2019-12618) [GH-5728]

    BACKWARDS INCOMPATIBILITIES:

    • api: The api package removed Config.SetTimeout and Config.ConfigureTLS functions, intended to be used internally only. [GH-5275]
    • api: The job deployments endpoint now filters out deployments associated with older instances of the job. This can happen if jobs are purged and recreated with the same id. To get all deployments irrespective of creation time, add all=true. The nomad job deploymentCLI also defaults to doing this filtering. [GH-5702]
    • client: The format of service IDs in Consul has changed. If you rely upon Nomad's service IDs (not service names; those are stable), you will need to update your code. [GH-5536]
    • client: The format of check IDs in Consul has changed. If you rely upon Nomad's check IDs you will need to update your code. [GH-5536]
    • client: On startup a client will reattach to running tasks as before but will not restart exited tasks. Exited tasks will be restarted only after the client has reestablished communication with servers. System jobs will always be restarted. [GH-5669]

    🔋 FEATURES:

    • core: Add nomad alloc stop command to reschedule allocs [GH-5512]
    • core: Add nomad alloc signal command to signal allocs and tasks [GH-5515]
    • core: Add nomad alloc restart command to restart allocs and tasks [GH-5502]
    • code: Add nomad alloc exec command for debugging and running commands in an alloc [GH-5632]
    • core/enterprise: Preemption capabilities for batch and service jobs
    • ui: Preemption reporting everywhere where allocations are shown and as part of the plan step of job submit [GH-5594]
    • ui: Ability to search clients list by class, status, datacenter, or eligibility flags [GH-5318]
    • ui: Ability to search jobs list by type, status, datacenter, or prefix [GH-5236]
    • ui: Ability to stop and restart allocations [GH-5734]
    • ui: Ability to restart tasks [GH-5734]
    • vault: Add initial support for Vault namespaces [GH-5520]

    👌 IMPROVEMENTS:

    • core: Add -verbose flag to nomad status wrapper command [GH-5516]
    • core: Add ability to filter job deployments by most recent version of job [GH-5702]
    • core: Add node name to output of nomad node status command in verbose mode [GH-5224]
    • core: Reduce the size of the raft transaction for plans by only sending fields updated by the plan applier [GH-5602]
    • core: Add job update auto_promote flag, which causes deployments to promote themselves when all canaries become healthy [GH-5719]
    • api: Support configuring http.Client used by golang api package [GH-5275]
    • api: Add preemption related fields to API results that return an allocation list. [GH-5580]
    • api: Add additional config options to scheduler configuration endpoint to disable preemption [GH-5628]
    • cli: Add acl token list command [GH-5557]
    • client: Reduce unnecessary lost nodes on server failure [GH-5654]
    • client: Canary Promotion no longer causes services registered in Consul to become unhealthy [GH-4566]
    • client: Allow use of maintenance mode and externally registered checks against Nomad-registered consul services [GH-4537]
    • driver/exec: Fixed an issue causing large memory consumption for light processes [GH-5437]
    • telemetry: Add client.allocs.memory.allocated metric to expose allocated task memory in bytes. [GH-5492]
    • ui: Colored log support [GH-5620]
    • ui: Upgraded from Ember 2.18 to 3.4 [GH-5544]
    • ui: Replace XHR cancellation by URL with XHR cancellation by token [GH-5721]

    🐛 BUG FIXES:

    • core: Fixed accounting of allocated resources in metrics. [GH-5637]
    • core: Fixed disaster recovering with raft 3 protocol peers.json [GH-5629], [GH-5651]
    • core: Fixed a panic that may occur when preempting service jobs [GH-5545]
    • core: Fixed an edge case that caused division by zero when computing spread score [GH-5713]
    • core: Change configuration parsing to use the HCL library's decode, improving JSON support [GH-1290]
    • core: Fix a case where non-leader servers would have an ever growing number of waiting evaluations [GH-5699]
    • cli: Fix output and exit status for system jobs with constraints [GH-2381] and [GH-5169]
    • client: Fix network fingerprinting to honor manual configuration [GH-2619]
    • client: Job validation now checks that the datacenter field does not contain empty strings [GH-5665]
    • client: Fix network port mapping related environment variables when running with Nomad 0.8 servers [GH-5587]
    • client: Fix issue with terminal state deployments being modified when allocation subsequently fails [GH-5645]
    • driver/docker: Fix regression around image GC [GH-5768]
    • metrics: Fixed stale metrics [GH-5540]
    • vault: Fix renewal time to be 1/2 lease duration with jitter [GH-5479]