Releases: hashicorp/nomad
Releases · hashicorp/nomad
v0.11.2
FEATURES:
- Task dependencies UI: task lifecycle charts and details
IMPROVEMENTS:
- core: Added support for a per-group policy to stop tasks when a client is disconnected [GH-2185]
- core: Allow spreading allocations as an alternative to binpacking [GH-7810]
- client: Improve AWS CPU performance fingerprinting [GH-7681]
- csi: Added support for volume secrets [GH-7923]
- csi: Added periodic garbage collection of plugins and volume claims [GH-7825]
- csi: Improved performance of volume claim releases by moving work out of scheduler [GH-7794]
- driver/docker: Added support for custom runtimes [GH-7932]
- ui: Added ACL-checking to conditionally turn off exec button [GH-7919]
- ui: Added ACL-checking to conditionally turn off exec button [GH-7919]
- ui: CSI searchable volumes and plugins pages [GH-7895]
- ui: CSI plugins list and etail pages [GH-7872] [GH-7911]
- ui: CSI volume constraints table [GH-7872]
BUG FIXES:
- core: job scale status endpoint was returning incorrect counts [GH-7789]
- core: Fixed bugs related to periodic jobs scheduled during daylight saving transition periods [GH-7894]
- core: Fixed a bug where scores for allocations were biased toward nodes with resource reservations [GH-7730]
- api: api.ScalingEvent struct was missing .Count [GH-7915]
- api: validate scale count value is not negative [GH-7902]
- api: autoscaling policies should not be returned for stopped jobs [GH-7768]
- client: Fixed a bug where an multi-task allocation maybe considered unhealthy if some tasks are slow to start [GH-7944]
- csi: Fixed checking of volume validation responses from plugins [GH-7831]
- csi: Fixed counting of healthy and expected plugins after plugin job updates or stops [GH-7844]
- csi: Added checkpointing to volume claim release to avoid unreleased claims on plugin errors [GH-7782]
- driver/docker: Fixed a bug preventing garbage collecting unused docker images [GH-7947]
- jobspec: autoscaling policy block should return a parsing error multiple
policy
blocks are provided [GH-7716] - ui: Fixed a bug where exec popup had incorrect URL for jobs where name ≠ id [GH-7814]
- ui: Fixed a timeout issue where if the log stream request to a client eventually returns but only after the timeout it never gets closed [GH-7820]
- ui: Setting a namespace on Volumes or Jobs persists that namespace choice when switching to another namespace-away page [GH-7896]
- ui: Fixed a bug where clicking stdout or stderr when already on that clicked view would pause log streaming [GH-7820]
- ui: Fixed a race condition that made swithing from stdout to stderr too quickly show an error [GH-7820]
- ui: Switching namespaces now redirects to Volumes instead of Jobs when on a Storage page [GH-7896]
- vault: Fixed a bug where nomad retries revoking tokens indefinitely [GH-7959]
v0.11.1
BUG FIXES:
- core: Fixed a bug that only ran a task
shutdown_delay
if the task had a registered service [GH-7663] - core: Fixed a panic when garbage collecting a job with allocations spanning multiple versions [GH-7758]
- agent: Fixed a bug where http server logs did not honor json log formatting, and reduced http server logging level to Trace [GH-7748]
- connect: Fixed bugs where some connect parameters would be ignored [GH-7690] [GH-7684]
- connect: Fixed a bug where an absent connect sidecar_service stanza would trigger panic [GH-7683]
- connect: Fixed a bug where some connect proxy fields would be dropped from 'job inspect' output [GH-7397]
- csi: Fixed a panic when claiming a volume for an allocation that was already garbage collected [GH-7760]
- csi: Fixed a bug where CSI plugins with
NODE_STAGE_VOLUME
capabilities were receiving an incorrect volume ID [GH-7754] - driver/docker: Fixed a bug where retrying failed docker creation may in rare cases trigger a panic [GH-7749]
- scheduler: Fixed a bug in managing allocated devices for a job allocation in in-place update scenarios [GH-7762]
- vault: Upgrade http2 library to fix Vault API calls that fail with
http2: no cached connection was available
[GH-7673]
v0.11.0
FEATURES:
- Container Storage Interface [beta]: Nomad has expanded support
of stateful workloads through support for CSI plugins. - Exec UI: an in-browser terminal for connecting to running allocations.
- Audit Logging (Enterprise): Audit logging support for Nomad
Enterprise. - Scaling APIs: new scaling policy API and job scaling APIs to support external autoscalers
- Task Dependencies: introduces
lifecycle
stanza with prestart and sidecar hooks for tasks within a task group
BACKWARDS INCOMPATIBILITIES:
- driver/rkt: The Rkt driver is no longer packaged with Nomad and is instead
distributed separately as a driver plugin. Further, the Rkt driver codebase
is now in a separate
repository.
IMPROVEMENTS:
- core: Optimized streaming RPCs made between Nomad agents [GH-7044]
- build: Updated to Go 1.14.1 [GH-7431]
- consul: Added support for configuring
enable_tag_override
on service stanzas. [GH-2057] - client: Updated consul-template library to v0.24.1 - added support for working with consul connect. Deprecated vault_grace [GH-7170]
- driver/exec: Added
no_pivot_root
option for ramdisk use [GH-7149] - jobspec: Added task environment interpolation to
volume_mount
[GH-7364] - jobspec: Added support for a per-task restart policy [GH-7288]
- server: Added minimum quorum check to Autopilot with minQuorum option [GH-7171]
- connect: Added support for specifying Envoy expose path configurations [GH-7323] [GH-7396]
- connect: Added support for using Connect with TLS enabled Consul agents [GH-7602]
BUG FIXES:
- core: Fixed a bug where group network mode changes were not honored [GH-7414]
- core: Optimized and fixed few bugs in underlying RPC handling [GH-7044] [GH-7045]
- api: Fixed a panic when canonicalizing a jobspec with an incorrect job type [GH-7207]
- api: Fixed a bug where calling the node GC or GcAlloc endpoints resulted in an error EOF return on successful requests [GH-5970]
- api: Fixed a bug where
/client/allocations/...
(e.g. allocation stats) requests may hang in special cases after a leader election [GH-7370] - cli: Fixed a bug where
nomad agent -dev
fails on Windows [GH-7534] - cli: Fixed a panic when displaying device plugins without stats [GH-7231]
- cli: Fixed a bug where
alloc exec
command in TLS environments may fail [GH-7274] - client: Fixed a panic when running in Debian with
/etc/debian_version
is empty [GH-7350] - client: Fixed a bug affecting network detection in environments that mimic the EC2 Metadata API [GH-7509]
- client: Fixed a bug where a multi-task allocation maybe considered healthy despite a task restarting [GH-7383]
- consul: Fixed a bug where modified Consul service definitions would not be updated [GH-6459]
- connect: Fixed a bug where Connect enabled allocation would not stop after promotion [GH-7540]
- connect: Fixed a bug where restarting a client would prevent Connect enabled allocations from cleaning up properly [GH-7643]
- driver/docker: Fixed handling of seccomp
security_opts
option [GH-7554] - driver/docker: Fixed a bug causing docker containers to use swap memory unexpectedly [GH-7550]
- scheduler: Fixed a bug where changes to task group
shutdown_delay
were not persisted or displayed in plan output [GH-7618] - ui: Fixed handling of multi-byte unicode characters in allocation log view [GH-7470] [GH-7551]
Download binaries from https://releases.hashicorp.com/nomad/0.11.0/
v0.11.0-rc1
Changes since beta2:
- connect: Added support for using Connect with TLS enabled Consul agents [GH-7602]
- connect: Fixed a bug where restarting a client would prevent Connect enabled allocations from cleaning up properly [GH-7643]
- consul: Fixed a bug where service updating could sometimes fail [GH-7600]
- scheduler: Fixed a bug where changes to task group shutdown_delay were not persisted or displayed in plan output [GH-7618]
- A number of documentation updates and test improvements.
0.11.0-rc1 Binaries - https://releases.hashicorp.com/nomad/0.11.0-rc1/
v0.11.0-beta2
Since beta1:
- connect: Added support for specifying Envoy expose path configurations
- cli: Fixed a bug where nomad agent -dev fails on Windows
- client: Fixed a bug affecting network detection in environments that mimic the EC2 Metadata API
- driver/docker: Fixed handling of seccomp security_opts option
- driver/docker: Fixed a bug causing docker containers to use swap memory unexpectedly
- ui: Fixed handling of multi-byte unicode characters in allocation log view
- ui: Fixed exec outside test environment
- ui: Removed exec button for dead jobs
- ui: Added exec-specific loading template
- api: change to the /v1/job/:id/scale API [beta]
v0.11.0-beta1
FEATURES:
- Container Storage Interface [beta]: Nomad has expanded support
of stateful workloads through support for CSI plugins. - Exec UI [beta]: an in-browser terminal for connecting to running allocations.
- Audit Logging (Enterprise) [beta]: Audit logging support for Nomad
Enterprise. - Scaling APIs [beta]: new scaling policy API and job scaling APIs to support external autoscalers
- Task Dependencies: introduces
lifecycle
stanza with prestart and sidecar hooks for tasks within a task group
BACKWARDS INCOMPATIBILITIES:
- driver/rkt: The Rkt driver is no longer packaged with Nomad and is instead
distributed separately as a driver plugin. Further, the Rkt driver codebase
is now in a separate
repository.
IMPROVEMENTS:
- core: Optimized streaming RPCs made between Nomad agents [GH-7044]
- build: Updated to Go 1.14.1 [GH-7431]
- consul: Added support for configuring
enable_tag_override
on service stanzas. [GH-2057] - client: Updated consul-template library to v0.24.1 - added support for working with consul connect. Deprecated vault_grace [GH-7170]
- driver/exec: Added
no_pivot_root
option for ramdisk use [GH-7149] - jobspec: Added task environment interpolation to
volume_mount
[GH-7364] - jobspec: Added support for a per-task restart policy [GH-7288]
- server: Added minimum quorum check to Autopilot with minQuorum option [GH-7171]
BUG FIXES:
- core: Fixed a bug where group network mode changes were not honored [GH-7414]
- core: Optimized and fixed few bugs in underlying RPC handling [GH-7044] [GH-7045]
- api: Fixed a panic when canonicalizing a jobspec with an incorrect job type [GH-7207]
- api: Fixed a bug where calling the node GC or GcAlloc endpoints resulted in an error EOF return on successful requests [GH-5970]
- api: Fixed a bug where
/client/allocations/...
(e.g. allocation stats) requests may hang in special cases after a leader election [GH-7370] - cli: Fixed a panic when displaying device plugins without stats [GH-7231]
- cli: Fixed a bug where
alloc exec
command in TLS environments may fail [GH-7274] - client: Fixed a panic when running in Debian with
/etc/debian_version
is empty [GH-7350] - client: Fixed a bug where a multi-task allocation maybe considered healthy despite a task restarting [GH-7383]
v0.10.5
v0.10.4
FEATURES:
- api: Nomad now supports ability to remotely request /debug/pprof endpoints from a remote agent. [GH-6841]
- consul/connect: Nomad may now register Consul Connect services when Consul is configured with ACLs enabled [GH-6701]
- jobspec: Add
shutdown_delay
to task groups so task groups can delay shutdown after deregistering from Consul [GH-6746]
IMPROVEMENTS:
- Our Windows 32-bit and 64-bit executables for this version and up will be signed with a HashiCorp cert. Windows users will no longer see a warning about an "unknown publisher" when running our software.
- build: Updated to Go 1.12.16 [GH-7009]
- cli: Included namespace in output when querying job status [GH-6912]
- cli: Added option to change the name of the file created by the
nomad init
command [GH-6520] - client: Supported AWS EC2 Instance Metadata Service Version 2 (IMDSv2) [GH-6779]
- consul: Add support for service
canary_meta
[GH-6690] - driver/docker: Added a
disable_log_collection
parameter to disable nomad log collection [GH-6820] - server: Introduced a
default_scheduler_config
config parameter to seed initial preemption configuration. [GH-6935] - scheduler: Removed penalty for allocation's previous node if the allocation did not fail. [GH-6781]
- scheduler: Reduced logging verbosity during preemption [GH-6849]
- ui: Updated Run Job button to be conditionally enabled according to ACLs [GH-5944]
BUG FIXES:
- agent: Fixed a panic when using
nomad monitor
on a client node [GH-7053] - agent: Fixed race condition in logging when using
nomad monitor
command [GH-6872] - agent: Fixed a bug where
nomad monitor -server-id
only work for a server's name instead of uuid or name [GH-7015] - core: Addressed an inconsistency where allocations created prior to 0.9 had missing fields [GH-6922]
- cli: Fixed a bug where error messages appeared interleaved with help text inconsistently [GH-6865]
- cli: Fixed a bug where
nomad monitor -node-id
would cause a cli panic when no nodes where found [GH-6828] - config: Fixed a bug where agent startup would fail if the
consul.timeout
configuration was set [GH-6907] - consul: Fixed a bug where script-based health checks would fail if the service configuration included interpolation [GH-6916]
- consul/connect: Fixed a bug where Connect-enabled jobs failed to validate when service names used interpolation [GH-6855]
- drivers: Fixed a bug where exec, java, and raw_exec drivers collected and emited stats every second regardless of the telemetry config [GH-7043]
- driver/exec: Fixed a bug where systemd cgroup wasn't removed upon a task completion [GH-6839]
- server: Fixed a deadlock that may occur when server leadership flaps very quickly [GH-6977]
- scheduler: Fixed a bug that caused evicted allocs on a lost node to be stuck in running [GH-6902]
- scheduler: Fixed a bug where
nomad job plan/apply
returned errors instead of ignoring system job updates for ineligible nodes. [GH-6996]
SECURITY:
- client: Nomad will no longer pass through the
CONSUL_HTTP_TOKEN
environment variable when launching a task. [GH-7131]
v0.10.4-rc1
FEATURES:
- api: Nomad now supports ability to remotely request /debug/pprof endpoints from a remote agent. [GH-6841]
- consul/connect: Nomad may now register Consul Connect services when Consul is configured with ACLs enabled [GH-6701]
- jobspec: Add
shutdown_delay
to task groups so task groups can delay shutdown after deregistering from Consul [GH-6746]
IMPROVEMENTS:
- Our Windows 32-bit and 64-bit executables for this version and up will be signed with a HashiCorp cert. Windows users will no longer see a warning about an "unknown publisher" when running our software.
- build: Updated to Go 1.12.16 [GH-7009]
- cli: Included namespace in output when querying job status [GH-6912]
- cli: Added option to change the name of the file created by the
nomad init
command [GH-6520] - client: Supported AWS EC2 Instance Metadata Service Version 2 (IMDSv2) [GH-6779]
- consul: Add support for service
canary_meta
[GH-6690] - driver/docker: Added a
disable_log_collection
parameter to disable nomad log collection [GH-6820] - server: Introduced a
default_scheduler_config
config parameter to seed initial preemption configuration. [GH-6935] - scheduler: Removed penalty for allocation's previous node if the allocation did not fail. [GH-6781]
- scheduler: Reduced logging verbosity during preemption [GH-6849]
- ui: Updated Run Job button to be conditionally enabled according to ACLs [GH-5944]
BUG FIXES:
- agent: Fixed a panic when using
nomad monitor
on a client node [GH-7053] - agent: Fixed race condition in logging when using
nomad monitor
command [GH-6872] - agent: Fixed a bug where
nomad monitor -server-id
only work for a server's name instead of uuid or name [GH-7015] - core: Addressed an inconsistency where allocations created prior to 0.9 had missing fields [GH-6922]
- cli: Fixed a bug where error messages appeared interleaved with help text inconsistently [GH-6865]
- cli: Fixed a bug where
nomad monitor -node-id
would cause a cli panic when no nodes where found [GH-6828] - config: Fixed a bug where agent startup would fail if the
consul.timeout
configuration was set [GH-6907] - consul: Fixed a bug where script-based health checks would fail if the service configuration included interpolation [GH-6916]
- consul/connect: Fixed a bug where Connect-enabled jobs failed to validate when service names used interpolation [GH-6855]
- drivers: Fixed a bug where exec, java, and raw_exec drivers collected and emited stats every second regardless of the telemetry config [GH-7043]
- driver/exec: Fixed a bug where systemd cgroup wasn't removed upon a task completion [GH-6839]
- server: Fixed a deadlock that may occur when server leadership flaps very quickly [GH-6977]
- scheduler: Fixed a bug that caused evicted allocs on a lost node to be stuck in running [GH-6902]
- scheduler: Fixed a bug where
nomad job plan/apply
returned errors instead of ignoring system job updates for ineligible nodes. [GH-6996]
SECURITY:
- client: Nomad will no longer pass through the
CONSUL_HTTP_TOKEN
environment variable when launching a task. [GH-7131]
v0.10.3
SECURITY:
- agent: Added unauthenticated connection timeouts and limits to prevent resource exhaustion. CVE-2020-7218 [GH-7002]
- server: Fixed insufficient validation for role and region for RPC connections when TLS enabled. CVE-2020-7956 [GH-7003]
IMPROVEMENTS:
- build: Updated to Go 1.12.16