Skip to content

@notnoop notnoop released this Jun 9, 2021

1.1.1 (June 9, 2021)

FEATURES:

  • Connect Mesh Gateways: Adds built-in support for running Consul Connect Mesh Gateways [GH-10658]

IMPROVEMENTS:

  • build: Updated to Go 1.16.5 [GH-10733]
  • cli: Added success confirmation message for nomad volume delete and nomad volume deregister. [GH-10591]
  • cli: Cross-namespace nomad job commands will now select exact matches if the selection is unambiguous. [GH-10648]
  • client/fingerprint: Consul fingerprinter probes for additional enterprise and connect related attributes [GH-10699]
  • consul/connect: Only schedule connect tasks on nodes where connect is enabled in Consul [GH-10702]
  • csi: Validate that volume blocks for CSI volumes include the required attachment_mode and access_mode fields. [GH-10651]
  • server: Make deployment rate limiting configurable for high volume loads [GH-10706]

BUG FIXES:

  • api: Fixed event stream connection initialization when there are no events to send [GH-10637]
  • cli: Fixed a bug where plugin status did not validate the passed type flag correctly [GH-10712]
  • cli: Fixed a bug where quota status and namespace status commands may panic if the CLI targets a pre-1.1.0 cluster [GH-10620]
  • cli: Fixed a bug where alloc exec may fail with "unexpected EOF" without returning the exit code after a command [GH-10657]
  • consul: Fixed a bug where consul namespace API would be queried even when consul namespaces were not enabled [GH-10715]
  • consul: Fixed a bug where connect jobs would always fail job submission when allow_unauthenticated was set to false [GH-10718]
  • csi: Fixed a bug where mount_options were not passed to CSI controller plugins for validation during volume creation and mounting. [GH-10643]
  • csi: Fixed a bug where capability blocks were not passed to CSI controller plugins for validation for nomad volume register commands. [GH-10703]
  • client: Fixed a bug where alloc exec sessions may terminate abruptly after a few minutes [GH-10710]
  • drivers/exec: Fixed a bug where exec and java tasks inherit the Nomad agent's oom_score_adj value [GH-10698]
  • drivers/docker: Fixed a bug where short lived docker tasks may fail with obscure cpuset cgroup errors [GH-10416]
  • quotas (Enterprise): Fixed a bug where stopped allocations for a failed deployment can be double-credited to quota limits, resulting in a quota limit bypass. [GH-10694]
  • ui: Fixed a bug where exec would not work across regions. [GH-10539]
  • ui: Fixed global-search shortcut for non-english keyboards. [GH-10714]
11 people reacted
Assets 2
Jun 9, 2021
Version 1.0.7

@tgross tgross released this May 18, 2021

https://github.com/hashicorp/nomad/blob/release-1.1.0/CHANGELOG.md

1.1.0 (May 18, 2021)

FEATURES:

  • Memory oversubscription: Improve cluster efficiency by allowing applications, whether containerized or non-containerized, to use memory in excess of their scheduled amount.
  • Reserved CPU cores: Improve the performance of your applications by ensuring tasks have exclusive use of client CPUs.
  • UI improvements: Enjoy a streamlined operator experience with fuzzy search, resource monitoring, and authentication improvements.
  • CSI enhancements: Run stateful applications with improved volume management and support for Container Storage Interface (CSI) plugins such as Ceph.
  • Readiness checks: Differentiate between application liveness and readiness with new options for task health checks.
  • Remote task drivers (technical preview): Use Nomad to manage your workloads on more platforms, such as AWS Lambda or Amazon ECS.
  • Consul namespace support (Enterprise): Run Nomad-defined services in their HashiCorp Consul namespaces more easily using Nomad Enterprise.
  • License autoloading (Enterprise): Automatically load Nomad licenses when a Nomad server agent starts using Nomad Enterprise.
  • Autoscaling improvements: Scale your applications more precisely with new strategies.

BACKWARDS INCOMPATIBILITIES:

  • csi: The attachment_mode and access_mode field are required for volume blocks in job specifications. Registering a volume requires at least one capability block with the attachment_mode and access_mode fields set. [GH-10330]
  • drivers/exec+java: Reduce set of linux capabilities enabled by default [GH-10600]
  • licensing: Enterprise licenses are no longer stored in raft or synced between servers. Loading the Enterprise license from disk or environment is required. The nomad license put command has been removed. [GH-10458]

SECURITY:

  • drivers/docker+exec+java: Disable CAP_NET_RAW linux capability by default to prevent ARP spoofing. CVE-2021-32575 GH-10568

IMPROVEMENTS:

  • api: Added an API endpoint for fuzzy search queries [GH-10184]
  • api: Removed unimplemented CSIVolumes.PluginList API. [GH-10158]
  • api: Added namespace field for the jobs list endpoint response [GH-10434]
  • build: Updated to Go 1.16.3 [GH-10483]
  • cli: Update defaults for nomad operator debug flags -interval and -server-id to match common usage. [GH-10121]
  • cli: Support an optional file argument for volume init and quota init commands [GH-10397]
  • client/config: Enable sockaddr templating for network-interface attribute. [GH-10404]
  • client/fingerprint: Added support multiple host network aliases for the same interface. [GH-10104]
  • consul: Allow setting body field on service/check Consul health checks. [GH-10186]
  • consul/connect: Use exponential backoff for consul envoy bootstrap process [GH-10453]
  • consul/connect: Enable setting local_bind_address field on connect upstreams [GH-6248]
  • consul/connect: Added job-submission validation for Connect sidecar service and group names [GH-10455]
  • consul/connect: Automatically populate CONSUL_HTTP_ADDR for connect native tasks in host networking mode. [GH-10239]
  • consul/connect: Added disable_default_tcp_check field to connect.sidecar_service blocks to disable the default TCP listener check for Connect sidecar tasks. [GH-10531]
  • core: Persist metadata about most recent drain in Node.LastDrain [GH-10250]
  • csi: Added support for jobs to request a unique volume ID per allocation. [GH-10136]
  • driver/docker: Added support for optional extra container labels. [GH-9885]
  • driver/docker: Added support for configuring default logger behavior in the client configuration. [GH-10156]
  • metrics: Added blocked evaluation resources metrics [GH-10454]
  • networking: Added support for user-defined iptables rules on the NOMAD-ADMIN chain. [GH-10181]
  • networking: Added support for interpolating host network names with node attributes. [GH-10196]
  • nomad/structs: Removed deprecated Node.Drain field, added API extensions to restore it [GH-10202]
  • ui: Added a job reversion button [GH-10336]
  • ui: Added memory maximum to task group ribbon [GH-10459]
  • ui: Updated global search to use fuzzy search API [GH-10412]
  • ui: Changed displays of aggregate units to use larger suffixes when appropriate [GH-10257]
  • ui: Added resource reservation indicators on client charts and task breakdowns on allocation charts [GH-10208]

BUG FIXES:

  • core (Enterprise): Update licensing library to v0.0.11 to include race condition fix. [GH-10253]
  • agent: Only allow querying Prometheus formatted metrics if Prometheus is enabled within the config [GH-10140]
  • api: Ensured that api.LicenseGet returned response meta data [GH-10276]
  • api: Added missing devices block to AllocatedTaskResources [GH-10064]
  • api: Fixed a panic that may occur on concurrent access to an SDK client [GH-10302]
  • cli: Fixed a bug where non-int proxy port would panic CLI [GH-10072]
  • cli: Fixed a bug where snapshot agent command panics on launch [GH-10276]
  • cli: Remove extra linefeeds in monitor.log files written by nomad operator debug. [GH-10252]
  • cli: Fixed a bug where parsing HCLv2 may panic on some variable interpolation syntax [GH-10326] [GH-10419]
  • cli: Fixed a bug where nomad operator debug incorrectly parsed https Consul API URLs. [GH-10082]
  • cli: Fixed a panic where nomad job run or plan would crash when supplied with non-existent -var-file files. [GH-10569]
  • client: Fixed log formatting when killing tasks. [GH-10135]
  • client: Added handling for cgroup-v2 memory metrics [GH-10286]
  • client: Only publish measured allocation memory metrics [GH-10376]
  • client: Fixed a bug where small files would be assigned the wrong content type. [GH-10348]
  • consul/connect: Fixed a bug where job plan always different when using expose checks. [GH-10492]
  • consul/connect: Fixed a bug where HTTP ingress gateways could not use wildcard names. [GH-10457]
  • cni: Fallback to an interface with an IP address if sandbox interface lacks one. [GH-9895]
  • csi: Fixed a bug where volume with IDs that are a substring prefix of another volume could use the wrong volume for feasibility checking. [GH-10158]
  • drivers/docker: Fixed a bug where Dockerfile STOPSIGNAL was not honored. [GH-10441]
  • drivers/raw_exec: Fixed a bug where exit codes could be dropped and return a spurious error. [GH-10494]
  • scheduler: Fixed a bug where Nomad reports negative or incorrect running children counts for periodic jobs. [GH-10145]
  • scheduler: Fixed a bug where jobs requesting multiple CSI volumes could be incorrectly scheduled if only one of the volumes passed feasibility checking. [GH-10143]
  • service: Fixed a bug where new script checks would not be added on job updates. [GH-10403]
  • server: Fixed a bug affecting periodic job summary counts [GH-10145]
  • server: Fixed a bug where draining a node may fail to migrate its allocations [GH-10411]
  • server: Fixed a bug where jobs may not run if submitted with ParentID field set [GH-10424]
  • server: Fixed a panic that may arise on submission of jobs containing invalid service checks [GH-10154]
  • ui: Fixed the rendering of interstitial components shown after processing a dynamic application sizing recommendation. [GH-10094]
Assets 2

@tgross tgross released this May 18, 2021

https://github.com/hashicorp/nomad/blob/release-1.0.6/CHANGELOG.md

1.0.6 (May 18, 2021)

BUG FIXES:

  • core (Enterprise): Update licensing library to v0.0.11 to include race condition fix. [GH-10253]
  • agent: Only allow querying Prometheus formatted metrics if Prometheus is enabled within the config [GH-10140]
  • api: Ensured that api.LicenseGet returned response meta data [GH-10276]
  • api: Added missing devices block to AllocatedTaskResources [GH-10064]
  • api: Fixed a panic that may occur on concurrent access to an SDK client [GH-10302]
  • cli: Fixed a bug where non-int proxy port would panic CLI [GH-10072]
  • cli: Fixed a bug where snapshot agent command panics on launch [GH-10276]
  • cli: Remove extra linefeeds in monitor.log files written by nomad operator debug. [GH-10252]
  • cli: Fixed a bug where parsing HCLv2 may panic on some variable interpolation syntax [GH-10326] [GH-10419]
  • cli: Fixed a bug where nomad operator debug incorrectly parsed https Consul API URLs. [GH-10082]
  • cli: Fixed a panic where nomad job run or plan would crash when supplied with non-existent -var-file files. [GH-10569]
  • client: Fixed log formatting when killing tasks. [GH-10135]
  • client: Added handling for cgroup-v2 memory metrics [GH-10286]
  • client: Only publish measured allocation memory metrics [GH-10376]
  • client: Fixed a bug where small files would be assigned the wrong content type. [GH-10348]
  • consul/connect: Fixed a bug where job plan always different when using expose checks. [GH-10492]
  • consul/connect: Fixed a bug where HTTP ingress gateways could not use wildcard names. [GH-10457]
  • cni: Fallback to an interface with an IP address if sandbox interface lacks one. [GH-9895]
  • csi: Fixed a bug where volume with IDs that are a substring prefix of another volume could use the wrong volume for feasibility checking. [GH-10158]
  • drivers/docker: Fixed a bug where Dockerfile STOPSIGNAL was not honored. [GH-10441]
  • drivers/raw_exec: Fixed a bug where exit codes could be dropped and return a spurious error. [GH-10494]
  • scheduler: Fixed a bug where Nomad reports negative or incorrect running children counts for periodic jobs. [GH-10145]
  • scheduler: Fixed a bug where jobs requesting multiple CSI volumes could be incorrectly scheduled if only one of the volumes passed feasibility checking. [GH-10143]
  • service: Fixed a bug where new script checks would not be added on job updates. [GH-10403]
  • server: Fixed a bug affecting periodic job summary counts [GH-10145]
  • server: Fixed a bug where draining a node may fail to migrate its allocations [GH-10411]
  • server: Fixed a bug where jobs may not run if submitted with ParentID field set [GH-10424]
  • server: Fixed a panic that may arise on submission of jobs containing invalid service checks [GH-10154]
  • ui: Fixed the rendering of interstitial components shown after processing a dynamic application sizing recommendation. [GH-10094]
Assets 2
May 12, 2021
Version 1.1.0-rc1

@notnoop notnoop released this May 13, 2021

1.0.5 (May 12, 2021)

SECURITY:

  • drivers/docker+exec+java: Disable CAP_NET_RAW linux capability by default to prevent ARP spoofing. CVE-2021-32575 [GH-10568]
Assets 2
May 12, 2021
Version 0.12.12
May 3, 2021
Version 1.1.0-beta1
Mar 18, 2021
Version 0.12.11

@tgross tgross released this Feb 24, 2021

1.0.4 (February 24, 2021)

FEATURES:

  • Terminating Gateways: Adds built-in support for running Consul Connect terminating gateways [GH-9829]

IMPROVEMENTS:

  • api: Added OSS handling for license request to stop spurious errors from appearing in the logs [GH-9963]
  • agent: Removed leading whitespace from JSON-formatted log output. [GH-9795]
  • cli: Added optional -task <task-name> flag to alloc logs to match alloc exec [GH-10026]
  • cli: Improved scaling policy commands with -verbose, auto-completion, and prefix-matching [GH-9964]
  • consul/connect: Enable custom sidecar tasks to use connect expose checks [GH-9995]
  • consul/connect: Added validation to prevent connect blocks from being added to task services. [GH-9817]
  • consul/connect: Made handling of sidecar task container image URLs consistent with the docker task driver. [GH-9580]
  • drivers/exec+java: Added client plugin and task configuration options to re-enable previous PID/IPC namespace behavior [GH-9982] [GH-9990]
  • ui: Added button to fail running deployments [GH-9831]
  • ui: Reduced bundle size by removing support for IE 11 [GH-9578]

BUG FIXES:

  • cli: Fixed a bug where some fields in dynamic blocks were not interpolated. [GH-9921]
  • cli: Fixed a bug where unset HCL2 variables would panic the CLI if the type was also not set. [GH-10045]
  • consul: Fixed a bug where failing tasks with group services would only cause the allocation to restart once instead of respecting the restart field. [GH-9869]
  • consul/connect: Fixed a bug where gateway proxy connection default timeout not set [GH-9851]
  • consul/connect: Fixed a bug preventing more than one connect gateway per Nomad client [GH-9849]
  • consul/connect: Fixed a bug where connect sidecar services would be re-registered unnecessarily. [GH-10059]
  • consul/connect: Fixed a bug where the sidecar health checks would fail if host_network was defined. [GH-9975]
  • consul/connect: Fixed a bug where tasks with connect services might be updated when no update necessary. [GH-10077]
  • deployments: Fixed a bug where deployments with multiple task groups and manual promotion would fail if promoted after the progress deadline. [GH-10042]
  • drivers/docker: Fixed a bug preventing multiple ports to be mapped to the same container port [GH-9951]
  • driver/qemu: Fixed a bug where network namespaces were not supported for QEMU workloads [GH-9861]
  • nomad/structs: Fixed a bug where static ports with the same value but different host_network were invalid [GH-9946]
  • scheduler: Fixed a bug where shared ports were not persisted during inplace updates for service jobs. [GH-9830]
  • scheduler: Fixed a bug where job statuses and summaries where duplicated and miscalculated when registering a job. [GH-9768]
  • scheduler: Fixed a bug that caused the scheduler not to detect changes for host_network port field. [GH-9937]
  • scheduler (Enterprise): Fixed a bug where the deprecated network mbits field was being considered as part of quota enforcement. [GH-9920]
  • ui: Fixed exec command escaping of emoji in task names [GH-7813]
  • ui: Consistently use the correct MHz shorthand throughout the UI [GH-9896]
  • ui: Fixed inconsistent namespace casing in the namespace selector [GH-9876]
  • ui: Always draw allocation associations if the alloc count is less than 10 [GH-9769]
  • ui: Fixed incorrect text alignment in the topology visualization in Firefox [GH-9894]
  • ui: Fixed node composite status so being down takes priority over being ineligible [GH-9927]
  • ui: Don't count reservations of terminal allocations in the topology visualization [GH-9886]
  • ui: Use server-sent error messages when applicable (e.g., when a task can't be stopped) [GH-9909]
  • ui: Send the region query param when making cross-region client/server monitor requests [GH-9913]
  • ui: Fixed a bug where namespaces were not being included when opening exec windows from allocations and tasks [GH-9968]
  • ui: Don't draw allocation associations in the topology visualization on window resize when the associations aren't supposed to be shown [GH-9769]
  • volumes: Fixed a bug where volume diffs were not displayed in the output of nomad plan. [GH-9973]
Assets 2