We are pleased to announce the availability of Hashicorp Nomad 0.9.2.
Nomad is a flexible workload orchestrator that can be used to easily deploy both containerized and legacy applications across multiple regions or cloud providers. Nomad is easy to operate and scale, and integrates seamlessly with HashiCorp Consul for service discovery and HashiCorp Vault for secrets management.
Nomad 0.9.2 addresses a privilege escalation vulnerability that enables the exec task driver to run with full Linux capabilities such that processes can escalate to run as the root user. This vulnerability exists in Nomad versions 0.9 and 0.9.1. Other task drivers including the Docker task driver are unaffected. See the official announcement for more details.
Nomad 0.9.2 builds upon the work done in Nomad 0.9, with features that enhance the debuggability of running tasks, as well as allocation lifecycle management commands and deployment enhancements. Nomad 0.9.2 also includes an Enterprise feature – preemption capabilities for service and batch jobs.
The new features in Nomad 0.9.2 include:
- Alloc exec: Run commands in a running allocation. Use cases are for inspecting container state, debugging a failed application without needing ssh access into the node that’s running the allocation.
- Alloc restart: Enables performing an in place restart of an entire allocation or individual task. Allocations and tasks can be restarted from the Nomad UI as well.
- Alloc stop: Enables stopping an entire allocation. Stopped allocations are rescheduled elsewhere in the cluster. Allocations can be stopped from the Nomad UI as well.
- Alloc signal: Enables sending a signal to all tasks in an allocation, or signalling an individual task within an allocation.
- Canary Auto-promotion: The update stanza now include a new
auto promoteflag that causes deployments to automatically promote themselves when all canaries become healthy.
- Preemption for Service/Batch jobs: Nomad enterprise adds preemption capabilities to service and batch jobs.
- Preemption Web UI Visibility: Preemption status is shown in various pages in the UI such as the allocation list page and the job status page.
- UI Search: The Nomad UI now supports filtering jobs by type/prefix/status/datacenter, as well as searching clients by class, status, datacenter, or eligibility flags.
This release includes a number of bug fixes as well as improvements to the Web UI, the system scheduler, the CLI, and other Nomad components. The CHANGELOG provides a full list of Nomad 0.9 features, enhancements, and bug fixes.
We are excited to share this release with our users. Visit the Nomad website to learn more.
Originally posted on Hashicorp Blog
Author: Preetha Appan