Published on feb 25, 2023
HashiCorp has released version 1.5 of Nomad, which is currently in beta testing. It is an orchestrator platform for deploying and managing both containerized and non-containerized environments. As a result of this release, single sign-on and OIDC support have been added, as well as dynamic metadata for nodes, job templates, and improvements to the user interface.
As a result of this release, it is now possible to sign into Nomad via single sign-on (SSO). It is possible to use any OIDC-compliant identity provider (IDP). At the time of writing, these include Okta, Auth0, Amazon Cognito, Google Identity Platform, Azure Active Directory, and HashiCorp Vault. ACL tokens were previously used to control permissions in previous releases. Nomad administrators were responsible for the distribution and management of these tokens.
As part of this improvement, a new nomad login CLI command has been added. Using this command, you can exchange the provided third-party credentials with the requested authentication method to obtain a Nomad ACL token.
Additionally, this release improves the process of setting and updating metadata on Nomad client nodes. Client nodes may be configured with metadata to assist with scheduling decisions. It is possible to specify the node attribute that allocations should be spread over using the spread block, for instance.
The client can now dynamically update and create metadata without having to restart. The API, the UI, or the command line can be used to accomplish this.
A new Unix domain socket (UDS) has been added to simplify the communication between Nomad tasks and Nomad. It is mounted at $[NOMAD_SECRETS_DIR]/api.sock, and requests to it require authentication. The socket can be used for a variety of tasks, including autoscaling controllers, custom operator tasks, and metadata modification.
This release includes new job templates. In order to help new Nomad users get up to speed, they cover topics such as a simple service job, batch jobs, service discovery, and Nomad variables. Both the UI and the CLI provide access to templates.
A number of UI improvements are also included in this release, including a new page where administrators can view, create, and update Nomad ACL policies. Additionally, task events are now displayed in the logs sidebar. Debugging will be easier as this will provide information regarding task failures.
The HashiCorp blog provides more information about the release. Questions and feedback may be directed to the Nomad Community Forums or the community office hours. It is possible to download the open-source version of Nomad for free.
