Google Distributed Cloud air-gapped 1.9.3 release notes
Stay organized with collections
Save and categorize content based on your preferences.
April 28, 2023 [GDC 1.9.3]
Google Distributed Cloud air-gapped 1.9.3 is now released.
See the product overview to learn about the features of Google Distributed Cloud air-gapped.
The Google Distributed Cloud air-gapped 1.9.3 audit logging (AL) operable component introduces an enhancement for AuditLoggingTargets. Kubernetes objects created by an AuditLoggingTarget CR are now self-healed if they are updated or deleted.
Updated Google Distributed Cloud version to 1.14.4-gke.4 to apply the latest security patches and important updates.
The Google Distributed Cloud air-gapped 1.9.3 user interface (UI) now includes a message to inform you about the maximum worker node amount with the current control plane setting and pod CIDR option when you create a cluster.
The following container image security vulnerabilities are fixed:
In the Google Distributed Cloud air-gapped 1.9.3 user interface (UI) component, VM creation using UI allows disks restored from a snapshot to serve as boot disks.
In the Google Distributed Cloud air-gapped 1.9.3 identity and access management (IAM) component, predefined roles enabled for upgrades are no longer subject to manual changes. Predefined role manifests override any manual changes.
Google Distributed Cloud air-gapped 1.9.3 resolves the Firewall admin account lock out issue while rotating the admin credentials in the firewall (FW) component.
Google Distributed Cloud air-gapped 1.9.3 fixes export of operational logs to Splunk in the LOG component.
Google Distributed Cloud air-gapped 1.9.3 has a known issue where role-based access control (RBAC) and schema settings in the VM manager is stopping users from starting VM backup and restore processes.
Google Distributed Cloud air-gapped 1.9.3 has a known issue where the vm-runtime addon is stuck during the upgrade of the gpu-org-system-cluster from 1.9.1 to 1.9.2 because the kubevm-gpu-driver-daemonset pods are in the CrashLoopBackOff state.
Google Distributed Cloud air-gapped 1.9.3 resolves an internal load balancer (ILB) services issue in the UNET component. Releases 1.9.0 - 1.9.2 contained a bug where internal load balancer (ILB) services were assigned an external IP instead of an internal IP. The impact is that the external load balancer IP pool is used more quickly as ILB services take addresses from this pool. However, the IPs assigned to ILB services were not advertised outside of the org, so the service remained internal to the org. This bug is fixed in 1.9.3 so that ILB services are assigned internal IPs.
Google Distributed Cloud air-gapped 1.9.3 has a known issue where a user cluster does not become ready in time.
Google Distributed Cloud air-gapped 1.9.3 has a known issue where an add-on installation fails.
Google Distributed Cloud air-gapped 1.9.3 has a known issue where an OrganizationUpgrade status does not get updated.
Google Distributed Cloud air-gapped 1.9.3 has a known issue where a user cluster upgrade fails to call webhooks.
Google Distributed Cloud air-gapped 1.9.3 has a known issue where a fleet admin controller gets stuck in a crash loop with the Fleet admin controller manager stopped: failed to wait for auditloggingtarget caches to sync: timed out waiting for cache to be synced error in the logs.
Google Distributed Cloud air-gapped 1.9.3 has a known issue where a system cluster does not become ready in time.
Google Distributed Cloud air-gapped 1.9.3 is unable to set AddOn selector labels for the root admin cluster.
Google Distributed Cloud air-gapped 1.9.3 has a known issue in the UI that lets you select an incompatible coupling of GPU to VM type.
Google Distributed Cloud air-gapped 1.9.3 has a known issue where VMs with memory greater than 32 GB require a memory override due to an incorrect QEMU overhead calculation.
Google Distributed Cloud air-gapped 1.9.3 has a known
issue where the kube-state-metrics deployment crash loops.
Google Distributed Cloud air-gapped 1.9.3 has a known issue where alerts in organization system clusters don't reach the ticketing system.
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-08-25 UTC."],[[["\u003cp\u003eGoogle Distributed Cloud air-gapped 1.9.3 is now available, introducing enhancements such as self-healing Kubernetes objects for AuditLoggingTargets and a UI message indicating the maximum worker node amount during cluster creation.\u003c/p\u003e\n"],["\u003cp\u003eThis version updates the Google Distributed Cloud version to 1.14.4-gke.4 to incorporate the latest security patches and critical updates, while also addressing 46 container image security vulnerabilities.\u003c/p\u003e\n"],["\u003cp\u003eThe new user interface allows disks restored from snapshots to be used as boot disks for VM creation, and it is no longer possible to make manual changes to predefined roles as they will be overriden.\u003c/p\u003e\n"],["\u003cp\u003eSeveral issues have been resolved, including a firewall admin account lock-out problem during credential rotation, the operational log export issue to Splunk, and a bug causing internal load balancer services to be assigned external IPs, along with many known issues that remain.\u003c/p\u003e\n"],["\u003cp\u003eSome of the many known issues include: issues with the VM manager, add-ons, upgrades, the fleet admin controller, system clusters, setting AddOn selector labels, incompatible coupling of GPU to VM types, memory overrides on VMs with 32GB or more, \u003ccode\u003ekube-state-metrics\u003c/code\u003e deployments, and alerts in the organization system clusters not reaching the ticketing system.\u003c/p\u003e\n"]]],[],null,["# Google Distributed Cloud air-gapped 1.9.3 release notes\n\n\u003cbr /\u003e\n\nApril 28, 2023 \\[GDC 1.9.3\\]\n----------------------------\n\n*** ** * ** ***\n\n\nGoogle Distributed Cloud air-gapped 1.9.3 is now released.\n\nSee the [product overview](/distributed-cloud/hosted/docs/latest/gdch/overview) to learn about the features of Google Distributed Cloud air-gapped.\n\n*** ** * ** ***\n\n\nThe Google Distributed Cloud air-gapped 1.9.3 audit logging (AL) operable component introduces an enhancement for AuditLoggingTargets. Kubernetes objects created by an AuditLoggingTarget CR are now self-healed if they are updated or deleted.\n\n*** ** * ** ***\n\n\nUpdated Google Distributed Cloud version to 1.14.4-gke.4 to apply the latest security patches and important updates.\n\nSee [the Google Distributed Cloud release notes](https://cloud.google.com/anthos/clusters/docs/bare-metal/latest/release-notes-ver) for the latest information.\n\n*** ** * ** ***\n\n\nThe Google Distributed Cloud air-gapped 1.9.3 user interface (UI) now includes a message to inform you about the maximum worker node amount with the current control plane setting and pod CIDR option when you create a cluster.\n\n*** ** * ** ***\n\n\nThe following container image security vulnerabilities are fixed:\n\n- [CVE-2021-46848](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46848)\n- [CVE-2022-1354](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1354)\n- [CVE-2022-1355](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1355)\n- [CVE-2022-2056](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2056)\n- [CVE-2022-2057](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2057)\n- [CVE-2022-2058](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2058)\n- [CVE-2022-2097](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2097)\n- [CVE-2022-23521](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23521)\n- [CVE-2022-24765](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24765)\n- [CVE-2022-2867](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2867)\n- [CVE-2022-2868](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2868)\n- [CVE-2022-2869](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2869)\n- [CVE-2022-29187](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29187)\n- [CVE-2022-32221](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32221)\n- [CVE-2022-34526](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34526)\n- [CVE-2022-3570](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3570)\n- [CVE-2022-3597](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3597)\n- [CVE-2022-3598](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3598)\n- [CVE-2022-3599](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3599)\n- [CVE-2022-3626](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3626)\n- [CVE-2022-3627](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3627)\n- [CVE-2022-3970](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3970)\n- [CVE-2022-39253](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39253)\n- [CVE-2022-39260](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39260)\n- [CVE-2022-41903](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41903)\n- [CVE-2022-42898](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42898)\n- [CVE-2022-4304](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4304)\n- [CVE-2022-4450](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4450)\n- [CVE-2022-4645](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4645)\n- [CVE-2022-48281](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48281)\n- [CVE-2023-0215](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0215)\n- [CVE-2023-0286](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286)\n- [CVE-2023-0361](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0361)\n- [CVE-2023-0795](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0795)\n- [CVE-2023-0796](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0796)\n- [CVE-2023-0797](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0797)\n- [CVE-2023-0798](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0798)\n- [CVE-2023-0799](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0799)\n- [CVE-2023-0800](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0800)\n- [CVE-2023-0801](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0801)\n- [CVE-2023-0802](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0802)\n- [CVE-2023-0803](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0803)\n- [CVE-2023-0804](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0804)\n- [CVE-2023-26604](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-26604)\n\n*** ** * ** ***\n\n\nIn the Google Distributed Cloud air-gapped 1.9.3 user interface (UI) component, VM creation using UI allows disks restored from a snapshot to serve as boot disks.\n\n*** ** * ** ***\n\n\nIn the Google Distributed Cloud air-gapped 1.9.3 identity and access management (IAM) component, predefined roles enabled for upgrades are no longer subject to manual changes. Predefined role manifests override any manual changes.\n\n*** ** * ** ***\n\n\nGoogle Distributed Cloud air-gapped 1.9.3 resolves the Firewall admin account lock out issue while rotating the admin credentials in the firewall (FW) component.\n\n*** ** * ** ***\n\n\nGoogle Distributed Cloud air-gapped 1.9.3 fixes export of operational logs to Splunk in the LOG component.\n\n*** ** * ** ***\n\n\nGoogle Distributed Cloud air-gapped 1.9.3 has a known issue where role-based access control (RBAC) and schema settings in the VM manager is stopping users from starting VM backup and restore processes.\n\n*** ** * ** ***\n\n\nGoogle Distributed Cloud air-gapped 1.9.3 has a known issue where the `vm-runtime` addon is stuck during the upgrade of the `gpu-org-system-cluster` from 1.9.1 to 1.9.2 because the `kubevm-gpu-driver-daemonset` pods are in the `CrashLoopBackOff` state.\n\n*** ** * ** ***\n\n\nGoogle Distributed Cloud air-gapped 1.9.3 resolves an internal load balancer (ILB) services issue in the UNET component. Releases 1.9.0 - 1.9.2 contained a bug where internal load balancer (ILB) services were assigned an external IP instead of an internal IP. The impact is that the external load balancer IP pool is used more quickly as ILB services take addresses from this pool. However, the IPs assigned to ILB services were not advertised outside of the org, so the service remained internal to the org. This bug is fixed in 1.9.3 so that ILB services are assigned internal IPs.\n\n*** ** * ** ***\n\n\nGoogle Distributed Cloud air-gapped 1.9.3 has a known issue where a user cluster does not become ready in time.\n\n*** ** * ** ***\n\n\nGoogle Distributed Cloud air-gapped 1.9.3 has a known issue where an add-on installation fails.\n\n*** ** * ** ***\n\n\nGoogle Distributed Cloud air-gapped 1.9.3 has a known issue where an `OrganizationUpgrade` status does not get updated.\n\n*** ** * ** ***\n\n\nGoogle Distributed Cloud air-gapped 1.9.3 has a known issue where a user cluster upgrade fails to call webhooks.\n\n*** ** * ** ***\n\n\nGoogle Distributed Cloud air-gapped 1.9.3 has a known issue where a fleet admin controller gets stuck in a crash loop with the `Fleet admin controller manager stopped: failed to wait for auditloggingtarget caches to sync: timed out waiting for cache to be synced` error in the logs.\n\n*** ** * ** ***\n\n\nGoogle Distributed Cloud air-gapped 1.9.3 has a known issue where a system cluster does not become ready in time.\n\n*** ** * ** ***\n\n\nGoogle Distributed Cloud air-gapped 1.9.3 is unable to set AddOn selector labels for the root admin cluster.\n\n*** ** * ** ***\n\nGoogle Distributed Cloud air-gapped 1.9.3 has a known issue in the UI that lets you select an incompatible coupling of GPU to VM type.\n\n*** ** * ** ***\n\nGoogle Distributed Cloud air-gapped 1.9.3 has a known issue where VMs with memory greater than 32 GB require a memory override due to an incorrect QEMU overhead calculation.\n\n*** ** * ** ***\n\nGoogle Distributed Cloud air-gapped 1.9.3 has a known\nissue where the `kube-state-metrics` deployment crash loops.\n\n*** ** * ** ***\n\n\nGoogle Distributed Cloud air-gapped 1.9.3 has a known issue where alerts in organization system clusters don't reach the ticketing system."]]
