Google Distributed Cloud air-gapped 1.9.1 release notes

March 21, 2023 [GDC 1.9.1 General Availability]


Google Distributed Cloud air-gapped 1.9.1 General Availability (GA) is now released.

See the product overview to learn about the features of Google Distributed Cloud air-gapped.

The following table lists services available in Google Distributed Cloud air-gapped.

Artificial Intelligence & Machine Learning
  • Vertex AI Optical Character Recognition (OCR)
  • Vertex AI Speech-to-Text
  • Vertex AI Translate
  • Vertex AI Workbench
Compute
  • Virtual Machines
  • Kubernetes
Databases
  • Database Service for PostgreSQL
  • Database Service for Oracle (BYOL)
Marketplace
  • Dataproc container for Spark
Networking
  • Private networking
  • Load balancing (internal & external)
  • Network security policies
  • Network address translation (NAT)
Security
  • Identity and Access Management
  • Resource Manager
  • Key Management Service
  • Perimeter security
Storage
  • Block storage
  • Object storage
  • File storage
  • Backup service
  • Transfer appliance
Other
  • Observability (logging and monitoring)
  • Container Registry

Google Distributed Cloud air-gapped 1.9.1 GA introduces new predefined cluster roles for disaster recovery:

  • dr-admin created on a root admin cluster for an Infrastructure Operator (IO).

  • gdch-dr-admin created in the namespace gdch-dr for an IO for bucket creation.

  • dr-restore-admin created on an org admin cluster for an IO.

  • dr-backup-admin created on an org admin cluster for a Platform Administrator (PA).

  • dr-system-admin created in the namespace dr-system for a PA for bucket creation.

For details, see:


Google Distributed Cloud air-gapped 1.9.1 GA introduces a tool for generating templates for interconnect-related access control lists.


In Google Distributed Cloud air-gapped 1.9.1 GA, the Node and Operating System component uses an auto restart on configuration feature of the VM to resolve the issue of potential failure to use a new VM disk for a VM after stopping and restarting KVM during cluster upgrade.


In Monitoring operable component, IMSPodImageReconciller did not loop all projects in Artifact Registry and couldn't find images in the library project causing the ims_unauthorized_image alert to fire all the time.


In Google Distributed Cloud air-gapped Private General Availability, Intrusion Detection and Prevention Systems Syslog fans-out to each organization.


Google Distributed Cloud air-gapped 1.9.1 GA adds security rules for Border Gateway Protocol on firewalls using hairpin links CIDR and for Internet Control Message Protocol on firewalls using instance external CIDR.


Updated Google Distributed Cloud version to 1.14.2-gke.11 to apply the latest security patches and important updates.

See Google Distributed Cloud 1.14.2 release notes for details.


Updated Canonical Ubuntu OS image version to 20230227 to apply the latest security patches and important updates.

The following security vulnerabilities are fixed:



Google Distributed Cloud air-gapped 1.9.1 has a known issue where role-based access control (RBAC) and schema settings in the VM manager is stopping users from starting VM backup and restore processes.


Google Distributed Cloud air-gapped 1.9.0 has a known issue where remote server management software is occasionally unable to retrieve the key from HSM.


Google Distributed Cloud air-gapped 1.9.1 GA has a known issue where using the standard-block storage class might prevent virtual machines (VMs) from starting or restarting.


Google Distributed Cloud air-gapped 1.9.1 GA has a known issue where a compute node becomes stuck after reprovisioning a machine.


Google Distributed Cloud air-gapped 1.9.1 GA has a known issue during the Node OS upgrade where a the server is stuck in deprovisioning because boot.ipxe URL is invalid.


Google Distributed Cloud air-gapped 1.9.1 GA has a known issue during the Node OS upgrade where a node fails the machine-init job.


Google Distributed Cloud air-gapped 1.9.1 GA has a known issue where the upgrade from 1.9.0 to 1.9.1 is blocked because the ods-fleet add-on failed to install.


Google Distributed Cloud air-gapped 1.9.0 has a known issue in the UI that lets you select an incompatible coupling of GPU to VM type.


Google Distributed Cloud air-gapped 1.9.0 has a known issue where VMs with memory greater than 32 GB require a memory override due to an incorrect QEMU overhead calculation.


Google Distributed Cloud air-gapped 1.9.1 GA has a known issue where alerts in organization system clusters don't reach the ticketing system.