This topic describes the lifecycle stages that Google Distributed Cloud (GDC) air-gapped features might transition through, such as the following launch stages:
There are also the following end-of-life stages:
Launch stages
Preview
At Preview, a feature is ready for testing by customers before adopting it for production use at GA. Preview offerings are often publicly announced, but are not necessarily feature-complete, and Google provides no Service Level Agreements (SLA) or technical support commitments for these. Unless stated otherwise by Google, Preview offerings are intended for use in test environments only. Features in Preview are typically expected to reach GA within 12 months, but this might vary.
General Availability (GA)
General Availability (GA) features are production ready, though not always universally available. Some GA features might only be available to a limited group of customers. For customers with increased accreditation standards, some GA features are not available to use.
By default, all Marketplace services are configured as GA features unless otherwise noted. This means for highly regulated deployments, your Infrastructure Operator (IO) must manually enable Marketplace services](/distributed-cloud/hosted/docs/latest/gdch/application/ao-user/marketplace-offerings) before you can use them.
Accredited
Accredited features are GA features that have received approval from the concerned accreditation agencies and are ready for customer onboarding. Customers with regulated deployments might require some production-ready features be accredited before they can use them. This feature type is identified as a Significant Change Request (SCR) feature and is undergoing further review. This feature has not received an Authority to Operate (ATO) within a regulated environment. Reach out to your IO with questions regarding feature accessibility.
End-of-life stages
Deprecated
Marking an offering deprecated is an announcement that GDC is discontinuing a service or feature that it supports. See the Google Cloud deprecation policy for more information: https://cloud.google.com/terms/deprecation.
Decommissioned
Decommissioning an offering means that the feature is no longer available. Calling decommissioned software can result in unpredictable behavior or invalid responses.
Feature gates
Feature gates are a mechanism used by your Infrastructure Operator (IO) to manage features that are in the following feature stages:
- Preview
- In review for accreditation
Based on your deployment, the features in the following table might not be available to use. Check with your IO for more information.
| Feature | Stage | Description |
|---|---|---|
| Vertex AI Document Vision Service (DVS) | Preview | A document-processing feature for directly translating formatted PDF files and preserving the original formatting and layout. DVS translates documents both inline and from storage buckets. |
| AlloyDB Omni database engine | Preview | A PostgreSQL-compatible database service optimized for performance, scale, and availability in a wide range of workloads. |
| Harbor as a Service (HaaS) | Preview | Managed container registry service that lets developers store and deploy container-based applications. |
| System cluster authentication | In review | Authentication method for system cluster workloads. |
| Inactive user logout | In review | Automatic user session logout feature for user inactivity. |
| Encrypted tokens | In review | Capability to process encrypted OIDC tokens, encrypted SAML assertions, and signed SAML requests. |
| Administrator sessions manager | In review | Session revocation initiated by an administrator. |
| Rocky Linux OS | In review | Ability to provision cluster nodes using the Rocky 8 Linux operating system. |
| Audit and operational logs export | In review | Capability to export audit and operational logs to the Security Information and Event Management (SIEM) system. |
| Object storage bypass firewall | In review | Configuration to allow customer traffic to bypass the IDPS firewall when calling the GDC Object Storage API. |
| Customer direct connect | In review | Capability to bypass the shared customer connection and data transfer in directly to the customer's tenant organization using dedicated, tenant-provided transport. |
| Netflow recording | In review | Netflow monitoring on GDC physical network devices, which records network flows between subnets used for troubleshooting and billing purposes. |
| Billing monetizer | In review | Monetizer for automated metering and billing. |
| Billing invoice generation | In review | Automated billing invoice generation. |
| VM golden package repositories | In review | Google-managed repositories providing updated packages to VMs in each GDC release. |
| Bring-your-own VM image | In review | Feature for importing your own VM OS images. |
| Object-related controls in UI | In review | Object-related features, including file upload and download, in the GDC console. |
| Kubernetes enable YubiKey BRK | In review | Capability to generate a bootstrap root kubeconfig (BRK) inside a Yubikey for a subordinate Kubernetes cluster. |
| Monitoring SLO API | In review | API for creating service-level objectives (SLOs) that can be used to monitor service health. |
| Database migration | In review | Replication-based database migration option that can migrate large source databases running on-premises into a GDC database service. |
| System package validation | In review | Signature verification for artifacts released in GDC system packages. |
| KMS external root key | In review | KMS configured to be rooted in an external system of choice, like an external HSM or a local Kubernetes secret. |
| Performance test as a service (PtaaS) | In review | Service for running performance benchmarks in a live GDC environment. |
| File/block storage LUKS | In review | Client-side data encryption with the Linux Unified Key Setup (LUKS). |
| Cluster networking connectivity | In review | Capability to encrypt internal cluster networking control plane communications using Transport Layer Security (TLS). |
| Vertex AI Asynchronous OCR | In review | Vertex AI Optical Character Recognition (OCR) asynchronous APIs that support batch image extraction. |
| Object storage proxy | In review | Service that works as a proxy for all S3 API requests, which allows the proxy to intercept, filter, and modify S3 API requests before they are forwarded to the Object Storage appliance. |
| Object storage encryption | In review | Service that encrypts all S3 API requests before they are forwarded to the Object Storage appliance. |
By default, a feature gate controls each Marketplace service. Marketplace services are easy-to-install, self-managed solutions from third-party vendors and Google. They are production ready, but not accredited by default. For customers with increased accreditation standards, the IO must enable each feature gate individually to make the corresponding Marketplace service available.
The following table lists the Marketplace services controlled by a feature gate:
| Feature | Description |
|---|---|
| Dataproc Container for Spark | An open source Google project which lets you run Apache Spark on GKE on GDC clusters. |
| Elastic Cloud on Kubernetes (BYOL) | Elastic provides flexible search, monitoring, and security solutions based on Elasticsearch. |
| MongoDB Enterprise Advanced (BYOL) | A collection of products and services that drive security, efficiency, and put you in control of your MongoDB databases. |