August 04, 2023 [GDCH 1.10.0]
Google Distributed Cloud air-gapped 1.10.0 is now available.
See the product overview to learn about the features of Google Distributed Cloud air-gapped.
In the Google Distributed Cloud air-gapped 1.10.0 Addon Manager (ADD) component, the GKE on Bare Metal version is updated to 1.15.1-gke.10 to apply the latest security patches and important updates.
See GKE on Bare Metal 1.15.1 release notes for details.
Updated Canonical Ubuntu OS image version to 20230529 to apply the latest security patches and important updates. The following security vulnerabilities are fixed:
- CVE-2014-9488
- CVE-2018-16301
- CVE-2018-25032
- CVE-2019-13224
- CVE-2019-13225
- CVE-2019-13232
- CVE-2019-16163
- CVE-2019-19012
- CVE-2019-19203
- CVE-2019-19204
- CVE-2019-19246
- CVE-2019-6706
- CVE-2020-14382
- CVE-2020-16592
- CVE-2020-26570
- CVE-2020-26571
- CVE-2020-26572
- CVE-2020-28241
- CVE-2020-8037
- CVE-2020-8252
- CVE-2021-22918
- CVE-2021-3487
- CVE-2021-4122
- CVE-2021-4217
- CVE-2022-0529
- CVE-2022-0530
- CVE-2022-1664
- CVE-2022-20770
- CVE-2022-20771
- CVE-2022-20785
- CVE-2022-20792
- CVE-2022-20796
- CVE-2022-23648
- CVE-2022-24903
- CVE-2022-29154
- CVE-2022-3094
- CVE-2022-37434
- CVE-2022-38533
- CVE-2022-40898
- CVE-2023-20032
- CVE-2023-20052
- CVE-2023-22490
- CVE-2023-23946
- CVE-2023-25584
- CVE-2023-25585
- CVE-2023-25588
- CVE-2023-25652
- CVE-2023-25809
- CVE-2023-25815
- CVE-2023-27561
- CVE-2023-28642
- CVE-2023-29007
In the Google Distributed Cloud air-gapped 1.10.0 Hardware Security Module (HSM) component, additional internal HSM backups are available for improved durability.
In the Google Distributed Cloud air-gapped 1.10.0 Hardware Security Module (HSM) component, rotation of the HSM credentials is automated.
The Google Distributed Cloud air-gapped 1.10.0 Hardware
Security Module (HSM) component introduces the gdcloud system hsm backup
command to perform automatic backups of the HSM cluster.
In the Google Distributed Cloud air-gapped 1.10.0 Hardware Security Module (HSM) component, an issue is resolved where HSM resources prevented organization deactivation.
In the Google Distributed Cloud air-gapped 1.10.0 Hardware Security Module (HSM) component, the issue on the HSM not generating organization configurations is resolved.
In the Google Distributed Cloud air-gapped 1.10.0 Hardware Security Module (HSM) component, an issue is resolved on preventing successful HSM backup key generation.
In the Google Distributed Cloud air-gapped 1.10.0 AddOn component, the issue on clamav runner handling SIGTERM signal is resolved.
This release fixes an issue with disaster recovery execution of HSM backups.
Google Distributed Cloud air-gapped 1.10.0 has a known issue where role-based access control (RBAC) and schema settings in the VM manager that stops users from starting VM backup and restore processes.
Google Distributed Cloud air-gapped 1.10.0 has a known issue where a Harbor cluster is unhealthy as the Harbor jobservice's state is CrashLoopBackOff after an upgrade.
Google Distributed Cloud air-gapped 1.10.0 has a known issue where some pods cannot be evicted during ABM node draining, which blocks the ABM cluster upgrade.
Google Distributed Cloud air-gapped 1.10.0 has a known issue where some pods might crash due to API server access issues such as refresh leader election.
Google Distributed Cloud air-gapped 1.10.0 has a known issue where the node os
upgrade on the org admin cluster gets stuck in NodeDraining
status.
Google Distributed Cloud air-gapped 1.10.0 has a known issue where node upgrade fails to backup ipsec config.
Google Distributed Cloud air-gapped 1.10.0 has a known issue where upgrade fails when a pod is terminated.
Google Distributed Cloud air-gapped 1.10.0 has a known issue where a node upgrade is blocked on the update-control-plane-config
job.
Google Distributed Cloud air-gapped 1.10.0 has a known issue where upgrading
an organization to 1.10.x from 1.9.1 or earlier might cause
kube-apiserver
pods to not come up during an upgrade.
Google Distributed Cloud air-gapped 1.10.0 has a known issue where upgrading
to 1.10 might cause a storageCluster
object to be unhealthy.
Google Distributed Cloud air-gapped 1.10.0 has a known issue where upgrading
to 1.10 might cause a storageCluster
object to not finish
reconciling aggregate encryption.
Google Distributed Cloud air-gapped 1.10.0 has a known issue where upgrading
to 1.10 might cause multiple storagevirtualmachine
objects to be unhealthy.
Google Distributed Cloud air-gapped 1.10.0 has a known issue where alerts in organization system clusters don't reach the ticketing system.