Note di rilascio di Google Distributed Cloud con air gap 1.13.5
Mantieni tutto organizzato con le raccolte
Salva e classifica i contenuti in base alle tue preferenze.
7 novembre 2024
Google Distributed Cloud (GDC) con air gap 1.13.5 è disponibile.
Consulta la panoramica del prodotto per scoprire le
funzionalità di Distributed Cloud.
È stata aggiornata la versione dell'immagine del sistema operativo Ubuntu alla versione 20240926 per applicare le patch di sicurezza e gli aggiornamenti importanti più recenti.
Per usufruire delle correzioni di bug e vulnerabilità della sicurezza, devi eseguire l'upgrade
di tutti i nodi a ogni release.
Sono state corrette le seguenti vulnerabilità di sicurezza:
È stata aggiornata la versione dell'immagine del sistema operativo Rocky alla versione 20240918 per applicare le patch di sicurezza e gli aggiornamenti importanti più recenti.
Per usufruire delle correzioni di bug e vulnerabilità della sicurezza, devi eseguire l'upgrade
di tutti i nodi a ogni release.
Sono state corrette le seguenti vulnerabilità di sicurezza:
L'upgrade non riesce sul componente aggiuntivo atat-webhooks.
Archiviazione a blocchi:
La macchina virtuale di archiviazione non viene creata.
Le reti intercluster di archiviazione non vengono riconciliate.
Gestione dei cluster:
La creazione del pool di nodi worker del cluster utente non riesce.
Networking:
La mesh del cluster non è configurata con informazioni di zona, il che influisce
sulla connettività del bilanciatore del carico interno.
Sistema operativo:
Non è possibile eseguire SSH sul nodo.
Server fisici:
La cancellazione sicura non riesce senza una licenza.
Esegui l'upgrade:
L'installazione del componente aggiuntivo system-dashboards non riesce.
La risorsa personalizzata NodeUpgradeTask è bloccata nella condizione NodeOSInPlaceUpgradePostProcessingCompleted.
La distribuzione delle immagini non riesce durante un upgrade.
Gli spazi dei nomi platform-obs-obs-system o platform-obs rimangono bloccati nello stato di terminazione durante un upgrade.
La risorsa personalizzata NodeUpgradeTask è bloccata nella condizione
NodeBIOSFirmwareUpgradeCompleted.
L'upgrade del cluster è bloccato perché un nodo non è riuscito a entrare in modalità di manutenzione.
Macchine virtuali:
Le macchine virtuali nei progetti con nomi superiori a 45 caratteri rimangono in stato di arresto.
L'allocazione della GPU non è presente nel cluster di servizio.
Sono stati risolti i seguenti problemi:
Artifact Registry:
È stato corretto il problema che impediva la creazione del cluster di amministrazione principale se l'elenco dei server era lungo durante il bootstrapping
Archiviazione a blocchi:
Sono stati corretti gli errori di configurazione IPsec.
Sono state identificate le seguenti modifiche:
Aggiornamenti delle versioni:
La versione di Google Distributed Cloud per bare metal viene aggiornata alla versione
1.29.600-gke.108 per applicare le patch di sicurezza più recenti e gli aggiornamenti importanti.
[[["Facile da capire","easyToUnderstand","thumb-up"],["Il problema è stato risolto","solvedMyProblem","thumb-up"],["Altra","otherUp","thumb-up"]],[["Difficile da capire","hardToUnderstand","thumb-down"],["Informazioni o codice di esempio errati","incorrectInformationOrSampleCode","thumb-down"],["Mancano le informazioni o gli esempi di cui ho bisogno","missingTheInformationSamplesINeed","thumb-down"],["Problema di traduzione","translationIssue","thumb-down"],["Altra","otherDown","thumb-down"]],["Ultimo aggiornamento 2025-09-04 UTC."],[[["\u003cp\u003eGoogle Distributed Cloud (GDC) air-gapped 1.13.5 is now available, offering new features as detailed in the product overview.\u003c/p\u003e\n"],["\u003cp\u003eThe Ubuntu OS image has been updated to version 20240926, and the Rocky OS image updated to 20240918, incorporating the latest security patches and essential updates to enhance security.\u003c/p\u003e\n"],["\u003cp\u003eTo benefit from the latest bug fixes and security enhancements, it is necessary to upgrade all nodes with each release.\u003c/p\u003e\n"],["\u003cp\u003eThe Google Distributed Cloud for bare metal has been updated to version 1.29.600-gke.108, which includes security patches and updates; more details can be found in the release notes.\u003c/p\u003e\n"],["\u003cp\u003eSeveral identified issues, spanning billing, storage, cluster management, networking, OS, servers, upgrades, and VMs have been identified, alongside issues fixed in artifact registry and block storage.\u003c/p\u003e\n"]]],[],null,["# Google Distributed Cloud air-gapped 1.13.5 release notes\n\n\u003cbr /\u003e\n\nNovember 7, 2024\n----------------\n\n*** ** * ** ***\n\nGoogle Distributed Cloud (GDC) air-gapped 1.13.5 is available. \nSee the [product overview](/distributed-cloud/hosted/docs/latest/gdch/overview) to learn about the features of Distributed Cloud.\n\n*** ** * ** ***\n\nUpdated the Ubuntu OS image version to 20240926 to apply the latest security patches and important updates.\n\n\u003cbr /\u003e\n\nTo take advantage of the bug and security vulnerability fixes, you must upgrade all nodes with each release.\n\nThe following security vulnerabilities are fixed:\n\n- [CVE-2016-1585](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1585)\n- [CVE-2021-46926](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46926)\n- [CVE-2021-47188](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-47188)\n- [CVE-2022-48791](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48791)\n- [CVE-2022-48863](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48863)\n- [CVE-2023-27043](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27043)\n- [CVE-2023-52760](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-52760)\n- [CVE-2024-20505](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20505)\n- [CVE-2024-20506](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20506)\n- [CVE-2024-2201](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2201)\n- [CVE-2024-6232](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6232)\n- [CVE-2024-6345](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6345)\n- [CVE-2024-6923](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6923)\n- [CVE-2024-7006](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7006)\n- [CVE-2024-7592](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7592)\n- [CVE-2024-8088](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-8088)\n- [CVE-2024-8096](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-8096)\n- [CVE-2024-23984](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-23984)\n- [CVE-2024-24860](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24860)\n- [CVE-2024-24968](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24968)\n- [CVE-2024-26677](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26677)\n- [CVE-2024-26787](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26787)\n- [CVE-2024-26830](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26830)\n- [CVE-2024-26921](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26921)\n- [CVE-2024-26929](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26929)\n- [CVE-2024-27012](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27012)\n- [CVE-2024-36901](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36901)\n- [CVE-2024-38570](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38570)\n- [CVE-2024-39484](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39484)\n- [CVE-2024-39494](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39494)\n- [CVE-2024-41957](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41957)\n- [CVE-2024-42160](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42160)\n- [CVE-2024-42228](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42228)\n- [CVE-2024-43374](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-43374)\n- [CVE-2024-45490](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45490)\n- [CVE-2024-45491](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45491)\n- [CVE-2024-45492](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45492)\n\n*** ** * ** ***\n\nUpdated the Rocky OS image version to 20240918 to apply the latest security patches and important updates.\n\n\u003cbr /\u003e\n\nTo take advantage of the bug and security vulnerability fixes, you must upgrade all nodes with each release.\n\nThe following security vulnerabilities are fixed:\n\n- [CVE-2020-36558](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36558)\n- [CVE-2021-35937](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35937)\n- [CVE-2021-35938](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35938)\n- [CVE-2021-35939](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35939)\n- [CVE-2022-1158](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1158)\n- [CVE-2022-2503](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2503)\n- [CVE-2022-2639](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2639)\n- [CVE-2022-2873](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2873)\n- [CVE-2022-2964](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2964)\n- [CVE-2022-3564](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3564)\n- [CVE-2022-4269](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4269)\n- [CVE-2022-4378](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4378)\n- [CVE-2022-36879](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-36879)\n- [CVE-2022-39188](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39188)\n- [CVE-2022-40897](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40897)\n- [CVE-2022-41222](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41222)\n- [CVE-2022-42896](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42896)\n- [CVE-2022-45884](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45884)\n- [CVE-2022-45886](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45886)\n- [CVE-2022-45919](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45919)\n- [CVE-2022-48624](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48624)\n- [CVE-2023-0266](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0266)\n- [CVE-2023-1095](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1095)\n- [CVE-2023-1206](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1206)\n- [CVE-2023-0461](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0461)\n- [CVE-2023-0590](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0590)\n- [CVE-2024-6345](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6345)\n- [CVE-2024-32487](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-32487)\n- [CVE-2024-42472](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42472)\n\n*** ** * ** ***\n\nThe following issues are identified:\n\n**Billing**:\n\n- The upgrade fails on `atat-webhooks` add-on.\n\n**Block storage**:\n\n- The storage virtual machine is not created.\n\n- The storage intercluster networks fail to reconcile.\n\n**Cluster management**:\n\n- The user cluster worker node pool creation fails.\n\n**Networking**:\n\n- The cluster mesh is not configured with zonal information, which impacts internal load balancer connectivity.\n\n**Operating System**:\n\n- The node cannot be SSHed to.\n\n**Physical servers**:\n\n- Secure erase fails without a license.\n\n**Upgrade**:\n\n- The `system-dashboards` addon installation fails.\n\n- The `NodeUpgradeTask` custom resource is stuck at the `NodeOSInPlaceUpgradePostProcessingCompleted` condition.\n\n- Image-distribution fails during an upgrade.\n\n- The `platform-obs-obs-system` or `platform-obs` namespaces get stuck in the terminating state during an upgrade.\n\n- The `NodeUpgradeTask` custom resource is stuck at the\n `NodeBIOSFirmwareUpgradeCompleted` condition.\n\n- The cluster upgrade is blocked due to a node failing to enter maintenance mode.\n\n**Virtual Machines**:\n\n- Virtual machines in projects with names exceeding 45 characters remain in a stopped state.\n\n- The GPU allocation is missing on the service cluster.\n\n*** ** * ** ***\n\nThe following issues are fixed:\n\n**Artifact Registry**:\n\n- Fixed the root admin cluster creation operation from failing if there is a long list of servers when bootstrapping\n\n**Block storage**:\n\n- Fixed the IPsec configuration errors.\n\n*** ** * ** ***\n\nThe following changes are identified:\n\n**Version updates**:\n\n- The Google Distributed Cloud for bare metal version is updated to 1.29.600-gke.108 to apply the latest security patches and important updates. \n\n See the [Google Distributed Cloud for bare metal 1.29.600-gke.108 release notes](https://cloud.google.com/kubernetes-engine/distributed-cloud/bare-metal/docs/release-notes-ver-1#release_129600-gke108) for details."]]
