Google Cloud Platform Subprocessors list
We are adding Webhelp Israel LTD, Productive Playhouse India Private Limited and Productive Playhouse (Thailand) Ltd. You can find information about the tasks our Subprocessors perform on our Google Cloud Platform Subprocessors list.
Anthos on bare metal
Improved cluster lifecycle functionalities:
- GA: Enabled Node Problem Detector to run by default on all nodes. You can check if a problem was detected on a node by running the
kubectl describecommand for the node. Then look for
Eventsreported by Node Problem Detector.
- GA: Added
bmctl backup clusterand
bmctl restore clustercommands to facilitate disaster recovery for clusters.
- Preview: Added the ability to reset individual nodes using the SSH key.
- Updated the
bmctl check clustercommand so that the snapshot of a cluster includes the cluster’s YAML file and logs that are in the
- Added a new status field
cluster.gkeHubRegistrationStatus. The command
kubectl get clusternow shows information about the cluster’s membership to GKE Hub.
- Preview: Enabled Anthos multi-cluster connectivity to provide Anthos clusters a way to connect to another Anthos cluster in the same data center (intra-site, cluster-to-cluster). Pods in connected clusters can reach each other over pod IP addresses without using native address translation (NAT) in between.
- Preview: Enabled IPv4/IPv6 dual stack support. Customers can deploy clusters in a dual-stack network, where IPv4 and IPv6 addresses can be assigned to both nodes and pods.
- Preview: Enabled “flat mode” (a simplified network topology) for IPv4 , where the pod’s IPv4 address is visible and routable without masquerading as node IP within the same Layer 2 domain.
- Preview: Enabled SR-IOV. This feature lets you configure Virtual Functions (VFs) on the supported devices on the nodes of their cluster. This feature also lets you define the kernel module you want to bind to the VF.
- GA: Added ability to show severity level of an issue in Cloud Logging. Severity level is extracted from
- GA: Changed collection of application metrics to use a more scalable monitoring pipeline based on OpenTelemetry. This change significantly reduces the amount of resources required to collect metrics.
- GA: Enhanced the capability to rotate cluster certificate authorities (CAs). Updates include support for all cluster types, rotation of front-proxy and
etcdCAs, and changes to the
- Preview: Enabled installation of Anthos clusters on bare metal using a short-lived Google Service Account token instead of using Google Service Account keys.
- Enabled Kubernetes control plane and most Anthos system containers to run as non-root users. For details, see Don’t run containers as root user.
- Preview: Supported enabling or disabling Anthos VM Runtime on user clusters.
- Preview: Enabled Anthos VM Runtime to support QEMU Copy On Write (QCOW2) format, which is a storage format for virtual disks on virtual machines. Some benefits of virtual disk capabilities are independent thin provisioning, better compression, and encryption at rest.
- Preview: Enabled
VMRuntimecustom resource and the
Networkcustom resource, which let you create VMs on either the node network with a static IP address or the default pod network.
- Preview: Enabled VM pods audit logs for VM runtime resources.
- Preview: Expanded guest OS versions that can run on the virtual machine. We support Windows Server 2019, 2016, Windows 10, Red Hat Enterprise Linux (RHEL) 8, Centos 8, and Ubuntu 20.04 as guest OS.
- Preview: Enabled virtual machine high availability to provide greater uptime for virtual machines instances (VMIs) by automatically detecting and recovering from a range of host machine failures.
The gateway capability used by the egress NAT gateway and Bundled load balancing with BGP Preview features have changed in this release. The
NetworkGatewayGroup custom resource replaces
AnthosNetworkGateway and the capability is enabled with a new
advancedNetworking field in the cluster configuration file, instead of an annotation. These changes affect the ability to upgrade clusters that use earlier versions of the features.
Anthos clusters on bare metal blocks cluster upgrades from version 1.9 to version 1.10 for clusters that use either of these two advanced networking features. You can upgrade a version 1.9 admin cluster that is managing 1.9 user clusters that use these features to version 1.10, but object reconciliation breaks for the
AnthosNetworkGateway custom resource. Object reconciliation is the mechanism whereby admin clusters automatically copy/restore objects on managed user clusters when the objects have been defined alongside the cluster configuration. Any
AnthosNetworkGateway custom resources are still functional and can be modified with
To bring a version 1.9 cluster that uses either advanced networking Preview feature up to version 1.10, reset or delete the cluster and create a new 1.10 cluster.
Preview features and products are subject to change and are provided for testing and evaluation purposes only. Do not use Preview features on your production clusters.
- Version 1.10.0 admin clusters aren’t visible from the Cloud Console or when performing
gcloud container hub memberships listoperations.
- Enabled use of
ADMIN_KUBECONFIGenvironment variable to reduce the number of
- The cluster reconciliation process now checks for differences in the GKEHub membership before attempting to update it. If the GKEHub membership needs to be changed, the cluster is unregistered and then re-registered.
advancedNetworkingfield in the cluster configuration file replaces the deprecated
baremetal.cluster.gke.io/enable-anthos-network-gatewayannotation for enabling advanced networking capabilities.
NetworkGatewayGroupcustom resource replaces the
Fixed cluster lifecycle functionalities:
- Outputs from all
bmctl versionare now written to log files.
- Fixed strict mode for decoding the cluster YAML file. Extraneous information in the cluster YAML file now results in an error.
- Fixed preflight check so that it no longer ignores the
- Binaries in cluster provision no longer run from
/tmp, which is often mounted with
noexecoptions. This change fixes a preflight check “permission denied” error.
- Switched the default server-side
- Increased the priority of the
kube-state-metricsservice to keep it from being stuck in a pending state. This service generates metrics about Kubernetes API objects such as deployments, nodes, and pods.
- Upgraded metrics-server to version 0.3.6 to fix a missing metrics issue that occurs when a duplicated pod name is present.
For information about the latest known issues, see Anthos on bare metal known issues in the Troubleshooting section.