Anthos Service Mesh
- Anthos Service Mesh 1.7-1.9 are no longer supported. For more information, see Supported versions.
Anthos on bare metal
- Release 1.8.7: Anthos clusters on bare metal 1.8.7 is now available for download. To upgrade, see Upgrading Anthos on bare metal. Anthos clusters on bare metal 1.8.7 runs on Kubernetes 1.20.
- Fixes: The following container image security vulnerability has been fixed: CVE-2020-21913
- Known issues:For information about the latest known issues, see Anthos on bare metal known issues in the Troubleshooting section.
BigQuery BI Engine
- BigQuery BI Engine SQL interface is now generally availabile.
Compute Engine
- Generally available: You can now share reservations of Compute Engine zonal resources between multiple projects. Learn about shared reservations and creating a shared reservation.
Config Connector
- Config Connector 1.69.0 is now available
- Added support for
VPCAccessConnector
resource - Added support for
ComputePacketMirroring
resource - Added support for
PrivateCACAPool
resource - Added support for
IAMWorkloadIdentityPool
resource - Added support for
IAMWorkloadIdentityPoolProvider
resource - Added support for
CloudIdentityMembership
resource - Rollout support for
state-into-spec: absent
toContainerCluster
resource (Issue #576) - Add
billgProject
flag inConfigConnectorContext
to specify a quota project to send along withuser_project_override header
, used for all requests sent from Config Connector. If set on a resource that supports sending the resource project, this value will supersede the resource project. This field can only be set ifrequestProjectPolicy
takesBILLING_PROJECT
value - Fixed the issues in
config-connector export
that the exported YAML now include zero primitives to match the Google Cloud resource live state - Fixed the issues in
ContainerCluster
with creating autopilot clusters
Dataproc Metastore
- An Apache Log4j 2 vulnerability. that impacted Dataproc clusters has been addressed (see Recreate and update a cluster, which provides guidance to Dataproc users). Dataproc Metastore users do not need to take any action; the fix applied by Dataproc Metastore is sufficient to address the issue.
Datastream
- Datastream now supports customer-managed encryption keys (CMEK). Click here to access the documentation.
Kf
- Added
buildDisableIstioSidecar
configuration feature. - Added
buildPodResources
configuration feature. - Added
controllerCACerts
configuration feature. - Added
buildRetentionCount
configuration feature. - Added V3 Google stack as build option.
- Added V3 kf-v2-to-v3-shim stack as build option.
- Fixed an issue that could prevent SIGTERM from reaching an app.
- Fixed an issue that caused extra reconciliation loops and logs.
- Improved CLI performance.
- Improved subresource API server resilience.
- Updated Config Connect to v1.66.0.
- Updated Tekton to v0.29.0.
- Support for Anthos Service Mesh (ASM) v1.11+, which recommends ingress gateways be outside of the
istio-system
namespace. - Changed build ImagePullPolicy default from always download to prefer cached.
- Improved Workload Identity reliability.