The following release notes cover the most recent changes over the last 30 days. For a comprehensive list, see the individual product release note pages .
You can see the latest product updates for all of Google Cloud on the Google Cloud release notes page.
To get the latest product updates delivered to you, add the URL of this page to your
feed
reader, or add the feed URL directly: https://cloud.google.com/feeds/gcp-release-notes.xml
June 12, 2020
Cloud BuildUpgraded to Docker server version 19.03.8.
Cloud Functions is now available in the following regions:
europe-west6(Zurich)us-west3(Salt Lake City)
See Cloud Functions Locations for details.
- Added ability to update streaming DataflowJobs by updating its spec (e.g.
spec.templateGcsPath). Note that not all fields can be updated, and batch DataflowJobs don't support updates. - Added
IAMPolicyto the output ofconfig-connector
Firewall Rules Logging metadata controls is now available in Beta.
June 11, 2020
Access Context ManagerGeneral availability of the Access Context Manager Bulk API.
Use the Access Context Manager Bulk API to replace all of your organization's access levels in one operation. For more information, see Making bulk changes to access levels.
1.5.5-asm.0 and 1.4.10-asm.1
Fixes the security issue, CVE-2020-11080, with the same fixes as OSS Istio 1.5.5. The security fixes were backported to ASM 1.4.10.
Description
A vulnerability affecting the HTTP/2 library used by Envoy has been fixed and publicly disclosed (c.f. Denial of service: Overly large SETTINGS frames ).
CVE-2020-11080: By sending a specially crafted packet, an attacker could cause the CPU to spike at 100%. This could be sent to the ingress gateway or a sidecar.
Mitigation
HTTP/2 support could be disabled on the Ingress Gateway as a temporary workaround using the following configuration. HTTP/2 support at ingress can only be disabled if you are not exposing HTTP/2 services that cannot fallback to HTTP/1.1 through ingress. Note that gRPC services cannot fallback to HTTP/1.1.
apiVersion: networking.istio.io/v1alpha3
kind: EnvoyFilter
metadata:
name: disable-ingress-h2
namespace: istio-system
spec:
workloadSelector:
labels:
istio: ingressgateway
configPatches:
- applyTo: NETWORK_FILTER # http connection manager is a filter in Envoy
match:
context: GATEWAY
listener:
filterChain:
filter:
name: "envoy.http_connection_manager"
patch:
operation: MERGE
value:
typed_config:
"@type": type.googleapis.com/envoy.config.filter.network.http_connection_manager.v2.HttpConnectionManager
codec_type: HTTP1
For additional information, see ISTIO-SECURITY-2020-006.
The Go 1.13 runtime for the App Engine standard environment is now generally available.
OCR legacy model access extension
Based on customer feedback, we have decided to extend support of the legacy TEXT_DETECTION and DOCUMENT_TEXT_DETECTION models. These legacy models are accessed by specifying "builtin/legacy_20190601" in the model of a Feature object.
These models will now be accessible until November 15, 2020 (6 months from launch date) to give customers more time to adapt and migrate to the new model.
See the May 15, 2020 release note for the original update announcement.
Users can now configure a tempBucket in API calls. The temp bucket is a Cloud Storage bucket used to store ephemeral cluster and jobs data, such as Spark and MapReduce history files. If you do not specify a temp bucket, Dataproc will determine a Cloud Storage location (US, ASIA, or EU) for your cluster's temp bucket according to the Compute Engine zone where your cluster is deployed, and then create and manage this project-level, per-location bucket.
New subminor image versions: 1.2.99-debian9, 1.3.59-debian9, 1.4.30-debian9, 1.3.59-debian10, 1.4.30-debian10, 1.5.5-debian10, 1.3.59-ubuntu18, 1.4.30-ubuntu18, and 1.5.5-ubuntu18.
New preview image 2.0.0-RC1-debian10, 2.0.0-RC1-ubuntu18, with the following components:
- Anaconda 2019.10
- Atlas 2.0.0
- Druid 0.18.1
- Flink 1.10.1
- Hadoop 3.2.1
- HBase 2.2.4
- Hive 3.1.2 (with LLAP support)
- Hue 4.7.0
- JupyterLab 2.1.0
- Kafka 2.3.1
- Miniconda3 4.8.3
- Pig 0.18.0
- Presto SQL 333
- Oozie 5.2.0
- R 3.6.0
- Ranger 2.0.0
- Solr 8.1.1
- Spark 3.0.0
- Sqoop 1.5.0
- Zeppelin 0.9.0
Image 1.3+
- Patched HIVE-23496 Adding a flag to disable materialized views cache warm up.
Druid's Historical's and Broker's JVM and runtime properties are now calculated using server resources. Previously, only the Historical's and MiddleManager's MaxHeapSize property was calculated using server resources. This change modifies how new values for MaxHeapSize and MaxDirectMemorySize properties are calculated for Broker and Historical processes. Also, new runtime properties druid.processing.numThreads and druid.processing.numMergeBuffers are calculated using server resources.
If the project-level staging bucket is manually deleted, it will be recreated when a cluster is created.
Dataproc now uses Compute Engine shielded VMs for Debian 10 and Ubuntu 18.04 clusters by default.
Dataproc Job container logging now supports Dataproc Kerberized clusters.
Image 1.5:
- Fixed a bug that prevented users from logging on to the Presto UI when using Component Gateway.
General availability for bulk changes to service perimeters.
Using Access Context Manager's Bulk API, you can replace all of your organization's service perimeters in one operation. For more information, see Making bulk changes to service perimeters.
June 10, 2020
Cloud CDNHTTP(S) Load Balancing with Cloud CDN logging is available in General Availability.
June 09, 2020
BigQueryClustering for non-partitioned tables is now supported. For more information about clustered tables, see Introduction to clustered tables.
Export a Cloud Run service to a YAML file with gcloud run services describe SERVICE --format export
June 08, 2020
AI Platform PredictionThe Total latency chart on the Version details page of the Google Cloud Console was reporting incorrect information. This chart has now been fixed.
In some cases, this adjustment might cause latencies to appear higher than they were previously. However, the latency of models has not changed.
This affects both Compute Engine (N1) machine types and legacy (MLS1) machine types.
App Engine is now available in the asia-southeast2 region (Jakarta).
App Engine is now available in the asia-southeast2 region (Jakarta).
App Engine is now available in the asia-southeast2 region (Jakarta).
App Engine is now available in the asia-southeast2 region (Jakarta).
App Engine is now available in the asia-southeast2 region (Jakarta).
App Engine is now available in the asia-southeast2 region (Jakarta).
App Engine is now available in the asia-southeast2 region (Jakarta).
App Engine is now available in the asia-southeast2 region (Jakarta).
App Engine is now available in the asia-southeast2 region (Jakarta).
App Engine is now available in the asia-southeast2 region (Jakarta).
App Engine is now available in the asia-southeast2 region (Jakarta).
App Engine is now available in the asia-southeast2 region (Jakarta).
App Engine is now available in the asia-southeast2 region (Jakarta).
App Engine is now available in the asia-southeast2 region (Jakarta).
App Engine is now available in the asia-southeast2 region (Jakarta).
App Engine is now available in the asia-southeast2 region (Jakarta).
BigQuery is now available in the Jakarta (asia-southeast2) region.
BigQuery BI Engine is now available in the Jakarta (asia-southeast2) region.
BigQuery Data Transfer Service is now available in the Jakarta (asia-southeast2) region.
BigQuery ML is now available in the Jakarta (asia-southeast2) region.
Cloud Bigtable is now available in the asia-southeast2 (Jakarta) region.
Cloud KMS and Cloud EKM resources are available in the asia-southeast2 region. Cloud HSM resources are not available in this region.
For information about which Cloud Locations are supported by Cloud KMS, Cloud HSM, and Cloud EKM, see the Cloud KMS regional locations.
Enhancements to the pre-configured Compute Engine VM Instances dashboard. Compute Engine cross-fleet metrics and detail views specific to CPU, Disk, Memory, and Network are now available. Use filters to narrow down the set of VMs being inspected, and use the time selector or in-chart time selection to change the time window. VMs with the Monitoring agent installed get detailed memory and disk analysis out of the box.
Support for asia-southeast2 region (Jakarta).
Support for asia-southeast2 region (Jakarta).
Support for asia-southeast2 region (Jakarta).
A second multi-region instance configuration is now available in Europe - eur5 (London/Belgium).
A multi-region instance configuration is now available in Asia - asia1 (Tokyo/Osaka).
Cloud Spanner regional instances can now be created in Jakarta (asia-southeast2).
Jakarta region (asia-southeast2) launched.
- New location for storing your data.
Cloud VPN is now available in region asia-southeast2 (Jakarta, Indonesia).
Pricing is available on the Cloud VPN pricing page.
The asia-southeast2 Jakarta, Indonesia region is now available to all projects and users. The zones in the asia-southeast2 region have E2 and N1 machine types. See Regions and zones for more information.
Enhancements to the pre-configured Cloud Monitoring Compute Engine VM Instances dashboard. Compute Engine cross-fleet metrics and detail views specific to CPU, Disk, Memory, and Network are now available. Use filters to narrow down the set of VMs being inspected, and use the time selector or in-chart time selection to change the time window. VMs with the Monitoring agent installed get detailed memory and disk analysis out of the box.
Dataflow is now able to use workers in zones in the asia-southeast2 region (Jakarta).
Dataproc is now available in the asia-southeast2 region (Jakarta).
Support for the asia-southeast2 (Jakarta).
High Scale SSD tier released to beta. This new service tier for Filestore provides greater performance and allows you to grow and shrink capacity between 60-320 TB.
IP-based access control released to beta. This feature allows you to control access to file shares by the IP addresses of clients.
Filestore service tier name change:
- Standard tier is now called Basic HDD.
- Premium tier is now called Basic SSD.
- You can still use the old tier names and they will continue to be supported.
This change may affect you if you use:
* The gcloud beta filestore command line tool (beta).
* The Filestore beta API (v1beta1).
* The Cloud Console in combination with the Filestore API.
* The Cloud Console in combination with the gcloud tool.
For details, see New service tier names.
Filestore is available in the asia-southeast2 (Jakarta) region. See Regions and zones.
Support for the asia-southeast2 (Jakarta).
Added new Memorystore for Redis region: Jakarta (asia-southeast2).
Pub/Sub is now available in the asia-southeast2 region (Jakarta).
Pub/Sub message filtering is now available at the beta launch stage.
For auto mode VPC networks, added a new subnet 10.184.0.0/20 for the Jakarta asia-southeast2 region. For more information, see Auto mode IP ranges.
June 05, 2020
Cloud FunctionsThe Node.js 8 runtime is deprecated as of 2020-06-05. To ensure that your functions are on a supported version of Node.js, migrate them to Node.js 10.
For more discussion of Cloud Functions runtime support policy, see Runtime Support.
Custom retention is now generally available (GA). In order to have time to explore this feature, you won't be charged for extended retention of logs until March 31, 2021. To learn more, see the Logging pricing section on the Pricing for Google Cloud's operations suite page.
CPU overcommit on sole-tenant nodes lets you overprovision sole-tenant node resources and schedule more VM CPUs on a sole-tenant node than are normally available. This feature is in Beta.
New sole-tenant node types are available in Beta.
June 04, 2020
AutoML Vision Image Classification (ICN)v1beta1 endpoint end-of-life
After June 4, 2020, the v1beta1 version of AutoML API will deny increasing numbers of API requests from AutoML Vision users. Please refer to the November 20, 2019 release notes and migrate to v1 version immediately.
If you have any questions regarding the above action items, join the cloud-vision-discuss Google group. For further assistance, please open an issue in this private issue tracker.
v1beta1 endpoint end-of-life
After June 4, 2020, the v1beta1 version of AutoML API will deny increasing numbers of API requests from AutoML Vision users. Please refer to the November 20, 2019 release notes and migrate to v1 version immediately.
If you have any questions regarding the above action items, join the cloud-vision-discuss Google group. For further assistance, please open an issue in this private issue tracker.
BigQuery Table ACL is now available as a beta release. For more information, see Introduction to table access controls .
Access Transparency GA
Access Transparency logging is now Generally Available. If you want to enable Access Transparency logs, see Enabling Access Transparency.
Flow parameters: Create flow parameters that you can reference in the recipes of your flow.
- NOTE: For this release, flow parameters can be applied into your recipes only.
- As needed, you can apply overrides to the parameters in your flow or to downstream flows.
- NOTE: Flow parameters do not apply to datasets or output objects, which have their own parameters. However, if you specify an override at the flow level, any parameters within the flow that use the same name receive the override value, including output object parameters and datasets with parameters.
- See Manage Parameters Dialog.
- For more information on parameters, see Overview of Parameterization.
Introducing new Flow View: The Flow View page has been redesigned to improve the user experience and overall productivity.
NOTE: This feature is in Beta release.
- Enhancements include:
- Drag and drop to reposition objects on the Flow View canvas, and zoom in and out to focus on areas of development.
- Perform joins and unions between objects on the Flow View canvas.
- Annotate the canvas with notes.
- You can toggle between new and classic views through the context menu in the corner of Flow View. See Flow View Page.
Redesigned Settings and Help menus: See Home Page.
- User settings are now modified through Preferences. See Preferences Page.
Report issue: If you are experiencing an issue with Cloud Dataprep by TRIFACTA INC., you can gather useful information from the application to deliver to Support.
- From the Help menu, select Report issue.
Transformer page:
- Join steps are now created in a larger window for more workspace. See Join Window.
- New column selection UI simplifies choosing columns in your transformations. See Transform Builder.
Transformer page performance:
- Improved performance when loading the Transformer page and when navigating between the Flow View and Transformer pages.
- Faster and improved method of surfacing transform suggestions based on machine learning.
PDF profiles: When visual profiling is enabled for a job, you can now download your visual profile in PDF format. See Job Details Page.
New functions:
- New aggregation functions for Datetime values:
- New parsing by data type functions:
- New functions for calculating working days between two valid dates:
- New time zone conversion functions:
- New statistical functions:
- Ignore case parameter added to string functions:
Parameter overrides: If you have upgraded to Release 7.1 or later, any parameter overrides that you have specified in your flows must be re-applied. For more information, see Manage Parameters Dialog.
Language: All MODE functions return the lowest value in a set of values if there is a tie in the evaluation.
API Documentation:
API reference documentation is now available directly through the application. This release includes more supported endpoints and documented options. To access, select Help menu > API Documentation.
NOTE: API reference content is no longer available with the product documentation. Please use the in-app reference documentation instead.
Workflow documentation is still available with the product documentation. For more information, see API Reference.
Send a Copy: You can no longer send a copy of a flow to another user.
- New method: Create a copy of a flow and share it with the other user.
- For more information, see Share Flow Dialog.
Re-run jobs using Cloud Dataflow templates: This feature is no longer available. Cloud data flow templates can no longer be used to re-run jobs.
- New method: Please use the /v4/jobGroups endpoint to run and re-run jobs.
- For more information, see API Reference.
TD-49559: Cannot select and apply custom data types through column Type menu.
- Workaround: You can change the type of the column as a recipe step. Use the Change column type transformation. From the New type drop-down, select
Custom. Then, enter the name of the type for the Custom type value.
TD-47473: Uploaded files (CSV, XLS, PDF) that contain a space in the filename fail to be converted.
- Workaround: Remove the space in the filename and upload again.
The VPC accessible services feature is now generally available. Use VPC accessible services to limit the access of network endpoints and VMs in a perimeter to only services protected by that perimeter.
For more information about the feature, see VPC accessible services.
June 03, 2020
Cloud Load BalancingHTTP(S) Load Balancing logging is now available in General Availability.
In the Logs Viewer (Preview), you can now save your queries, which can then be viewed and run from the Saved queries tab. For more information, see the Saved queries section on the Building queries page.
The Cloud Run user interface now allows you to edit the service YAML.
Cloud Spanner SQL now supports the following statistical aggregate functions - STDDEV, VARIANCE. For more information, see Statistical Aggregate Functions.
Miscellaneous bug fixes and improvements
The Version Upgrade and Redis version 5.0 features are now Generally Available on Memorystore for Redis.
Hierarchical firewall policies are now available in Beta.
June 02, 2020
BigQueryYou can now purchase BigQuery slots using the bq command-line tool. BigQuery Reservations allows you to purchase slots to take advantage of BigQuery flat-rate pricing and allocate slots for workload management.
A new GIS function, ST_Simplify, is available. ST_Simplify returns a simplified version of the input GEOGRAPHY by replacing sections with straight lines.
Standard SQL view definition bodies can now contain references without project qualifiers, as long as the view is created by the tables.insert REST API or is in the same project used to run the CREATE VIEW DDL query.
Standard SQL user-defined function definition bodies can now contain references to tables and views.
You can now use a custom filter when you list endpoints in a zonal network endpoint group. This feature is available as a Beta release.
June 01, 2020
Access Context ManagerGeneral availability of custom access levels.
Custom access levels provide a way to use Common Expression Language to craft custom conditions. Create custom access levels using the gcloud command line tool, the Access Context Manager API, and in the Google Cloud Console using the Advanced Mode for configuring access levels.
NVIDIA® Tesla® T4 GPUs are now available in the following additional regions and zones:
- Changua County, Taiwan
asia-east1-c
For information about using T4 GPUs on Compute Engine, see GPUs on Compute Engine.
The shutdown of 7 integrations announced in January is now extended to July 6th, 2020.
May 29, 2020
Anthos GKE deployed on AWSA new build of Anthos GKE on AWS has been released. This build removes the need to check AWS IAM privileges when creating a management cluster. You don't need to update if you have not encountered this issue.
To install this build, download the anthos-gke tool by running the following command:
gsutil cp gs://gke-multi-cloud-release/bin/aws-0.2.1-gke.8/anthos-gke .
Then, recreate your Terraform configuration and continue with your installation.
Labels column added to the flat table view of the Cloud Billing Cost Table report. The Cost Table report provides a tabular view of your invoice costs. You can quickly filter your costs by available fields, such as project, service, SKU, and labels (among other fields), and you can download the table to CSV for offline analysis. See the documentation for more details.
To help you get started quickly, added two new examples for setting up Cloud CDN:
Cloud TPU now supports TensorFlow version 1.15.3. See the TensorFlow 1.15.3 Release Notes.
Added support for SQLSSLCert
Supported acquisition of backends added to Compute Backend Services out-of-band of Config Connector
Fixed support for autoscaling and manually resizing node pools with ContainerNodePool
The Dialogflow Facebook Messenger integration has been updated to to be compliant with newer Facebook Messenger API versions. If you have an agent that enabled this integration prior to today, you should have received an email from Dialogflow with upgrade instructions. If you have not received this email, please contact Dialogflow support.
The ability to authenticate users with external identities is now generally available.
GKE annotations and advanced controls for VPC Flow Logs is now available in General Availability.
May 28, 2020
Cloud FunctionsCloud Functions now supports Go 1.13 at the General Availability release level.
Several fields related to data integrity have been added to the Cloud KMS API, along with guidelines for using them. To learn more about maintaining data integrity when performing cryptographic operations, see Verifying end-to-end data integrity.
May 27, 2020
Cloud BillingNew data property now available for Cloud Billing budget alerts that are configured for programmatic notifications. You set up a Cloud Billing budget to trigger an alert notification based on threshold rules for Actual or Forecasted spend. Programmatic notifications triggered on Forecasted costs are now identified with the forecastThresholdExceeded property in the JSON object. See the documentation for more details.
Added support for BigQueryJob resource
Dataproc now provides beta support for Dataproc Hub.
Error correction: Beta flag removed from feature Google Cloud Armor with Cloud CDN. This feature was released with the status General Availabiliity.
May 26, 2020
Cloud Composer- New versions of Cloud Composer images:
composer-1.10.4-airflow-1.10.2,composer-1.10.4-airflow-1.10.3andcomposer-1.10.4-airflow-1.10.6. The default iscomposer-1.10.4-airflow-1.10.3. Upgrade your Cloud SDK to use features in this release. - For Airflow 1.10.6 and later: The Airflow config property
[celery] poolis now blocked.
- Fixed an issue with Airflow 1.10.6 environments where task logs were not visible in the UI when DAG serialization was enabled.
Cloud Functions has added support for a new runtime, Java 11, in Beta:
Pub/Sub Lite is now available at the beta launch stage.
You can now view, prioritize, and apply recommendations in the Google Cloud Console using Recommendation Hub (Beta).
May 21, 2020
AI Platform TrainingYou can now use TPUs with TensorFlow 2.1 when you create a training job with runtime version 2.1. You can also use TPUs with TensorFlow 2.1 when you train in a custom container.
Read the guide to using TPUs with AI Platform Training, which has been updated to show how to use TPUs with TensorFlow 2 APIs.
Anthos 1.3.2 is now available.
Updated components:
- Anthos GKE on-prem release notes
- Anthos Config Management release notes
- Anthos GKE on AWS is available as a limited preview for customers with an existing relationship with Google Cloud. Contact your sales representative for access.
This release includes several performance and memory improvements.
In order to help prevent accidental deletion, Anthos Config Management will no longer allow a user to remove all namespaces or cluster-scoped resources in a single commit. If you wish to delete the full set of resources under management, it now requires two steps: remove all but one in a first commit, allow ACM to sync those changes, then remove the final resource in a second commit.
Error documentation has been updated to add more information on error codes. Errors that are no longer encountered in the product have been removed. Most error references have been embellished with examples and steps for remediation.
Anthos Config Management now supports a GKE-only authentication mechanism based on the service account of the cluster's node pool. Documentation on its use is here.
Anthos Config Management now includes Config Connector v1.8.0.
Anthos Config Management will now attempt to detect when resources that it manages are also managed by other controllers. Documentation on this behavior is available in error knv2005 which ACM will log in that case.
Policy Controller has been upgraded to include a newer version of Open Policy Agent Gatekeeper.
This version includes updates to improve the management of policy resources. As a consequence, finalizers are no longer used to manage Constraints and Constraint Templates.
The following metrics have been made obsolete due to these changes and have been removed:
gatekeeper_watch_manager_is_running
gatekeeper_watch_manager_last_restart_check_time
gatekeeper_watch_manager_last_restart_time
gatekeeper_watch_manager_restart_attempts
The following metrics were removed and will be re-implemented in a later version:
gatekeeper_watch_manager_intended_watch_gvk
gatekeeper_watch_manager_watched_gvk
Workload Identity is now available in Alpha for GKE on-prem. Please contact support if you are interested in a trial of Workload Identity in GKE on-prem.
Preflight check for VM internet and Docker Registry access validation is updated.
Preflight check for internet validation is updated to not follow redirect. If your organization requires outbound traffic to pass through a proxy server, you no longer need to whitelist the following addresses in your proxy server:
- console.cloud.google.com
- cloud.google.com
The Ubuntu image is upgraded to include the newest packages.
Upgraded the Istio image to version 1.4.7 to fix a security vulnerability.
Some ConfigMaps in the admin cluster were refactored to Secrets to allow for more granular access control of sensitive configuration data.
The BigQuery Storage API now supports reading small anonymous (cached) tables without any limitations.
Cloud Billing Budget API: new budget filters for groups of subaccounts and resource labels are now available in the Budget API. See the documentation for more details.
PostgreSQL version 12 is now generally available. To start using PostgreSQL 12, see Creating instances.
Cloud TPU now supports TensorFlow 2.1.1 with Keras support. See the TensorFlow 2.1.1 Release Notes for a complete list of features included in this release.
E2 shared-core machine types now support committed use discounts in all regions. See the VM instance pricing page for more information.
You can now SSH to your VMs using hardware-backed SSH key pairs. For more information, see SSH with security keys.
You can now set core:fs.defaultFS to a location in Cloud Storage (for example, gs://bucket) when creating a cluster to set Cloud Storage as the default filesystem. This also sets core:fs.gs.reported.permissions, the reported permission returned by the Cloud Storage connector for all files, to 777. If Cloud Storage is not set as the default filesystem, this property will continue to return 700, the default value.
Image 1.4 and 1.5
HADOOP-16984: Enable persistent history server to read from done directory.
New sub-minor versions of Dataproc images: 1.2.98-debian9, 1.3.58-debian9, 1.4.29-debian9, 1.3.58-debian10, 1.4.29-debian10, 1.5.4-debian10, 1.3.58-ubuntu18, 1.4.29-ubuntu18, 1.5.4-ubuntu18.
Image 1.3, 1.4, and 1.5
Restrict Jupyter, Zeppelin, and Knox to only accept connections from
localhostwhen Component Gateway is enabled. This restriction reduces the risk of remote code execution over unsecured notebook server APIs. To override this change, when you create the cluster, set the Jupyter, Zeppelin, and Knox cluster properties, respectively, as follows:dataproc:jupyter.listen.all.interfaces=true,zeppelin:zeppelin.server.addr=0.0.0.0, andknox:gateway.host=0.0.0.0.Upgrade Hive to version 2.3.7.
Image 1.4 and 1.5
SPARK-29367: Add ARROW_PRE_0_15_IPC_FORMAT=1 in yarn-env.sh to fix the Pandas UDF issue with pyarrow 0.15.
Image 1.5
Upgrade Druid to version 0.17.1.
Upgrade Cloud Storage Connector to version 2.1.3.
Upgrade Delta Lake to version 0.6.0.
Hide the "Quit" button from Jupyter notebook (c.NotebookApp.quit_button = False) when using the Jupyter optional component. The Jupyter environment is shut down when the cluster is deleted.
Set the hive.localize.resource.num.wait.attempts property to 25 to improve reliability of Hive queries.
Image 1.5
Fix a race condition in which hbase-master would try to write /hbase/.tmp/hbase.version to HDFS before HDFS was initialized. This can increase cluster creation time for clusters created with HBase.
Fix a race condition in which, when the
am.primary_onlyproperty is provided, the "non-preemptible" node label was not added to the resource manager's node label store before node managers started registering with the resource manager.Store resource manager node labels in Cloud Storage when
am.primary_onlyproperty is provided.
The dataproc:alpha.state.shuffle.hcfs.enabled cluster property has been deprecated. To enable Enhanced Flexibility Mode (EFM) for Spark, set dataproc:efm.spark.shuffle=hcfs. To enable EFM for MapReduce, set dataproc:efm.mapreduce.shuffle=hcfs.
Beta stage support for the following integration:
The following features are available in the Video Intelligence API version v1p3beta1:
Face detection: Locate faces within a video, and identify attributes such as glasses being worn. Learn more
Person detection: Locate people in a video, and identify attributes and 2D landmarks. Learn more
May 20, 2020
Anthos Service Mesh1.5.4-asm.2
1.5.4-asm.2 is now available.
Security fixes
1.5.4-asm.2 contains all the same security fixes that are in Anthos Service Mesh 1.4.
Beta release of the Anthos CLI
The Anthos CLI simplifies the installation of Anthos Service Mesh. You can use the Anthos CLI to:
- Create a new cluster that meets the Anthos Service Mesh cluster requirements and install Anthos Service Mesh. See Installing Anthos Service Mesh on a new cluster using the Anthos CLI.
- Update an existing cluster with the options that Anthos Service Mesh requires and install Anthos Service Mesh. See Installing Anthos Service Mesh on an existing cluster using the Anthos CLI.
Port change for automatic sidecar injection
If you are installing Anthos Service Mesh on a private cluster, you must add a firewall rule to open port 15017 if you want to use automatic sidecar injection. In Anthos Service Mesh 1.4, the port used for automatic sidecar injection is 9443.
If you don't add the firewall rule and automatic sidecar injection is enabled, you get an error when you deploy workloads. For details on adding a firewall rule, see Adding firewall rules for specific use cases.
The alpha authentication policy is deprecated
See Updating to the beta security policies for more information.
IstioOperator API replaces IstioControlPlane API
The alpha IstioControlPlane API has been replaced by the IstioOperator API. You must use the IstioOperator API in YAML files to enable optional features when you install Anthos Service Mesh.
Istio CNI plugin is supported
By default Anthos Service Mesh injects an initContainer, istio-init, in pods deployed in the mesh. The istio-init container sets up the pod network traffic redirection to/from the sidecar proxy. This requires the user or service-account deploying pods to the mesh to have sufficient Kubernetes RBAC permissions to deploy containers with the NET_ADMIN and NET_RAW capabilities. Requiring users to have elevated Kubernetes RBAC permissions is problematic for some organization's security compliance. The Istio Container Network Interface (CNI) plugin is a replacement for the istio-init container that performs the same networking functionality but without requiring users to enable elevated Kubernetes RBAC permissions.
The Istio CNI plugin performs the mesh pod traffic redirection in the Kubernetes pod lifecycle's network setup phase, thereby removing the requirement for the NET_ADMIN and NET_RAW capabilities for users deploying pods into the mesh. The Istio CNI plugin replaces the functionality provided by the istio-init container.
Enabling pod security policies no longer needed
SDS security was improved by merging Node Agent with Pilot Agent as Istio Agent and removing cross-pod UDS, which no longer requires users to deploy Kubernetes pod security policies for UDS connections.
Happy 10th birthday, BigQuery!
Cloud SQL federated queries are now generally available (GA).
Hourly partitioned tables are now in beta.
Dynamic SQL is now available as a beta release in all BigQuery regions. Dynamic SQL lets you generate and execute SQL statements dynamically at runtime. For more information, see EXECUTE IMMEDIATE.
BigQuery Trial slots are now available in US and EU multi-regions. Trial slots are a limited promotion for qualified customers.
For internal TCP/UDP load balancers, you can create multiple forwarding rules with the same IP address. The forwarding rules can have different protocols and ports. This feature is available in Beta.
Cloud Monitoring introduces an improved experience for viewing and managing incidents. Improvements include performance optimizations for Workspaces with large numbers of incidents, summary statics, and the ability to filter by alerting policy name, metric type, and resource type. For more information, see Incidents and events.
The Cloud Run container instance metadata server now exposes the unique identifier of the container instance and the region of the Cloud Run service
If your managed instance group encountered errors - for example, if a VM could not be created - you can view those errors to diagnose and mitigate the cause. This is Generally available.
May 19, 2020
Cloud DebuggerCloud Debugger now lets you canary snapshots and logpoints on your Java applications. To learn more, see the Java page for setting up Cloud Debugger.
Alert notifications delivered by email now come from "[email protected]" instead of "[email protected]".
Troubleshoot VMs by capturing screenshots. This is in beta.
Bug fixes and reliability improvements
Improving handling of scenarios when version field on ContainerNodePool is updated externally
Learn how to create low disk space alerts for your Filestore instances.
May 18, 2020
AI Platform Deep Learning VM ImageM48 release
TensorFlow 2.2 images have been added. The new TensorFlow 2.2 image families are tf2-2-2-cpu and tf2-2-2-cu101. See the available image families.
The Cloud Bigtable Monitoring page in the Cloud Console has been redesigned. Changes to the visual experience include the following:
- Views that are now split into separate tabs
- A new time range picker
- Updated styling on the graphs
Cloud Billing budgets emails: ensure your budget alert emails are seen by the right people using Cloud Monitoring notifications on your Cloud Billing budgets. By default, alert emails are sent to Billing Account Administrators. With the Monitoring notifications feature, you can customize your budget to send alerts to up to five additional email recipients you specify. See the documentation for more details.
New information is now available on your Cloud Billing account Overview page in the Cloud Console, featuring at-a-glance summaries of the top five spending projects and top five spending products over the last 12 months.
To see the updated Billing Account Overview page, go to the Manage billing accounts page in the Cloud Console and sign in, then select the name of the Cloud Billing account you want to view. The Billing Overview page is displayed with the BILLING ACCOUNT OVERVIEW tab selected. You might need to scroll the page to see all the features.
DNS forwarding to a non-RFC 1918 address is available in General Availability.
Cloud Functions now supports Node.js 10 at the General Availability release level.
Recommendations from the Cloud IAM recommender can now include suggestions to create custom roles.
Logs Viewer now contains the Logs field explorer panel, which lets you view aggregation-based results for your project's log fields and makes it more efficient to refine queries. To learn more, go to the Logs Viewer (Preview) page.
MySQL 5.6 minor version is upgraded to 5.6.42. MySQL 5.7 minor version is upgraded to 5.7.25.
You can now run SQL queries to retrieve transaction statistics for your database over recent one-minute, 10-minute, and one-hour time periods.
The V4 signing process is now in GA.
- The V4 signing process is an improved method for creating signatures using RSA or HMAC keys.
Added support in the Google Cloud Console for managing game server configs, deployments, and rollouts. You can now create, view, update, and delete game server configs, deployments, and rollouts from the Cloud Console.
Subnets in VPC networks now support IP addresses other than RFC 1918 addresses. For more information, see Subnet ranges.
May 17, 2020
DialogflowOld Node.js client library require statements must be updated. Your require statements should look like this:
const dialogflow = require('@google-cloud/dialogflow').v2;
or this:
const dialogflow = require('@google-cloud/dialogflow').v2beta1;
Old syntax that does not include @google-cloud is now deprecated. The old syntax will continue to work, but you will not receive updates.
May 16, 2020
Cloud Data Loss PreventionAdded infoType detectors:
AWS_CREDENTIALS