โ™Š๏ธ GemiNews ๐Ÿ—ž๏ธ (dev)

Demo 1: Embeddings + Recommendation Demo 2: Bella RAGa Demo 3: NewRetriever Demo 4: Assistant function calling

๐Ÿ—ž๏ธMarch 21, 2024

๐Ÿ—ฟSemantically Similar Articles (by :title_embedding)

March 21, 2024

2024-03-21 - (from GCP latest releases)

Anthos Config Management Feature The constraint template library includes a new template: K8sPSSRunAsNonRoot. For reference, see the Constraint template library. Changed Policy Controller bundles have been updated to the following versions: cis-gke-v1.4.0: 202402.0-preview, nist-sp-800-190: 202402.0, nist-sp-800-53-r5: 202402.0, pci-dss-v3.2.1: 202402.0, pss-baseline-v2022: 202402.0, pss-restricted-v2022: 202402.0. For reference, see Policy Controller bundles overview. Fixed Fixed a regression introduced in 1.16.0 that limits the length of the Secret name referenced in the spec.git.secretRef.name field of the RootSync object. Fixed Fixed a regression introduced in 1.17.0 that caused Config Sync to sometimes fail to pull the latest commit from a Git branch by upgrading git-sync (Config Sync dependency for pulling from git) from v4.1.0 to v4.2.1. Backup and DR Announcement Backup and DR Service 11.0.10.417 is now available to update your backup/recovery appliance. Refer to these instructions to update your appliance. Announcement Backup and DR Service 11.0.10 includes an operating system upgrade from CentOS 7 to Rocky Linux 8. As CentOS 7 will reach its End of Life (EOL) on June 24, 2024, you must upgrade to 11.0.10 before the EOL date to continue receiving security updates. To upgrade to 11.0.10, you should take a snapshot of the appliance's boot disk. If your backup/recovery appliance is on 11.0.5 or below, then you need to upgrade to 11.0.9 before successfully upgrading to 11.0.10. See 11.0.9 release notes to know how to back up the boot disk. Feature Backup and DR Service added support to access historical reports. Learn more. BigQuery Feature You can now add Salesforce Data Cloud data to BigQuery. This feature is generally available (GA). Feature Incremental materialized views now support LEFT OUTER JOIN and UNION ALL. This feature is in preview. Bigtable Feature You can now view Bigtable cost data with instance granularity in the Google Cloud Billing detailed export to BigQuery. For more information, see Structure of detailed cost data export. Compute Engine Feature Generally available: In a managed instance group (MIG), you can set metadata and labels for all VMs in the group without the need to create a new instance template. For more information, see Override instance template properties with an all-instances configuration. Feature Generally available: In a managed instance group (MIG), you can turn off repairs to inspect failed and unhealthy VMs, to implement your own repair logic, or to monitor the application health without triggering repairs by MIG. For more information, see Turn off repairs in a MIG. Dataproc Announcement New Dataproc on Compute Engine subminor image versions: 2.0.96-debian10, 2.0.96-rocky8, 2.0.96-ubuntu18 2.1.44-debian11, 2.1.44-rocky8, 2.1.44-ubuntu20, 2.1.44-ubuntu20-arm 2.2.10-debian12, 2.2.10-rocky9, 2.2.10-ubuntu22 Google Distributed Cloud Virtual for Bare Metal Announcement Release 1.28.300-gke.131 GKE on Bare Metal 1.28.300-gke.131 is now available for download. To upgrade, see Upgrade clusters. GKE on Bare Metal 1.28.300-gke.131 runs on Kubernetes 1.28. If you use a third-party storage vendor, check the GDCV Ready storage partners document to make sure the storage vendor has already passed the qualification for this release of GKE on Bare Metal. Changed Functionality changes: Updated preflight checks to add a check for networking kernel modules. Updated preflight checks to remove the check for iptables package availability. Increased the default memory limit for node-exporter. Fixed Fixes: Fixed an issue with configuring a proxy for your cluster that required you to manually set HTTPS_PROXY and NO_PROXY environment variables on the admin workstation. Fixed The following container image security vulnerabilities have been fixed in 1.28.300-gke.131: High-severity container vulnerabilities: CVE-2022-28948 CVE-2023-29499 Medium-severity container vulnerabilities: CVE-2023-3446 CVE-2023-3817 CVE-2023-32611 CVE-2023-32665 CVE-2023-49290 CVE-2024-21664 GHSA-2c7c-3mj9-8fqh Low-severity container vulnerabilities: CVE-2021-25743 CVE-2023-2975 Issue Known issues: For information about the latest known issues, see GKE on Bare Metal known issues in the Troubleshooting section. Announcement Release 1.15.11 GKE on Bare Metal 1.15.11 is now available for download. To upgrade, see Upgrade clusters. GKE on Bare Metal 1.15.11 runs on Kubernetes 1.26. If you use a third-party storage vendor, check the GDCV Ready storage partners document to make sure the storage vendor has already passed the qualification for this release of GKE on Bare Metal. Fixed The following container image security vulnerabilities have been fixed in 1.15.11: Medium-severity container vulnerabilities: CVE-2023-46218 CVE-2023-49290 CVE-2024-21664 GHSA-2c7c-3mj9-8fqh Low-severity container vulnerabilities: CVE-2021-25743 Issue Known issues: For information about the latest known issues, see GKE on Bare Metal known issues in the Troubleshooting section. Google Distributed Cloud Virtual for VMware Announcement GKE on VMware 1.28.300-gke.123 is now available. To upgrade, see Upgrading GKE on VMware. GKE on VMware 1.28.300-gke.123 runs on Kubernetes v1.28.4-gke.1400. If you are using a third-party storage vendor, check the GDCV Ready storage partners document to make sure the storage vendor has already passed the qualification for this release of GKE on VMware. Changed Increased the default memory limit for node-exporter. Updated the AIS version to hybrid_identity_charon_20240228_0730_RC00. Fixed The following issues are fixed in 1.28.300-gke.123: Fixed the issue where the admin cluster backup did a retry on non-idempotent operations. Fixed the known issue where the controlPlaneNodePort field defaulted to 30968 when the manualLB spec was empty. Fixed the known issue that caused the preflight check to fail when the hostname wasn't in the IP block file. Fixed the known issue that caused Kubelet to be flooded with logs stating that "/etc/kubernetes/manifests" does not exist on the worker nodes. The following vulnerabilities are fixed in 1.28.300-gke.123: High-severity container vulnerabilities: CVE-2023-5517 CVE-2023-4408 CVE-2023-29499 Container-optimized OS vulnerabilities: CVE-2023-40547 Security Command Center Feature Security Command Center detectors are now mapped to the following additional compliance frameworks: CIS Critical Security Controls v8 Cloud Controls Matrix v 4 HIPAA ISO 27001 (2022) NIST 800-53 (rev 5) NIST Cybersecurity Framework (v 1.0) PCI-DSS 4.0 SOC 2 (2017) VPC Service Controls Feature Preview stage support for the following integration: Sovereign Controls by Partners reCAPTCHA Enterprise Feature reCAPTCHA Enterprise platform logs are now available in Chronicle. Users can now view their reCAPTCHA assessment and annotation data in a structured and searchable data format in Chronicle. For more information, see Collect reCAPTCHA Enterprise logs.

[Technology] ๐ŸŒŽ https://cloud.google.com/release-notes#March_21_2024 [๐Ÿง ] [v2] article_embedding_description: {:llm_project_id=>"Unavailable", :llm_dimensions=>nil, :article_size=>14077, :llm_embeddings_model_name=>"textembedding-gecko"}
[๐Ÿง ] [v1/3] title_embedding_description: {:ricc_notes=>"[embed-v3] Fixed on 9oct24. Only seems incompatible at first glance with embed v1.", :llm_project_id=>"unavailable possibly not using Vertex", :llm_dimensions=>nil, :article_size=>14077, :poly_field=>"title", :llm_embeddings_model_name=>"textembedding-gecko"}
[๐Ÿง ] [v1/3] summary_embedding_description:
[๐Ÿง ] As per bug https://github.com/palladius/gemini-news-crawler/issues/4 we can state this article belongs to titile/summary version: v3 (very few articles updated on 9oct24)

๐Ÿ—ฟarticle.to_s

------------------------------
Title: March 21, 2024
[content]
Anthos Config Management
Feature
The constraint template library includes a new template: K8sPSSRunAsNonRoot. For reference, see the Constraint template library.
Changed
Policy Controller bundles have been updated to the following versions: cis-gke-v1.4.0: 202402.0-preview, nist-sp-800-190: 202402.0, nist-sp-800-53-r5: 202402.0, pci-dss-v3.2.1: 202402.0, pss-baseline-v2022: 202402.0, pss-restricted-v2022: 202402.0. For reference, see Policy Controller bundles overview.
Fixed
Fixed a regression introduced in 1.16.0 that limits the length of the Secret name referenced in the spec.git.secretRef.name field of the RootSync object.
Fixed
Fixed a regression introduced in 1.17.0 that caused Config Sync to sometimes fail to pull the latest commit from a Git branch by upgrading git-sync (Config Sync dependency for pulling from git) from v4.1.0 to v4.2.1.
Backup and DR
Announcement
Backup and DR Service 11.0.10.417 is now available to update your backup/recovery appliance. Refer to these instructions to update your appliance.
Announcement
Backup and DR Service 11.0.10 includes an operating system upgrade from CentOS 7 to Rocky Linux 8. As CentOS 7 will reach its End of Life (EOL) on June 24, 2024, you must upgrade to 11.0.10 before the EOL date to continue receiving security updates. 

To upgrade to 11.0.10, you should take a snapshot of the appliance's boot disk. If your backup/recovery appliance is on 11.0.5 or below, then you need to upgrade to 11.0.9 before successfully upgrading to 11.0.10. See 11.0.9 release notes to know how to back up the boot disk.
Feature
Backup and DR Service added support to access historical reports. Learn more.
BigQuery
Feature
You can now add Salesforce Data Cloud data to BigQuery. This feature is generally available (GA).
Feature
Incremental materialized views now support LEFT OUTER JOIN and UNION ALL. This feature is in preview.
Bigtable
Feature
You can now view Bigtable cost data with instance granularity in the Google Cloud Billing detailed export to BigQuery. For more information, see Structure of detailed cost data export.
Compute Engine
Feature
Generally available: In a managed instance group (MIG), you can set metadata and labels for all VMs in the group without the need to create a new instance template. For more information, see Override instance template properties with an all-instances configuration.
Feature
Generally available: In a managed instance group (MIG), you can turn off repairs to inspect failed and unhealthy VMs, to implement your own repair logic, or to monitor the application health without triggering repairs by MIG. For more information, see Turn off repairs in a MIG.
Dataproc
Announcement
New Dataproc on Compute Engine subminor image versions:


2.0.96-debian10, 2.0.96-rocky8, 2.0.96-ubuntu18
2.1.44-debian11, 2.1.44-rocky8, 2.1.44-ubuntu20, 2.1.44-ubuntu20-arm
2.2.10-debian12, 2.2.10-rocky9, 2.2.10-ubuntu22

Google Distributed Cloud Virtual for Bare Metal
Announcement
Release 1.28.300-gke.131

GKE on Bare Metal 1.28.300-gke.131 is now available for download. To upgrade, see Upgrade clusters. GKE on Bare Metal 1.28.300-gke.131 runs on Kubernetes 1.28.

If you use a third-party storage vendor, check the GDCV Ready storage partners document to make sure the storage vendor has already passed the qualification for this release of GKE on Bare Metal.
Changed
Functionality changes:


Updated preflight checks to add a check for networking kernel modules.
Updated preflight checks to remove the check for iptables package availability.
Increased the default memory limit for node-exporter.

Fixed
Fixes:


Fixed an issue with configuring a proxy for your cluster that required you to manually set HTTPS_PROXY and NO_PROXY environment variables on the admin workstation.

Fixed
The following container image security vulnerabilities have been fixed in 1.28.300-gke.131: 


High-severity container vulnerabilities:


CVE-2022-28948
CVE-2023-29499

Medium-severity container vulnerabilities:


CVE-2023-3446
CVE-2023-3817
CVE-2023-32611
CVE-2023-32665
CVE-2023-49290
CVE-2024-21664
GHSA-2c7c-3mj9-8fqh

Low-severity container vulnerabilities:


CVE-2021-25743
CVE-2023-2975


Issue
Known issues:

For information about the latest known issues, see GKE on Bare Metal known issues in the Troubleshooting section.
Announcement
Release 1.15.11

GKE on Bare Metal 1.15.11 is now available for download. To upgrade, see Upgrade clusters. GKE on Bare Metal 1.15.11 runs on Kubernetes 1.26.

If you use a third-party storage vendor, check the GDCV Ready storage partners document to make sure the storage vendor has already passed the qualification for this release of GKE on Bare Metal.
Fixed
The following container image security vulnerabilities have been fixed in 1.15.11: 


Medium-severity container vulnerabilities:


CVE-2023-46218
CVE-2023-49290
CVE-2024-21664
GHSA-2c7c-3mj9-8fqh

Low-severity container vulnerabilities:


CVE-2021-25743


Issue
Known issues:

For information about the latest known issues, see GKE on Bare Metal known issues in the Troubleshooting section.
Google Distributed Cloud Virtual for VMware
Announcement
GKE on VMware 1.28.300-gke.123 is now available. To upgrade, see
Upgrading GKE on VMware.
GKE on VMware 1.28.300-gke.123 runs on Kubernetes v1.28.4-gke.1400.  

If you are using a third-party storage vendor, check the
GDCV Ready storage partners
document to make sure the storage vendor has already passed the qualification
for this release of GKE on VMware.  
Changed

Increased the default memory limit for node-exporter.
Updated the AIS version to hybrid_identity_charon_20240228_0730_RC00.

Fixed
The following issues are fixed in 1.28.300-gke.123:


Fixed the issue where the admin cluster backup did a retry on
non-idempotent operations.
Fixed the
known issue
where the controlPlaneNodePort field defaulted to 30968 when the manualLB
spec was empty.
Fixed the
known issue
that caused the preflight check to fail when the hostname wasn't in the IP
block file.
Fixed the
known issue
that caused Kubelet to be flooded with logs stating that
"/etc/kubernetes/manifests" does not exist on the worker nodes.


The following vulnerabilities are fixed in 1.28.300-gke.123:


High-severity container vulnerabilities:


CVE-2023-5517
CVE-2023-4408
CVE-2023-29499

Container-optimized OS vulnerabilities:


CVE-2023-40547


Security Command Center
Feature
Security Command Center detectors are now mapped to the following additional compliance frameworks:


CIS Critical Security Controls v8
Cloud Controls Matrix v 4
HIPAA
ISO 27001 (2022)
NIST 800-53 (rev 5)
NIST Cybersecurity Framework (v 1.0)
PCI-DSS 4.0
SOC 2 (2017)

VPC Service Controls
Feature
Preview stage support for the following integration:


Sovereign Controls by Partners

reCAPTCHA Enterprise
Feature
reCAPTCHA Enterprise platform logs are now available in Chronicle. Users can now view their reCAPTCHA assessment and annotation data in a structured and searchable data format in Chronicle. For more information, see Collect reCAPTCHA Enterprise logs.
[/content]

PublishedDate: 2024-03-21
Category: Technology
NewsPaper: GCP latest releases
{"id"=>1337,
"title"=>"March 21, 2024",
"summary"=>nil,
"content"=>"Anthos Config Management\n

Feature

\n

The constraint template library includes a new template: K8sPSSRunAsNonRoot. For reference, see the Constraint template library.

\n

Changed

\n

Policy Controller bundles have been updated to the following versions: cis-gke-v1.4.0: 202402.0-preview, nist-sp-800-190: 202402.0, nist-sp-800-53-r5: 202402.0, pci-dss-v3.2.1: 202402.0, pss-baseline-v2022: 202402.0, pss-restricted-v2022: 202402.0. For reference, see Policy Controller bundles overview.

\n

Fixed

\n

Fixed a regression introduced in 1.16.0 that limits the length of the Secret name referenced in the spec.git.secretRef.name field of the RootSync object.

\n

Fixed

\n

Fixed a regression introduced in 1.17.0 that caused Config Sync to sometimes fail to pull the latest commit from a Git branch by upgrading git-sync (Config Sync dependency for pulling from git) from v4.1.0 to v4.2.1.

\nBackup and DR\n

Announcement

\n

Backup and DR Service 11.0.10.417 is now available to update your backup/recovery appliance. Refer to these instructions to update your appliance.

\n

Announcement

\n

Backup and DR Service 11.0.10 includes an operating system upgrade from CentOS 7 to Rocky Linux 8. As CentOS 7 will reach its End of Life (EOL) on June 24, 2024, you must upgrade to 11.0.10 before the EOL date to continue receiving security updates.

\n\n

To upgrade to 11.0.10, you should take a snapshot of the appliance's boot disk. If your backup/recovery appliance is on 11.0.5 or below, then you need to upgrade to 11.0.9 before successfully upgrading to 11.0.10. See 11.0.9 release notes to know how to back up the boot disk.

\n

Feature

\n

Backup and DR Service added support to access historical reports. Learn more.

\nBigQuery\n

Feature

\n

You can now add Salesforce Data Cloud data to BigQuery. This feature is generally available (GA).

\n

Feature

\n

Incremental materialized views now support LEFT OUTER JOIN and UNION ALL. This feature is in preview.

\nBigtable\n

Feature

\n

You can now view Bigtable cost data with instance granularity in the Google Cloud Billing detailed export to BigQuery. For more information, see Structure of detailed cost data export.

\nCompute Engine\n

Feature

\n

Generally available: In a managed instance group (MIG), you can set metadata and labels for all VMs in the group without the need to create a new instance template. For more information, see Override instance template properties with an all-instances configuration.

\n

Feature

\n

Generally available: In a managed instance group (MIG), you can turn off repairs to inspect failed and unhealthy VMs, to implement your own repair logic, or to monitor the application health without triggering repairs by MIG. For more information, see Turn off repairs in a MIG.

\nDataproc\n

Announcement

\n

New Dataproc on Compute Engine subminor image versions:

\n\n
    \n
  • 2.0.96-debian10, 2.0.96-rocky8, 2.0.96-ubuntu18
  • \n
  • 2.1.44-debian11, 2.1.44-rocky8, 2.1.44-ubuntu20, 2.1.44-ubuntu20-arm
  • \n
  • 2.2.10-debian12, 2.2.10-rocky9, 2.2.10-ubuntu22
  • \n
\nGoogle Distributed Cloud Virtual for Bare Metal\n

Announcement

\n

Release 1.28.300-gke.131

\n\n

GKE on Bare Metal 1.28.300-gke.131 is now available for download. To upgrade, see Upgrade clusters. GKE on Bare Metal 1.28.300-gke.131 runs on Kubernetes 1.28.

\n\n

If you use a third-party storage vendor, check the GDCV Ready storage partners document to make sure the storage vendor has already passed the qualification for this release of GKE on Bare Metal.

\n

Changed

\n

Functionality changes:

\n\n
    \n
  • Updated preflight checks to add a check for networking kernel modules.

  • \n
  • Updated preflight checks to remove the check for iptables package availability.

  • \n
  • Increased the default memory limit for node-exporter.

  • \n
\n

Fixed

\n

Fixes:

\n\n
    \n
  • Fixed an issue with configuring a proxy for your cluster that required you to manually set HTTPS_PROXY and NO_PROXY environment variables on the admin workstation.
  • \n
\n

Fixed

\n

The following container image security vulnerabilities have been fixed in 1.28.300-gke.131:

\n\n\n

Issue

\n

Known issues:

\n\n

For information about the latest known issues, see GKE on Bare Metal known issues in the Troubleshooting section.

\n

Announcement

\n

Release 1.15.11

\n\n

GKE on Bare Metal 1.15.11 is now available for download. To upgrade, see Upgrade clusters. GKE on Bare Metal 1.15.11 runs on Kubernetes 1.26.

\n\n

If you use a third-party storage vendor, check the GDCV Ready storage partners document to make sure the storage vendor has already passed the qualification for this release of GKE on Bare Metal.

\n

Fixed

\n

The following container image security vulnerabilities have been fixed in 1.15.11:

\n\n\n

Issue

\n

Known issues:

\n\n

For information about the latest known issues, see GKE on Bare Metal known issues in the Troubleshooting section.

\nGoogle Distributed Cloud Virtual for VMware\n

Announcement

\n

GKE on VMware 1.28.300-gke.123 is now available. To upgrade, see\nUpgrading GKE on VMware.\nGKE on VMware 1.28.300-gke.123 runs on Kubernetes v1.28.4-gke.1400.

\n\n

If you are using a third-party storage vendor, check the\nGDCV Ready storage partners\ndocument to make sure the storage vendor has already passed the qualification\nfor this release of GKE on VMware.

\n

Changed

\n
    \n
  • Increased the default memory limit for node-exporter.
  • \n
  • Updated the AIS version to hybrid_identity_charon_20240228_0730_RC00.
  • \n
\n

Fixed

\n

The following issues are fixed in 1.28.300-gke.123:

\n\n
    \n
  • Fixed the issue where the admin cluster backup did a retry on\nnon-idempotent operations.
  • \n
  • Fixed the\nknown issue\nwhere the controlPlaneNodePort field defaulted to 30968 when the manualLB\nspec was empty.
  • \n
  • Fixed the\nknown issue\nthat caused the preflight check to fail when the hostname wasn't in the IP\nblock file.
  • \n
  • Fixed the\nknown issue\nthat caused Kubelet to be flooded with logs stating that\n"/etc/kubernetes/manifests" does not exist on the worker nodes.
  • \n
\n\n

The following vulnerabilities are fixed in 1.28.300-gke.123:

\n\n\nSecurity Command Center\n

Feature

\n

Security Command Center detectors are now mapped to the following additional compliance frameworks:

\n\n
    \n
  • CIS Critical Security Controls v8
  • \n
  • Cloud Controls Matrix v 4
  • \n
  • HIPAA
  • \n
  • ISO 27001 (2022)
  • \n
  • NIST 800-53 (rev 5)
  • \n
  • NIST Cybersecurity Framework (v 1.0)
  • \n
  • PCI-DSS 4.0
  • \n
  • SOC 2 (2017)
  • \n
\nVPC Service Controls\n

Feature

\n

Preview stage support for the following integration:

\n\n\nreCAPTCHA Enterprise\n

Feature

\n

reCAPTCHA Enterprise platform logs are now available in Chronicle. Users can now view their reCAPTCHA assessment and annotation data in a structured and searchable data format in Chronicle. For more information, see Collect reCAPTCHA Enterprise logs.

\n\n ",
"author"=>nil,
"link"=>"https://cloud.google.com/release-notes#March_21_2024",
"published_date"=>Thu, 21 Mar 2024 07:00:00.000000000 UTC +00:00,
"image_url"=>nil,
"feed_url"=>"https://cloud.google.com/release-notes#March_21_2024",
"language"=>nil,
"active"=>true,
"ricc_source"=>"feedjira::v1",
"created_at"=>Sun, 31 Mar 2024 21:23:50.591940000 UTC +00:00,
"updated_at"=>Mon, 21 Oct 2024 16:58:32.727958000 UTC +00:00,
"newspaper"=>"GCP latest releases",
"macro_region"=>"Technology"}
Edit this article
Back to articles