FEATURES:
BUG FIXES:
- Update to VPC NAT Configuration if using Private Networking. GCP Dynamic Port Allocation causes problems with advanced Anyscale Network cluster startup processes. Disabling Dynamic Port Allocation and manually setting min/max ports per VM solves this. Added two new variables to the google-anyscale-vpc sub-module to support this configuration. Changed the minimum ports per VM to 32 from 64.
BREAKING CHANGES:
OTHER:
FEATURES:
- Optional new sub-module to manage the
_DefaultLogging Sink -sysloglogs are automatically enabled for new Projects and this can lead to unexpected storage costs in Projects with many active Anyscale clusters and nodes.
BUG FIXES:
BREAKING CHANGES:
OTHER:
- tflint updates
- pre-commit updates
- trivy rule update on cloudstorage module
FEATURES:
BUG FIXES:
- IAM Role fix to support new Anyscale Logging feature.
BREAKING CHANGES:
OTHER:
FEATURES:
- Update to GCP Terraform Provider v5
BUG FIXES:
- VPC Submodule
- Proxy Subnet fix for change to GCP APIs related to IPv6
- GCP released a change and with v5 of the GCP Terraform Provider, the IPv6 parameter for Proxy Only Subnets is not suported/required.
- Subnet Names are now managed by the root module
- The previous behavior was causing the replacement of Subnets on any parameter change to the root module.
- Proxy Subnet fix for change to GCP APIs related to IPv6
- VPC Firewall Submodule
- Update to use VPC ID for attachment instead of dynamically identifying from the name.
- The previous behavior was causing the replacement of the VPC Firewall on any parameter change to the root module.
- Update to use VPC ID for attachment instead of dynamically identifying from the name.
BREAKING CHANGES:
OTHER:
- Change from tfsec to trivy for pre-commit
- TFLint updated for GCP Ruleset
- General updates/fixes for all tests in submodule examples for VPC Firewall and CloudStorage
- pre-commit updates to the latest revisions
FEATURES:
- Bucket CORS Rules updates to support additional Anyscale UI functionality
BUG FIXES:
BREAKING CHANGES:
OTHER:
- Documentation updates
FEATURES:
- Support for shared VPC
- Example
anyscale-v2-vpc-sharedcreated to demonstrate this. Please make sure to read the README in the example for additional requirements. - Requires Anyscale CLI v0.5.163 or greater.
- Supports creating a Firewall in the Shared VPC Project if an existing firewall is not provided
- Example
- Update VPC Firewall to allow GCP Load Balancer Health Check CIDR ranges.
- This rule is required for Anyscale Services
- Minimal IAM Service Account Roles
- Project/Owner or Project/Editor are no longer required for the Anyscale Service Account.
BUG FIXES:
BREAKING CHANGES:
- Updates to output names for Service Accounts.
- Changes to IAM Service Account Terraform names
- This will replace existing IAM Service Accounts if upgrading.
- You will need to create new Anyscale Clouds.
OTHER:
- TFLint Rules Update
- Cleanup of unused variables
- pre-commit update
FEATURES:
- Support for existing Workload Identify Federation pool and provider
- This allows for following of Google's best practice of creating all WIF/WIP in a dedicated project.
- In this situation, the IAM submodule will NOT create a Workload Identity Federation Pool or Provider
- Additional example for Existing Identity Federation built and tested in /examples/anyscale-v2-existingidentityfederation
- If using this, please follow the Anyscale Documentation for GCP Workload Identity Federation
BUG FIXES:
BREAKING CHANGES:
OTHER:
- Updates to End to End testing python script
FEATURES:
BUG FIXES:
- Improved support for Anyscale Services on Private VPCs
- We've added an additional VPC proxy subnet to support load balancers on GCP when utilizing private VPCs.
- To utilize this feature, we've included a new root module optional variable:
anyscale_vpc_proxy_subnet_cidr - See the example in
/examples/anyscale-v2-privatenetwork
BREAKING CHANGES:
OTHER:
- General doc updates and cleanup
- Root module variables cleanup with better descriptions and examples
- tflint and changelog updates
- Initial pass at End to End testing integration
FEATURES:
BUG FIXES:
- Fix to the
google-anyscale-iamsubmodule whenanyscale_cloud_idis provided- When
anyscale_cloud_idis provided, the IAM submodule should update descriptions of the roles/resources created, however the way it was working was looking for a variable that was always null and thus causing a terraform error. This has been replaced with a try to see if the additional variable is populated.
- When
BREAKING CHANGES:
OTHER:
FEATURES:
- New integration for Anyscale Service Head Node fault tolerance.
- New optional submodule:
google-anyscale-memorystore- This sub-module can be used to create a Memorystore Redis instance which is then used with Anyscale Services to enable head node fault tolerance.
- Updates to
google-anyscale-cloudapisto optionally enable memorystore api (redis.googleapis.com) - To see how this module can be enabled and used, please look in the
examples/anyscale-v2-kitchensinkor theanyscale-v2-privatenetworkfolders
- New optional submodule:
- New logging integration via Vector with GCP Logging and Cloud Monitoring.
- Updates to
google-anyscale-iamto optionally grant access to GCP Logging and Cloud Monitoring - Updates to
google-anyscale-cloudapisto optionally enable GCP Logging (logging.googleapis.com) and Cloud Monitoring (monitoring.googleapis.com)
- Updates to
BUG FIXES:
BREAKING CHANGES:
OTHER:
- General doc updates and cleanup
- Root module variables cleanup with better descriptions and examples
- tflint and changelog updates
- Initial pass at End to End testing integration
FEATURES:
BUG FIXES:
BREAKING CHANGES:
OTHER:
- Doc updates, pre-commit update
FEATURES:
BUG FIXES:
BREAKING CHANGES:
OTHER:
- Changed defaults for File Store tier and size to match
anyscale cloud setupdefaults of STANDARD and 1TB.
FEATURES:
BUG FIXES:
BREAKING CHANGES:
OTHER:
- End to end unit tests for root module
FEATURES:
- Change the default filestore capacity size.
BUG FIXES:
BREAKING CHANGES:
OTHER:
FEATURES:
- CloudAPIs submodule - add additional APIs to match the APIs enabled by
anyscale cloud setup:- cloudresourcemanager.googleapis.com
- serviceusage.googleapis.com
- deploymentmanager.googleapis.com
BUG FIXES:
BREAKING CHANGES:
OTHER:
FEATURES:
- Add certificate manager API to the list of APIs to enable. This is to support Anyscale Services v2.
BUG FIXES:
BREAKING CHANGES:
OTHER:
FEATURES:
BUG FIXES:
- Removed STS API from the list of APIs to enable as it's not required for Anyscale to work.
BREAKING CHANGES:
OTHER:
FEATURES:
BUG FIXES:
BREAKING CHANGES:
OTHER:
- Examples updated to change var
anyscale_deploy_envto have a default ofproduction - Examples updated to call out the ability to override the bucket location via
anyscale_bucket_location - Getting-started cleanup and fixed broken links
FEATURES:
- Add getting started documentation
BUG FIXES:
BREAKING CHANGES:
FEATURES:
BUG FIXES:
- Change project permission from binding to member
BREAKING CHANGES:
FEATURES:
- Add condition to IAM Workload Identity Provider Pool to lock down the cross account access.
BUG FIXES:
- Fix destroy dependencies between VPC and VPC Firewall
- Update outputs in examples to support Anyscale CLI 0.5.102 which had a param name change
BREAKING CHANGES:
- There is a new required variable: anyscale_organization_id This variable is used for the condition for the Provider Pool
Initial commit
FEATURES:
- Google APIs Submodule
- CloudStorage Submodule
- FileStore Submodule
- IAM Submodule
- Google Project Submodule
- VPC Submodule
- VPC Firewall Submodule