This topic describes the changes in this minor release of Tanzu Cloud Service Broker for GCP.

v1.2.2

Release Date: July 11, 2023

Resolved Issues

This release fixes the following issues:

  • Apps Manager service images: The logo for each service is now displayed in Apps Manager and other GUI applications.

Google Cloud PostgreSQL

  • Object access issues in Google PostgreSQL: If an app creates an object, such as a table, with permissions that do not allow other users to see that object, subsequent bindings might fail, and other apps might fail to read the objects. For more information, see Binding Process Known Issue.

Known Issues

This release has the following issues:

General

  • Failure to select the right stack during install:

    Incorrect buildpack stack association when the stack cflinuxfs4 is not available in your deployment.

v1.2.1

Release Date: March 23, 2023

Breaking Changes

This release has the following breaking changes:

Google MySQL

  • Cloud Service Broker for GCP can no longer manage service instances created using the beta version of the Google MySQL service: These instances must be removed from Cloud Service Broker for GCP. For more information, see Retiring beta instances. If instances are not removed before the upgrade, then the upgrade operation fails.

  • Removed the cores property: The cores property no longer exists and is not configurable. Use the tier property instead to define compute and memory capacity. The old custom plans containing the property cores must be changed. For more information, see Changing custom plans.

  • Changed the format for binding credentials: The format for binding credentials has changed. Several properties have been exposed to configure TLS. The property use_tls previously exposed in the binding is now removed. For more information about the format, see Binding Credentials. You must change your application to correctly read the properties exposed in the binding credentials and register the certificate. For more information, see TLS Connections.

  • Removed Google MySQL pre-configured plans: From this version onwards, plans are no longer provided with the brokerpak. If you have MySQL service instances that you want to maintain that use the formerly built-in plans, you must add the plans through the tile configuration.

Google Storage Bucket

  • Format for binding credentials changed: The format for binding credentials has changed to only use the snake_case style instead of a combination of styles. For more information about the format, see the reference topic. You must change your application to correctly read the properties exposed in the binding credentials.

  • Removed Google Storage Bucket pre-configured plans: From this version onwards, plans are no longer provided with the brokerpak. If you have Google Storage Bucket service instances that you want to maintain that use the formerly built-in plans, you must add the plans through the tile configuration. For more information, see Previously Provided Pre-configured Plans in Google Storage Bucket Reference. For more information about upgrade steps, see Upgrading Cloud Service Broker for GCP.

Google Redis

  • Removed Google Redis pre-configured plans: From this version onwards, plans are no longer provided with the brokerpak. If you have Cloud Redis service instances that you want to maintain that use the formerly built-in plans, you must add the plans through the tile configuration. For more information, see Previously Provided Pre-configured Plans in Google Redis Reference. For more information about upgrade steps, see Upgrading Cloud Service Broker for GCP.

Features

New features and changes in this release.

General

  • The internal Terraform is upgraded to v1.3: Terraform v1.3 enables the product to use fixes and other updates to Terraform. You must upgrade all service instances. For more information, see Upgrading Cloud Service Broker for GCP.

  • New regions added to Ops Manager configuration: The list of available regions in the section to select the default region in Ops Manager has been completed.

Google Storage Bucket

  • Google Storage Bucket service is now generally available: The Google Storage Bucket service is no longer in beta and can now be used in production. Service instances provisioned by the beta version of the Google Cloud Storage service can still be used but this is discouraged. For more information, see About beta instances.

  • Removed the acl parameter associated with the plans: Because the parameter is no longer mandatory, it doesn’t influence the custom plans created. The removal of this parameter does not affect upgrading. For more information see the Resolved Issues section.

  • Multiregional storage class by default: From now on, the default storage class is multiregional. The default region set by the operator in the tile configuration section might not work for multi-region. For more information, see Configuration Parameters. For more information about the multiregional storage class, see the Google Cloud documentation.

  • Exposed the dual-region configuration property: The property placement_dual_region_data_locations is exposed to configure the list of individual regions that comprise a dual-region bucket. For more information, see Configuration Parameters.

  • Exposed the versioning configuration property: The property versioning is exposed to enable Object Versioning for the bucket. It retains a non-current object version each time you replace or delete a live object version. The default is false. For more information about versioning, see the Google Cloud documentation.

  • Exposed the property to prevent public access: The property public_access_prevention is exposed to configure whether or not to prevent public access for a storage bucket. Accepted values are inherited or enforced. Default is enforced.

  • Exposed the property to enable uniform bucket-level access to the bucket: The property uniform_bucket_level_access is exposed to configure whether to enable uniform bucket-level access to a bucket. For more information, see When enabled, the option becomes permanent after 90 days. The default is false. The option deactivates ACLs. For more information about uniform bucket-level access, see the Google Cloud documentation.

  • Exposed customer-managed encryption key configuration: The property default_kms_key_name is exposed, so you can use this property to configure your bucket to use your key to encrypt and decrypt your objects. The property represents the id of a Cloud KMS key. For more information, see Configuration Parameters.

  • Exposed the autoclass property: The property autoclass is exposed to configure whether it automatically transitions each object to hotter or colder storage based on object-level activity. This is to optimize for cost and latency. For more information, see Configuration Parameters.

  • Bucket lock and retention policy: New properties are exposed to configure the data retention policy for a Cloud Storage bucket that governs how long objects in the bucket must be retained. You can change the behavior through these properties:

    • retention_policy_retention_period: The period of time, in seconds, in which objects in the bucket must be retained and cannot be deleted, overwritten, or archived.
    • retention_policy_is_locked: Locks the retention policy to permanently set it on the bucket.

      For more information, see Configuration Parameters.

  • Exposed pre-defined ACLs: The property predefined_acl has been exposed to configure the bucket with a pre-defined Access Control List. For more information, see Configuration Parameters.

  • Improved bucket name constraints: Added new constraints to check the name of the bucket. If the name does not satisfy the new constraints, an early failure occurs for a better user experience. For more information, see Configuration Parameters.

  • Configure Cloud Storage plans from Ops Manager: You can now use Ops Manager to add custom plans from the new Cloud Storage configuration section in the broker’s general configuration.

  • Expanded storage class enumerator options: You can now use the ARCHIVE option. For more information, see Available storage classes.

Google MySQL

  • Google MySQL service is now generally available: The Google MySQL service is no longer in beta and can now be used in production. Service instances provisioned by the beta version of the Google MySQL service are no longer supported and must be removed. For more information, see Retiring beta instances.

  • Insecure connections are no longer permitted by default: The new property allow_insecure_connections controls whether unencrypted connections are allowed. It is false by default. For more information, see TLS Connections.

  • tier property exposed: The tier property is now configurable at plan creation or instance operations for Google MySQL. The tier property determines the computation and memory capacity of a Google MySQL database instance.

  • Storage auto-scaling controls exposed: New properties are exposed to control the storage auto-scaling functionality. You can change the behavior through these properties:

    • disk_autoresize: Enables auto-resizing of the storage size. It is true by default. When deactivating the storage auto-resizing, the value of the disk_autoresize_limit must also be set to 0.
    • disk_autoresize_limit: The maximum size in GB to which storage capacity can be automatically increased. The default value is 0, which specifies that there is no limit.
  • MySQL version is exposed: Previously the parameter mysql_version was restricted to a property plan. You can now choose the version you want when creating a plan or creating and updating the instance. This property is required if it is not defined in the plan.

  • deletion_protection can be configured and updated: Added a property that enables you to configure the deletion protection for the MySQL database in the plan configuration or during provision or update operations. By default, the protection is deactivated.

  • Maximum storage capacity limit removed: The maximum storage capacity limit no longer exists. From now on, you can select the storage capacity that you want. To understand the limits, see the Google Cloud documentation. The capacity cannot be reduced later.

  • Backups are now configurable: Regular backups are enabled by default, and you can configure them by using the following properties:

    • backups_retain_number: How many backups to retain. Setting this property to 0 deactivates regular backups.
    • backups_location: (Optional) Name of a specific GCP region in which to store backups. When left unspecified, multi-regional storage is used.
    • backups_start_time: Preferred time, in the format HH:MM, to start daily regular backups. It is 07:00 by default.
    • backups_transaction_log_retention_days: Controls the number of days to keep the transaction logs. It is 0 by default. Up to 7 days of transaction logs can be stored.
  • Longer password for the admin user: The length of the auto-generated password for the admin user is extended to 64 characters.

  • Configure MySQL plans from Ops Manager: You can now use Ops Manager to add custom plans from the new MySQL configuration section in the broker’s general configuration.

  • MySQL database server can be assigned a public IP address: A public IP address isn’t assigned by default, but can be enabled by using the public_ip property. When the public IP address is assigned, access is only allowed from the networks specified by the authorized_networks_cidrs property. For more information about using a public IP address for MySQL, see the Google Cloud documentation.

  • MySQL connection encryption: All MySQL connections are now encrypted. The binding credentials include certificates that can be used for verifying the connection.

  • Simplified network configuration: The property authorized_network was removed. From now on, you can configure the network by using only the authorized_network_id property. In other words, you use the ID of the Google Compute Engine network to which the instance is connected. If left unspecified, the default network of the region is used. For more information about upgrading, see the authorized network section.

  • High availability configuration: You can now turn on high availability for an instance by using the highly_available property. When enabled, this deploys two instances, primary and standby, in different zones of instance’s region. If needed, you can specify concrete zones by using the location_preference_zone and location_preference_secondary_zone parameters. You can turn high availability on or off, or re-assign the zone at any time. For more information on MySQL high availability, see the Google Cloud documentation.

Resolved Issues

This release has the following fixes:

  • Apps Manager service images: The logo for each service is now displayed in Apps Manager and other GUI applications.

All Services

  • Added provider_display_name property: The property provider_display_name was added to display the provider name for the service in graphical clients to better display the creator of the definition file.

  • Changed documentation URL in Service Definition YAML files: The documentation URL now points to the landing page of the official Cloud Service Broker for VMware Tanzu documentation.

Google Cloud Storage

  • Removal of the redundant acl parameter: The acl parameter associated with private and public-read plans was not in use and therefore did not influence the type of bucket created, which caused confusion. The parameter was removed from this version.

  • You can no longer update the bucket name: From now on, this modification is no longer available and results in an early failure to improve the user experience. Changing the bucket name has been disallowed because it forces the bucket to be recreated. The system does not allow the recreation of the service, so the operation resulted in an error.

Known Issues

  • Object access issues in Google PostgreSQL: If an app creates an object, such as a table, with permissions that do not allow other users to see that object, subsequent bindings might fail, and other apps might fail to read the objects. For more information, see Binding Process Known Issue.

  • Inconsistency in Credential Naming Conventions: There is a known issue affecting Spring applications that use autoconfiguration with spring-cloud-gcp-starter-storage and spring-cloud-gcp-cloudfoundry dependencies. These applications encounter difficulties when attempting to connect to Google Storage because the Cloud Service Broker (CSB) for GCP exposes GCP credentials under project_id and private_key_data, whereas the expected fields in the VCAP services JSON are ProjectId and PrivateKeyData. Additionally, the required service tag google-storage is absent, which may further disrupt proper service detection and configuration.

v1.2.0

This version was not released.

View Release Notes for Another Version

To view the release notes for another product version, select the version from drop-down menu at the top of this page.

check-circle-line exclamation-circle-line close-line
Scroll to top icon