0.18.31
GCP
Running VMs on behalf of a service account
Like all major clouds, GCP supports running a VM on behalf of a managed identity using a service account. Now you can assign a service account to a GCP VM with dstack by specifying the vm_service_account property in the GCP config:
type: gcp
project_id: myproject
vm_service_account: sa@myproject.iam.gserviceaccount.com
creds:
type: defaultAssigning a service account to a VM can be used to access GCP resources from within runs. Another use case is using firewall rules that rely on the service account as the target. Such rules are typical for Shared VPC setups when admins of a host project can create firewall rules for service projects based on their service accounts.
Volumes
Creating user home directory automatically
Following support for non-root users in Docker images, dstack improves handling of users' home directories. Most importantly, the HOME environment variable is set according to /etc/passwd, and the home directory is created automatically if it does not exist.
The update opens up new possibilities including the use of an empty volume for /home:
type: dev-environment
ide: vscode
image: ubuntu
user: ubuntu
volumes:
- volume-aws:/homeAWS volumes with non-Nitro instances
dstack users previously reported AWS Volumes not working with some instance types. This is now fixed and tested for all instance types supported by dstack including older Xen-based instances like the P3 family.
Deprecations
- The
home_dirandsetupparameters in run configurations have been deprecated. If you're usingsetup, movesetupcommands to the top ofinit.
What's changed
- [
dstack-shim] Implement multi-task state by @un-def in #2078 - [AWS] Support AWS volumes for Xen-based instances by @r4victor in #2088
- Handle empty user when processing image manifest by @un-def in #2090
- [Docs] Move Reference to a separate page for more space and better st… by @peterschmidt85 in #2092
- Init VirtualRepo when
--no-repospecified by @r4victor in #2098 - [Docs] Add missing backends docs reference by @r4victor in #2099
- [gateways] Support gateway features in
dstack-proxyby @jvstme in #2087 - [Docs] Add
Repospage insideConceptsto explain how repos work #2096 by @peterschmidt85 in #2097 - [GCP] Allow specifying
vm_service_accountin GCP config by @r4victor in #2110 - [
dstack-shim] Create user home directory if it doesn't exist by @un-def in #2109 - [Tests] Disallow remote network connections in tests by @un-def in #2111
- [Docs] Add Developers page featuring community links, ambassador program, contributing links, etc #2103 by @peterschmidt85 in #2104
- [Docs] Refactor the reference guide #2112 by @peterschmidt85 in #2113
- [Tests] Support tests that access db from a new thread by @r4victor in #2116
- [Deprecation] Deprecate
home_dirandsetupby @un-def in #2115
Full changelog: 0.18.30...0.18.31
