Skip to content

Releases: bacalhau-project/bacalhau

v1.3.0

25 Mar 15:21
@rossjones rossjones
v1.3.0
5428f7f
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.
Compare
Choose a tag to compare
v1.3.0 Latest
Latest

We are thrilled to announce the release of Bacalhau v1.3.0, a significant milestone in our quest for helping organizations of all sizes deal with the world of distributed compute. Packed with exciting new features like user access control, local results publishing, and TLS support, this release is built to address the needs of even the largest organizations without the complexity of traditional distributed platforms! 🚀

Without further ado, let’s dive in!

New Features

User access control

Bacalhau v1.3.0 now supports authentication and authorization of individual users with a flexible and customizable auth system that remains simple for single-node clusters but scales up well to wide enterprise deployments.

Bacalhau auth integrates well with whatever auth systems users already have. Bacalhau can use private keys, shared secrets, usernames, and passwords and 2FA. Additionally, Bacalhau offers OAuth2/OIDC for authentication and can apply access control to single users, groups, teams and can use RBAC or ABAC mechanisms as desired.

The default behaviour is unchanged. Users will be authenticated based on their private key and authorized to submit and control their own jobs and read-only information about the cluster will be available with authentication.

To start using user authentication, check out the auth docs and install a custom policy to control user access and their permissions.

Publishing and serving results on local disks

In Bacalhau v1.3.0 we are introducing a new publisher type that lets users publish to the local disk of the compute node. This will streamline the process of testing the publisher functionality without the need for a remote storage service. This is especially handy for those who are just getting started with Bacalhau.

The local publisher is composed of two parts: the publisher that compresses and moves job outputs to a specified location, and an HTTP server that delivers the content back to the user.

By default, the HTTP server listens on port 6001, but this can be modified using the --local-publisher-port flag. The server will deliver content from the directory specified by the local-publisher-directory flag, or, if not set, from a subdirectory of the configured Bacalhau storage directory. The --local-publisher-address flag can be used to set the address that the HTTP server listens on. Default values for this vary by environment (e.g., localhost for test and development environments, public for production environments), but users can set these values in the config if the defaults are not suitable.

We should stress that managing the storage is still the administrator’s responsibility. Because local storage necessarily means storing on a single node, thinking through clean up, persistence, etc. are things you should think through before moving into production!

NATS-based networking

In the Bacalhau v1.3.0 release, we are introducing a new transport layer to improve inter-node connectivity. This new layer utilizes NATS, a robust messaging system, instead of the existing libp2p transport.

With the introduction of NATS, we are simplifying the network requirements for Compute nodes. Now, only Orchestrator nodes (also known as Requester nodes) need to be publicly reachable. As a result, Compute nodes only need to know the address of a single Orchestrator node, and they can learn about and connect to other Orchestrators at runtime. This change not only simplifies the setup process but also enhances resilience as it allows Compute nodes to failover and reconnect to other Orchestrators when necessary. This change only affects inter-node communication, and the Bacalhau HTTP API is unchanged.

We acknowledge that adapting to new technologies takes time. In recognition of this, libp2p will continue to be supported as an alternative during this transition period. This ensures that you have the flexibility to migrate at your own pace. Users who wish to continue using libp2p need to specify the Node.Network.Type config option or --network flag as libp2p explicitly when running their network.

Persistent memory of connected nodes

The Bacalhau v1.3.0 release introduces a significant upgrade ensuring the persistence of node information across requester node restarts. This addresses a shortcoming of the previous in-memory store, which would lose all knowledge of compute nodes upon a restart. The new persistent store is a major advancement towards maintaining more accurate node information and tracking compute nodes that may be temporarily inaccessible to the cluster.

The new persistent store is used automatically when NATS-based networking is used.

TLS support for Bacalhau CLI

Bacalhau v1.3.0 now supports TLS requests to the requester node for all CLI commands. While the default communication remains HTTP, users can activate TLS calls using the command line flag --tls , setting the Node.ClientAPI.ClientTLS.UseTLS config option to true or by exporting the BACALHAU_API_TLS=1 environment variable.

For self-signed certificates, users can either accept insecure requests or provide a CA certificate file. The Node.ClientAPI.ClientTLS.CACert config option, BACALHAU_API_CACERT environment variable and --cacert flag can be used to verify the certificate with a provided CA certificate file. Alternatively, the Node.ClientAPI.ClientTLS.Insecure config option, --insecure flag or BACALHAU_API_INSECURE environment variable can be used to make API requests without certificate verification.

Customizable node names

In the Bacalhau v1.3.0 release, we've introduced a new feature that allows users to set their own nodeID. This addition gives users the flexibility to tailor their node names according to their preferences and needs.

Users have the option to manually set the node name, or they can opt for automatic generation using various providers. These providers include puuid (which is the default option), uuid, hostname, aws, and gcp.

The puuid option generates a node name using the n-{uuid} pattern, such as n-f1bab231-68ad-4c72-bab6-580cd49bf521. The uuid option generates a uuid as a node name. The hostname option uses the hostname as the node id, replacing any . with - to ensure compatibility with NATS. The aws option uses the EC2 instance name if the node is deployed on AWS, and the gcp option uses the VM's id if the node is deployed on GCP.

It's important to note that these providers will only be called into action if no existing node name is found in config.yaml, the CLI --name flag, or environment variables. Once a node name is generated, it will be persisted in config.yaml, ensuring that the node names are consistent across sessions.

To set the node name manually:

bacalhau serve --name my-custom-name

To use a puuid as the node name (which is the default):

bacalhau serve

To use the hostname as the node name:

bacalhau serve --name-provider hostname

This new feature is aimed at enhancing user customization and control, making Bacalhau even more user-friendly and adaptable to different user needs.

Improved telemetry and metrics

Bacalhau Telemetry Suite

In this update we have introduced a docker-compose based telemetry suite complete with open-telemetry, Prometheus, Grafana, and Jaeger containers for collecting and inspecting telemetry data emitted from bacalhau nodes. For details on running the suite see the respective README.md

Improved Visibility via New Metrics

In this update we have added new metrics to improve the observability of bacalhau nodes. These metrics include:

  • job_submitted: Number of jobs submitted to the Bacalhau node.
  • job_publish_duration_milliseconds: Duration of publishing a job on the compute node in milliseconds.
  • job_storage_upload_duration_milliseconds: Duration of uploading job storage input on the compute node in milliseconds.
  • job_storage_prepare_duration_milliseconds: Duration of preparing job storage input on the compute node in milliseconds.
  • job_storage_cleanup_duration_milliseconds: Duration of job storage input cleanup on the compute node in milliseconds.
  • job_duration_milliseconds: Duration of a job on the compute node in milliseconds.
  • docker_active_executions: Number of active docker executions on the compute node.
  • wasm_active_executions: Number of active WASM executions on the compute node.
  • bacalhau_node_info: A static metric with labels describing the bacalhau node.
    • node_id: ID of bacalhau node emitting metric
    • node_network_transport: bacalhau node network transport type (libp2p or NATs)
    • node_is_compute: true if the node is accepting compute jobs
    • node_is_requester: true if the node is serving as a requester node
    • node_engines: list of engines the node supports.
    • node_publishers: list of publishers the node supports.
    • node_storages: list of storages the node supports

Improved Out of Memory handling for Docker jobs

The Bacalhau CLI will now explain when Docker jobs run out of memory and include links to the Bacalhau documentation showing how to increase the memory limit for a job.

Improved configuration for IPFS

In this update, we have allowed for the embedded IPFS nodes gateway, API, and swarm listening multi-addresses to be configured, providing users with more control and determinism, particularly when configuring firewall rules.

This update also introduces changes when the --ipfs-serve-path flag is set, now preserving the content of the embedded IPFS nodes repo across Bacalhau restarts, maintaining any data the embedded IPFS node stored as well as its identity.

F...

Read more
Assets 16

v1.3.0-rc3

21 Mar 17:15
@rossjones rossjones
v1.3.0-rc3
0948775
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.
Compare
Choose a tag to compare
v1.3.0-rc3 Pre-release
Pre-release

What's Changed

Full Changelog: v1.2.3...v1.3.0-rc3

Contributors

rossjones, simonwo, and wdbaruni
Assets 16

v1.3.0-rc2

21 Mar 14:54
@rossjones rossjones
v1.3.0-rc2
b09858f
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.
Compare
Choose a tag to compare
v1.3.0-rc2 Pre-release
Pre-release

What's Changed

Full Changelog: v1.2.3...v1.3.0-rc2

Contributors

rossjones, simonwo, and wdbaruni
Assets 16

v1.3.0-rc1

21 Mar 08:05
@rossjones rossjones
v1.3.0-rc1
6e95335
Compare
Choose a tag to compare
v1.3.0-rc1 Pre-release
Pre-release

What's Changed

Full Changelog: v1.2.3...v1.3.0-rc1

Contributors

rossjones and simonwo
Assets 16

v1.2.3

18 Mar 12:30
@wdbaruni wdbaruni
v1.2.3
50d6afa
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.
Compare
Choose a tag to compare
v1.2.3

What's Changed

Read more

Contributors

aronchick, rossjones, and 7 other contributors
Assets 16

v1.2.3-rc2

14 Mar 15:58
@wdbaruni wdbaruni
v1.2.3-rc2
50d6afa
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.
Compare
Choose a tag to compare
v1.2.3-rc2 Pre-release
Pre-release

What's Changed

Full Changelog: v1.2.2...v1.2.3-rc2

Contributors

aronchick, rossjones, and 5 other contributors
Assets 16

v1.2.3-rc1

14 Mar 11:16
@wdbaruni wdbaruni
v1.2.3-rc1
f8664bc
Compare
Choose a tag to compare
v1.2.3-rc1 Pre-release
Pre-release

What's Changed

Full Changelog: v1.2.2-rc2...v1.2.3-rc1

Contributors

aronchick, rossjones, and 5 other contributors
Assets 16

v1.2.2

01 Mar 03:29
@simonwo simonwo
v1.2.2
19d52b7
Compare
Choose a tag to compare
v1.2.2

What's Changed

Full Changelog: v1.2.1...v1.2.2-rc3

Contributors

aronchick, rossjones, and 6 other contributors
Assets 16

v1.2.2-rc2

01 Mar 00:16
@simonwo simonwo
v1.2.2-rc2
9f9ae95
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.
Compare
Choose a tag to compare
v1.2.2-rc2 Pre-release
Pre-release

What's Changed

Full Changelog: v1.2.1...v1.2.2-rc2

Contributors

aronchick, rossjones, and 6 other contributors
Assets 2

v1.2.2-rc1

15 Feb 10:12
@wdbaruni wdbaruni
v1.2.2-rc1
d736980
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.
Compare
Choose a tag to compare
v1.2.2-rc1 Pre-release
Pre-release

What's Changed

  • WebUI Enhancements: A series of improvements have been made to the WebUI, including better linting, the addition of Mock Service Worker (MSW) for better frontend testing, storybook integration for UI component testing, and a move from webpack to Vite for a faster development experience. These changes aim to improve the development workflow and user interaction with Bacalhau's WebUI.
  • feat: add metrics to publisher and input storage by @frrist in #3360
  • External CLI tests and subsequent authn/z fixes by @simonwo in #3406
  • NATS based LogStream by @wdbaruni in #3407
  • Improve pagination and filtering of job list command. by @rossjones in #3344
  • Make publisher optional in CLI by @rossjones in #3417
  • Select network address based on type by @rossjones in #3394
  • Remove inmemory jobstore by @rossjones in #3422
  • Removes the compute node's inmemory store by @rossjones in #3424
  • Support anonymous mode authorization for V1 APIs by @simonwo in #3426
  • Require NATS clients to be authenticated with a server secret token by @simonwo in #3425
  • Adds support for specifying a default publisher on the server by @rossjones in #3430
  • Generate TLS server certificates, keys and CA by @olgibbons in #3443
  • Verify signatures of JWTs when authorizing by @simonwo in #3452
  • no job spec with executions by default by @wdbaruni in #3453
  • Improve job describe output by @wdbaruni in #3459

Full Changelog: v1.2.1...v1.2.2-rc1

Contributors

rossjones, simonwo, and 3 other contributors
Assets 2