AWS
Private subnets
By default, dstack uses public IPs for SSH access to running instances, requiring public subnets in the VPC. The new update allows instances to use private subnets instead.
To create instances only in private subnets, set `public_ips` to `false` in the AWS backend settings:
type: aws
creds:
type: default
vpc_ids:
...
public_ips: false
> [!NOTE]
> * Both `dstack server` and the `dstack` CLI should have access to the private subnet to access instances.
> * If you want running instances to access the Internet, the private subnets need to have a NAT gateway.
On-prem instances
Multi-node tasks
The `dstack pool add-ssh` command now supports the `--network` argument. Use this argument if you want to use multiple instances that share the same local network as a cluster to run multi-node tasks.
The `--network` argument accepts the IP address range (CIDR) of the local network of the instance.
Example:
shell
dstack pool add-ssh -i ~/.ssh/id_rsa ubuntu141.144.229.104 --network 10.0.0.0/24
Once you've added multiple instances with the same network value, you'll be able to use them as a cluster to run multi-node tasks.
Gateways
`dstack apply`
Previously, to create or update gateways, one had to use the `dstack gateway create` or `dstack gateway update` commands.
Now, it's possible to define a gateway configuration via YAML and create or update it using the `dstack apply` command.
Example:
yaml
type: gateway
name: example-gateway
backend: gcp
region: europe-west1
domain: example.com
shell
dstack apply -f examples/deployment/gateway.dstack.yml
For now, the `dstack apply` command only supports the `gateway` configuration type. Soon, it will also support `dev-environment`, `task`, and `service`, replacing the `dstack run` command.
The `dstack destroy` command can be used to delete resources.
Private gateways
By default, gateways are deployed using public subnets. Since `0.18.2`, it is now possible to deploy gateways using private subnets. To do this, you need to set `public_ips` to `false` and specify the ARN of a certificate from AWS Certificate Manager.
type: gateway
name: example-gateway
backend: aws
region: eu-west-1
domain: "example.com"
public_ip: false
certificate:
type: acm
arn: "arn:aws:acm:eu-west-1:3515152512515:certificate/3251511125--1241-1224-121251515125"
In this case, `dstack` will deploy the gateway in a private subnet behind a load balancer using the specified certificate.
> [!NOTE]
> Private gateways are currently supported only for AWS.
What's changed
* Support multi-node tasks with `dstack pool add-ssh` instances by TheBits in https://github.com/dstackai/dstack/pull/1189
* Fixed the JSON schema errors by r4victor in https://github.com/dstackai/dstack/pull/1193
* Support spot instances with `runpod` by Bihan in https://github.com/dstackai/dstack/pull/1119
* Speed up AWS VPC validation by r4victor in https://github.com/dstackai/dstack/pull/1196
* [Internal] Optimize `ProjectModel` loading by r4victor in https://github.com/dstackai/dstack/pull/1199
* Support provisioning instances without public IPs on AWS by r4victor in https://github.com/dstackai/dstack/pull/1203
* Minor improvements of `dstack pool add-ssh` by TheBits in https://github.com/dstackai/dstack/pull/1202
* Instances cannot be reused by other users by TheBits in https://github.com/dstackai/dstack/pull/1204
* Do not create AWS instance profile when launching instances by r4victor in https://github.com/dstackai/dstack/pull/1212
* Allow running services without `https` by r4victor in https://github.com/dstackai/dstack/pull/1217
* Implement `dstack apply` for gateways by r4victor in https://github.com/dstackai/dstack/pull/1223
* Support gateways without public IPs on AWS by r4victor in https://github.com/dstackai/dstack/pull/1224
* Support `--network` with `dstack pool add-ssh` by TheBits in https://github.com/dstackai/dstack/pull/1225
* [Internal] Make gateway creation async by r4victor in https://github.com/dstackai/dstack/pull/1236
* Using a more resourceful VM type by default for GCP gateway by r4victor in https://github.com/dstackai/dstack/pull/1237
* Handle properly if the `network` passed to `dstack pool add-ssh` is not correct by TheBits in https://github.com/dstackai/dstack/pull/1233
* Use valid GCP resource names by r4victor in https://github.com/dstackai/dstack/pull/1248
* Always try to restart `dstack-shim.service` with `dstack pool add-ssh` by TheBits in https://github.com/dstackai/dstack/pull/1253
* [Internal] Improve instance processing by r4victor in https://github.com/dstackai/dstack/pull/1251
* Changed `dstack pool remove` to `rm` by muddi900 in https://github.com/dstackai/dstack/pull/1258
* Support gateways behind ALB with ACM certificate by r4victor in https://github.com/dstackai/dstack/pull/1264
* Support IP addresses with `--network` by TheBits in https://github.com/dstackai/dstack/pull/1263
* [Internal] Fix double unlocking when processing runs and instances by r4victor in https://github.com/dstackai/dstack/pull/1268
* Add dstack destroy command and improve dstack apply by r4victor in https://github.com/dstackai/dstack/pull/1271
* Fix instances from pools ignoring regions by r4victor in https://github.com/dstackai/dstack/pull/1272
* Add the `axolotl` example by deep-diver in https://github.com/dstackai/dstack/pull/1187
New Contributors
* muddi900 made their first contribution in https://github.com/dstackai/dstack/pull/1258
**Full Changelog**: https://github.com/dstackai/dstack/compare/0.18.1...0.18.2