RHBA-2015:1209 - Bug Fix Advisory

Topic

Red Hat OpenShift Enterprise release 3.0.0.1 is now available with updates to packages that fix several bugs.

Description

OpenShift Enterprise by Red Hat is the company's cloud computing Platform-as-a-Service (PaaS) solution designed for on-premise or private cloud deployments.

This update fixes the following bugs:

• Environments that require an HTTP(S) proxy could not clone external Git repositories. This was due to proxy environment variables not being propagated to builder components. This bug fix updates OpenShift to propagate any proxy settings to all builder components, and as a result environments that require an HTTP(S) proxy now clone Git repositories properly. For details on how to configure builds to use proxies, see https://docs.openshift.com/enterprise/3.0/dev_guide/builds.html#using-a-proxy-for-git-cloning, which will be updated shortly. (BZ#1235129)
• Image pruning previously would fail with "Unexpected status code in response: 400" messages. This was due to a bug in registry authentication blocking image pruning. This bug fix updates registry authentication to correctly allow users with "admin" and "image-pruner" privileges to prune images. As a result, these users can now prune images when authenticated with a token. Users authenticating with a certificate cannot prune images. Additionally, pruning of images associated with an image stream that has been removed will still fail; this will be resolved at a later date. (BZ#1235148)
• Previously, image streams created from a remote image that lacked the optional image configuration section could not be imported. An example of one such image is registry.access.redhat.com/library/rhel. This issue was due to OpenShift incorrectly handling the optional image configuration section as mandatory. This bug fix updates OpenShift to correctly handle the image configuration section as optional, and as a result remote images that lack image configuration sections are now properly imported. (BZ#1236084)
• Previously when using persistent volumes, volumes were not recycled properly when the persistentVolumeReclaimPolicy parameter in a persistent volume object was set to "Recycle". This was due to the volume recycler being called incorrectly. This bug fix updates OpenShift to correctly call the volume recycler, and as a result volumes are now properly recycled in this scenario. (BZ#1233540)

All OpenShift Enterprise 3.0 users are advised to upgrade to these updated packages.

Solution

Before applying this update, make sure all previously released errata relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258.

Affected Products

• Red Hat OpenShift Container Platform 3.0.0.0 x86_64

Fixes

• BZ - 1233540 - Persistent Volume does not get recycled when the persistentVolumeReclaimPolicy is "Recycle"
• BZ - 1235129 - `osc start-build` doesn't work under http(s) proxy
• BZ - 1235148 - Deleting image does not delete them from filesystem
• BZ - 1236084 - Unable to import tags/images from registry.access.redhat.com/library/rhel

CVEs

(none)

References

• http://www.redhat.com/security/updates/classification/#normal