RHBA-2015:2676 - Bug Fix Advisory

Topic

Updated packages that resolve various issues are now available for Red Hat
Enterprise Linux OpenStack Platform 7.0 (Kilo) for RHEL 7.

Description

Red Hat Enterprise Linux OpenStack Platform provides the facilities for
building a private or public infrastructure-as-a-service (IaaS) cloud
running on commonly available physical hardware.

This update addresses the following issues:

• Previously, due to mishandling of the renamed executables in the

KillFilter, upgrading dnsmasq caused the neutron-dhcp-agent to break.
With this release, the upgraded executables are handled correctly. As a
result, the 'neutron-dhcp-agent' proceeds after the dnsmasq
upgrade. (BZ#1251211)

• Previously, the redis-server did not wait until the server was ready

after daemonizing. As a result, the redis resource-agent erroneously
failed in some cases, causing Pacemaker to recover the redis resource
unnecessarily.
With this update, the redis-server process waits for a signal from the
child process before exiting after daemonizing. As a result, the Pacemaker
does not recover the redis resource unnecessarily. (BZ#1283240)

• With this update, OpenvSwitch changed from using port 6633 to 6653.

SELinux expects OpenvSwitch to use port 6633 causing OVS to fail when
running. To fix the issue, you need to tell SELinux that OVS is running
on port 6653 instead of 6633. (BZ#1260202)

• Previously, the Rados Gateway did not implement the complete API that

Tempest and its configuration expect. If the Object Storage endpoint is
configured to point to Rados Gateway, the Tempest configuration resulted
in failure.
With this update, the Tempest configuration checks if the
object-storage-feature-enabled.discoverability is set to 'false' on the
command line or through the '--deployer-input' option. If the option is
set to false, the object-storage tests will be skipped. As a result,
the configuration succeeds, but without the object-storage-tests running,
if the Rados Gateway is used. (BZ#1251237)

Solution

Before applying this update, ensure all previously released errata relevant
to your system have been applied.

Red Hat Enterprise Linux OpenStack Platform 7 runs on Red Hat Enterprise
Linux 7.2.

The Red Hat Enterprise Linux OpenStack Platform 7 Release Notes contain the
following:

• An explanation of the way in which the provided components interact to

form a working cloud computing environment.

• Technology Previews, Recommended Practices, and Known Issues.
• The channels required for Red Hat Enterprise Linux OpenStack Platform 7,

including which channels need to be enabled and disabled.

The Release Notes are available at:
https://access.redhat.com/documentation/en/red-hat-enterprise-linux-openstack-platform/version-7/red-hat-enterprise-linux-openstack-platform-7-release-notes/release-notes

This update is available through 'yum update' on systems registered through
Red Hat Subscription Manager. For more information about Red Hat
Subscription Manager, see:

https://access.redhat.com/documentation/en-US/Red_Hat_Subscription_Management/1/html/RHSM/index.html

Affected Products

• Red Hat Enterprise Linux Server 7 x86_64
• Red Hat Enterprise Linux Workstation 7 x86_64
• Red Hat Enterprise Linux Desktop 7 x86_64
• Red Hat OpenStack 7 x86_64

Fixes

• BZ - 1251211 - upgrading dnsmasq breaks neutron-dhcp-agent
• BZ - 1251237 - config_tempest.py breaks if Rados Gateway is configured for object-store
• BZ - 1260202 - Update selinux policies to allow new openvswitch ports
• BZ - 1271678 - diskimage-builder should not install unit tests
• BZ - 1271693 - python-tuskarclient should not install unit tests
• BZ - 1283240 - Redis can't demote previous redis master after rebooting the node.
• BZ - 1284436 - Redis fails to restart in HA setup due to SELinux

CVEs

(none)

References

• http://www.redhat.com/security/updates/classification/#normal