- Issued:
- 2018-05-17
- Updated:
- 2018-05-17
RHBA-2018:1579 - Bug Fix Advisory
Synopsis
OpenShift Container Platform 3.6 bug fix and enhancement update
Type/Severity
Bug Fix Advisory
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
Topic
Red Hat OpenShift Container Platform release 3.6.173.0.117 is now available with updates to packages and images that fix several bugs and add an enhancement.
Description
Red Hat OpenShift Container Platform is the company's cloud computing Platform-as-a-Service (PaaS) solution designed for on-premise or private cloud deployments.
This advisory contains the RPM packages for Red Hat OpenShift Container Platform 3.6.173.0.117. See the following advisory for the container images for this release:
https://access.redhat.com/errata/RHBA-2018:1578
This update fixes the following bugs:
- The number of fluentd outputs is computed in the startup script run.sh. When the forward plug-in was configured, it was not correctly counted. This caused a number of output to be missed when the forward plug-in was configured. The number of output is used for calculating the file buffer size and the size grew larger than expected. This bug fix updates the logic of the calculation to include the forward plug-in case. As a result, the correct output number then the correct file buffer size is now derived when the forward plug-in is configured. (BZ#1569554)
- The fluentd file buffer size is calculated in the startup script run.sh. In the calculation, the script gathers the number of outputs, then the available disk space is divided by the gathered number. When gathering the number of outputs, it missed the case for the non-secure forward. If it happened to be configured, the number of outputs was one less than actual. When the non-secure forward was configured, this caused the calculated file buffer size to be larger than the expected size, which might cause the disk to fill on the file system for the fluentd file buffer. With this bug fix, the non-secure forward case is taken into account. As a result, the file buffer size is correctly calculated when the non-secure forward is configured. (BZ#1557431)
This update also adds the following enhancement:
- Previously, OpenShift Container Platform defaulted the indexing request timeout for fluentd to 600 seconds, or about 10 minutes. In certain situations, this timeout was not long enough. If we make this essentially infinite, we'll avoid fluentd pods re-submitting requests unnecessarily. With this enhancement, the fluentd timeout is now 2147483648 and will wait for a very long time before resubmitting a request to Elasticsearch due to a timeout failure. As a result, this avoids fluentd pods being resubmitted unnecessarily. (BZ#1569550)
All OpenShift Container Platform 3.6 users are advised to upgrade to these updated packages and images.
Solution
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For OpenShift Container Platform 3.6 see the following documentation, which will be updated shortly for release 3.6.173.0.117, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:
https://docs.openshift.com/container-platform/3.6/release_notes/ocp_3_6_release_notes.html
This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258.
Affected Products
- Red Hat OpenShift Container Platform 3.6 x86_64
Fixes
- BZ - 1547599 - [3.6] missing node-to-node OVS flows
- BZ - 1554748 - [3.6] OCP on Azure - if the kubelet can't reach the Azure API - marked as NotReady
- BZ - 1557431 - [fluentd] take forward + secure_forward outputs into account when computing NUM_OUTPUTS
- BZ - 1559477 - Unhandled asynchronous exception, sending back 500: org.jboss.resteasy.spi.UnhandledException: RESTEASY003770: Response is committed, can't handle exception
- BZ - 1560424 - [CNS][3.6] Installation failed when enable openshift_storage_glusterfs_registry_block_storageclass with glusterfs_registry group
- BZ - 1569550 - Change the fluentd request timeout to be essentially infinite
- BZ - 1569554 - fluentd's NUM_OUTPUTS only takes secure_forward count into account
- BZ - 1574382 - [CNS][3.6] docker registry back end storage keep pending with invalid AccessModes error when glusterfs_registry_block_storageclass as default storageclass
CVEs
(none)
References
(none)
Note:
More recent versions of these packages may be available.
Click a package name for more details.
Red Hat OpenShift Container Platform 3.6
| SRPM | |
|---|---|
| atomic-openshift-3.6.173.0.117-1.git.0.b1f7e54.el7.src.rpm | SHA-256: 879d180f0b384319d52b07d5ba73d6435e6077fd8462b5e2defaa4170d22040d |
| cockpit-160-3.el7.src.rpm | SHA-256: 233162ebfd038e8a741b4c869bc18b5faae18c687510d0e75d230c8028d2de39 |
| openshift-ansible-3.6.173.0.117-1.git.0.8c22c43.el7.src.rpm | SHA-256: 66f15f66a50a13bc6ccd70c1366365ae774a972a0057214d05b92db5867408ab |
| x86_64 | |
| atomic-openshift-3.6.173.0.117-1.git.0.b1f7e54.el7.x86_64.rpm | SHA-256: 52c3d351f6610d7503f2ef6fc2809cefba0c6721c636964f4c72ae120fcc25b9 |
| atomic-openshift-clients-3.6.173.0.117-1.git.0.b1f7e54.el7.x86_64.rpm | SHA-256: a68db92682bd179fb70eab9e0807f351f93ec17785183b3849a14ebb31110e8a |
| atomic-openshift-clients-redistributable-3.6.173.0.117-1.git.0.b1f7e54.el7.x86_64.rpm | SHA-256: 003c351d1faae12948016b5beb9c8fd60120de4bf07b71c24aecf8189be30484 |
| atomic-openshift-cluster-capacity-3.6.173.0.117-1.git.0.b1f7e54.el7.x86_64.rpm | SHA-256: ddc9f93fd55a450bfb9ad56937d559dd74214b24533776dd8f54e6c6fd045286 |
| atomic-openshift-docker-excluder-3.6.173.0.117-1.git.0.b1f7e54.el7.noarch.rpm | SHA-256: 5fe4c0a999937c20f4749ea3d4f3dc10b54e0604e889f6224c68d3ac9738d347 |
| atomic-openshift-dockerregistry-3.6.173.0.117-1.git.0.b1f7e54.el7.x86_64.rpm | SHA-256: 1c711b5f8bf98f4af918c3c48d5b0e702b9bcdb25a3a0ae8c3282e5f53f8ea18 |
| atomic-openshift-excluder-3.6.173.0.117-1.git.0.b1f7e54.el7.noarch.rpm | SHA-256: 5d624efd0a9eaa05742c415b2d0e033058ca02185beba055c21d63fef2f4e3c9 |
| atomic-openshift-federation-services-3.6.173.0.117-1.git.0.b1f7e54.el7.x86_64.rpm | SHA-256: 5cfdb60f153341315d4fb1529597a91adbb1a37997572e69de026bf0c59b44d3 |
| atomic-openshift-master-3.6.173.0.117-1.git.0.b1f7e54.el7.x86_64.rpm | SHA-256: 15a2518a7cec06a03e7b15f3ecf671db02776943b9093760707751556403ef54 |
| atomic-openshift-node-3.6.173.0.117-1.git.0.b1f7e54.el7.x86_64.rpm | SHA-256: 531a7460331b4395f7c4cbdf890098ccdc9c36e6957e4cc50b93a73e2d1186ea |
| atomic-openshift-pod-3.6.173.0.117-1.git.0.b1f7e54.el7.x86_64.rpm | SHA-256: 04a1a3199c84b069c529d8eda442bd298ad5b89422ef57ad3c37036e35a6f1b2 |
| atomic-openshift-sdn-ovs-3.6.173.0.117-1.git.0.b1f7e54.el7.x86_64.rpm | SHA-256: 76ac7aadb212df5bc88be2985ce5a2e1dd32027dffa1723a7ac54d1400188202 |
| atomic-openshift-service-catalog-3.6.173.0.117-1.git.0.b1f7e54.el7.x86_64.rpm | SHA-256: a17253f1311885b78eb21f94b82a2c0d371730ee2732a2aabeaa04ff71c26c13 |
| atomic-openshift-tests-3.6.173.0.117-1.git.0.b1f7e54.el7.x86_64.rpm | SHA-256: 3d753db05ee2c2e8e0cd91f1c20fe7de94a6cfabbbd87429ec8cf5758bf40a22 |
| atomic-openshift-utils-3.6.173.0.117-1.git.0.8c22c43.el7.noarch.rpm | SHA-256: 82de289040e1c5e95ebb6de723f39ec0deafe2e7a398e18f8d9cd752544473b1 |
| cockpit-debuginfo-160-3.el7.x86_64.rpm | SHA-256: c41aae9ab3ee457abf48852d2dcd31f1e44290ea91f3dfebdba558f6780b9bea |
| cockpit-kubernetes-160-3.el7.x86_64.rpm | SHA-256: eebac62069aeceddbf3b2a99d01892053629e1d051761d9ffa17a799f97eecea |
| openshift-ansible-3.6.173.0.117-1.git.0.8c22c43.el7.noarch.rpm | SHA-256: fdd7b3134339dd2630be5e0a875cb9a3143238f5007006fa109f0695f7f80bc8 |
| openshift-ansible-callback-plugins-3.6.173.0.117-1.git.0.8c22c43.el7.noarch.rpm | SHA-256: 0e2ec30c0613e45879a8203b3d3d5e02347af02768a36e934d4672f19e1c0637 |
| openshift-ansible-docs-3.6.173.0.117-1.git.0.8c22c43.el7.noarch.rpm | SHA-256: 472e213117b44f5681e93603c6ce9cd09130366a6f3df07a046b5f66f02fcc37 |
| openshift-ansible-filter-plugins-3.6.173.0.117-1.git.0.8c22c43.el7.noarch.rpm | SHA-256: 18d1de8d4cc85afccbf1988873d641d7fea9078cfc840e218423726c154b304c |
| openshift-ansible-lookup-plugins-3.6.173.0.117-1.git.0.8c22c43.el7.noarch.rpm | SHA-256: de5dd051f2f9180ecba214d5cda903dd202e3816508e0f435e798a320f6f0cc1 |
| openshift-ansible-playbooks-3.6.173.0.117-1.git.0.8c22c43.el7.noarch.rpm | SHA-256: 834c806bd3d1099646590f9a1a779599806c315d5f34522d16377fcb680dcf00 |
| openshift-ansible-roles-3.6.173.0.117-1.git.0.8c22c43.el7.noarch.rpm | SHA-256: 47edb27a1a4c0b7af759c3d926f00a81efd3a34b78906c6efb67281113ff915d |
| tuned-profiles-atomic-openshift-node-3.6.173.0.117-1.git.0.b1f7e54.el7.x86_64.rpm | SHA-256: 98b4531655a2e0cfd02d6ddbce32f4e603d067a6dbb262cba3cb2009efb6eab5 |
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.
