Skip to navigation Skip to main content

Utilities

  • Subscriptions
  • Downloads
  • Containers
  • Support Cases
Red Hat Customer Portal
  • Subscriptions
  • Downloads
  • Containers
  • Support Cases
  • Products & Services

    Products

    Support

    • Production Support
    • Development Support
    • Product Life Cycles

    Services

    • Consulting
    • Technical Account Management
    • Training & Certifications

    Documentation

    • Red Hat Enterprise Linux
    • Red Hat JBoss Enterprise Application Platform
    • Red Hat OpenStack Platform
    • Red Hat OpenShift Container Platform
    All Documentation

    Ecosystem Catalog

    • Red Hat Partner Ecosystem
    • Partner Resources
  • Tools

    Tools

    • Troubleshoot a product issue
    • Packages
    • Errata

    Customer Portal Labs

    • Configuration
    • Deployment
    • Security
    • Troubleshoot
    All labs

    Red Hat Insights

    Increase visibility into IT operations to detect and resolve technical issues before they impact your business.

    Learn More
    Go to Insights
  • Security

    Red Hat Product Security Center

    Engage with our Red Hat Product Security team, access security updates, and ensure your environments are not exposed to any known security vulnerabilities.

    Product Security Center

    Security Updates

    • Security Advisories
    • Red Hat CVE Database
    • Security Labs

    Keep your systems secure with Red Hat's specialized responses to security vulnerabilities.

    View Responses

    Resources

    • Security Blog
    • Security Measurement
    • Severity Ratings
    • Backporting Policies
    • Product Signing (GPG) Keys
  • Community

    Customer Portal Community

    • Discussions
    • Private Groups
    Community Activity

    Customer Events

    • Red Hat Convergence
    • Red Hat Summit

    Stories

    • Red Hat Subscription Value
    • You Asked. We Acted.
    • Open Source Communities
Or troubleshoot an issue.

Select Your Language

  • English
  • Français
  • 한국어
  • 日本語
  • 中文 (中国)

Infrastructure and Management

  • Red Hat Enterprise Linux
  • Red Hat Satellite
  • Red Hat Subscription Management
  • Red Hat Insights
  • Red Hat Ansible Automation Platform

Cloud Computing

  • Red Hat OpenShift
  • Red Hat OpenStack Platform
  • Red Hat OpenShift Container Platform
  • Red Hat OpenShift Data Science
  • Red Hat OpenShift Dedicated
  • Red Hat Advanced Cluster Security for Kubernetes
  • Red Hat Advanced Cluster Management for Kubernetes
  • Red Hat Quay
  • OpenShift Dev Spaces
  • Red Hat OpenShift Service on AWS

Storage

  • Red Hat Gluster Storage
  • Red Hat Hyperconverged Infrastructure
  • Red Hat Ceph Storage
  • Red Hat OpenShift Data Foundation

Runtimes

  • Red Hat Runtimes
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat Data Grid
  • Red Hat JBoss Web Server
  • Red Hat Single Sign On
  • Red Hat support for Spring Boot
  • Red Hat build of Node.js
  • Red Hat build of Quarkus

Integration and Automation

  • Red Hat Application Foundations
  • Red Hat Fuse
  • Red Hat AMQ
  • Red Hat 3scale API Management
All Products
Red Hat Product Errata RHBA-2018:2213 - Bug Fix Advisory
Issued:
2018-07-18
Updated:
2018-07-18

RHBA-2018:2213 - Bug Fix Advisory

  • Overview
  • Updated Packages

Synopsis

OpenShift Container Platform 3.9 bug fix update

Type/Severity

Bug Fix Advisory

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

Red Hat OpenShift Container Platform release 3.9.33 is now available with updates to packages and images that fix several bugs.

Description

Red Hat OpenShift Container Platform is the company's cloud computing Platform-as-a-Service (PaaS) solution designed for on-premise or private cloud deployments.

This advisory contains the RPM packages for Red Hat OpenShift Container Platform 3.9.33. See the following advisory for the container images for this release:

https://access.redhat.com/errata/RHBA-2018:2212

This update fixes the following bugs:

  • The latest versions of *container-selinux* prevent pods from running systemd unless `container_manage_cgroup` is set to true. The installer now sets this boolean to `true` at install time ensuring that pods with systemd run as expected. (BZ#1589929)
  • Port 10256 is now opened on hosts, which resolves an issue where service load balancer health checks failed because the port was not opened. (BZ#1594306)
  • The defaults for the Searchguard index are set to autoexpand to the number of nodes minus 1. This causes the number of replicas for *_.searchguard_* indices to expand to the number of nodes in the cluster, but if any one node goes down, the cluster will never return to a green state without all nodes coming back. This bug fix uses the `sgadmin` tool to disable replica expansion, updates replicas to `0`, and modifies the index setting to allocate to a named node. As a result, the Searchguard index has auto replica expansion disabled, replicas set to `0`, and is allocated to a specific node. (BZ#1582232)
  • The *fluent-plugin-elasticsearch* improperly handled bookkeeping of the records being submitted. This caused Fluentd to be stuck processing even though there was a valid request and response. This bug fix properly accounts for the records submitted to Elasticsearch. As a result, the pipeline no longer gets stuck. (BZ#1593310)
  • The installer was creating an incorrect `spec` attribute for CPU and memory for logging. Additionally, it did not allow modifying the `cpu_limit` setting. This caused the values to be ignored. This bug fix conditionally patches in the `cpu_limit` setting if it is defined and corrects the attribute name used to specify CPU and memory requests. As a result, the values are now honored as expected. (BZ#1592551)
  • Previously, enabling autoscaling from the *Add to project* -> *advanced options* page in the web console would not work correctly. The horizontal pod autoscaler would not correctly target the deployment configuration created for your application. This only was a problem when enabling autoscaling while creating the application; enabling autoscaling later worked correctly. This bug fixes updates the web console, and autoscaling is now correctly enabled from the application creation form. (BZ#1590936)
  • Previously, the resource *Replication Controller Dummy* could appear in the types in the *Other Resources* page of the web console. This type would cause an error when it was selected. This bug fix removes this type from the list because it is not a real resource that users would create. (BZ#1589838)
  • This bug fix ensures `spec` validations of service bindings do not include status, such that storage migrations during upgrade properly succeed. (BZ#1586135)

All OpenShift Container Platform 3.9 users are advised to upgrade to these updated packages and images.

Solution

Before applying this update, make sure all previously released errata relevant to your system have been applied.

For OpenShift Container Platform 3.9 see the following documentation, which will be updated shortly for release 3.9.33, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:

https://docs.openshift.com/container-platform/3.9/release_notes/ocp_3_9_release_notes.html

This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258.

Affected Products

  • Red Hat OpenShift Container Platform 3.9 x86_64

Fixes

  • BZ - 1557345 - some pods are scheduled to masters when openshift.io/node-selector="" in namespace
  • BZ - 1582232 - The .searchguard indices end up with 2 replicas by default
  • BZ - 1582875 - Secured Wildcard route takes over all unsecured routes in same subdomain
  • BZ - 1583148 - [CNS][3.9] Installation failed due to GlusterFS pods try to pull image from docker.io
  • BZ - 1583718 - [3.9] Service uses type ClusterIP and cloudprovider tries to create loadbalancer
  • BZ - 1586135 - Upgrade from 3.7 to 3.9 fail at the Task [Upgrade all storage] for servicebinding (fix for 3.9.z)
  • BZ - 1587996 - [3.9] OpenShift container registry is not able to use eu-west-3 for s3 storage.
  • BZ - 1589838 - "Unknown resource: replicationcontrollerdummies/extensions/v1beta1"
  • BZ - 1589929 - CFME httpd pod fail to get started after deployed on ocp-3.9
  • BZ - 1590059 - Trigger a deploy of DC manually caused too much time to finish because of evicted pods.
  • BZ - 1590936 - Hpa has incorrect ref apiversion if it is created with app creation
  • BZ - 1591632 - master controllers edits the secret after upgrade to 3.9
  • BZ - 1592551 - [3.9]openshift_logging_eventrouter_cpu_limit and openshift_logging_eventrouter_cpu_request don't take effect
  • BZ - 1593310 - Fluent pipeline stuck because records in request do not equal response
  • BZ - 1594306 - Service load balancers don't work on GCP (and others) that depend on health port being exposed

CVEs

(none)

References

(none)

Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat OpenShift Container Platform 3.9

SRPM
atomic-openshift-3.9.33-1.git.0.c35d02e.el7.src.rpm SHA-256: b12aaa3612e868787a5549d0231b250ad886a5c374722d21fbd6f88b8415cdfb
atomic-openshift-web-console-3.9.33-1.git.248.9592e57.el7.src.rpm SHA-256: 8c082562b1fa4085b800ffc335e5849e2c3e065ea7bf69c5cd71422e732748d2
cri-o-1.9.13-1.git52a8e70.el7.src.rpm SHA-256: 2ece8fddfacdc7a92bed957f819cab90f928283155d71216d3b5dab721419149
golang-github-prometheus-node_exporter-3.9.33-1.git.892.9737971.el7.src.rpm SHA-256: 792feaae3669bc448df078658e50fa7617e275cab8f1da347c0b95be40e89726
jenkins-2.89.4.1528997057-1.el7.src.rpm SHA-256: 0334d70779dd8f4911bf1277b150e13045bee353bc5124baba976aea0e3df82b
openshift-ansible-3.9.33-1.git.56.19ba16e.el7.src.rpm SHA-256: 1faa020f7fa1a6ccf355cefb1b80a362d33182bda6484c6e921749366380d260
rubygem-fluent-plugin-elasticsearch-1.17.0-1.el7.src.rpm SHA-256: 81c8adee63445c2c6b39eeb243588631f3dae94560bccc75da92e93cb4afe610
x86_64
atomic-openshift-3.9.33-1.git.0.c35d02e.el7.x86_64.rpm SHA-256: 2efb617c2f22e1e14adac14dc11b205b13962266bfd1263e58b3dc7f972cc2c1
atomic-openshift-clients-3.9.33-1.git.0.c35d02e.el7.x86_64.rpm SHA-256: 65b0e86b2fb3da514a1f4d0ae11ed21d60fbf2a870ab7a28ca36c6515bbadbcf
atomic-openshift-clients-redistributable-3.9.33-1.git.0.c35d02e.el7.x86_64.rpm SHA-256: 58d99a00e1c88d8d120cfae9b1463943343747b04225bab55f7fffbef81a2da5
atomic-openshift-cluster-capacity-3.9.33-1.git.0.c35d02e.el7.x86_64.rpm SHA-256: f85840486575324d99b82943b3fb8b5887384b1b17a9ee5a638374fd0a601755
atomic-openshift-docker-excluder-3.9.33-1.git.0.c35d02e.el7.noarch.rpm SHA-256: c24d94b883b706db420333cd00bb4092467b91a097cb70adea542706ca12f19e
atomic-openshift-dockerregistry-3.9.33-1.git.351.9526827.el7.x86_64.rpm SHA-256: 8560914c266956b9d32de1a14fcd1cdc4d831a6ee2b7cee08ae6bf5d2d958f18
atomic-openshift-excluder-3.9.33-1.git.0.c35d02e.el7.noarch.rpm SHA-256: 7f083681c6206027ef4356a646dd5192420e56a682e90e1f2b7a032e14227bf3
atomic-openshift-federation-services-3.9.33-1.git.0.c35d02e.el7.x86_64.rpm SHA-256: 863693ae48f215bd1da67e28522a2892cd40f336220647d1174bcc12db1145fb
atomic-openshift-master-3.9.33-1.git.0.c35d02e.el7.x86_64.rpm SHA-256: e42ea17399dcfb7c038c67f702b80eb4babbb55b72643be9ca76312d8e0b81d9
atomic-openshift-node-3.9.33-1.git.0.c35d02e.el7.x86_64.rpm SHA-256: 90c626757ffe95fba7ad3892653f6aae5edf3ae9a3e430a6bcae4922db4f7265
atomic-openshift-pod-3.9.33-1.git.0.c35d02e.el7.x86_64.rpm SHA-256: 6a4eeb5254960d9ae24cbe8e90c7e2c4573fd077d5f459865cdd1622c416217f
atomic-openshift-sdn-ovs-3.9.33-1.git.0.c35d02e.el7.x86_64.rpm SHA-256: ae0fb5fabba4068390e7f38cf485dae40be76e872c970e0a46faa787b4fe08cd
atomic-openshift-service-catalog-3.9.33-1.git.0.c35d02e.el7.x86_64.rpm SHA-256: 9ce898a5b4cecdb890cd6c6a329abfbcbf41e24d2b14bf7966e9bc9435576046
atomic-openshift-template-service-broker-3.9.33-1.git.0.c35d02e.el7.x86_64.rpm SHA-256: 6a1fe74c8cd9219990010f8d68bde0bd417c138d811489f302347cff6cb367fa
atomic-openshift-tests-3.9.33-1.git.0.c35d02e.el7.x86_64.rpm SHA-256: 9a512c32025b88dee85315a3adb8815dc3aff5225c75c51a473c899d3d38c979
atomic-openshift-utils-3.9.33-1.git.56.19ba16e.el7.noarch.rpm SHA-256: 973ac8bcbc910c19f2facbc907dd415d63b0984f863423bb064e4921635f83a4
atomic-openshift-web-console-3.9.33-1.git.248.9592e57.el7.x86_64.rpm SHA-256: d7498da22ec592b7c161f4bb8f02a47f3f2c95a59fdd3316ea9fdd72717980ca
cri-o-1.9.13-1.git52a8e70.el7.x86_64.rpm SHA-256: afcadec52a6ea831ed535f1e2032b0e3b70fa44f7c9bb99d3d706d3359f7c8c3
cri-o-debuginfo-1.9.13-1.git52a8e70.el7.x86_64.rpm SHA-256: 27d123fa109dc7554da08a544c9fbd2f9e29b7fc51660a7632c71e47be0239e0
jenkins-2.89.4.1528997057-1.el7.noarch.rpm SHA-256: 814ded8cd39af30aa0e2ec37555bdce48034bbc79d7983bde6811a5f9f09e1f2
openshift-ansible-3.9.33-1.git.56.19ba16e.el7.noarch.rpm SHA-256: 24102746a66a55306646f0bf939ae5bff4b27aff68e5313687c1ef4239db6424
openshift-ansible-docs-3.9.33-1.git.56.19ba16e.el7.noarch.rpm SHA-256: eea2f9fd61c25090723341e4bdb6f38e99e39467ac9ad6b6241782afacd743d0
openshift-ansible-playbooks-3.9.33-1.git.56.19ba16e.el7.noarch.rpm SHA-256: 65992b56d1b1eda336ba7f70f539960ad5a674ccf44d1874404e59d37516c399
openshift-ansible-roles-3.9.33-1.git.56.19ba16e.el7.noarch.rpm SHA-256: 181369a51591370e5e8ca07393d1d46b5568efa2d6173ce1c4e1a63bc29c1f1c
prometheus-node-exporter-3.9.33-1.git.892.9737971.el7.x86_64.rpm SHA-256: 24f17b209a7335bdafa024c8eefd6c10610488ff88d5a8d4f9fa55b6141b6d95
rubygem-fluent-plugin-elasticsearch-1.17.0-1.el7.noarch.rpm SHA-256: c6ede63d2c3eab0b1302e06afe94a358372e38f3666b96186863b532bc86a0e9
rubygem-fluent-plugin-elasticsearch-doc-1.17.0-1.el7.noarch.rpm SHA-256: e087d2c9f5cdb771e4088666842237283026728dfbeb4d16aa71737a4108bd03

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Red Hat

Quick Links

  • Downloads
  • Subscriptions
  • Support Cases
  • Customer Service
  • Product Documentation

Help

  • Contact Us
  • Customer Portal FAQ
  • Log-in Assistance

Site Info

  • Trust Red Hat
  • Browser Support Policy
  • Accessibility
  • Awards and Recognition
  • Colophon

Related Sites

  • redhat.com
  • developers.redhat.com
  • connect.redhat.com
  • cloud.redhat.com

About

  • Red Hat Subscription Value
  • About Red Hat
  • Red Hat Jobs
2023
  • Privacy Statement
  • Terms of Use
  • All Policies and Guidelines
We've updated our <a href='http://www.redhat.com/en/about/privacy-policy' class='privacy-policy'>Privacy Statement</a> effective September 15, 2023.
Red Hat Summit Red Hat Summit
Twitter