- Issued:
- 2019-06-04
- Updated:
- 2019-06-04
RHBA-2019:0758 - Bug Fix Advisory
Synopsis
OpenShift Container Platform 4.1 Image Release Advisory
Type/Severity
Bug Fix Advisory
Topic
Red Hat OpenShift Container Platform 4.1, which fixes several bugs and includes various enhancements, is now available.
Description
Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.
The OpenShift Container Platform 4.1 Release Notes provide information about new features, bug fixes, and known issues:
https://docs.openshift.com/container-platform/4.1/release_notes/ocp-4-1-release-notes.html
This advisory contains the container images for this release. See the following advisory for the RPM packages for this release:
https://access.redhat.com/errata/RHBA-2019:1173
Space precludes documenting all of the container images in this advisory. See the following Release Notes documentation, which will be updated shortly for this release, for details about these changes:
https://docs.openshift.com/container-platform/4.1/release_notes/ocp-4-1-release-notes.html
Solution
Before applying this update, ensure all previously released errata relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258.
Affected Products
- Red Hat OpenShift Container Platform 4.1 for RHEL 7 x86_64
Fixes
- BZ - 1328392 - Unclear process for getting image updates.
- BZ - 1389208 - Lost suggestion to use describe to obtain container names in several commands
- BZ - 1416483 - More secured conf files -- session-secrets.yaml
- BZ - 1447250 - oc rollout status --request-timeout=0 times out
- BZ - 1470006 - oc adm top pod/node help says "kubectl" in the examples
- BZ - 1470374 - oc new-app fails if using -i and/or --code
- BZ - 1478919 - Fluentd depending on Ruby from RHEL which is End-of-Life
- BZ - 1531938 - Log Message Spam if ClusterRoleBinding exists for non-existent ClusterRole
- BZ - 1537780 - Conntrack rule for UDP traffic is not removed when using NodePort
- BZ - 1551427 - Support the setting of Multi-cluster-network-CIDR during installation
- BZ - 1558935 - should update "kubectl uncordon" to "oc adm uncordon" in "oc adm drain -h"
- BZ - 1564849 - Command in warning message is incomplete
- BZ - 1579729 - [haproxy1.8.8] haproxy log shows warning message: 'option tcplog' directive is ignored in backends if set env ROUTER_SYSLOG_ADDRESS
- BZ - 1581584 - Should not log the socat cniserver.sock error to sdn pod log
- BZ - 1583591 - Podman should be installed in all nodes using cri-o
- BZ - 1584555 - oc cp gets panic when pod-side path has too many ../
- BZ - 1588420 - SDN related metrics cannot be captured by prometheus
- BZ - 1590546 - Cluster upgrade fails due to orphaned serviceinstance object
- BZ - 1590743 - No return for gitlab and bitbucket webhook when use --list-webhooks=all
- BZ - 1592217 - When joining two projects if the first project does not exist, the error message is inaccurate
- BZ - 1595256 - Error message does not lead to root cause.
- BZ - 1602331 - [converged] Dialogue box disappears when click out of the box
- BZ - 1603343 - "Error: 'x509: certificate signed by unknown authority" at "TASK [ansible_service_broker : Create the Broker resource in the catalog]"
- BZ - 1605136 - UI misbehaves when changing values to do with repo ref and context directory
- BZ - 1608448 - It's really hard to determine the status of a DC or deployment or stateful set or daemonset from 'kubectl|oc get'
- BZ - 1609215 - [admin] User without project gets unfriendly message on Event page
- BZ - 1609463 - oc get on a custom resource is fetching discovery every time
- BZ - 1609731 - Create etcd-cluster in admin console got unexpected 404 Error
- BZ - 1611247 - update scheduler.json of master can not take effect
- BZ - 1612628 - In some error, `oc get` should remove the message No resources found
- BZ - 1614291 - Allow to configure BlockStorage.ignore-volume-az for Openstack Cloud Provider
- BZ - 1614863 - ShiftStack installer doesn't open cri-o stream port (10010/tcp)
- BZ - 1618685 - *-deploy pods aren't restarting watching OpenShift-API on failure.
- BZ - 1620020 - Namespace reservation does not work
- BZ - 1622537 - [CRI-O] start cri-o with --enable-metrics --metrics-port <port>
- BZ - 1623385 - [admin] List storage class on page all the time
- BZ - 1624253 - [Upgrade] Infrastructure pods should be system-cluster/node-critical priorityclass after upgrade
- BZ - 1624311 - Need cifs-utils package installed by default for Azure
- BZ - 1624773 - [admin] CatalogSources link is wrong on Overview page of both Subscription and Initial Plans
- BZ - 1625194 - Projects get stuck in Terminating status for long time
- BZ - 1625353 - Support for RunAsGroup as a pod security context
- BZ - 1625518 - Pipeline DSL doesn't prevent `oc` command execution from shell injection
- BZ - 1625751 - [apb] CLI tool does not guarantee unique Service Instance ID labels
- BZ - 1626207 - migrate-network-policy.sh needs better error handling
- BZ - 1626291 - 4.0 command line operations are 2x - 4x slower than 3.11
- BZ - 1626373 - PVC created by oc set volume cannot be bound to static PV
- BZ - 1627955 - clicking on a daemonset pod takes you to the daemonset list
- BZ - 1628107 - Create a subscription will lead to two installplan resources be created sometimes
- BZ - 1628789 - Build log snippet has a replacement error
- BZ - 1631517 - [free-int] storage migration failures: the server does not allow this method on the requested resource
- BZ - 1631926 - Should not show apiserver and kube-controllers data in etcd grafana page
- BZ - 1632350 - [starter-ca-central-1] NodeDiskRunningFull reports wrong mount?
- BZ - 1632430 - KubeletNotReady "pleg was last seen active.." string reports corrupt 'last seen active' timing
- BZ - 1632762 - linear prediction provides slow alert removal for disk exhaustion
- BZ - 1633101 - `oc get project name --watch` run by cluster-admin should not print all projects first
- BZ - 1633127 - [Tectonic] Prometheus charts unit are wrong on Node page
- BZ - 1633387 - KubeletTooManyPods statically compares against 100 instead of --max-pods (-10)
- BZ - 1637422 - 4.0: APP pod unable to start after target port failure in cases where single paths are mounted on APP pods(BZ#1599742)
- BZ - 1637785 - [Bug] Blocking registry in crio.conf
- BZ - 1639461 - Revert changes to observe.sh test-cmd tests
- BZ - 1640018 - [admin] Catalog page will reload automatically after press "Enter" in "Filter by name" field
- BZ - 1640054 - [admin] Long description of catalog item will be out of place and be overlapped by other item
- BZ - 1640079 - 4.0: Pods stuck in Terminating status when using configmap mounted using subpath volume
- BZ - 1640843 - "oc set image-lookup" with no arguments sets all image streams to be lookup
- BZ - 1641814 - [free-int] prometheus operator repeatedly logging: updating statefulset failed
- BZ - 1641815 - service-serving-cert-signer is making high amounts of requests
- BZ - 1641831 - Pod Drilldown from application console behaviour changed
- BZ - 1641991 - "oc get --ignore-not-found" stops after the first missing object
- BZ - 1642745 - Error when using `oc run` with attach against a deployment config
- BZ - 1642896 - [admin] Both front and back color for log streaming status message in full screen is black
- BZ - 1643304 - firewalld reload causes namespace wide egress IP to stop working
- BZ - 1643348 - [vsphere] The "Internal IP/Host IP" of the infra nodes starts changing to the VIPs, and changes constantly/randomly all on its own, to any of these VIPs on eth0 ( confirmed by oc get hostsubnet output).
- BZ - 1644483 - [4.0]Postcommithook failed with bundle: command not found when do building
- BZ - 1645417 - [origin]secret "kube-etcd-client-certs" is not created for prometheus-k8s pod
- BZ - 1645463 - Samples-operator pod go to crash when has different setting between configmap and samplesresources
- BZ - 1646834 - CSI hostpath driver liveness probe failed
- BZ - 1647274 - "flag provided but not defined: -namespaces" error for prometheus-operator pod with OCP images
- BZ - 1647283 - [admin] Optional field for storageclass does not bind default storageclass to pvc on creation page
- BZ - 1647492 - Missing Node-specific Metrics in Grafana-Dashboards
- BZ - 1647653 - [4.0]Did not remove message about jenkins autoprovision in samplepipeline.yaml template
- BZ - 1648215 - The CSV cannot be created successfully via subscription
- BZ - 1649063 - Binary builds are not automatically including the pull secret from the service account during the build.
- BZ - 1649221 - Go to RS/RC Pods page when clicking pods selector on Overview
- BZ - 1649883 - oc completion doesn't auto complete resource type names
- BZ - 1650005 - Fluentd pod should log its logs to /var/log/fluentd/fluentd.log by default
- BZ - 1651086 - [admin] OCP brand on the upper left is half covered by browser tool bar
- BZ - 1651831 - Failed to create silence
- BZ - 1651835 - telemeter-client-serving-certs-ca-bundle confimap is missing for telemeter-client pod
- BZ - 1651895 - Image missing for master team
- BZ - 1651899 - Readiness probe failed for grafana pod
- BZ - 1651909 - Mess info shown up when miss credentials for samples operator with rhel installtype
- BZ - 1652419 - Missing service broker operator image
- BZ - 1652421 - The version of the 4.0 image of the Service Catalog is not correct
- BZ - 1652500 - Cannot get the "packagemanifest" resource by default
- BZ - 1652535 - It will use up the IPs in the subnet range when the secondary NIC failed to be setup on pod via Multus
- BZ - 1652811 - The "SILENCED ALERTS" are all 0 for Expired and Pending silence
- BZ - 1652844 - Update one active silence would expire it and re-create another silence
- BZ - 1653228 - [Next_gen_installer] Got 'error: unsupported protocol scheme ""' when oc login
- BZ - 1653518 - Can't set samplesRegistry in openshift-samples samplesresource
- BZ - 1653563 - [Next_gen_installer]Cannot go through oc new-app process for cannot communicate with integrated registry
- BZ - 1653626 - [cloud] controller-manager logs output nil when update machineset replicas
- BZ - 1654402 - cluster samples operator is trying to apply samplesRegistry to ImageStreamTag and ImageStreamImage
- BZ - 1654626 - The default registry for rhel installtype should be registry.redhat.io
- BZ - 1654846 - ClassCastException when using FullControlOnceLoggedInAuthorizationStrategy
- BZ - 1654907 - Prometheus restricted to eth0
- BZ - 1654940 - Install the service catalog failed via the olm
- BZ - 1654942 - [OVN] ovn-master pod cannot be scheduled after changed to 'deployment' from 'Daemonset' in 3.11
- BZ - 1654951 - Registry pod cannot start up for cannot find REGISTRY_STORAGE_S3_ACCESSKEY if change ManagementState from Removed to Managed
- BZ - 1654960 - [admin] Useless link 'View catalog details' on operator detail page under project "openshift-operator-lifecycle-manage" and "operator-lifecycle-manager"
- BZ - 1654977 - The event of the csv still is "RequirementsNotMet" even if all requirements met.
- BZ - 1655026 - Install the AMQ failed via the OLM
- BZ - 1655414 - oc get node -w with -o custom-columns, -o yaml, -o name does not "watch"
- BZ - 1655450 - Remove runhour and runminute from logging-curator configmap
- BZ - 1655841 - telemeter-client pod is not created
- BZ - 1655881 - The default SSL Env wasn't set in curator
- BZ - 1656270 - [cloud-CA] ClusterAutoscaler maxNodesTotal does not work
- BZ - 1656321 - [cloud-CA] After scale down, the scale down group continues to output "Removing unregistered node"
- BZ - 1656328 - 'oc describe machineset' show labels in wrong format
- BZ - 1656330 - [cloud-CA] The node hosting cluster-autoscaler can be scaled down
- BZ - 1656334 - [cloud-CA] machineautoscaler setting maxReplicas equal to minReplicas will result in "group size not found"
- BZ - 1656338 - [4.0] some basic openshift images was prefixed with unexpected registry by default
- BZ - 1656670 - ose-descheduler-operator image missing for Pod team on 4.0
- BZ - 1656689 - Should modify the secret name and some tiny typos in the samples operator guide docs
- BZ - 1656740 - Samples-operator pod go to crash when set skippedimagestreams|skippedtemplates to invalid values
- BZ - 1656760 - descheduler-operator can not generate cronjob
- BZ - 1656868 - Large difference between manually calculated Memory related values and Prometheus query output
- BZ - 1656879 - update jenkins-sync-plugin to use org.jenkins-ci.plugins:cloudbees-folder:6.6
- BZ - 1657027 - jenkins flake in e2e-gcp-builds
- BZ - 1657080 - ose-node-problem-detector-operator image missing for Pod team on 4.0
- BZ - 1657128 - [marketplace] Marketplace operator CSVs can’t be deployed because the wrong "serviceAccountName"
- BZ - 1657149 - java.net.UnknownHostException: openshift.default.svc appears in jenkins log
- BZ - 1657208 - declarative pipeline not working with jenkins-client-plugin 1.0.17 and above
- BZ - 1657997 - 4.0 s2i quickstart builds are pushing all layers on incremental builds
- BZ - 1658065 - [4.0]`oc delete all --all` hit some forbidden resources
- BZ - 1658221 - graphana (prometheus) some info are partially hidden
- BZ - 1658582 - When strategy changes, descheduler-operator can not update configmap in time
- BZ - 1658588 - descheduler job should print log of evicting pod
- BZ - 1658860 - [4.0]Some resource cann't be used the explain command in nextgen env
- BZ - 1658898 - Imagestreams and templates can't be recreate/update under Managed status
- BZ - 1658954 - Updating prometheus-adapter failed
- BZ - 1659350 - Should forbidden update samplesresources.status
- BZ - 1659351 - Should prompt explicitly ‘Management State’ invalid in samplesresources.status
- BZ - 1659364 - Need update jenkins-2-rhel7 registry for v4.0
- BZ - 1659376 - [Next_gen_installer]apiserver pod cannot be running in multitenant plugin mode
- BZ - 1659522 - [OperatorGroup] the copied CSV won't exist in new created project
- BZ - 1659848 - Fluentd, Curator and Kibana are unable to connect to Elasticsearch.
- BZ - 1659850 - [Next_gen_installer] OVS 2.11 should be used for OCP 4.0
- BZ - 1659875 - etcd-operator fail to manage clusters in all namespaces
- BZ - 1659925 - Registry pod is still running without error when use invalid S3 bucket
- BZ - 1659929 - Panic appears in registry pod log if delete bucket or region in image-registry
- BZ - 1659970 - route53 record might be overwritten when using the same cluster name and base domain
- BZ - 1660304 - [cloud-CA] Update machineautoscaler machineset should first delete the original machineset annotations
- BZ - 1660305 - [cloud-CA] Shouldn't be allowed to create different machineautoscalers pointing to the same machineset
- BZ - 1660647 - Wildcard routes get 503 intermittently
- BZ - 1660778 - The configuration of caFile in servicemonitor object is incorrect.
- BZ - 1660890 - ansible-runner-http required for missing service broker operator image
- BZ - 1661100 - [next_gen_installer]CVO progressing and Available status update are delayed for samples operator when importting sample resources
- BZ - 1661143 - Some error in CRD elasticsearch.status
- BZ - 1661146 - oc add taint to node fail
- BZ - 1661151 - Normal user can not list clusterserviceclass/clusterserviceplan
- BZ - 1661391 - [marketplace] catalogsourceconfig can’t recover from failed status
- BZ - 1661410 - controller-manager pod turn to CrashLoopBackOff after deployed ASB or TSB by operator
- BZ - 1661476 - Fail to sync the csv object
- BZ - 1661484 - The csv always state on the "succeeded" status even if the depend role are removed
- BZ - 1661845 - Creating a template with a syntax error doesn't block a template instance from saying "created"
- BZ - 1661872 - Ingress operator ran crash
- BZ - 1661974 - Standalone pod is not shown on project Status page
- BZ - 1661978 - Using OLM to install asb, asb image tag in dc is incorrect
- BZ - 1661983 - The scope of egressnetworkpolicy is 'Cluster' other than 'namespace'
- BZ - 1662088 - Fail to push a new OpenShift release image to docker.io due to authentication error via 'oc adm release new' command
- BZ - 1662090 - Redundant 'installer' pods in project openshift-kube-apiserver and openshift-kube-controller-manager
- BZ - 1662105 - Elasticsearch-operator in "Error" status after executing "oc set env deployment/elasticsearch-clientdatamaster-0-1 REPLICA_SHARDS=1"
- BZ - 1662114 - Enabled etcd monitoring, but there is not ectd data in etcd grafana page
- BZ - 1662115 - Failed to create pod which requests macvlan
- BZ - 1662119 - Installer did not create expected cluster according to customized Manifests files
- BZ - 1662258 - [Next_gen_installer]RemovedManagementStateOnHold should be updated to PendingRemove in README.md for cluster-samples-operator repo
- BZ - 1662273 - Can't find elasticsearch metrics in prometheus server
- BZ - 1662274 - APB service name was displayed out of box in web console while using Galaxy server
- BZ - 1662873 - should use downstream image in OCP 4.0 payload image
- BZ - 1663149 - [4.1] Recycler refuses to recycle PVs when a pod has a different PV using the same PVC
- BZ - 1663376 - MachineConfigDaemon does not prune files that don't exist in the desiredConfig but existed before
- BZ - 1663406 - status.managementstate can't be changed to 'Removed' in samplesresources when some imagestreams import failed
- BZ - 1663447 - etcd cluster failed to start when cluster name ends with "-"
- BZ - 1663856 - OLM metrics are not updated
- BZ - 1663863 - Missed Metrics and Dashboards links under Monitoring bar
- BZ - 1663871 - audit log created in pod(kube-apiserver) but not on master server in next-gen installer 4.0
- BZ - 1664145 - Openshift 4.1 has broken storage features because of multizone deployments
- BZ - 1664180 - most of the metrics diagrams are not shown under "Administration -> Nodes" on cluster console page
- BZ - 1664230 - Miss the downstream image for the embed image: "quay.io/operatorframework/configmap-operator-registry".
- BZ - 1664260 - Cannot get installplan after creating subscription on console
- BZ - 1664421 - openshift-service-cert-signer-operator logs have ERROR messages with a bad insert
- BZ - 1664430 - oc adm top doesn't work out of the box
- BZ - 1664457 - samples operator adjust to https://github.com/openshift/cluster-version-operator/pull/73
- BZ - 1664469 - name changes from recent discussions
- BZ - 1664497 - ES pod isn't upgraded when the image tag changed in CLO env vars.
- BZ - 1664506 - Using operator to install asb, the namespace,dc,clusterservicebroker should be same with 3.11
- BZ - 1664541 - There is no fluentd or rsyslog pod in master nodes.
- BZ - 1664553 - [marketplace] Create CatalogsourceConfig object failed with error “package XXXX not found” after reboot the marketplace’s pod
- BZ - 1664554 - [marketplace] can’t filter operator offering(s) by a specific Operator Type.
- BZ - 1664559 - [marketplace] operators can be enabled multipule times until it is subscribed to the “global-operators” Operator Group through marketplace UI
- BZ - 1664585 - MachineHealthCheck controller can not find machine annotation for nodes
- BZ - 1664591 - [cloud] Updating machineset "matchLabels" to a non-existent cluster results in lots of machines being created
- BZ - 1664595 - [cloud] Create a machine set availabilityZone to a non-existent zone, logs show subnet not exist
- BZ - 1664608 - Should forbid the creation of a subscription under a namespace without an operatorgroup object
- BZ - 1664842 - which command deprecates `oc adm manage-node`?
- BZ - 1664854 - Add rsync back to the docker-registry image
- BZ - 1664911 - Update federation operator to the right version for OCP 4.0
- BZ - 1664917 - [AO] install memcached operator failed by ansible-operator in OKD 4.0
- BZ - 1664942 - [cloud-CA] autoscaler couldn't scale up
- BZ - 1664953 - router pods can not be started, no /usr/bin/openshift-router
- BZ - 1664984 - No image-registry operator manifest in 4.0.0-0.nightly-2019-01-10-005204 payload
- BZ - 1665018 - All messages for CVO stauts of cluster-image-registry operator should start with a capital letter
- BZ - 1665021 - [marketplace] Can’t delete operatorsource cr and catalogsourceconfig cr after deleted the subscription/csv of marketplace operator
- BZ - 1665238 - openshift-cluster-node-tuning-operator does not exist when using OCP images for the installer
- BZ - 1665341 - [AWS] Installer VPC uses default DHCP option sets
- BZ - 1665357 - Need update help doc for 'oc registry info'
- BZ - 1665378 - Cluster-logging-operator should regenerate secrets for containers when master-certs changed.
- BZ - 1665382 - Better to restrict filename of '--to' in 'oc registry login'
- BZ - 1665552 - Log spam: openshift-apiserver-operator list image failure every second.
- BZ - 1665597 - The router is broken: 4.0.0-0.nightly-2019-01-11-205323: /var/lib/haproxy/conf/haproxy-config.template missing
- BZ - 1665599 - openshift-apiserver: many "unable to encode watch object: expected pointer, but got invalid kind" errors
- BZ - 1665605 - Repeated panics in openshift-cluster-kube-scheduler-operator pod logs
- BZ - 1665700 - REPLICA_SHARDS should be 0 when es-node-data=1
- BZ - 1665705 - The ES dedicated master pod couldn't be started
- BZ - 1665779 - [cloud] Current logging in the machineset controller using klog does not work
- BZ - 1665824 - No image quay.io/openshift/cluster-logging-operator:latest and quay.io/openshift/elasticsearch-operator:latest
- BZ - 1665825 - [marketplace] Miss the downstream image for the default marketplace's pod image: "quay.io/openshift/origin-operator-marketplace:latest"
- BZ - 1665842 - error: You must be logged in to the server (Unauthorized)
- BZ - 1665861 - Need update jenkins slave image using openshift project in 4.0
- BZ - 1665875 - Should use the downstream image of the Service Catalog
- BZ - 1666118 - openshift-controller-manager metrics are not scraped
- BZ - 1666149 - all output logs started with 'ERROR: logging before flag.Parse' for apiservice-cabundle-injector
- BZ - 1666205 - Helper message is not updated when default storage class is selected
- BZ - 1666212 - The packageserver of the OLM crash
- BZ - 1666223 - vxLANPort is redundant field in sdn-controller-config configmap
- BZ - 1666358 - `crictl stats` doesn't show anything
- BZ - 1666583 - Image size and layers size show 0B for image cluster-storage-operator
- BZ - 1666585 - wrong repo link in the Package Server csv
- BZ - 1666623 - Should remove openshift-web-console oauthclient
- BZ - 1666626 - Edit cluster-monitoring-config confimap to disable telemeterClient/enable ectd monitoring is not reasonable
- BZ - 1666635 - openshift-apiserver and openshift-controller-manager pods restart when update the managementState to invalid value
- BZ - 1666649 - [descheduler-operator] The descheduler job pod not use down stream images
- BZ - 1666653 - [node-problem-detector] The node-problem-detector pods are using images of tag 3.1.2
- BZ - 1666664 - The release payload image should have correct source repo and commit for images
- BZ - 1666908 - cluster-ingress-operator high API request rates
- BZ - 1666944 - Deploy logging failed via community operators.
- BZ - 1666956 - inconsistent cluster name requirement between installer and terraform
- BZ - 1666991 - OLM create a lot of duplicate secret in namespace
- BZ - 1667027 - [olm] failed: error parsing bundle: cannot convert int64 to float64
- BZ - 1667030 - api-resources should work when hit abnormal apiserver groups
- BZ - 1667255 - storageClass definition in clusterlogging cr not honored - EmptyDir is used.
- BZ - 1667315 - CLO should not make changes to logging stack when managementState is UnManaged
- BZ - 1667331 - Duplicate alert for pod which have single container
- BZ - 1667363 - config map can not be updated If ASB is deployed by operator
- BZ - 1667376 - [next_gen_installer]Status of available for openshift-controller-manager-operator is still true after deleted openshift-controller-manager pod
- BZ - 1667430 - Deleting clusterlogging cr does not remove elasticsearch-clientdatamaster deployment
- BZ - 1667606 - Flexvolume is broken on Openshift-4.0
- BZ - 1667796 - Got "500 Internal Error" when logging into Kibana web console after redeploying or upgrading kibana pod.
- BZ - 1667824 - Pod created from registry with self-certificate cannot be running with 509 error
- BZ - 1667844 - [marketplace] The catalogsource’s displayname&publisher will become blank if you create the CSC including the operators that belong to the default operators
- BZ - 1668130 - [next_gen_installer]Overriding Builder Image Scripts by invalid "scripts" in buildConfig doesn't output any message and build complete
- BZ - 1668200 - Search Gateway: "Unknown resource: gatewaies/networking.istio.io/v1alpha3"
- BZ - 1668233 - oc image mirror fails with error 'tag: unexpected end of JSON input' when trying to mirror image from Red Hat registry.
- BZ - 1668242 - The version of the OLM image for OCP doesn't align the latest commits
- BZ - 1668315 - zero for container_network_tcp_usage_total and container_network_udp_usage_total
- BZ - 1668413 - [4.0] When using the oc new-app to create a new build, the builds are creating incomplete multipart uploads to S3 and incomplete uploads are not cleaned automatically
- BZ - 1668534 - Using operator to install ASB/TSB, it failed with error ' CERTIFICATE_VERIFY_FAILED'
- BZ - 1668547 - Got "x509: certificate has expired or is not yet valid" after running one day
- BZ - 1668632 - [Nextgen] "Unable to authenticate the request due to an error ... x509: certificate signed by unknown authority"
- BZ - 1668825 - serviceaccounttoken/service-ca.crt is missing
- BZ - 1669081 - [Cloud-CA] Failed to delete machineautoscaler if related machineset doesn't exist
- BZ - 1669096 - ImageStatus request got "Manifest does not match provided manifest" when digest is not equal to the sha256 id in name under /var/lib/containers/storage/overlay-images/images.json
- BZ - 1669258 - cluster-monitoring-operator clusteroperator flips indefinitely between progressing true and progressing false
- BZ - 1669290 - Wildcard DNS zones are not deleted along with a ClusterIngress
- BZ - 1669300 - [marketplace] Operators Hub UI displays the same provider for operators from the same OperatorSource
- BZ - 1669303 - [marketplace] Operator Hub is always loaded partially scrolled down
- BZ - 1669304 - [marketplace] Operator Hub "Create Operator Subscription" page stretches operator icons to fit a square
- BZ - 1669410 - Memory usage is double counted for `oc adm top pod` command
- BZ - 1669455 - [SDN-131] Multus should read the CRD for clusterNetwork and defaultNetworks from multus namespace instead of kube-system namespace
- BZ - 1669463 - [SDN-131] Should have a list of special namespaces which would ignore the defaultNetworks
- BZ - 1669718 - Different metrics observed in CPU metrics.
- BZ - 1669942 - The initContainer of etcd static pod "discovery" does not use the downstream image
- BZ - 1669981 - --build-secret option doesn't copy secret to built image
- BZ - 1669993 - Could not mount efs volume on openshift worker server
- BZ - 1670000 - [4.0] Should not set the post-commit hook as a set of arguments to the default image entrypoint and should give error info
- BZ - 1670004 - The pattern of cidrSelector for egressnetworkpolicy cannot match 0.0.0.0/0
- BZ - 1670072 - [4.1] HostAlreadyClaimed route issue on path based route
- BZ - 1670279 - Better show simplified info when change architectures
- BZ - 1670280 - Improper CVO status for openshift-cluster-samples-operator
- BZ - 1670311 - Should display the namespaces of the packagemanifest
- BZ - 1670330 - node:node_net_utilisation:sum_irate recording errors due to locked interface
- BZ - 1670357 - image-registry pod stuck in "CreateContainerConfigError"
- BZ - 1670618 - "oc adm top node" panics with "runtime error: invalid memory address or nil pointer dereference"
- BZ - 1670647 - CLO logs have validation failures after install through marketplace and creation of clusterlogging CRD
- BZ - 1670652 - [MSTR-8] The new mechanism for oc plugin of git-style does not work
- BZ - 1670685 - Openshift installation fails if .aws/credentials file is not set
- BZ - 1670695 - [cloud-CA] After updating clusterAutoscaler maxNodesTotal value, this flag does not work
- BZ - 1670698 - Click Cancel doesn't quit creation flow on Developer Catalog
- BZ - 1670709 - should be correct value for redirectURIs of oauthclients
- BZ - 1670713 - Could not drag environment vars on Firefox
- BZ - 1670727 - port conflict between new cvo pod and the old one during upgrade
- BZ - 1670733 - Optional config maps / secrets are not handled correctly in IDP config
- BZ - 1670772 - cluster-image-registry-operator shows Updating state with a failed message
- BZ - 1670833 - cloud-credential-operator pod in CrashLoopBackOff
- BZ - 1670994 - Projects stuck in terminating state for overnight clusters
- BZ - 1671125 - Clicking "create new" for cluster logging instance from the console goes to a blank page
- BZ - 1671140 - openshift-operator-lifecycle-manager olm-operators pods do not tolerate masters
- BZ - 1671276 - The configuration for es pod cpu and memory doesn't take effect.
- BZ - 1671290 - Can not login prometheus/alertmanager/grafana routes with Google IDP Authorization
- BZ - 1671528 - error: no kind "CustomResourceDefinition" is registered for version "apiextensions.k8s.io/v1beta1" in scheme "k8s.io/kubernetes/pkg/kubectl/scheme/scheme.go:28"
- BZ - 1671633 - Cannot log into jenkins console with Google IDP Authorization/htpasswd
- BZ - 1671648 - OAuth proxy uses wrong URL to build user ~ URL
- BZ - 1671676 - [node-problem-detector-operator] The NPD operator is missing
- BZ - 1671677 - dynamic kubelet update not take effect for some master/worker
- BZ - 1671816 - Error: secrets "image-registry-private-configuration" not found
- BZ - 1671928 - Cannot specify the version of an operator when installing via the OLM
- BZ - 1671948 - ConfigMap pod crashed due to the type conversion
- BZ - 1671953 - The minKubeVersion feature of the OLM doesn't work
- BZ - 1672374 - destroy cluster with other region in AWS
- BZ - 1672701 - [marketplace] opsrc reconciliation fails if CatalogSourceConfig already exists
- BZ - 1672772 - Fluentd unable to deploy because of SCC not created by OLM
- BZ - 1672894 - [OCP4 Beta] Cluster node status shows Ready after powered off a master node or a worker node
- BZ - 1673026 - Kubernetes ExternalName Services that point to in-cluster resources broken
- BZ - 1673155 - Inconsistency when ProjectRequestTemplate specified with and without namespace identifier
- BZ - 1673185 - with OpenShift install 0.12.0, metadata.json is not generated
- BZ - 1673201 - Cluster Operators UI shows error "version" of undefined
- BZ - 1673787 - Grafana DISK IO metrics are empty due to not matching disk name patterns
- BZ - 1673806 - OpenShift 3.10 Binary-Build fails when filename contains an umlaut
- BZ - 1673989 - dns daemonset is not upgraded on cluster upgrade
- BZ - 1673993 - router deployment is not upgraded on cluster upgrade
- BZ - 1674034 - openshift-install fails with 'Error launching source instance: Unsupported: The requested configuration is currently not supported.'
- BZ - 1674047 - [RFE] - Request to add "node" metadata to "kublet" job in Prometheus in order to scrape data based on node hostname
- BZ - 1674346 - 403 error for grafana/prometheus route
- BZ - 1674372 - Prometheus unable to scrape kubelet metrics "x509: certificate signed by unknown authority"
- BZ - 1674440 - installer failed to create cluster due to leftover existing IAM instance profile
- BZ - 1675135 - switch to kube-system namespace secret monitoring
- BZ - 1675381 - Cluster Logging does not set cpu and memory defaults when nothing is defined for the clusterlogging object
- BZ - 1676417 - Can not use LDAP IDP on 4.0 cluster.
- BZ - 1676438 - Can't import jenkins imagestream from payload automaticly
- BZ - 1676537 - kubapiserver.operator.openshift.io contains unsupportedConfigOverrides for oauth
- BZ - 1676687 - Log spam: origin-cluster-authetication-operator1 writing the same error every second
- BZ - 1676725 - Create ocp cluster panic with existing manifests
- BZ - 1676758 - [cloud] "oc get machine/machineset" doesn't work
- BZ - 1676760 - Failed to install ASB via marketplace
- BZ - 1676784 - [cloud-CA] machineautoscaler couldn't add annotations to machineset
- BZ - 1676786 - cluster name should be correct in kubeconfig created from serviceaccount
- BZ - 1677120 - OCP 4.0: Unable to deploy more than 50 nodejs/mongodb quickstart apps per worker node due to MountVolume.SetUp failed - couldn't propagate object cache errors
- BZ - 1677126 - Shouldn't allow the same packagemanifest objects in the same namespace
- BZ - 1677198 - upgraded cluster throws "the cluster operator machine-config is failing" error
- BZ - 1677214 - Email field should be an optional on Create Image Pull Secret page
- BZ - 1677232 - oauth-proxy and grafana uses origin images may bring CreateContainerError on OCP, should use OCP images
- BZ - 1677236 - skippedImagestreams and skippedTemplates didn't work
- BZ - 1677250 - Allow github identity provider to require team membership
- BZ - 1677351 - cluster-logging-operator creates cluster logging in multiple namespaces when deployed via OLM
- BZ - 1677377 - Duplicate crd top level names in cluster.k8s.io and machine.openshift.io namespaces/groups - prevents use of short names
- BZ - 1677497 - Cannot sync CA from AdditionalTrustedCA to registry pod
- BZ - 1677524 - The community operator clusterlogging operator couldn't be installed
- BZ - 1677574 - NFS failed to read and write on mounted dir
- BZ - 1677585 - Config build.config.openshift.io/cluster did not work
- BZ - 1677606 - spec.proxy doesn't work after setting in imageregisgtry operator
- BZ - 1677816 - install type removed; okd/centos no longer an option, only rhel/ocp
- BZ - 1677866 - Removal of ppc from arch choice (only x86 supported currently)
- BZ - 1678026 - Internal server error with unexpected response 400 during login to OCP 4.0
- BZ - 1678077 - Couldn't find elasticsearch prometheusrules in prometheus server.
- BZ - 1678109 - EIPs required by installer does not honor master/work replica setting
- BZ - 1678159 - Should return to the secret detail page after cancelling edit secret
- BZ - 1678310 - Missed metrics diagrams for node and pod
- BZ - 1678472 - Cluster DNS regression: openshift.default.svc does not resolve
- BZ - 1678475 - install/upgrade perf: cluster monitoring operator deploys operands serially rather than in parallel
- BZ - 1678537 - defaultCertificateSecret is gone in clusteringress after change it to other value then change back to default
- BZ - 1678612 - [Nextgen] can't open new logfile: open /var/log/openshift-apiserver/audit.log: permission denied
- BZ - 1678624 - Provison APB failed with error of 'certificate verify failed'
- BZ - 1678645 - 500 Internal Error for grafana/prometheus/alertmanager route
- BZ - 1678723 - Creating a second clusteringress causes ingress-operator panic
- BZ - 1678824 - Installer not linting all the address fields in the config
- BZ - 1678901 - Only Last Input Used if Build Inputs Use Same Destination Dir
- BZ - 1678906 - [marketplace] Updates in remote registry does not get pulled down
- BZ - 1678929 - failed scraping metricis from {kube|openshift}-controller-manager-operator with "x509: certificate is valid for localhost, not metrics.*"
- BZ - 1679030 - Many duplicated info when describe builder pod
- BZ - 1679036 - [Multus-cni] The multus-cni cannot call openshift-sdn to clean up the ipam file when the pod falls into failed status
- BZ - 1679260 - Conntrack rule for UDP traffic is not removed when using NodePort and externalIPs
- BZ - 1679284 - [marketplace] updates from quay are not reflected for existing running operators
- BZ - 1679309 - Garbage collector erroneously deleting resources
- BZ - 1679405 - [marketplace] can edit catalogsourceconfig successfully with the non-exist package
- BZ - 1679500 - Failed to attach PVs for monitoring
- BZ - 1679511 - The apiserver pods of Service Catalog crashed in the cluster with Multitenant
- BZ - 1679535 - Can not collect pod's metrics with multitenant network
- BZ - 1679602 - admission plugins still seeing legacy resources
- BZ - 1679625 - oc debug node/<node-name> lands the user on a random node
- BZ - 1679629 - OCP 4.0 the openshift.io/scc annotation is missing on pods.
- BZ - 1679782 - Inaccurate message when ssh into rhcos host
- BZ - 1679791 - OCP 4.0: Install on AWS for 4.0.0-0.nightly-2019-02-20-194410 fails consistently with error: "waiting for Grafana Route to become ready" error
- BZ - 1679864 - Cluster-admin user can't get index list
- BZ - 1679871 - [next_gen_installer]No version for openshift-controller-manager-operator when get clusteroperator
- BZ - 1679894 - [next_gen_installer] The version info for the master team's operator if not valid when describe clusteroperator
- BZ - 1679898 - openshift-kube-apiserver pod spec is wrong for the loglevel flag -v
- BZ - 1679900 - Cli imagestreams under openshift should be installed after samples-registry-credentials secret create
- BZ - 1679937 - oc cmd doesn't work in jenkins build step 'OpenShift - Generic OC Invocation'
- BZ - 1679941 - warning message in router logs when create edge and reencrypt routes
- BZ - 1679946 - [Multus][network-operator] Should be able to configure the namespace of the default net-attach-def
- BZ - 1679973 - Sometimes can not connect to api server
- BZ - 1680012 - [4.1]mounting fails with multipath iscsi when one path is down
- BZ - 1680062 - Two openshift-ingress router-default pods running on same worker node after install
- BZ - 1680070 - CatalogSourceConfig is unable to handle packages with spaces
- BZ - 1680103 - [4.0.0] Machineconfigs degraded because of authentication failure post install.
- BZ - 1680115 - node-exporter daemonset can not be updated with tolerances for tainted nodes
- BZ - 1680201 - Install message: Still waiting for the cluster to initialize: Could not update servicemonitor
- BZ - 1680214 - Service catalog cannot access brokers in the cluster with Multitenant
- BZ - 1680342 - Installer failed at [openshift_service_catalog : Wait for Controller Manager rollout success]
- BZ - 1680504 - Log collector is not deployed because of "Failure creating Log collector cluster-reader role binding"
- BZ - 1680535 - default APB registry in when using ASB operator to install should be downstream
- BZ - 1680562 - [network-operator] It may take about 5 minutes to update the operator status back to normal after fix the problem in network config
- BZ - 1680594 - metrics.k8s.io/v1beta1: the server is currently unable to handle the request
- BZ - 1682922 - Deleting a user-defined clusteringress does not remove child resources
- BZ - 1682928 - [marketplace] catalogsourceconfig objects are deleted and recreated on marketplace restart
- BZ - 1682955 - Network Policy Plugin does not clean up flows from deleted namespaces
- BZ - 1682978 - openshift-sti-build have no version infomation
- BZ - 1683018 - [cloud] "oc get cluster" doesn't work
- BZ - 1683045 - [marketplace]the subscription page can't be load when installing the "custom" provider type operators
- BZ - 1683056 - Fix names related to Service CA
- BZ - 1683058 - Prevent sharing of config maps / secrets / etc that service-ca manages
- BZ - 1683060 - Don't ship certificate approval in its current shape
- BZ - 1683061 - SSCS: Ensure customers can manually rotate SSCS certs and SSCS CA
- BZ - 1683065 - Promote annotations to beta
- BZ - 1683089 - Failed to load plugin Pipeline for Blue Ocean in jenkins pod logs
- BZ - 1683100 - system infrastructure component pod not set priorityclass field correctly
- BZ - 1683303 - [Marketplace] cannot fetch the packages from the CatalogSourceConfig
- BZ - 1683359 - Can't find fluentd metrics in prometheus server
- BZ - 1683422 - CLI output for CatalogSourceConfig is difficult to read
- BZ - 1683436 - deleting clusteringress object leaves AWS resources/entries
- BZ - 1683461 - Usage of CPU limits in pods that run on masters
- BZ - 1683462 - Usage of CPU limits in pods that run on masters
- BZ - 1683515 - Deleting a ClusterIngress before a DNS Alias record is created causes the operation to hang.
- BZ - 1683701 - Clusterlogging is created but deployments not created: "system:serviceaccount:openshift-operators:cluster-logging-operator" cannot list resource "clusterloggings"
- BZ - 1683761 - Changes to clusteringress.spec.nodePlacement are not applied
- BZ - 1683762 - Changes to clusteringress.spec.routeSelector are not applied
- BZ - 1683763 - Changes to clusteringress.spec.namespaceSelector are not applied
- BZ - 1683765 - Conflicting clusteringress resources are allowed
- BZ - 1683766 - clusteringress API resources are not validated
- BZ - 1683777 - Create button of the ClusterLogging is missing from UI
- BZ - 1683792 - ART payload includes manifests from older misnamed ose-marketplace-operator image
- BZ - 1683913 - "x509: certificate signed by unknown authority" for 10250/metrics and 10250/metrics/cadvisor targets on worker nodes
- BZ - 1683972 - No method provided to update admission in master config on ocp4.0
- BZ - 1683982 - The cert data in the configmap not update when signing CA secret recreated
- BZ - 1683991 - Run 2 replicas of oauth server with resource limits
- BZ - 1684011 - remove image 'automation-broker-apb' from release image list.
- BZ - 1684047 - The cluster cannot be setup successfully when set vxlanPort is not the default 4789
- BZ - 1684049 - Worker node client certification rotation fail after it expires
- BZ - 1684169 - "x509: certificate signed by unknown authority" in oauthproxy blocks user from logging monitoring routes
- BZ - 1684206 - Make the etcd signer available in cluster
- BZ - 1684329 - Creating cluster logging from web console (Installed Operators) tries to install clusterlogging CR to default namespace
- BZ - 1684344 - RoleBindingRestriction need move to CRD for 4.x
- BZ - 1684368 - `oc adm prune deployments` could not delete the deployer pod
- BZ - 1684376 - elasticsearch couldn't be scaled up by adjust nodeCount in clusterlogging
- BZ - 1684397 - Should update application-template-custombuild.json in origin repo
- BZ - 1684402 - No type validation for accessTokenMaxAgeSeconds in oauth
- BZ - 1684407 - Missing auth Prometheus endpoint coverage
- BZ - 1684420 - [regression] singular definition in bundlebinding CRD is not correct
- BZ - 1684431 - KubeVersionMismatch: There are 2 different versions of Kubernetes components running in Alerts
- BZ - 1684443 - [marketplace]The updating on csc doesn't work when it is created 3 hours later
- BZ - 1684458 - [markektplace]should check the parameter "Install Mode" in the operators
- BZ - 1684546 - error: unable to retrieve the complete list of server APIs: metrics.k8s.io/v1beta1: Unauthorized
- BZ - 1684547 - kube-apiserver certificate rotation causes API service impact
- BZ - 1684602 - Refresh TLS info for httpserver dynamically
- BZ - 1684660 - missing service-ca.crt prevent manual install of openshift metering.
- BZ - 1684665 - Prometheus operator uses 0.15 core steady state on empty cluster
- BZ - 1684670 - UPGRADE etcd cert agent image is still not part of payload
- BZ - 1684678 - operator hub page doesn't show installed community operator without clicking "show community"
- BZ - 1684738 - Image Registry operator wedged on waiting for installer-cloud-credentials secret
- BZ - 1684990 - controlPlane.platform.aws.zones in install-config.yaml does not take effect
- BZ - 1685066 - [marketplace] the CSC according to the operatorsource won’t be updated when the remote registry has changed
- BZ - 1685185 - API servers reject traffic before being removed as an endpoint
- BZ - 1685219 - Operator should use imagePullPolicy: IfNotPresent
- BZ - 1685224 - Operator should use imagePullPolicy: IfNotPresent
- BZ - 1685225 - Operator should use imagePullPolicy: IfNotPresent
- BZ - 1685227 - Operator should use imagePullPolicy: IfNotPresent
- BZ - 1685228 - Operator should use imagePullPolicy: IfNotPresent
- BZ - 1685229 - Operator should use imagePullPolicy: IfNotPresent
- BZ - 1685230 - Operator should use imagePullPolicy: IfNotPresent
- BZ - 1685232 - Operator should use imagePullPolicy: IfNotPresent
- BZ - 1685234 - Operator should use imagePullPolicy: IfNotPresent
- BZ - 1685330 - OLM components need to set system-cluster-critical priorityClassName
- BZ - 1685331 - marketplace operator deployment needs to have system-cluster-critical priorityClassName
- BZ - 1685332 - Service catalog needs system-cluster-critical priority class
- BZ - 1685391 - Red Hat CoreOS is becoming RHEL CoreOS
- BZ - 1685394 - Setup couchbase cluster with warning msg:"The field status.conditions is invalid" via Operator hub
- BZ - 1685411 - openshift-service-cert-signer image build from a obsolete repo
- BZ - 1685439 - can not find policy-configmap in namespace openshift-config when modify scheduler policy
- BZ - 1685458 - Default image to install ASB/TSB by operator should by downstream
- BZ - 1685459 - [marketplace]The operator "elasticsearch-operator" is downloaded from Community Operator as "elasticserach-operator" cause the operator can't be added to the CSC
- BZ - 1685508 - have no way for troubleshooting the Bootstrap Node
- BZ - 1685647 - [marketplace] Operator has unnecessary ClusterRoles
- BZ - 1685704 - Need a separate internal trust chain and apiserver name for internal clients on the host network, namely kubelet
- BZ - 1685729 - Installer needs to add iam:GetUserPolicy as tested credential
- BZ - 1686067 - Revision prune controller fails with "revision-status-0 not found"
- BZ - 1686117 - No documentation for how to change payload pull secret
- BZ - 1686119 - installer places secret information into a configmap
- BZ - 1686121 - [marketplace] Operator is incorrectly reporting status and version in ClusterOperator
- BZ - 1686160 - Cluster Logging operator does not show as "Installed" when installed to a project other than default
- BZ - 1686173 - cluster logging operator incorrectly sets memory and cpu limits after changes from defaults
- BZ - 1686204 - Restoring the default ingress controller requires operator restart
- BZ - 1686282 - ContainerRuntimeConfig Controller does not resync ctrconfig
- BZ - 1686322 - URL should be correct for changelog
- BZ - 1686349 - when configure kubelet dynamically, machine-config-operator show error log
- BZ - 1686356 - when delete a kubeletconfig ,return time is too long(nearly 10 minutes)
- BZ - 1686361 - "eu-west-3" is treated as an invalid region for image registry
- BZ - 1686422 - [marketplace]The commit of marketplace is not the latest
- BZ - 1686476 - Login flows directing user to api discover page instead of console
- BZ - 1686503 - Many ConfigMaps and Pods slow down cluster, until it becomes unavailable (since 1.12)
- BZ - 1686509 - Blacklisting release payload repo destroys cluster
- BZ - 1686668 - [marketplace] Operator Hub Removing installed operators from a custom AppRegistry results in invalid install CSC
- BZ - 1686741 - [network-operator] The sdn services should restart when the configmap for network operator gets updated
- BZ - 1686752 - [marketplace]The package without CRD can also be downloaded and install
- BZ - 1686765 - The elasticsearch configmap should be changed when EO in Unmanaged status
- BZ - 1686896 - packageserver needs to use imagePullPolicy "IfNotPresent"
- BZ - 1686943 - Running "create manifests" twice consumes the Common Manifests and the Master Machines
- BZ - 1687004 - Init containers are not looked at when calculating Quality of Service
- BZ - 1687247 - kube-controller-manager pods are not created blocked installation
- BZ - 1687295 - flake: remote error: tls: internal error on oc exec
- BZ - 1687553 - blue ocean dependency chain now broke
- BZ - 1687640 - router metrics with monitoring integration does not work
- BZ - 1687722 - Fail to use authentication enabled iscsi on OCP 4.1
- BZ - 1687881 - UPGRADE Automated upgrade tests have never passed
- BZ - 1687931 - Custom serving certificate configured for default IngressController is not propagated to authentication endpoint when secret is created after changing the config
- BZ - 1687940 - Creating an IngressController Never Achieves Desired Deployment AvailableReplicas
- BZ - 1687973 - UPGRADE network operator reports unavailable during upgrade
- BZ - 1687976 - UPGRADE: dns node resolver container is not updated
- BZ - 1688099 - Default ingress create router in the pod network instead host network [libvirt provider]
- BZ - 1688130 - Missing version info for cluster operator openshift-authentication
- BZ - 1688131 - Missing version info for cluster operator openshift-cloud-credential-operator
- BZ - 1688132 - Missing version info for cluster operator service-ca
- BZ - 1688176 - decrease the minReadySeconds value in ds fluend
- BZ - 1688212 - [network-operator] Should be able to remove the multus component for a running cluster
- BZ - 1688454 - OCP4 Upgrade test failed on ci-builids
- BZ - 1688517 - UPGRADE openshift-authentication operator not reporting operator version
- BZ - 1688519 - UPGRADE service-ca operator not reporting payload version
- BZ - 1688540 - [marketplace] RoleBinding, OperatorSource and CatalogSourceConfig fails schema validation
- BZ - 1688582 - [Upgrade] cluster-storage-operator incorrectly reporting status and version after the upgrade
- BZ - 1688610 - Increase certificate rotation period
- BZ - 1688611 - OLM operators are incorrectly reporting status in ClusterOperator
- BZ - 1688638 - Some CRDs of config.openshift.io apiversion with the 'oc explain` command will return empty info
- BZ - 1688647 - Curator pod in error status: curator.exceptions.ConfigurationError
- BZ - 1688656 - [cloud] clusteroperator machine-api didn't update lastTransitionTime field after upgrade
- BZ - 1688686 - Old CRD 'networkconfigs.networkoperator.openshift.io' should be deleted
- BZ - 1688703 - [marketplace]The marketplace's pod will panic after updating the CSC
- BZ - 1688713 - The olm operators version inappropriate in ClusterOperator
- BZ - 1688720 - Pods go into RunContainerErrors, Failed create pod sandbox
- BZ - 1688779 - First build of an s2i incremental build fails with "Error reading manifest latest"
- BZ - 1688820 - openshift-apiserver silently dies with x509 errors
- BZ - 1688969 - Integrate coredns metrics with the monitoring component
- BZ - 1689021 - Prometheus adapter is reported as unreachable by apiservers and never recovers, causing wedged ns deletions
- BZ - 1689024 - Upgrade does not complete due to network being unable to roll out changes
- BZ - 1689041 - Enable service API federation with the example given by kubefed2 cmd failed
- BZ - 1689042 - Upgrade from 4.0.0-0.alpha-2019-03-14-164644 to 4.0.0-0.alpha-2019-03-14-014544 fails
- BZ - 1689061 - Evicted builds don't have a specific status reason, instead are GenericBuildFailure
- BZ - 1689139 - OLM upgrade failed via the OTA
- BZ - 1689146 - [cloud] Never see Progressing=True in upgrade for clusteroperator cluster-autoscaler
- BZ - 1689442 - Rename cluster operator object name to "cloud-credential" from "openshift-cloud-credential-operator"
- BZ - 1689443 - [marketplace] Rename cluster operator object name from "marketplace-operator" to "marketplace"
- BZ - 1689529 - rbac does not allow machine-controller events
- BZ - 1689678 - Panic in openshift-sdn, possibly due to internal types refactor
- BZ - 1689762 - The storageClassName is "" in pvc when storageclass is not in CLO
- BZ - 1689773 - console operator should set correct message when it's not Available
- BZ - 1689779 - new deployed router pod always in pending status when updating ingresscontroller
- BZ - 1689787 - Image pull policy of ASB operator should use 'ifNotPresent'
- BZ - 1689788 - Image pull policy of TSB operator should use 'ifNotPresent'
- BZ - 1689836 - The OLM metrics should queryable from the Prometheus UI
- BZ - 1689839 - Re-enable Service API federation failed.
- BZ - 1689857 - The instance security group do not have 'echo request' rule for ICMP in Inbound
- BZ - 1690043 - APIServer should return a structured error and retry-after for graceful shutdown errors
- BZ - 1690069 - openshift-install times out creating infrastructure resources
- BZ - 1690073 - metrics-server is still being built for ocp, should not be
- BZ - 1690153 - clusteroperator/kube-scheduler changed Failing to True: NodeInstallerFailing: NodeInstallerFailing: 0 nodes are failing on revision
- BZ - 1690162 - Cluster did not acknowledge request to upgrade:
- BZ - 1690187 - Incorrectly named OCP build image baremetal-machine-controller-container
- BZ - 1690189 - Multiple images are being built by OCP that are not part of CI
- BZ - 1690190 - The "hive" image named openshift/ose-hive conflicts with a more important component, the hive cluster manager
- BZ - 1690192 - federation image is named differently in OCP and Origin
- BZ - 1690194 - template-service-broker-operator is tsb-operator in origin, is not being built, and has no CI
- BZ - 1690195 - csi-operator image in origin is 6 days old, 6 weeks old in OCP
- BZ - 1690211 - [RFE] Can fix enabling API federation failure with kubefed2 cmd
- BZ - 1690232 - Fluentd doesn't output it's logs to STDOUT when LOGGING_FILE_PATH=console
- BZ - 1690241 - The couchbase packagemanifest labels.provider value should not be "MongoDB, Inc"
- BZ - 1690243 - No table handler registered for type *security.RangeAllocationList
- BZ - 1690255 - Kibana pod deployed twice when deploying logging via operators
- BZ - 1690276 - non-federated namespace scoped objects still can be created by federated object after the namespace API federation disabled
- BZ - 1690319 - federation-controller-manager needs to use imagePullPolicy "IfNotPresent"
- BZ - 1690333 - the status.conditions of ingress operator is not updated after upgrade
- BZ - 1690342 - [upgrade] the status.conditions of DNS operator is not updated after upgrade
- BZ - 1690472 - Image named sriov-device-plugin in OSBS builds is incorrect, image should be named sriov-network-device-plugin
- BZ - 1690592 - [marketplace] API group and version are incorrect
- BZ - 1690707 - MCO should not report extra component versions beyond operator
- BZ - 1690708 - The OLM API group version is inappropriate
- BZ - 1690736 - Need to update the description about disable federation in Federation installation UI
- BZ - 1690747 - [networking_operator] The status of 'FAILING' become nil when clusteroperator network resource is deleted and then recovered by network operator
- BZ - 1690823 - machine-os-content image is from registry.svc.ci.openshift.org but not quay.io
- BZ - 1690848 - The cluster user cannot use the resources provided by the operators
- BZ - 1690882 - virt_use_nfs should be on by default
- BZ - 1690911 - unidling unit tests need to be re-enabled
- BZ - 1690937 - Prometheus is not showing metrics for service catalog
- BZ - 1691055 - Bind: Address already in use for clusteroperator/kube-controller-manager
- BZ - 1691096 - Warning message about crio.service being marked executable
- BZ - 1691119 - machine-api-operator is not reporting failure using clusteroperator
- BZ - 1691148 - Adding one data node resulting in all ES new deployment
- BZ - 1691208 - [cloud] For volume io1, the minimum of iops should be 100 instead of 1
- BZ - 1691230 - Too many wrong logs "Reusing existing PVC: elasticsearch-elasticsearch-clientdatamaster-x-x" in EO pod log.
- BZ - 1691241 - [marketplace]CSC can't update after the cluster upgrade
- BZ - 1691256 - The image for es proxy container hasn't updated when upgrading logging.
- BZ - 1691268 - Cannot add unit for the number of spec.storage.s3.cloudfront.duration
- BZ - 1691269 - kube-controller-manager operator fail to upgrade
- BZ - 1691271 - NAME is not necessary for kubefed2 enable command
- BZ - 1691298 - Mediawiki's route can NOT access after upgrading the cluster
- BZ - 1691444 - the nodeSelector won't works for kibana and curator in CLO
- BZ - 1691488 - authentication operator in failing due to Failing: x509: certificate signed by unknown authority
- BZ - 1691505 - openshift-controller-manager-operator does not report 'Progressing=true' during daemonset rollout
- BZ - 1691513 - msg="failed to initialize the cluster: timed out waiting for the condition"
- BZ - 1691516 - aws_route.to_nat_gw.1: Error creating route: timeout while waiting for state to become 'success'
- BZ - 1691547 - CSV appears stuck (doesn't gain a status) when referenced CRDs have longer than anticipated API names or resource names
- BZ - 1691602 - should encode password when configure default pull secret for project
- BZ - 1691660 - CVO upgrade did not overwrite OSImageURL set by user
- BZ - 1691857 - Kubelet is not using protobuf to fetch resources from API server
- BZ - 1691956 - OperatorGroup annotates all deployments in namespace instead of just operator deployments
- BZ - 1692131 - CPU Accounting is not enabled by default
- BZ - 1692290 - After adding many IPDs to oauth/cluster at one time,the pods in openshift-authentication ns restarting constantly
- BZ - 1692293 - Not have Identity Header to the broker
- BZ - 1692369 - SELinux denies containers access to cephfs volume
- BZ - 1692408 - failed with: x509: certificate signed by unknown authority
- BZ - 1692637 - ASB Operator update/delete customer resource automationbroker failed occasionally
- BZ - 1692649 - [RFE]kubefed2 should set registry-namespace = federation-namespace as federation controller-manager when limited-scope=true
- BZ - 1692667 - Failing to ssh to several master/node with Err "connect to address 10.0.x.x port 22: Connection refused"
- BZ - 1692686 - registry-namespace parameter is not needed for the kubefed2 enable and disable cmd
- BZ - 1692796 - Changing ES resource limits in clusterlogging CR does not trigger a new ES deployment
- BZ - 1692832 - oc cli failed on build related calls
- BZ - 1692869 - Unable to enable propagation of new types once "deployments.apps" type is enabled
- BZ - 1693047 - data format in console should be in align with that in the alert annotations
- BZ - 1693051 - Unused CRD clusteroperators.operatorstatus.openshift.io should be removed
- BZ - 1693127 - no output when running oc explain ClusterDNS --api-version=dns.openshift.io/v1alpha1
- BZ - 1693145 - Missing image snapshot-controller/snapshot-provisioner for OCP 4.1
- BZ - 1693153 - Missing image ose-manila-provisioner for OCP 4.1
- BZ - 1693313 - CVE-2019-1002101 - oc/kubectl fix potential directory traversal
- BZ - 1693375 - [marketplace] Operator is creating invalid appregistry-server command
- BZ - 1693428 - Trying to set a static IP address in Ignition config requires a restart of the machine to apply it.
- BZ - 1693546 - CLO and EO pod are CrashLoopBackOff .
- BZ - 1693840 - Packages API not emitting correct list metadata
- BZ - 1693951 - TLS errors due to expired kubelet certificates after node was shutdown
- BZ - 1693953 - [ASB]Sandbox APB Service Account using 'admin' not 'edit' scoped to the target namespace
- BZ - 1693957 - The kibana was authorized as CN=system.logging.kibana by mistake
- BZ - 1693964 - [marketplace]OPSRC's "registryNamespace" can be empty string ""
- BZ - 1694045 - Enable container_use_cephfs SELinux boolean
- BZ - 1694079 - Add tool that can restore expired certificates in case a cluster was suspended for longer period of time
- BZ - 1694087 - [reliability] When a RestartNever pod is deleted, a failed container can be reported as having succeeded
- BZ - 1694097 - Redeployed cluster logging when nodeSelector changed for components
- BZ - 1694169 - etcd certs container is exit-looping which causes load on the cluster
- BZ - 1694172 - Client received empty watch event type during e2e test
- BZ - 1694173 - Some cluster operators never became available authentication during e2e run
- BZ - 1694175 - Retrieving pod logs with follow flaky due to errors in kubelet log runtime
- BZ - 1694182 - [rebase] Pod readiness gate test is failing
- BZ - 1694183 - Git commit passed to hyperkube RPM build is incorrect and reports back to cluster the wrong version
- BZ - 1694184 - Console never becomes available in some installs
- BZ - 1694186 - kube-apiserver started a redeploy during e2e run (should not do so), and rollout is not graceful (causing e2e failures)
- BZ - 1694215 - kube controller operator reported failure during upgrade
- BZ - 1694216 - openshift controller manager failed to upgrade
- BZ - 1694219 - cluster upgrade was reported as canceled
- BZ - 1694222 - kube-apiserver operator failed to upgrade
- BZ - 1694226 - cluster upgrade should maintain a functioning cluster during upgrade: Available: v1.quota.openshift.io is not ready: 503
- BZ - 1694511 - Redeployed cluster logging when nodeSelector changed in CLO
- BZ - 1694522 - Upgrade ES via OLM failed because of "Unsupported change to UUIDs made"
- BZ - 1694525 - Installation failed for "Kubernetes API: context deadline exceeded" error
- BZ - 1694571 - Got unexpected msg when create etcd-operator in singlenamespace in OperatorHub
- BZ - 1694573 - Should report error when load CRD without redundancyPolicy
- BZ - 1694642 - TLS handshake timeout error from new installation
- BZ - 1694656 - AWS StorageClass parameter fsType does not work
- BZ - 1694766 - No CPU metrics for non-pod services on a node
- BZ - 1694788 - Evicted pods have poor output in 3.11 console
- BZ - 1694793 - [UPI] [METAL] pivot.service fails to start
- BZ - 1694819 - cluster-authentication-operator logs have repeating warnings that look wrong
- BZ - 1694859 - image source extraction w/ symlink fails
- BZ - 1694861 - build log output includes credentials
- BZ - 1694864 - failed to unmount: <nil>
- BZ - 1694867 - strange build step error output
- BZ - 1694871 - flag parse error in build logs
- BZ - 1694878 - Unexpected `Unauthorized` errors in e2e extended tests when openshift-apiserver available==true
- BZ - 1694884 - Kibana does not default an index-pattern for cluster logging
- BZ - 1695175 - [rebase] CRD validation needs to be re-enabled
- BZ - 1695176 - [rebase] CRD openapi must be re-enabled
- BZ - 1695180 - [rebase] kube-scheduler needs to be secure
- BZ - 1695197 - Machine api operator does not reset progressing transition timestamp when it upgrades
- BZ - 1695200 - network operator does not reset progressing transition timestamp when it upgrades
- BZ - 1695205 - cloud credential operator does not reset progressing transition timestamp when it upgrades
- BZ - 1695207 - [rebase] re-enable serial scheduler tests
- BZ - 1695209 - autoscaler operator does not reset progressing transition timestamp when it upgrades
- BZ - 1695210 - ingress operator does not reset progressing transition timestamp when it upgrades
- BZ - 1695214 - [rebase] re-enable CRD discovery health check
- BZ - 1695216 - [rebase] oc behaves oddly in some paths
- BZ - 1695225 - [rebase] UPSTREAM: 73469: Added windows executable extensions to Kubectl plugins
- BZ - 1695244 - Upgrade from 4.0.0-0.9 to 0.10: status is the cluster operator authentication has not yet successfully rolled out
- BZ - 1695278 - expected hosts file to contain entries from HostAliases
- BZ - 1695307 - openshift-apiserver flapping between version 4.0.0-0.9 and -0.10 after upgrade
- BZ - 1695324 - Unit test flake post 1.13 rebase
- BZ - 1695326 - Unit test flake post rebase, TestLegacyScaleUpUnreadyLessScale
- BZ - 1695328 - Unit test flake post rebase: TestIntermittentConnectionLoss
- BZ - 1695329 - Unit test flake post rebase: devicemanager TestNewManagerImplStartProbeMode
- BZ - 1695446 - The scroll bar always jumps back to the top on Safari browser
- BZ - 1695475 - [network-operator] The network operator cannot return correct status causes installation failed when installing cluster with SRIOV enabled
- BZ - 1695494 - Logging EFK are not redeployed after changing resource limits and requests in ClusterLogging CR.
- BZ - 1695516 - [UPI] [METAL] Kubelet not starting on bootpstrap node because of failed images: "layer not known"
- BZ - 1695542 - The page layout is ugly if login console on Edge browser
- BZ - 1695554 - [upgrade] upgrade to 4.0.0-0.nightly-2019-04-02-133735 failed due to the installer pods errors
- BZ - 1695622 - Buildah error message on failed dockerfile build contains unnecessary information
- BZ - 1695789 - pivot fails when rpm-ostree is an older version
- BZ - 1695807 - Unit test flake post rebase: k8s.io/kubernetes/pkg/controller/podautoscaler TestEventNotCreated 3m0s
- BZ - 1695860 - Remove static name parameters from the AWS CloudFormation templates
- BZ - 1696074 - [Marketplace] the "Operator Hub" UI often crash
- BZ - 1696085 - [upi-on-aws] ClusterName.AllowedPattern in cloudformation is blocking user to include '-' char in cluster name
- BZ - 1696115 - [admin] IdentityProvider with duplicated name should not be created successfully.
- BZ - 1696168 - should replace all "clusteringress" with "ingresscontroller" to avoid confusing
- BZ - 1696216 - [upi-on-aws] unable to get pod log due to tls error
- BZ - 1696342 - [UPI] openshift-install upi finish fails searching for a file which is not found
- BZ - 1696366 - oc registry tools read $PWD/config.json if existing and assume it's a docker config => auth errors
- BZ - 1696407 - non-intuitive to detect a machineset scaling issue
- BZ - 1696756 - Source strategy builds using wrong Assemble User
- BZ - 1696771 - unit test panic: TestLegacyScaleUpCM "missing method GetObject"
- BZ - 1696774 - Machine-os-content has not been promoted in the last 32 hours
- BZ - 1697176 - wrong 500m number in the y axis of alert details page
- BZ - 1697206 - apiserver received an error about kube:admin
- BZ - 1697222 - haproxy in router image should be updated to latest 1.8.17
- BZ - 1697225 - Reveal Values will hide data automatically after a few seconds.
- BZ - 1697236 - [upi-on-aws] subnet created by cloudformation is missing "kubernetes.io/cluster/cluster_name" tag
- BZ - 1697262 - [upi-on-aws] hostedzone created by cloudformation is missing some necessary tag which lead to no DNS *.apps registration
- BZ - 1697269 - Image Repository cannot update to user-defined externalRegistryHostnames if default route is disabled
- BZ - 1697278 - [cloud] Machine didn't recreate instance after an instance was deleted at web console
- BZ - 1697520 - kube-scheduler failed to upgrade
- BZ - 1697638 - cluster-reader aggregate role should have access to view all cluster config maps and CRs (but not secrets)
- BZ - 1697644 - image pull secret is not in the right location
- BZ - 1697656 - Please rebase onto https://github.com/openshift/api/pull/278
- BZ - 1697657 - Please rebase onto https://github.com/openshift/api/pull/278
- BZ - 1697658 - Please rebase onto https://github.com/openshift/api/pull/278
- BZ - 1697803 - Console always send request about api/kubernetes/apis/
- BZ - 1697814 - [network-operator]Multus pod cannot be running due to "ERROR: unknown parameter --multus-log-level"
- BZ - 1697875 - kube-scheduler/controller-manager doesn't have permissions to create subject access reviews
- BZ - 1697903 - There are 2 different semantic versions of Kubernetes components running.
- BZ - 1697968 - [upi-on-aws] Dynamic Compute created using Machine API can not register itself into cluster
- BZ - 1698068 - etcd quorum is not reached when booting the installer on vsphere
- BZ - 1698070 - Openshift installer on vsphere hangs indefinitely waiting for IP addresses
- BZ - 1698152 - image extraction path behavior has changed
- BZ - 1698155 - Failing status should require multiple consecutive failures
- BZ - 1698180 - Enable insecure option for configuring vsphere cloudprovider
- BZ - 1698201 - Prometheus is unable to scrape control plane components
- BZ - 1698210 - Service type NodePort not exposing service on all nodes
- BZ - 1698250 - [api-freeze] MachineConfigPool machineSelector is confusing
- BZ - 1698251 - Bind: Address already in use for openshift-kube-scheduler/openshift-kube-scheduler
- BZ - 1698253 - CRI-O 1.13.4-3.rhaos4.1.git30006b3.el8 raising "Manifest does not match provided manifest digest"
- BZ - 1698456 - [stability] Destroy 1 etcd member will result in ocp cluster is not accessible
- BZ - 1698525 - SDN metrics not collected
- BZ - 1698573 - wait-for bootstrap-complete and install-complete should be level driven
- BZ - 1698625 - SecurityContextConstraints must be served from a CRD to improve platform reliability
- BZ - 1698629 - OCP 4.1: pods end up in CrashLoopBackOff state after a rolling reboot of the node
- BZ - 1698672 - kube-controller-manager crashlooping: cannot get resource "configmaps" in API group ""
- BZ - 1698687 - Must-gather tool gathers wrong objects from image registry
- BZ - 1698804 - Disable a API federation when there is a resource of federatedAPI kind, then re-enable the API federation, the crd of federatedAPI will be deleted
- BZ - 1698814 - Scale up nodes failed at task [Apply ignition manifest]
- BZ - 1698950 - Nightly builds >= 4.0.0-0.nightly-2019-04-11-001944 failing during bootstrap with kube-controller-manager in CrashLoopBackoff
- BZ - 1698953 - RPMs openshift-* should be replacing atomic-openshift-* from previous releases
- BZ - 1699015 - Elasticsearch-operator can get stuck on Pods in 'Pending' phase
- BZ - 1699048 - oc rsync crashes using --type=tar and --type=rsync
- BZ - 1699129 - COPY operation significantly slower in buildah
- BZ - 1699134 - MCO not bubbling up failures after invalid configuration has been applied
- BZ - 1699167 - [api-freeze] bump openshift/api for Controller Manager Operator
- BZ - 1699268 - The kibana couldn't be scaled up when replicas=2 in clusterlogging CRD
- BZ - 1699321 - controller-manager/scheduler secure ports served by temporary self signed certificates
- BZ - 1699353 - Cannot create featuregate.config.openshift.io
- BZ - 1699372 - [api-freeze] bump openshift/api for Console Operator
- BZ - 1699447 - kube-scheduler-operator causing very frequent revision bumps triggered by "configmap/kube-scheduler-pod has changed"
- BZ - 1699460 - defaultNodeSelector does not work in crd Scheduler
- BZ - 1699726 - Deploy federation v2 controller manager operator failed
- BZ - 1699801 - APIService v1.quota.openshift.io constantly changes
- BZ - 1699808 - Scale up nodes failed due to package "systemd-journal-gateway" not in RHEL or RHEL Extras repo
- BZ - 1699820 - StatefulSet tests are failing with vSphere plugin
- BZ - 1700037 - CMO deployments are changing all the time
- BZ - 1700046 - API server returns "Unauthorized" briefly during test runs, causes most flakes in e2e tests
- BZ - 1700051 - containers in prom pod are throttling triggering alert on console
- BZ - 1700056 - Cannot boot an p3.2xlarge instance with RHCOS (g3.4xlarge is working) on AWS
- BZ - 1700057 - NodeNetworkInterfaceDown alerts probably should not be alerts
- BZ - 1700068 - [Conformance][Area:Networking][Feature:Router] are failing on UPI installations
- BZ - 1700076 - [sig-storage] PVC tests should not be running on UPI metal installations
- BZ - 1700294 - New created image-registry keeps in ContainerCreating state for no available pvc
- BZ - 1700416 - [marketplace] Cluster Operator Status incorrectly reporting: "Cluster operator marketplace is still updating"
- BZ - 1700458 - e2e flake: SchedulerPreemption tests fails with 'pods "pod0-sched-preemption-low-priority" not found'
- BZ - 1700482 - Api Version must be v1 for Automation Broker CRD
- BZ - 1700483 - Template Service Broker CRD should be v1
- BZ - 1700487 - [api-freeze] Experimental Support for Swift Storage Backend
- BZ - 1700504 - 4.1.0-0.nightly-2019-04-16-171602 install fails - timeout waiting for bootstrap complete with repeated errors in controller-manager and apiserver logs
- BZ - 1700701 - Remove MachineDeployment and update cluster-autoscaler to not depend on them being present.
- BZ - 1700728 - [cluster-autoscaler-operator] ClusterAutoscaler and MachineAutoscaler should be v1beta1
- BZ - 1700828 - Sporadic kube-apiserver NLB connection refused response
- BZ - 1700885 - Feature gate machine healthcheck controller and disable it by default
- BZ - 1700891 - Nightly/CI builds have incorrect branding for the login page
- BZ - 1700903 - standardize resource names for auth api's
- BZ - 1700931 - `oc delete machine` gets stuck when attempting to remove a machine, which runs the controller
- BZ - 1701057 - resolv.conf isn't properly populated on first boot
- BZ - 1701162 - Bad filter conditions for the installed operators on web console
- BZ - 1701169 - UPI installer - lost content on Node page.
- BZ - 1701291 - upgrade: openshift-apiserver OpenShift API is not responding to GET requests
- BZ - 1701316 - Need operator deletion recovery process
- BZ - 1701343 - HPA failing with unable to get metrics for resource cpu: no metrics returned from resource metrics API
- BZ - 1701392 - [OCP4 Beta] Rolling update of router-default deployment is not possible
- BZ - 1701439 - No watermark status message in Elasticsearch CR.
- BZ - 1701449 - Many "couldn't get SNTP reply" errors in node-exporter container logs
- BZ - 1701450 - Controller prints namespace and label in wrong order
- BZ - 1701459 - context deadline exceeded for kube-controller-manager and kube-scheduler endpoints
- BZ - 1701462 - router deployment is not updated after removing tolerations from ingresscontroller
- BZ - 1701804 - node does not join OCP cluster after scaleup playbook finished successfully
- BZ - 1702050 - Machineset resources no longer have machine.openshift.io/cluster-api-machine-type label
- BZ - 1702087 - Various operator's status for FAILING type is reported empty
- BZ - 1702098 - cluster-machine-approver is marking CSRs that haven't been approved as approved
- BZ - 1702104 - failed to bootstrap the cluster because control plane components are not ready
- BZ - 1702158 - Fail to enable the Service Catalog on OCP 4.1 due to the configmaps "etcd-serving-ca" not found
- BZ - 1702194 - [sdn-254]Application pod should not be killed after ovs restart
- BZ - 1702231 - 'Create Autoscaler' should redirect to correct URL
- BZ - 1702353 - must-gather should be based on cli image so that cli commands can be run in scripts.
- BZ - 1702414 - [upgrade] Pods aren't terminated gracefully on reboot, leading to availability failures for control plane
- BZ - 1702449 - oc client platform information is empty
- BZ - 1702529 - DNS operator's status for DEGRADED type is reported empty
- BZ - 1702538 - Ingress operator's status for DEGRADED type is reported empty
- BZ - 1702543 - Job Controller does not work correctly as backoffLimit configured
- BZ - 1702579 - monitoring clusteroperator's status for DEGRADED type is reported empty
- BZ - 1702615 - [upi-vmware] Fail to finish cluster initialation after bootsrap complete
- BZ - 1702623 - Upgrade RHEL node failed due to incorrect nodename
- BZ - 1702640 - The DEGRADED status type value is reported empty for cloud-credential operator
- BZ - 1702655 - Machine-config-server container is in unknown status after the cluster reboota
- BZ - 1702743 - Pull image still failed due to error: while pulling "docker://registry.redhat.io/rhoar-nodejs/nodejs-10...
- BZ - 1702783 - Broken navigation from deleted operator CRD object
- BZ - 1702832 - [upgrade] clusteroperator/machine-config changed Degraded to True: error pool master is not ready, retrying. Status: (pool degraded: false total: 3, ready 0, updated: 0, unavailable: 1)
- BZ - 1702875 - [cloud] cluster-autoscaler and machine-api operator status type has no value
- BZ - 1702876 - Service Catalog api-server pod crashed at 'Unable to create storage backend'
- BZ - 1703027 - Cluster operator storage does not have value for degraded
- BZ - 1703118 - Per indice metrics missing in elasticsearch exporter
- BZ - 1703137 - marketplace-operator should report degraded status
- BZ - 1703158 - CVO takes more than 2 min to ack upgrade request
- BZ - 1703229 - High write rate from operator updating config maps, needs to be fixed
- BZ - 1703232 - High read and write rate from cluster-autoscaler-operator
- BZ - 1703233 - Cluster samples operator has a high read rate from operator
- BZ - 1703240 - oc adm must-gather does not capture audit logs.
- BZ - 1703262 - confusing/messy error message on build image pull failure
- BZ - 1703489 - "DaemonSet \"openshift-sdn/sdn\" is not available (awaiting 3 nodes)" on nightly build
- BZ - 1703501 - Enable auth for metrics endpoint on service-ca-operator
- BZ - 1703502 - Enable auth for metrics endpoint on cluster-authentication-operator
- BZ - 1703504 - Route information (i.e. host) should come from status once admitted
- BZ - 1703506 - OAuth Server metrics endpoints should require auth
- BZ - 1703510 - could not copy stable imagestreamtag: Timeout: request did not complete within allowed duration
- BZ - 1703546 - Changing clusterlogging CR for ES does not trigger a new ES deployment in a timely fashion
- BZ - 1703581 - Default space quota in etcd is not enough for large scale clusters
- BZ - 1703595 - Deprecate old cruft
- BZ - 1703699 - MCD is being killed and recreated causing a failed sync
- BZ - 1703703 - etcd: adjusting runtime configurations will result in MCO rebooting node
- BZ - 1703727 - etcd endpoints is not in kube-system namespace now
- BZ - 1703773 - "DEFAULT CLASS" has no value on sc overview page.
- BZ - 1703875 - [stability] During e2e runs, some pods take multiple minutes to be terminated, causing namespace deletion test to flake 1/3 of the time
- BZ - 1703878 - [upgrade] Pod behind service load balancer becomes unavailable during cluster upgrade
- BZ - 1703881 - [ci] Pod readiness gate test is failing in a few runs
- BZ - 1703883 - [ci] must-gather pod test causes test case failures
- BZ - 1703891 - Status page will jump to be empty after when select "all projects" on Firefox
- BZ - 1703941 - Cannot import CA file to image-registry
- BZ - 1703943 - router pods are always running on same node in fresh install AWS env
- BZ - 1703954 - View subscription on Operator Catalogs page does not show subscription list
- BZ - 1704318 - Placeholder for OCP 4.1 Image Release
- BZ - 1704325 - e2e flake: must-gather finds empty file
- BZ - 1704389 - Drop unused machine fields
- BZ - 1704410 - Symlinks under /var/lib/containers/storage/overlay/l are lost on reboot
- BZ - 1704570 - Extracted tooling from a release image does not contain kubectl
- BZ - 1704573 - prometheus-k8s serviceaccount cannot list endpoints in the namespace openshift-etcd
- BZ - 1704590 - [UPI on Baremetal] Clusteroperator "image-registry" is not present during installation
- BZ - 1704706 - Multus deletion failures on freshly-booted nodes
- BZ - 1704722 - build pods waited too long before running on OCP4
- BZ - 1704767 - s2i incremental build always download dependencies
- BZ - 1704874 - Builds with additional trusted CA stuck in Pending state
- BZ - 1704915 - Missing version info when prometheus starts
- BZ - 1704982 - Ingress ClusterOperator status should always report versions
- BZ - 1705032 - DNS ClusterOperator status should always report versions
- BZ - 1705100 - [ci] e2e-aws-operator flakes
- BZ - 1705135 - Operators installed to resolve a dependency can not be updated
- BZ - 1705318 - Ulimit too low during builds
- BZ - 1705319 - Jenkins slave pod tests failing (random uuid and /etc/passwd update)
- BZ - 1705542 - [ci] Flake: Failed to get secret openshift-kube-apiserver/etcd-client-1
- BZ - 1705627 - Command line should show console URL on login and `oc whoami --show-console`
- BZ - 1705645 - kube-scheduler uses endpoints leader lock file, should be configmap
- BZ - 1705646 - MUST VERIFY All components must use configmap leader lock file, not endpoints
- BZ - 1705649 - [reliability] Cluster with halted master did not reschedule operators after 5m of being down
- BZ - 1706043 - Installer pods install insecure secret files to /etc/kubernetes/static-pod-resources
- BZ - 1706134 - Specifying more than 3 nodes on Cluster Logging CR creates invalid Elasticsearch CR
- BZ - 1706204 - Remove unreachable tolerates from etcd quorum guard
- BZ - 1706232 - Recreating a CatalogSource and subscription for something from that catalog source results in 'stuck' subscription
- BZ - 1706400 - etcd: canonical org for release-3.3 should be coreos not etcd-io
- BZ - 1706478 - Could not get elasticsearch metrics in prometheus server -- happen again.
- BZ - 1706506 - should not use the upstream image for elasticsearch operator
- BZ - 1706509 - should not use the upstream image for clusterlogging operator
- BZ - 1706606 - Unexpected on disk state error updating workers
- BZ - 1706625 - etcd-quorum-guard reporting extremely high memory usage
- BZ - 1706689 - Wrong apiserver for Copy Login Command
- BZ - 1706772 - Duplicated "NODE SELECTOR" field on pod overview page
- BZ - 1706894 - OAuth server route has wrong URL
- BZ - 1707049 - no termination message provided by integrated-oauth-server pod
- BZ - 1707050 - no termination message provided by failing cluster-node-tuning-operator pod
- BZ - 1707061 - no termination message provided by failing openshift-controller-manager-operator pod
- BZ - 1707066 - no termination message provided by failing cluster-monitoring-operator pod
- BZ - 1707071 - no termination message provided by failing olm pods
- BZ - 1707072 - no termination message provided by failing openshift-service-catalog-controller-manager-operator pod
- BZ - 1707085 - [upgrade] the status.conditions of Ingress operator is not updated after upgrade
- BZ - 1707176 - JOURNAL_READ_FROM_HEAD defaults to true
- BZ - 1707201 - https://openshift-gce-devel.appspot.com dumping stack
- BZ - 1707205 - Example command in "oc version --help" is using kubeclt, rather than oc
- BZ - 1707210 - no logs gathered for failed upgrade job
- BZ - 1707212 - Upgrade failures due to MCO trying to roll out multiple master changes
- BZ - 1707270 - Include console=tty0,115200n8 as kernel default parameter
- BZ - 1707323 - Elasticsearch operator - panic: assignment to entry in nil map
- BZ - 1707324 - When using tsb operator, should also create clusterrolebinding before install operator
- BZ - 1707465 - Fluentd wedged nodes on 4.1 cluster
- BZ - 1707477 - No way to grant access to router via NetworkPolicy
- BZ - 1707478 - failed to initialize the cluster: waiting on console: timed out waiting for the condition
- BZ - 1707519 - CMO updates role bindings too frequently
- BZ - 1707538 - Fix typo of random_string that prevents forwarding to SYSLOG via UDP to fail
- BZ - 1707573 - Installer configures KAS with legacy CA
- BZ - 1707681 - After the cluster is up for a few days it stops sending telemetry data
- BZ - 1707839 - cert regeneration command does not fix CSR signer
- BZ - 1707877 - cannot safely upgrade past Infrastructure API change
- BZ - 1707928 - Installs failing on latest 4.1 Beta 5 nightly (OCP) builds: controller version mismatch for rendered-master
- BZ - 1708069 - Curator pod in Error status: pkg_resources.DistributionNotFound: elasticsearch>=5.4.0,<6.0.0
- BZ - 1708307 - Gather bootstrap doesn't have perms to gather
- BZ - 1708568 - scaleup hosts will fail at TASK [Get release image] if openshift_kubeconfig_path="~/.kube/config"
- BZ - 1708584 - The csc stuck in "configuring" status when the installed "operators" is removed from the quay if delete the marketplace-operator pod.
- BZ - 1708588 - upgrade hosts will fail at TASK [Cordon node prior to upgrade] if openshift_kubeconfig_path="~/.kube/config"
- BZ - 1708602 - Got error from machine-config-daemon when the rhel worker is adding to the cluster but cluster is applying new rendered machineconfig
- BZ - 1708605 - container runtime error after upgrade RHEL 7 worker node
- BZ - 1708648 - Release images with different commits for images built from the same Git repository
- BZ - 1708663 - OCP4.1 UPI installation fails to create bootstrap-machine-config-operator
- BZ - 1709247 - coreos.inst.image_url do not support url redirection
- BZ - 1709252 - [DR] Running restore.sh failed with 'Error: data-dir "/var/lib/etcd" exists'
- BZ - 1709395 - [DR] Remaining doc issues of "etcd quorum loss" doc
- BZ - 1709802 - [DR] Growing etcd to include the new hosts via recover.sh doesn't complete
- BZ - 1709869 - ssl.CertificateError: hostname 'openshift.default.svc' doesn't match either of 'kubernetes', 'kubernetes.default', 'kubernetes.default.svc'...
- BZ - 1709985 - [4.1.z] Builds fail to commit/push if registries are whitelisted
- BZ - 1710008 - [4.1.z] image build doesn't handle COPY correctly in some cases
- BZ - 1710226 - Upgrade RHEL node failed due to iptables rules changes
- BZ - 1710293 - Wrong storage prefix for kubernetes resources in etcd
- BZ - 1710494 - Cloning CI ProwJobs to new releases reset their optional state
- BZ - 1710569 - Set non-default storage prefix for Service Catalog resources in etcd
- BZ - 1710837 - Feature gate machine healthcheck controller with cluster feature gate
- BZ - 1711043 - After disabling servicecatalog operators the apiservice remains - prevents project deletion
- BZ - 1711185 - [DR][MSTR-363] Run regenerate-certificates command failed when do the certificate recovery
- BZ - 1711844 - [UPI] [METAL] Kubelet cannot pull k8s.gcr.io/pause:3.1 image on bootpstrap node
- BZ - 1711879 - [DR]Run: /usr/local/bin/etcd-snapshot-restore.sh failed with err:failed resolving host :2380 (lookup : no such host)
- BZ - 1712562 - Installer is pinned to older builds
CVEs
(none)
References
(none)
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.