RHBA-2019:1382 - Bug Fix Advisory

Topic

Red Hat OpenShift Container Platform releases 4.1.2 is now available with
updates to packages and images that fix several bugs.

Description

Red Hat OpenShift Container Platform is Red Hat's cloud computing
Kubernetes application platform solution designed for on-premise or private
cloud deployments.

This advisory contains the images for Red Hat OpenShift Container
Platform 4.1.2. See the following advisory for the RPM packages for
this release:

https://access.redhat.com/errata/RHBA-2019:1381

Space precludes documenting all of the container images in this advisory. See the following Release Notes documentation, which will be updated shortly for this release, for details about these changes:

https://docs.openshift.com/container-platform/4.1/release_notes/ocp-4-1-release-notes.html

You may download the oc tool and use it to inspect release image metadata as follows:

$ oc adm release info quay.io/openshift-release-dev/ocp-release:4.1.2

The image digest is sha256:9c5f0df8b192a0d7b46cd5f6a4da2289c155fd5302dec7954f8f06c878160b8b

All OpenShift Container Platform 4.1 users are advised to upgrade to these
updated packages and images.

Solution

Before applying this update, Ensure all previously released errata
relevant to your system have been applied.

For OpenShift Container Platform 4.1 see the following documentation, which
will be updated shortly for release 4.1.2, for important instructions on
how to upgrade your cluster and fully apply this asynchronous errata
update:

https://docs.openshift.com/container-platform/4.1/release_notes/ocp-4-1-release-notes.html

This update is available via the Red Hat Network. Details on how to use the
Red Hat Network to apply this update are available at
https://access.redhat.com/articles/11258.

Affected Products

• Red Hat OpenShift Container Platform 4.1 for RHEL 7 x86_64

Fixes

• BZ - 1634299 - Humanize KubePersistentVolumeFullInFourDays annotation
• BZ - 1684357 - [DOCS] Master configuration not updated in "Resource quotas per project" page
• BZ - 1694818 - cluster-authentication-operator: Remove unicode character emojis from log files
• BZ - 1702626 - machine-config-daemon mark node as degraded due to "open /etc/machine-config-daemon/node-annotations.json: no such file or directory"
• BZ - 1706245 - upgrade won't allow user to run upgrade again if a user forgot to use --force=true the first time.
• BZ - 1712455 - QE unable to test signed 4.1 non-CI builds until GA
• BZ - 1713098 - [4.1.z] "server returned HTTP status 500 Internal Server Error" for some kubelet endpoints
• BZ - 1713620 - namespace should be openshift-etcd for "kube_pod_status_ready:etcd:sum" rule
• BZ - 1714200 - mariadb-platform-operator can not be installed for OCP4.1 due to "ErrImagePull"
• BZ - 1714484 - So many secrets generated under openshift-cluster-node-tuning-operator namespace after the cluster serve several days
• BZ - 1714659 - SSH'ing in to node does not result in annotation being applied to node
• BZ - 1715020 - OAuth object validation allows multiple IdPs being set within a single IdP object
• BZ - 1715293 - [DR]Add new master hosts to etcd cluster appears different name format(On vsphere platform)
• BZ - 1716622 - Updating the kube-apiserver certificate with a new certificate fails to reload the kube-apiserver certificate
• BZ - 1718027 - [4.1.z] Kube-scheduler-operator entering a permanent degraded state
• BZ - 1718375 - Rolling out OVS daemonset changes takes a very long time.

CVEs

• CVE-2018-5743

References

(none)