RHBA-2020:3510 - Bug Fix Advisory

Topic

Red Hat OpenShift Container Platform release 4.5.8 is now available with
updates to packages and images that fix several bugs.

Description

Red Hat OpenShift Container Platform is Red Hat's cloud computing
Kubernetes application platform solution designed for on-premise or private
cloud deployments.

This advisory contains the container images for Red Hat OpenShift Container
Platform 4.5.8. See the following advisory for the RPM packages for this
release:

https://access.redhat.com/errata/RHBA-2020:3511

Space precludes documenting all of the container images in this advisory.
See the following Release Notes documentation, which will be updated
shortly for this release, for details about these changes:

https://docs.openshift.com/container-platform/4.5/release_notes/ocp-4-5-release-notes.html

You may download the oc tool and use it to inspect release image metadata
as follows:

(For x86_64 architecture)

$ oc adm release info quay.io/openshift-release-dev/ocp-release:4.5.8-x86_64

The image digest is sha256:ae61753ad8c8a26ed67fa233eea578194600d6c72622edab2516879cfbf019fd

(For s390x architecture)

$ oc adm release info quay.io/openshift-release-dev/ocp-release:4.5.8-s390x

The image digest is sha256:49eee55decb0fad7a00f33d4e925374d3dfb871ff104dbc05aaa51defba3a4a1

(For ppc64le architecture)

$ oc adm release info quay.io/openshift-release-dev/ocp-release:4.5.8-ppc64le

The image digest is sha256:36e54b45fdf18eb894f1cd37e34a5eab3358c1bfb7284f7261a66e937ac568c7

All OpenShift Container Platform 4.5 users are advised to upgrade to these
updated packages and images when they are available in the appropriate
release channel. To check for available updates, use the OpenShift Console
or the CLI oc command. Instructions for upgrading a cluster are available
at
https://docs.openshift.com/container-platform/4.5/updating/updating-cluster-between-minor.html#understanding-upgrade-channels_updating-cluster-between-minor.

Solution

For OpenShift Container Platform 4.5 see the following documentation, which
will be updated shortly for this release, for important instructions on
how to upgrade your cluster and fully apply this asynchronous errata
update:

https://docs.openshift.com/container-platform/4.5/release_notes/ocp-4-5-release-notes.html

Details on how to access this content are available at
https://docs.openshift.com/container-platform/4.5/updating/updating-cluster-cli.html.

Affected Products

• Red Hat OpenShift Container Platform 4.5 for RHEL 8 x86_64
• Red Hat OpenShift Container Platform 4.5 for RHEL 7 x86_64
• Red Hat OpenShift Container Platform for Power 4.5 for RHEL 8 ppc64le
• Red Hat OpenShift Container Platform for Power 4.5 for RHEL 7 ppc64le
• Red Hat OpenShift Container Platform for IBM Z and LinuxONE 4.5 for RHEL 8 s390x
• Red Hat OpenShift Container Platform for IBM Z and LinuxONE 4.5 for RHEL 7 s390x

Fixes

• BZ - 1847282 - Instance creation form lost text input box for some selector object type of fields
• BZ - 1851531 - BMO can get into hot reconcile loop when changing Status
• BZ - 1852720 - vSphere IPI - cluster destroy leaves installer tags
• BZ - 1852790 - Opening Terminal tab of a node which has disk pressure will got js error and blank page
• BZ - 1853033 - Opening Terminal tab of a node which has disk pressure will got js error and blank page
• BZ - 1854612 - vSphere UPI: Update icon on status "Provisioned as node" for new machines not going away
• BZ - 1854787 - [RHV] New machine stuck at 'Provisioned' phase
• BZ - 1855240 - Check also Pod status before enabling Fast upload
• BZ - 1855373 - [Bare Metal IPI] After upgrade from OCP4.4 to 4.5 SRV record wasn't cleaned up
• BZ - 1857201 - APIServerServiceUnavailableErrorjava error makes ImageChangesInProgress keeping true that blocked the upgrade processed
• BZ - 1859231 - [4.5][sriov] Failed to generate net-att-def CR when ipam is not specified in SriovNetwork CR
• BZ - 1859488 - RedFish Virtual Media missing boot interface idrac-redfish-virtual-media for Dell servers
• BZ - 1859678 - [4.5.z] etcd-operator continuously tries and fails to connect to defunct bootstrap etcd member endpoint
• BZ - 1859874 - Specifying engine api address wrong causes segfault
• BZ - 1860286 - [sriov] [4.5] VF cannot be inited when apply one policy if the 'default' policy is deleted and restored by operator
• BZ - 1861220 - [sriov] [4.5.z] sriovnetworknodestates cannot be restored if it was deleted
• BZ - 1861358 - URL for Knative Service shouldn't use tag of first traffic distribution
• BZ - 1861382 - [4.5] [azure-disk] azure e2e fail with failed scheduling errors
• BZ - 1861433 - String array fields don't show descriptions defined in the schema
• BZ - 1862194 - [4.5] Result for kubelet_running_pod_count is wrong
• BZ - 1862404 - MutatingWebhookConfiguration should be v1, not v1beta1
• BZ - 1862538 - MCDDrainError firing as critical instead of as warning
• BZ - 1862875 - Deleting bmh in PROVISIONING STATUS "ready" by "oc delete bmh' stuck
• BZ - 1863010 - Scaling down worker machineset on bare metal leaves machines stuck in Deleting state and machineconfigpool in updating state
• BZ - 1864121 - Operator installation failed - `Subscription` object stays in `UpgradePending` but the `InstallPlan` it associated with isn’t installing
• BZ - 1865806 - Etcd upgrade fails with DNS clash
• BZ - 1866480 - CVO marks an upgrade as failed when an operator takes more than 10 minutes to rollout
• BZ - 1866828 - Operator catalog Pods created by CatalogSource aren't evicted to other nodes even after their node is down
• BZ - 1867042 - Pipeline Conditions WhiteScreen the Log View
• BZ - 1867050 - cannot see group yaml in the console when group has special characters.
• BZ - 1867526 - Optional pipeline resources are displayed as mandatory
• BZ - 1868304 - ValidatingWebhookConfiguration prometheusrules.openshift.io blocks monitoring downgrade from 4.6 to 4.5
• BZ - 1868314 - Scheduler is not always reporting all failed reasons
• BZ - 1868350 - OCP issues with AWS Organizations SCPs
• BZ - 1868401 - Image operating system mismatch
• BZ - 1868478 - Cluster version operator does not manage shareProcessNamespace on pods and their consumers
• BZ - 1868751 - MachineSets in GCP are failing to create Machines in a Shared (XPN) VPC environment
• BZ - 1869220 - 4.5: oauth authn: support sha256~ oauth tokens
• BZ - 1869309 - CoreDNS pods observing panic without any provbe failures
• BZ - 1869319 - Add @natiiix to Insights Operator OWNERS on GitHub
• BZ - 1869631 - [RFE] The UI dashboard for persistent storage should be independent of the cluster name
• BZ - 1869961 - An error about absence of knative route is thrown while deletion of knative service
• BZ - 1869967 - Serverless Knative Eventing CR should be marked tech preview
• BZ - 1870285 - [IPI][OSP] Workers failed to start nodeip-configuration.service and machine-config-daemon-pull.service
• BZ - 1870667 - [MSTR-1019] oc logout fails to invalidate the token since the request deletes token value instead of oauthaccesstoken name
• BZ - 1871175 - Defunct router doesn't trigger alerts (alerts 4.5 backport)
• BZ - 1871193 - [4.5.z][cli] oc explain networking types conformance test should be skipped if CRD does not exist
• BZ - 1871698 - [sriov][4.5] config daemon pod crashed with panic
• BZ - 1871951 - [sig-arch] Managed cluster should ensure control plane pods do not run in best-effort QoS
• BZ - 1872288 - 4.5: [MSTR-1019] Management console log out cannot delete oauthaccesstoken
• BZ - 1873053 - networking metrics include host network pods
• BZ - 1873537 - [vSphere][IPI] cannot change the value of "thin_provisioned" - (old: true new: false)"
• BZ - 1874928 - [ovn][upgrade][4.5]Failed to upgrade for ovn network plugin

CVEs

(none)

References

(none)