Red Hat Product Errata RHBA-2021:0714 - Bug Fix Advisory
Issued:
2021-03-11
Updated:
2021-03-11

RHBA-2021:0714 - Bug Fix Advisory

Synopsis

OpenShift Container Platform 4.5.34 bug fix update

Type/Severity

Bug Fix Advisory

Topic

Red Hat OpenShift Container Platform release 4.5.34 is now available with
updates to packages and images that fix several bugs.

Description

Red Hat OpenShift Container Platform is Red Hat's cloud computing
Kubernetes application platform solution designed for on-premise or private
cloud deployments.

This advisory contains the container images for Red Hat OpenShift Container
Platform 4.5.34. See the following advisory for the RPM packages for this
release:

https://access.redhat.com/errata/RHSA-2021:0713

Space precludes documenting all of the container images in this advisory.
See the following Release Notes documentation, which will be updated
shortly for this release, for details about these changes:

https://docs.openshift.com/container-platform/4.5/release_notes/ocp-4-5-release-notes.html

This update fixes the following bug among others:

  • Previously, if the `lib-bucket-provisioner` service account was missing,

the creation of `lib-bucket-provisioner` InstallPlan overloaded the
etcd and impacted the performance of the cluster. This update
implements the `Service Account Gatherer` to the Insights Operator to
collect field `managementState` of OpenShift Operators, which is anonymized
and stored in the Insights Operator archive report. (BZ#1885936)

  • Previously, the Cluster Version Operator was not syncing `ClusterVersion` during graceful shutdowns. During updates, the outgoing Cluster Version Operator was likely to exit after verifying the incoming release, but before pushing the `verified: true` value into the `ClusterVersion` history. With this update, the Cluster Version Operator now provides additional time to perform a final `ClusterVersion` status synchronization during shutdown. As a result, the `verified` values of `ClusterVersion` are now consistently `true`. (BZ#1931025)

You may download the oc tool and use it to inspect release image metadata
as follows:

(For x86_64 architecture)

$ oc adm release info
quay.io/openshift-release-dev/ocp-release:4.5.34-x86_64

The image digest is sha256:f3faaf72766d099b280b3080d47e9c5b5526654ba13297cd03b0b285a40a9c5d

(For s390x architecture)

$ oc adm release info
quay.io/openshift-release-dev/ocp-release:4.5.34-s390x

The image digest is sha256:900cd55b08d42bd830317cfc4ed07bdafb065fae308f1b7f451f2d64e63ef296

(For ppc64le architecture)

$ oc adm release info
quay.io/openshift-release-dev/ocp-release:4.5.34-ppc64le

The image digest is sha256:11b5293e64f0ff833ac22abd9e297a96d66acb79b9138e4b25b7fa0f0b34fd75

All OpenShift Container Platform 4.5 users are advised to upgrade to these
updated packages and images when they are available in the appropriate
release channel. To check for available updates, use the OpenShift Console
or the CLI oc command. Instructions for upgrading a cluster are available
at
https://docs.openshift.com/container-platform/4.5/updating/updating-cluster-between-minor.html#understanding-upgrade-channels_updating-cluster-between-minor.

Solution

For OpenShift Container Platform 4.5 see the following documentation, which
will be updated shortly for this release, for important instructions on how
to upgrade your cluster and fully apply this asynchronous errata update:

https://docs.openshift.com/container-platform/4.5/release_notes/ocp-4-5-release-notes.html

Details on how to access this content are available at
https://docs.openshift.com/container-platform/4.5/updating/updating-cluster-cli.html.

Affected Products

  • Red Hat OpenShift Container Platform 4.5 for RHEL 8 x86_64
  • Red Hat OpenShift Container Platform 4.5 for RHEL 7 x86_64
  • Red Hat OpenShift Container Platform for Power 4.5 for RHEL 8 ppc64le
  • Red Hat OpenShift Container Platform for Power 4.5 for RHEL 7 ppc64le
  • Red Hat OpenShift Container Platform for IBM Z and LinuxONE 4.5 for RHEL 8 s390x
  • Red Hat OpenShift Container Platform for IBM Z and LinuxONE 4.5 for RHEL 7 s390x

Fixes

  • BZ - 1885936 - [release 4.5] Collect ServiceAccount statistics
  • BZ - 1891106 - p&f: Increase the concurrency share of workload-low priority level
  • BZ - 1894918 - [4.5] Panic output due to timeouts in openshift-apiserver
  • BZ - 1928978 - Cinder volume provisioning crashes on nil cloud provider
  • BZ - 1931025 - 4.5.15 and later cluster-version operator does not sync ClusterVersion status before exiting, leaving 'verified: false' even for verified updates

References

(none)

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.