- 发布:
- 2021-04-13
- 已更新:
- 2021-04-13
RHBA-2021:1015 - Bug Fix Advisory
概述
OpenShift Container Platform 4.5.37 bug fix update
类型/严重性
Bug Fix Advisory
标题
Red Hat OpenShift Container Platform release 4.5.37 is now available with
updates to packages and images that fix several bugs.
描述
Red Hat OpenShift Container Platform is Red Hat's cloud computing
Kubernetes application platform solution designed for on-premise or private
cloud deployments.
This advisory contains the container images for Red Hat OpenShift Container
Platform 4.5.37. See the following advisory for the RPM packages for this
release:
https://access.redhat.com/errata/RHSA-2021:1016
Space precludes documenting all of the container images in this advisory.
See the following Release Notes documentation, which will be updated
shortly for this release, for details about these changes:
https://docs.openshift.com/container-platform/4.5/release_notes/ocp-4-5-release-notes.html
This update fixes the following bug among others:
- Previously, when an OpenShift router created an invalid HAProxy config that caused router reloads to fail, the `HAProxyReloadFail` Prometheus alert only lasted for approximately 5 minutes, regardless of the actual duration of the reload outage. With this release, the router `template_router_reload_fails` counter metric is replaced with the new `template_router_reload_failure` gauge metric. The `HAProxyReloadFail` alert now fires based on the boolean status of the `template_router_reload_failure` metric, and the `HAProxyReloadFail` metric lasts the entire time that HAProxy reloads are failing. (BZ#1896186)
You may download the oc tool and use it to inspect release image metadata
as follows:
(For x86_64 architecture)
$ oc adm release info
quay.io/openshift-release-dev/ocp-release:4.5.37-x86_64
The image digest is sha256:037ed15c79bbd6bee6f0d524d91790d2b368cba945e7ae6d64c984dc0f162b82
(For s390x architecture)
$ oc adm release info
quay.io/openshift-release-dev/ocp-release:4.5.37-s390x
The image digest is sha256:95fae93c3388529c5e454f09711445d0c0c096f2b9041b8940b9376ff645189b
(For ppc64le architecture)
$ oc adm release info
quay.io/openshift-release-dev/ocp-release:4.5.37-ppc64le
The image digest is sha256:77b4582724e27a9339b17252401b9ef81cb660d373c385383de503247edbb529
All OpenShift Container Platform 4.5 users are advised to upgrade to these
updated packages and images when they are available in the appropriate
release channel. To check for available updates, use the OpenShift Console
or the CLI oc command. Instructions for upgrading a cluster are available
at
https://docs.openshift.com/container-platform/4.5/updating/updating-cluster-between-minor.html#understanding-upgrade-channels_updating-cluster-between-minor
解决方案
For OpenShift Container Platform 4.5 see the following documentation, which
will be updated shortly for this release, for important instructions on how
to upgrade your cluster and fully apply this asynchronous errata update:
https://docs.openshift.com/container-platform/4.5/release_notes/ocp-4-5-release-notes.html
Details on how to access this content are available at
https://docs.openshift.com/container-platform/4.5/updating/updating-cluster-cli.html
受影响的产品
- Red Hat OpenShift Container Platform 4.5 for RHEL 8 x86_64
- Red Hat OpenShift Container Platform 4.5 for RHEL 7 x86_64
- Red Hat OpenShift Container Platform for Power 4.5 for RHEL 8 ppc64le
- Red Hat OpenShift Container Platform for Power 4.5 for RHEL 7 ppc64le
- Red Hat OpenShift Container Platform for IBM Z and LinuxONE 4.5 for RHEL 8 s390x
- Red Hat OpenShift Container Platform for IBM Z and LinuxONE 4.5 for RHEL 7 s390x
修复
- BZ - 1857478 - cluster-version-operator does not fail over to store-openshift-official-release-mirror if store-openshift-official-release is unreachable
- BZ - 1896168 - HAProxyReloadFail alert only briefly fires in the event of a broken HAProxy config
- BZ - 1939318 - cluster-etcd-operator is leaking transports
- BZ - 1940651 - New CSV using ServiceAccount named "default" stuck in Pending during upgrade
- BZ - 1941604 - Cluster unstable replacing an unhealthy etcd member
CVE
参考
(none)
Red Hat 安全团队联络方式为 secalert@redhat.com。 更多联络细节请参考 https://access.redhat.com/security/team/contact/。