- Issued:
- 2021-10-26
- Updated:
- 2021-10-26
RHBA-2021:3935 - Bug Fix Advisory
Synopsis
OpenShift Container Platform 4.9.4 bug fix update
Type/Severity
Bug Fix Advisory
Topic
Red Hat OpenShift Container Platform release 4.9.4 is now available with
updates to packages and images that fix several bugs and add enhancements.
Description
Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.
This advisory contains the container images for Red Hat OpenShift Container Platform 4.9.4. See the following advisory for the RPM packages for this release:
https://access.redhat.com/errata/RHSA-2021:3934
Space precludes documenting all of the container images in this advisory. See the following Release Notes documentation, which will be updated shortly for this release, for details about these changes:
https://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html
You may download the oc tool and use it to inspect release image metadata as follows:
(For x86_64 architecture)
$ oc adm release info quay.io/openshift-release-dev/ocp-release:4.9.4-x86_64
The image digest is sha256:3d5800990dee7cd4727d3fe238a97e2d2976d3808fc925ada29c559a47e2e1ef
(For s390x architecture)
$ oc adm release info quay.io/openshift-release-dev/ocp-release:4.9.4-s390x
The image digest is sha256:78a1b9ddcf5b1baeb1fd46798912e7f3543c11e23056fa619783614551cce5ce
(For ppc64le architecture)
$ oc adm release info quay.io/openshift-release-dev/ocp-release:4.9.4-ppc64le
The image digest is sha256:b660e4dceecea91950675310976ed0ee2295e00744cc9565b3fb12317f70aeba
(For aarch64 architecture)
$ oc adm release info quay.io/openshift-release-dev/ocp-release:4.9.4-aarch64
The image digest is sha256:ec3df27dd22c15f46718850ef4f8e44a82536dc56733167d6b936a50a956b3e5
All OpenShift Container Platform 4.9 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift Console or the CLI oc command. Instructions for upgrading a cluster are available
at https://docs.openshift.com/container-platform/4.9/updating/updating-cluster-between-minor.html#understanding-upgrade-channels_updating-cluster-between-minor
Solution
For OpenShift Container Platform 4.9 see the following documentation, which
will be updated shortly for this release, for important instructions on how
to upgrade your cluster and fully apply this asynchronous errata update:
https://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html
Details on how to access this content are available at
https://docs.openshift.com/container-platform/4.9/updating/updating-cluster-cli.html
Affected Products
- Red Hat OpenShift Container Platform 4.9 for RHEL 8 x86_64
- Red Hat OpenShift Container Platform for Power 4.9 for RHEL 8 ppc64le
- Red Hat OpenShift Container Platform for IBM Z and LinuxONE 4.9 for RHEL 8 s390x
- Red Hat OpenShift Container Platform for ARM 64 4.9 aarch64
Fixes
- BZ - 1913242 - Add prerequisite to check versions in the Prerequisites list
- BZ - 1966153 - Conditional gathering
- BZ - 1966947 - [4.9.0] v1beta1.Machine is not registered in scheme, causing bmh_agent_controller reconcileSpokeBMH to fail
- BZ - 1987019 - Hypershift: cluster network operator producing operands that select master nodes
- BZ - 1987025 - ROKS/Hypershift: CSI Driver Operators select master nodes when deploying CSI driver controllers
- BZ - 1987029 - ROKS/hypershift: service-ca-operator produces an operand that selects master nodes
- BZ - 1991206 - OLM installation doesn't expose the disconnected support
- BZ - 1996213 - Bump Cluster Resource Override Admission Operator to use v1 APIs
- BZ - 1998058 - Extra white space in first column of Kafka instance table
- BZ - 1999130 - IPv6 assisted jobs are failing
- BZ - 2002696 - [UI] Page Not Found error when clicking on Storage link provided in Overview page
- BZ - 2003540 - Repeating event: MissingVersion no image found for operand pod
- BZ - 2005049 - image registry does not remain available during upgrade
- BZ - 2005242 - kube-apiserver with "[SHOULD NOT HAPPEN] failed to update managedFields" err="failed to convert new object (machine.openshift.io/v1beta1, Kind=MachineHealthCheck)
- BZ - 2008120 - Regression: core container io performance metrics are missing for pod, qos, and system slices on nodes
- BZ - 2009016 - clusteroperator/etcd status condition should not change reasons frequently due to EtcdEndpointsDegraded
- BZ - 2010308 - [knative] Create button on new Broker form is inactive despite form being filled
- BZ - 2011307 - [OVN] upgrades failed for IPI OSP16 OVN IPSec cluster
- BZ - 2011359 - Change telemeter to report the Application Services product usage metrics
- BZ - 2011798 - [sig-instrumentation] Prometheus when installed on the cluster shouldn't have failing rules evaluation [Skipped:Disconnected] [Suite:openshift/conformance/parallel]
- BZ - 2012029 - After upgrading cluster to 4.8 the kube-state-metrics service doesn't export namespace labels anymore
- BZ - 2012346 - prometheus-k8s-0 cpu usage keeps increasing for the first 3 days
- BZ - 2012825 - UI changes to support BindableKinds CRD changes
- BZ - 2013088 - The nodes page in the openshift console doesn't work. You just get a blank page
- BZ - 2013148 - All critical alerts shipped by CMO should have links to a runbook
- BZ - 2013384 - Disable operands deletes
- BZ - 2013409 - SRO helm charts not synced with templates
- BZ - 2013653 - TuneD: high CPU utilization of the TuneD daemon.
- BZ - 2013707 - OpenShift SDN Hosted Egress IP's are not being scheduled to nodes after upgrade to 4.8.12
- BZ - 2013838 - Different file permission for secrets/user-serving-cert-000/tls.crt and secrets/user-serving-cert-000/tls.key
- BZ - 2014048 - Console update toast notification can appear multiple times
- BZ - 2014622 - Special Resource Operator(SRO) - Fail to deploy simple-kmod on GCP
- BZ - 2015225 - StorageSubscription source cr in cnf-features-deploy release-4.8 branch should point to 4.8 by default
- BZ - 2015414 - 4.9.0 GA MetalLB operator image references need to be adjusted to match production
CVEs
(none)
References
(none)
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.