RHBA-2022:5741 - Bug Fix Advisory

Topic

Updated images that fix various bugs are now available for Red Hat
OpenShift Container Storage 4.8.14 on Red Hat Enterprise Linux 8 from Red
Hat Container Registry.

Description

Red Hat OpenShift Container Storage is software-defined storage integrated
with and optimized for the Red Hat OpenShift Container Platform. Red Hat
OpenShift Container Storage is a highly scalable, production-grade
persistent storage for stateful applications running in the Red Hat
OpenShift Container Platform. In addition to persistent storage, Red Hat
OpenShift Container Storage provisions a multicloud data management service
with an S3 compatible API.

Bug fixes:

• Previously, a missing label on the Multicloud Object Gateway (MCG) caused Prometheus to skip the scraping data due to which there was no data that the graphical user interface (GUI) could show. With this update, the label is reconciled so that it is always available. (BZ#2082059)
• Previously, after upgrading OpenShift Data Foundation from version 4.8 to 4.9, the complete multipart operation failed with the error: 'Cannot read property 'sort' of undefined', as the size of the upload was not checked.

With this update, the file size can be checked, and certain actions are skipped if the upload file size is 0, leading to a completely successful multipart upload operation. (BZ#2090146)

• Previously, an internal problem with parsing the operation header resulted in the occasional failure of some S3 operations. With this update, the internal problem with parsing is fixed. Now, there is no failure of the S3 operations. (BZ#2089782)
• Previously, the default memory allocator was used for node.js which resulted in memory fragmentation, and also, the node could not release the allocated memory. This caused an increase in memory of the endpoint pod which eventually led to an out of memory state.

With this update, the default memory allocator is changed to `jemalloc`. Now, there is no memory fragmentation and memory increase in the endpoint pod. (BZ#2091961)

• With this update, the log levels are reduced, and the amount of logs that are sent with the default levels are reduced. (BZ#2100025)
• Previously, a problem with the monitoring of the Multicloud Object Gateway (MCG) resources kept one of the resources in a problematic state even after the real error that had occurred was fixed. This resulted in the failure of operations on the buckets using these resources.

With this update, the problem with the monitoring of the MCG resources is fixed. Now, the resources are not kept in a problematic state once the real error is fixed. (BZ#2100034)

All users of Red Hat OpenShift Container Storage are advised to upgrade to
these updated images, which provide these bug fixes.

Solution

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

For details on how to apply this update, refer to:

https://access.redhat.com/articles/11258

Affected Products

• Red Hat OpenShift Data Foundation 4 for RHEL 8 x86_64
• Red Hat OpenShift Data Foundation for IBM Power, little endian 4 for RHEL 8 ppc64le
• Red Hat OpenShift Data Foundation for IBM Z and LinuxONE 4 for RHEL 8 s390x

Fixes

• BZ - 2089782 - noobaa S3 PUT requests frequently failing - Backport to ODF 4.8
• BZ - 2090146 - [GSS] Complete multipart upload operation fails with error ' Cannot read property 'sort' of undefined' - Backport to 4.8
• BZ - 2100023 - [Backport to 4.8.z] [GSS] s3 calls to noobaa from application are stuck intermittently
• BZ - 2101513 - Backport fix to add CephCluster reconcile strategy

CVEs

• CVE-2021-40528
• CVE-2022-1621
• CVE-2022-1629
• CVE-2022-22576
• CVE-2022-25313
• CVE-2022-25314
• CVE-2022-27774
• CVE-2022-27776
• CVE-2022-27782
• CVE-2022-29824

References

(none)