RHEA-2020:2011 - Product Enhancement Advisory

Topic

Container-native virtualization release 2.3.0 is now available with updates to packages and images that fix several bugs and add enhancements.

Description

Container-native virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform.

This advisory contains the following container-native virtualization 2.3.0 images:

RHEL-7-CNV-2.3
==============
kubevirt-ssp-operator-container-v2.3.0-42

RHEL-8-CNV-2.3
==============
hostpath-provisioner-operator-container-v2.3.0-13
kubevirt-cpu-node-labeller-container-v2.3.0-9
kubevirt-metrics-collector-container-v2.3.0-9
kubevirt-template-validator-container-v2.3.0-10
virtio-win-container-v2.3.0-8
node-maintenance-operator-container-v2.3.0-10
hostpath-provisioner-container-v2.3.0-12
kubevirt-kvm-info-nfd-plugin-container-v2.3.0-9
bridge-marker-container-v2.3.0-29
cnv-containernetworking-plugins-container-v2.3.0-30
kubemacpool-container-v2.3.0-28
kubevirt-cpu-model-nfd-plugin-container-v2.3.0-9
kubernetes-nmstate-handler-container-v2.3.0-30
ovs-cni-marker-container-v2.3.0-29
cluster-network-addons-operator-container-v2.3.0-28
ovs-cni-plugin-container-v2.3.0-28
kubevirt-v2v-conversion-container-v2.3.0-11
kubevirt-vmware-container-v2.3.0-11
virt-operator-container-v2.3.0-39
virt-controller-container-v2.3.0-39
virt-handler-container-v2.3.0-39
virt-api-container-v2.3.0-39
virt-launcher-container-v2.3.0-39
virt-cdi-cloner-container-v2.3.0-41
virt-cdi-operator-container-v2.3.0-41
virt-cdi-apiserver-container-v2.3.0-41
virt-cdi-uploadproxy-container-v2.3.0-41
virt-cdi-controller-container-v2.3.0-41
virt-cdi-importer-container-v2.3.0-41
virt-cdi-uploadserver-container-v2.3.0-41
hyperconverged-cluster-operator-container-v2.3.0-61
cnv-must-gather-container-v2.3.0-45
hco-bundle-registry-container-v2.3.0-174

Solution

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

For details on how to apply this update, refer to:

https://access.redhat.com/articles/11258

Affected Products

• Red Hat Container Native Virtualization 2.3 for RHEL 8 x86_64

Fixes

• BZ - 1712429 - delete project kubevirt-hyperconverged stucked in Terminating state due to kubevirt apiserver
• BZ - 1713378 - Empty PHASE field in `oc get hco`
• BZ - 1722850 - Inconsistency in KubeVirt components naming and abbreviation
• BZ - 1729761 - kubevirt-ssp-operator failed to load due to authentication or permission failure
• BZ - 1739149 - cnv-tests: import invalid-qcow-large-size.img should fail for xfs
• BZ - 1745998 - VMs and DVs (user-data) is getting deleted during HCO uninstall
• BZ - 1753243 - [SSP] Common templates validations - wrong value of minimal-required-memory
• BZ - 1757784 - HCO reconciles continuously
• BZ - 1765221 - Container-native Virtualization 2.3.0 Images
• BZ - 1769593 - In create VM wizard, list of operating systems is out of date
• BZ - 1769595 - virtual-machinecontroller retries DataVolume creation that can't succeed without cleanup
• BZ - 1770339 - UI is not displaying the expected name & documentation
• BZ - 1781293 - KubeVirt kind hangs in Deleting state on cleanup script
• BZ - 1781512 - kubevirt-hyperconverged package manifest should refer to operator images by digest, not tag
• BZ - 1782241 - HCO-managed configmaps are dropped and recreated, dropping all user-provided configuration
• BZ - 1783343 - [CNV 2.3] VMI fails to start on "Unable to set XATTR trusted.libvirt.security.dac"
• BZ - 1789093 - Large images met timeout or EOF when uploading a qcow2 image
• BZ - 1793603 - kubevirt-ssp-operator's ansible-playbook fails in template validator task
• BZ - 1794050 - hostpath-provisioner - PV doesn't get removed after deleting DV (when attempting to run out of space)
• BZ - 1795227 - OperatorGroup shoudn't be created when CONTENT_ONLY variable is set
• BZ - 1796796 - [CNV-2.3 Deployment] cluster-network-addons-operator fails to create config map
• BZ - 1798487 - [CNV-2.3] Unable use use deploy from marketplace script - mismatch in HCO resource name
• BZ - 1799016 - [CNV-2.3][HPP] host-path-provisioner operator fails with SIGSEGV error
• BZ - 1799055 - CNV operator should make use of suggested namespace annotation
• BZ - 1800714 - rhel8-tiny templates use 1Gi memory instead of 1.5Gi minimum seen in osinfo-db rhel-8 files
• BZ - 1800792 - NodeNeworkConfigurationPolicy not applied to workers that were down during initial application of the policy
• BZ - 1801297 - windows-10 VM memory validation is too low (0.5GiB) as seen from osinfo-db
• BZ - 1802001 - CD-ROM does not support disk type "VirtIO"
• BZ - 1802120 - [CNV-2.3] CDI operator is failing to complete deployment
• BZ - 1802126 - [CNV-2.3] SSP operator is failing to finish deployment
• BZ - 1803220 - csv-generator for hostpath-provisioner-operator creates invalid deployment spec
• BZ - 1804102 - [cnv-2.3] Kubevirt version is v0.23.3 instead of kubevirt-0.26.0
• BZ - 1805204 - [kubevirt-functional-tests] securityContext tests don't account for cluster settings
• BZ - 1805627 - VM cannot be accessed with console
• BZ - 1806115 - nmstate: failed to create bridge on node
• BZ - 1807572 - Prevent installation of CNV in the openshift-operators namespace
• BZ - 1807804 - [Customer0 data migration] The storage class name that is exported from VirtualMachine.spec.dataVolumeTemplates is not changed
• BZ - 1807820 - [Customer0 data migration] Failed to import PVC/DV/VM data
• BZ - 1809872 - CDI operator "sometime" fails to reconcile a new CDI CR created by HCO after deletion of a previous one
• BZ - 1810493 - Migration failed with error: 'no connection driver available for storage:///system'
• BZ - 1812710 - When CNV insalled the kubemacpool mutatingwebhook interferes with openshift-ovn-kubernetes ns
• BZ - 1812856 - knmstate: Inconsistency between NNCE and NNCP status report
• BZ - 1812970 - virt-launcher pod hit OOMKilled when dedicatedCpuPlacement set to true
• BZ - 1813106 - CNV 2.3 hco-bundle-registry-container with v2.2.0 version info
• BZ - 1813350 - Workaround BZ 1776236 (lstat /proc/63538/ns/ipc)
• BZ - 1815145 - Can't re-deploy HCO. KubevirtNodeLabellerBundle resource has no conditions
• BZ - 1816778 - [must gather] Needs Investigation for APIversion related errors
• BZ - 1817057 - ContainerDisk is sometimes OOMKilled on some systems
• BZ - 1819288 - Drop ownership of kubernetes-nmstate CRDs
• BZ - 1819700 - CLI command to trigger the upgrade contains u/s var instead of d/s

CVEs

• CVE-2015-2716
• CVE-2015-8035
• CVE-2016-5131
• CVE-2017-15412
• CVE-2017-18258
• CVE-2018-10360
• CVE-2018-14404
• CVE-2018-14567
• CVE-2018-20852
• CVE-2019-3820
• CVE-2019-5436
• CVE-2019-9924
• CVE-2019-13734
• CVE-2019-14814
• CVE-2019-14815
• CVE-2019-14816
• CVE-2019-14818
• CVE-2019-14895
• CVE-2019-14898
• CVE-2019-14901
• CVE-2019-15030
• CVE-2019-15031
• CVE-2019-16056
• CVE-2019-16865
• CVE-2019-17666
• CVE-2019-18408
• CVE-2019-18634
• CVE-2019-18660
• CVE-2019-19338
• CVE-2019-19527
• CVE-2020-1701
• CVE-2020-1712
• CVE-2020-1733
• CVE-2020-1735
• CVE-2020-1737
• CVE-2020-1739
• CVE-2020-1740
• CVE-2020-1742
• CVE-2020-1746
• CVE-2020-1753
• CVE-2020-5312
• CVE-2020-10531
• CVE-2020-10684
• CVE-2020-10685
• CVE-2020-10691

References

(none)