支持控制台(Console)开发人员开始试用联系人

1.8. Asynchronous errata updates

Security, bug fix, and enhancement updates for OpenShift Container Platform 4.5 are released as asynchronous errata through the Red Hat Network. All OpenShift Container Platform 4.5 errata is available on the Red Hat Customer Portal. See the OpenShift Container Platform Life Cycle for more information about asynchronous errata.

Red Hat Customer Portal users can enable errata notifications in the account settings for Red Hat Subscription Management (RHSM). When errata notifications are enabled, users are notified via email whenever new errata relevant to their registered systems are released.

注意

Red Hat Customer Portal user accounts must have systems registered and consuming OpenShift Container Platform entitlements for OpenShift Container Platform errata notification emails to generate.

This section will continue to be updated over time to provide notes on enhancements and bug fixes for future asynchronous errata releases of OpenShift Container Platform 4.5. Versioned asynchronous releases, for example with the form OpenShift Container Platform 4.5.z, will be detailed in subsections. In addition, releases in which the errata text cannot fit in the space provided by the advisory will be detailed in subsections that follow.

重要

For any OpenShift Container Platform release, always review the instructions on updating your cluster properly.

1.8.1. RHBA-2020:2409 - OpenShift Container Platform 4.5 image release and bug fix advisory

Issued: 2020-07-13

OpenShift Container Platform release 4.5 is now available. The list of bug fixes that are included in the update is documented in the RHBA-2020:2409 advisory. The RPM packages that are included in the update are provided by the RHBA-2020:2408 advisory.

Space precluded documenting all of the container images for this release in the advisory. See the following article for notes on the container images in this release:

OpenShift Container Platform 4.5.1 container image list

1.8.2. RHSA-2020:2412 - Moderate: OpenShift Container Platform 4.5 security update

Issued: 2020-07-13

Container image updates are now available for OpenShift Container Platform 4.5. Details of the updates are documented in the RHSA-2020:2412 advisory.

1.8.3. RHSA-2020:2413 - Moderate: OpenShift Container Platform 4.5 security update

Issued: 2020-07-13

A package update is now available for OpenShift Container Platform 4.5. Details of the update are documented in the RHSA-2020:2413 advisory.

1.8.4. RHBA-2020:2909 - OpenShift Container Platform 4.5.2 bug fix update

Issued: 2020-07-16

OpenShift Container Platform release 4.5.2 is now available. The list of bug fixes that are included in the update is documented in the RHBA-2020:2909 advisory. The RPM packages that are included in the update are provided by the RHBA-2020:2908 advisory.

Space precluded documenting all of the container images for this release in the advisory. See the following article for notes on the container images in this release:

OpenShift Container Platform 4.5.2 container image list

1.8.4.1. Bug Fixes

  • Upgrades to OpenShift Container Platform 4.5.1 failed on nodes with Secure Boot configured. For clusters configured with Secure Boot, one node from both the control plane and compute machine config pools failed to reboot, which caused the Machine Config Operator (MCO) to be degraded. The cluster subsequently failed to upgrade. The issue is not present in this release. (BZ#1856501)

1.8.5. RHBA-2020:2956 - OpenShift Container Platform 4.5.3 bug fix update

Issued: 2020-07-22

OpenShift Container Platform release 4.5.3 is now available. The list of bug fixes that are included in the update is documented in the RHBA-2020:2956 advisory. The RPM packages that are included in the update are provided by the RHBA-2020:2955 advisory.

Space precluded documenting all of the container images for this release in the advisory. See the following article for notes on the container images in this release:

OpenShift Container Platform 4.5.3 container image list

1.8.5.1. Bug Fixes

  • Previously, an issue caused nodes to become unavailable for workloads after a forced reboot or power down. This has been fixed. (BZ#1857224)
  • Previously, the web console would choose Operator icons to display in OperatorHub by returning the icon from the first channel declared in the package. This sometimes caused the displayed icon to be different than the latest icon published to the package. This has been fixed by choosing the icon from the default channel, which ensures the latest icon is displayed. (BZ#1844588)
  • Previously, the container image signature policy used in OpenShift Container Platform builds did not contain any configuration for local images. When only allowing images from specific registries, postCommit scripts in builds failed because it was not allowed to use local images. The container image signature policy has been updated to always allow images that reference local storage layers directly. Now builds can successfully complete if they contain a postCommit hook. (BZ#1849173)

1.8.6. RHBA-2020:3028 - OpenShift Container Platform 4.5.4 bug fix update

Issued: 2020-07-30

OpenShift Container Platform release 4.5.4 is now available. The list of bug fixes that are included in the update is documented in the RHBA-2020:3028 advisory. The RPM packages that are included in the update are provided by the RHBA-2020:3027 and RHEA-2020:3208 advisories.

Space precluded documenting all of the container images for this release in the advisory. See the following article for notes on the container images in this release:

OpenShift Container Platform 4.5.4 container image list

1.8.6.1. Features

1.8.6.1.1. IBM Z and LinuxONE

With this release, IBM Z and LinuxONE is now compatible with OpenShift Container Platform 4.5. See Installing a cluster on IBM Z and LinuxONE for installation instructions.

Restrictions

Note the following restrictions for OpenShift Container Platform on IBM Z and LinuxONE:

  • OpenShift Container Platform for IBM Z does not include the following Technology Preview features:

    • OpenShift virtualization
    • Log forwarding
    • Precision Time Protocol (PTP) hardware
    • CSI volume snapshots
    • OpenShift Pipelines

  • The following OpenShift Container Platform features are unsupported:

    • Red Hat OpenShift Service Mesh
    • OpenShift Do (odo)
    • CodeReady Containers (CRC)
    • OpenShift Container Platform Metering
    • Multus CNI plug-in
    • OpenShift Container Platform upgrades phased rollout
    • FIPS cryptography
    • Encrypting data stored in etcd
    • Automatic repair of damaged machines with machine health checking
    • Tang mode disk encryption during OpenShift Container Platform deployment
    • OpenShift Serverless
    • Helm command-line interface (CLI) tool
    • Controlling overcommit and managing container density on nodes
    • CSI volume cloning
  • Worker nodes must run Red Hat Enterprise Linux CoreOS (RHCOS).
  • Persistent shared storage must be of type Filesystem: NFS.

  • These features are available for OpenShift Container Platform on IBM Z for 4.5, but not for OpenShift Container Platform 4.5 on x86:

    • HyperPAV enabled on IBM System Z for the virtual machine for FICON attached ECKD storage.
1.8.6.1.2. IBM Power Systems

With this release, IBM Power Systems are now compatible with OpenShift Container Platform 4.5. See Installing a cluster on IBM Power or Installing a cluster on IBM Power in a restricted network.

Restrictions

Note the following restrictions for OpenShift Container Platform on IBM Power:

  • OpenShift Container Platform for IBM Power Systems does not include the following Technology Preview features:

    • Container-native virtualization (CNV)
    • OpenShift Serverless

  • The following OpenShift Container Platform features are unsupported:

    • Red Hat OpenShift Service Mesh
    • OpenShift Do (odo)
    • CodeReady Containers (CRC)
    • OpenShift Pipelines based on Tekton
    • OpenShift Container Platform Metering
    • SR-IOV CNI plug-in
  • Worker nodes must run Red Hat Enterprise Linux CoreOS (RHCOS).
  • Persistent storage must be of the Filesystem mode using local volumes, Network File System (NFS), OpenStack Cinder, or Container Storage Interface (CSI).
  • Networking must use either DHCP or static addressing with Red Hat OpenShift SDN.
Supported Features

  • Currently, three Operators are supported:

    • Cluster-Logging-Operator
    • Cluster-NDF-Operator
    • Elastic Search-Operator

1.8.6.2. Bug Fixes

  • Previously, the action menu for an operand on the operand list could close immediately after opening. This behavior was observed when clicking the tab for an Operator-provided API on the Installed Operators Operator Details page. The menu now functions correctly and does not close without user interaction. (BZ#1842717)
  • Previously, when filtering the OperatorHub catalog in the web console, some Operator icons did not appear until the user scrolled down on the page. With this release, the icons appear immediately when filtered. (BZ#1844503)
  • Previously, the quota gauge charts on the Resource Quota Details page of the web console rendered with a width of zero and were not visible. The issue has been resolved in this release. (BZ#1845125)
  • Previously, clicking Create EtcdRestore on the EtcdRestores page caused the web console to stop responding. With this release, the Create EtcdRestore form view workflow loads correctly. (BZ#1847277)
  • Previously, in the Create Knative Serving form view workflow for the OpenShift Serverless Operator, some fields that should only accept numeric characters accepted non-numeric characters. The issue has been resolved in this release. (BZ#1847283)
  • Previously, clicking Create on the Create ManilaDriver form view workflow for the Manila CSI Driver Operator did not create a ManilaDriver instance or any response in the web console. The issue has been resolved in this release. (BZ#1853274)

1.8.6.3. Upgrading

To upgrade an existing OpenShift Container Platform 4.5 cluster to this latest release, see Updating a cluster by using the CLI for instructions.

1.8.7. RHSA-2020:3207 - Moderate: OpenShift Container Platform 4.5 security update

Issued: 2020-07-30

An update for jenkins-2-plugins is now available for OpenShift Container Platform 4.5. Details of the update are documented in the RHSA-2020:3207 advisory.

1.8.8. RHBA-2020:3188 - OpenShift Container Platform 4.5.5 bug fix update

Issued: 2020-08-10

OpenShift Container Platform release 4.5.5 is now available. The list of bug fixes that are included in the update is documented in the RHBA-2020:3188 advisory. The RPM packages that are included in the update are provided by the RHBA-2020:3189 advisory.

Space precluded documenting all of the container images for this release in the advisory. See the following article for notes on the container images in this release:

OpenShift Container Platform 4.5.5 container image list

1.8.8.1. Upgrading

To upgrade an existing OpenShift Container Platform 4.5 cluster to this latest release, see Updating a cluster by using the CLI for instructions.

1.8.9. RHBA-2020:3330 - OpenShift Container Platform 4.5.6 bug fix update

Issued: 2020-08-17

OpenShift Container Platform release 4.5.6 is now available. The list of bug fixes that are included in the update is documented in the RHBA-2020:3330 advisory. The RPM packages that are included in the update are provided by the RHBA-2020:3331 advisory.

Space precluded documenting all of the container images for this release in the advisory. See the following article for notes on the container images in this release:

OpenShift Container Platform 4.5.6 container image list

1.8.9.1. Upgrading

To upgrade an existing OpenShift Container Platform 4.5 cluster to this latest release, see Updating a cluster by using the CLI for instructions.

1.8.10. RHSA-2020:3453 - Important: OpenShift Container Platform 4.5 security update

Issued: 2020-08-17

An update for jenkins-2-plugins and python-rsa is now available for OpenShift Container Platform 4.5. Details of the update are documented in the RHSA-2020:3453 advisory.

1.8.11. RHBA-2020:3436 - OpenShift Container Platform 4.5.7 bug fix update

Issued: 2020-08-24

OpenShift Container Platform release 4.5.7 is now available. The list of bug fixes that are included in the update is documented in the RHBA-2020:3436 advisory. The RPM packages that are included in the update are provided by the RHBA-2020:3437 advisory.

Space precluded documenting all of the container images for this release in the advisory. See the following article for notes on the container images in this release:

OpenShift Container Platform 4.5.7 container image list

1.8.11.1. Upgrading

To upgrade an existing OpenShift Container Platform 4.5 cluster to this latest release, see Updating a cluster by using the CLI for instructions.

1.8.12. RHSA-2020:3519 - Important: OpenShift Container Platform 4.5 security update

Issued: 2020-08-24

An update for jenkins and openshift is now available for OpenShift Container Platform 4.5. Details of the update are documented in the RHSA-2020:3519 advisory.

1.8.13. RHSA-2020:3520 - Moderate: OpenShift Container Platform 4.5 security update

Issued: 2020-08-24

An update for openshift-enterprise-hyperkube-container is now available for OpenShift Container Platform 4.5. Details of the update are documented in the RHSA-2020:3520 advisory.

1.8.14. RHBA-2020:3510 - OpenShift Container Platform 4.5.8 bug fix update

Issued: 2020-09-08

OpenShift Container Platform release 4.5.8 is now available. The list of bug fixes that are included in the update is documented in the RHBA-2020:3510 advisory. The RPM packages that are included in the update are provided by the RHBA-2020:3511 advisory.

Space precluded documenting all of the container images for this release in the advisory. See the following article for notes on the container images in this release:

OpenShift Container Platform 4.5.8 container image list

1.8.14.1. Features

1.8.14.1.1. Added projectID field for network interfaces

The new projectID field is now available to configure in a MachineSet custom resource under .spec.template.spec.providerSpec.networkInterfaces. This field allows machines to be booted in shared VPCs. 

...
providerSpec:
  ...
  networkInterfaces:
    - network: <infrastructureID>-network
      subnetwork: <infrastructureID>-<role>-subnet
      projectID: <projectID>
...

For more information, see BZ#1868751.

1.8.14.1.2. Added credentialsMode parameter to bypass inaccurate AWS permissions validation

For AWS installations, OpenShift Container Platform depends on an AWS policy simulator API to validate permissions. If an AWS account is configured to use AWS Organizations service control policies (SCPs), permissions are checked against the policies that are set in the SCPs. When SCPs include policies that use a global condition to deny all actions or require a specific permission, the policy simulator API does not correctly validate permissions. For example, policies with conditions such as for all regions except us-east-1 and us-west-2, or for all roles except role-xyz, cause the AWS API to return false negatives. When the permissions cannot be validated, OpenShift Container Platform AWS installations fail, even if the provided credentials have the required permissions to install OpenShift Container Platform.

With this release, you can bypass the policy simulator permissions check by setting a value for the credentialsMode parameter in the install-config.yaml configuration file.

Example install-config.yaml configuration file

apiVersion: v1
baseDomain: cluster1.example.com
credentialsMode: Mint 1
compute:
- architecture: amd64
  hyperthreading: Enabled
...

1
This line is added to set the credentialsMode parameter to Mint.

Setting a value for credentialsMode bypasses the permissions check for AWS accounts configured to use SCPs and allows the installation to proceed. When bypassing this check, ensure that the credentials you provide have the permissions that are required for the specified mode.

The value of credentialsMode changes the behavior of the Cloud Credential Operator (CCO) as follows:

  • Mint - The CCO uses the provided admin-level cloud credential to run the installer. If the credential is not removed after installation, it is stored and used by the CCO to process CredentialsRequest custom resources in the cluster and create new users for each with specific required permissions.
  • Passthrough - The CCO uses the provided non-admin cloud credential that has enough permissions to perform the installation to run the installer. For more information about locating the permissions specified in the CredentialsRequest custom resources for the version of OpenShift Container Platform being installed, see Manually creating IAM for AWS.

1.8.14.2. Bug fixes

  • Previously, intermittent API server errors were reported for the ImageChangesInProgress condition instead of the SamplesExists condition of the Samples Operator config object. When the API server reported that all samples were installed, the Samples Operator failed to switch the Progressing condition to false because there was unexpected data in its ImageChangesInProgress condition. This incorrectly caused upgrades to be marked as incomplete. This bug fix updates the SamplesExists condition to report errors on the API server, so upgrades are no longer blocked if intermittent API server errors occur while the Samples Operator is upgrading. (BZ#1857201)
  • Previously, the ironic-image container configuration was missing the setting to enable the idrac-redfish-virtual-media boot driver. Because of this, users were unable to select the idrac-virtual-media boot URL for Metal3. The missing ironic-image container configuration is now included, so users are able to select the idrac-virtual-media URL for Metal3. (BZ#1859488)
  • Previously, the Operand form array and object fields did not have logic to retrieve and show field descriptions on the form. As a result, descriptions were not rendered for array or object type fields. This bug fix adds logic to now display array and object field descriptions on the Operand creation form. (BZ#1861433)
  • Previously, Buildah erased image architecture and OS fields on images. This caused common container tools to fail because the resulting images could not identify their architecture and OS. This bug fix prevents Buildah from overwriting the image and architecture unless there are explicit overrides. This ensures that images always have architecture and OS fields, and the image mismatch warning does not appear. (BZ#1868401)
  • Previously, intermittent invalid memory address or nil pointer dereference errors occurred and were followed by timeouts for Kube API access when running CoreDNS 1.6.6. This is now fixed by correctly handling errors with Endpoint Tombstones. Now CoreDNS behaves as intended without intermittent panics. (BZ#1869309)
  • Previously, the controller for BareMetalHost objects mirrored status data to an annotation, including a timestamp of the latest status update. This was not needed by the cluster. This could result in the BareMetalHost object entering a state of continuous flux where affected BareMetalHost objects would be subject to longer back-offs between reconciliation to prevent the controller from overwhelming the Kubernetes API. The annotation causing the problem is no longer written, which fixes the issue. (BZ#1851531)
  • Previously, the Cluster Version Operator (CVO) was not syncing the shareProcessNamespace parameter in the pod spec, which caused the Registry Operator to not update the shareProcessNamespace setting. The CVO now syncs shareProcessNamespace, DNSPolicy, and TerminationGracePeriodSeconds, fixing the Registry Operator update issues. (BZ#1868478)

1.8.14.3. Upgrading

To upgrade an existing OpenShift Container Platform 4.5 cluster to this latest release, see Updating a cluster by using the CLI for instructions.

1.8.15. RHSA-2020:3578 - Moderate: OpenShift Container Platform 4.5 security update

Issued: 2020-09-08

An update for cluster-network-operator-container, cluster-version-operator-container, elasticsearch-operator-container, logging-kibana6-container, and ose-cluster-svcat-controller-manager-operator-container is now available for OpenShift Container Platform 4.5. Details of the update are documented in the RHSA-2020:3578 advisory.

1.8.16. RHBA-2020:3618 - OpenShift Container Platform 4.5.9 bug fix update

Issued: 2020-09-14

OpenShift Container Platform release 4.5.9 is now available. The list of bug fixes that are included in the update is documented in the RHBA-2020:3618 advisory. The RPM packages that are included in the update are provided by the RHBA-2020:3619 advisory.

Space precluded documenting all of the container images for this release in the advisory. See the following article for notes on the container images in this release:

OpenShift Container Platform 4.5.9 container image list

1.8.16.1. Upgrading

To upgrade an existing OpenShift Container Platform 4.5 cluster to this latest release, see Updating a cluster by using the CLI for instructions.

1.8.17. RHBA-2020:3719 - OpenShift Container Platform 4.5.11 bug fix update

Issued: 2020-09-21

OpenShift Container Platform release 4.5.11 is now available. The list of bug fixes that are included in the update is documented in the RHBA-2020:3719 advisory. The RPM packages that are included in the update are provided by the RHBA-2020:3720 advisory.

Space precluded documenting all of the container images for this release in the advisory. See the following article for notes on the container images in this release:

OpenShift Container Platform 4.5.11 container image list

1.8.17.1. Upgrading

To upgrade an existing OpenShift Container Platform 4.5 cluster to this latest release, see Updating a cluster by using the CLI for instructions.

1.8.18. RHSA-2020:3780 - Moderate: OpenShift Container Platform 4.5 security update

Issued: 2020-09-21

An update for ose-cluster-svcat-apiserver-operator-container is now available for OpenShift Container Platform 4.5. Details of the update are documented in the RHSA-2020:3780 advisory.

1.8.19. RHBA-2020:3760 - OpenShift Container Platform 4.5.13 bug fix update

Issued: 2020-09-30

OpenShift Container Platform release 4.5.13 is now available. The list of bug fixes that are included in the update is documented in the RHBA-2020:3760 advisory. The RPM packages that are included in the update are provided by the RHBA-2020:3761 advisory.

Space precluded documenting all of the container images for this release in the advisory. See the following article for notes on the container images in this release:

OpenShift Container Platform 4.5.13 container image list

1.8.19.1. Upgrading

To upgrade an existing OpenShift Container Platform 4.5 cluster to this latest release, see Updating a cluster by using the CLI for instructions.

1.8.20. RHSA-2020:3841 - Important: OpenShift Container Platform 4.5 security update

Issued: 2020-09-30

An update for jenkins is now available for OpenShift Container Platform 4.5. Details of the update are documented in the RHSA-2020:3841 advisory.

1.8.21. RHSA-2020:3842 - Moderate: OpenShift Container Platform 4.5 security update

Issued: 2020-09-30

An update for openshift-enterprise-console-container is now available for OpenShift Container Platform 4.5. Details of the update are documented in the RHSA-2020:3842 advisory.

1.8.22. RHBA-2020:3843 - OpenShift Container Platform 4.5.14 bug fix update

Issued: 2020-10-12

OpenShift Container Platform release 4.5.14 is now available. The list of bug fixes that are included in the update is documented in the RHBA-2020:3843 advisory. The RPM packages that are included in the update are provided by the RHBA-2020:3844 advisory.

Space precluded documenting all of the container images for this release in the advisory. See the following article for notes on the container images in this release:

OpenShift Container Platform 4.5.14 container image list

1.8.22.1. Bug fixes

  • With this release, the value of each logging level is documented in the logging field of the imageregistry API. (BZ#1843244)
  • Previously, a mismatch between the version and the database sometimes caused problems when restoring a pod from the most recent image. With this release, the configuration YAML file for the pod is copied with the backup to avoid causing a mismatch. (BZ#1877930)
  • Previously, if a pod referred to an invalid image reference, the pruner job caused the Image Registry Operator to enter a degraded state, which blocked upgrades. To be able to upgrade, users had to remove the pods that caused the issue and wait for the next pruning occurrence, or suspend the pruner job. With this release, a metric and alert have been added to indicate when the pruner job fails, and the pruner status no longer impacts the Operator status. (BZ#1879176)
  • Previously, Kubernetes dependencies for the Cluster DNS Operator in the OpenShift Container Platform 4.5 branch were out of date. With this release, the Cluster DNS Operator dependencies are updated from Kubernetes 0.18.0-rc2 to v0.18.9. (BZ#1880311)
  • Previously, Kubernetes dependencies for the Cluster Ingress Operator in the OpenShift Container Platform 4.5 branch were out of date. With this release, the Cluster Ingress Operator dependencies are updated from Kubernetes 0.18.3 to v0.18.9. (BZ#1880315)

  • Previously, a watch cache in the Kubernetes API was initialized from the global revision (etcd) and could remain for an undefined period if no changes were made. This behavior sometimes led to a situation in which a client got a resource version (RV) from a server that had observed a newer RV, disconnected from it due to a network error, and reconnected to a server that was behind, resulting in "Too large resource version" errors. With this release, the reflector is fixed so that it can recover from these errors, and Operators that use the client-go library for getting notifications from the server can recover and make progress upon receiving the errors.

    This issue is resolved for: cluster-kube-apiserver-operator (BZ#1880322) cluster-kube-storage-version-migrator-operator (BZ#1880327) ** cluster-openshift-apiserver-operator (BZ#1880353)

  • Previously, new pipeline triggers could not be created because the web console was not compatible with the latest OpenShift Pipelines Operator 1.1. This release supports the latest version and allows the creation of pipeline triggers. (BZ#1880376)
  • Previously, a Kubernetes bug prevented the API client from recovering quickly after recovery from a TCP reset. Client logs could be flooded with "Timeout: Too large resource version" errors when a lost connection was reestablished. This could cause an issue with controllers or Operators that maintain client connections to the API server. With this release, the fix for the Kubernetes bug has been applied to the Samples Operator, and the Operator is no longer susceptible to this error message loop. (BZ#1881068)
  • Previously, unnecessary API VIP moves caused client connection errors. With this release, the API VIP health check limits the number of times it moves, resulting in fewer errors. (BZ#1881147)

1.8.22.2. Upgrading

To upgrade an existing OpenShift Container Platform 4.5 cluster to this latest release, see Updating a cluster by using the CLI for instructions.

1.8.23. RHBA-2020:4228 - OpenShift Container Platform 4.5.15 bug fix update

Issued: 2020-10-19

OpenShift Container Platform release 4.5.15 is now available. The list of bug fixes that are included in the update is documented in the RHBA-2020:4228 advisory. The RPM packages that are included in the update are provided by the RHBA-2020:4229 advisory.

Space precluded documenting all of the container images for this release in the advisory. See the following article for notes on the container images in this release:

OpenShift Container Platform 4.5.15 container image list

1.8.23.1. Bug fixes

  • A new API version for CSR was introduced in a future version of OpenShift Container Platform, and as a consequence, older versions could not approve or deny certificates during upgrade. With this release, versions of CSR in older versions of oc are tolerated so that it is possible to deny or approve certificates with oc 4.5 against future versions. (BZ#1860789)

  • In bare metal environments, an infra-dns container runs on each host to support node name resolutions and other internal DNS records. A NetworkManager script also updates the /etc/resolv.conf on the host to point to the infra-dns container. Additionally, when pods are created, they receive their DNS configuration file (the /etc/resolv.conf file) from their hosts.

    If an HAProxy pod was created before NetworkManager scripts update the /etc/resolv.conf file on the host, the pod can repeatedly fail because the api-int internal DNS record is not resolvable. This bug fix updates the Machine Config Operator (MCO) to now verify that the /etc/resolv.conf file of the HAProxy pod is identical to the host /etc/resolv.conf file. As a result, the HAProxy pod no longer experiences these errors. (BZ#1862874)

  • Previously, if a control plane kubelet could not be reached, but pods were still running, Machine API pods that were running on that node were rescheduled to another. This created multiple Machine API pods that competed to control Machine API resources in the cluster. This could result in an excess number of instances being created, as well as the possibility for the Machine API controllers to leak instances, requiring manual intervention. With this release, leader election has been added to all Machine API controllers, ensuring that only a single instance of a controller is allowed to manage Machine API resources. With only a single leader for each controller, excess instances are no longer created or leaked. (BZ#1864352)
  • Previously, resource names were getting updated in the edit flow and the edit application user was unable to change the Git repository or update the application. With this fix, the application name is no longer updated while in the edit flow, and the edit flow user is able to change the Git repository and update the application. (BZ#1877290)
  • Previously, a watch cache in the Kubernetes API was initialized from the global revision (etcd) and could remain for an undefined period if no changes were made. This behavior could lead to a situation in which a client gets a resource version (RV) from a server that has observed a newer RV, disconnects from it due to a network error, and reconnects to a server that is behind, resulting in "Too large resource version" errors. With this release, the reflector is fixed so that it can recover from "Too large resource version" errors and Operators that use the client-go library for getting notifications from the server can recover and make progress upon receiving "Too large resource version" errors. (BZ#1877346)
  • Previously, when the Authentication Operator received an HTML payload from an OpenID Connect Authentication (OIDC) server that ignored the Accept: application/json header, the OIDC servers could respond with an HTML page that states that the authentication Operator failed to parse because it was expecting JSON. Now, the Operator ignores the error and does not allow CLI login for OIDC servers that ignore the header. (BZ#1879417)
  • Previously, the Image Registry Operator could not get events from the cluster when it encountered "Too large resource version" errors. With this release, the client-go library is updated to fix the reflector so that the Operator can recover from "Too large resource version" errors. (BZ#1880314)
  • The Kubernetes network proxy does not support multiple cluster CIDRs to detect local traffic. When multiple CIDRs are configured in OpenShift SDN, the Cluster Network Operator (CNO) sets the KubeProxyConfiguration.clusterCIDR field to an empty string. In OpenShift Container Platform 4.4 and earlier, the empty value was ignored, but in 4.5 and later, passing an empty value causes an error. As a result, after upgrading from 4.4 to 4.5, if the sdn-config ConfigMap has an empty string in the clusterCIDR field, the configuration cannot be parsed and the SDN pods enter a crash loop. With this release, the empty value is ignored and SDN pods no longer crash when multiple CIDRs are configured. (BZ#1881830)

1.8.23.2. Upgrading

To upgrade an existing OpenShift Container Platform 4.5 cluster to this latest release, see Updating a cluster by using the CLI for instructions.

1.8.24. RHBA-2020:4268 - OpenShift Container Platform 4.5.16 bug fix update

Issued: 2020-10-26

OpenShift Container Platform release 4.5.16 is now available. The list of bug fixes that are included in the update is documented in the RHBA-2020:4268 advisory. The RPM packages that are included in the update are provided by the RHBA-2020:4269 advisory.

Space precluded documenting all of the container images for this release in the advisory. See the following article for notes on the container images in this release:

OpenShift Container Platform 4.5.16 container image list

1.8.24.1. Upgrading

To upgrade an existing OpenShift Container Platform 4.5 cluster to this latest release, see Updating a cluster by using the CLI for instructions.

1.8.25. RHSA-2020:4320 - Low: OpenShift Container Platform 4.5 security update

Issued: 2020-10-26

An update for openshift4/ose-machine-config-operator is now available for OpenShift Container Platform 4.5. Details of the update are documented in the RHSA-2020:4320 advisory.

1.8.26. RHBA-2020:4325 - OpenShift Container Platform 4.5.17 bug fix update

Issued: 2020-11-05

OpenShift Container Platform release 4.5.17 is now available. The list of bug fixes that are included in the update is documented in the RHBA-2020:4325 advisory. The RPM packages that are included in the update are provided by the RHBA-2020:4326 advisory.

Space precluded documenting all of the container images for this release in the advisory. See the following article for notes on the container images in this release:

OpenShift Container Platform 4.5.17 container image list

1.8.26.1. Upgrading

To upgrade an existing OpenShift Container Platform 4.5 cluster to this latest release, see Updating a cluster by using the CLI for instructions.

1.8.27. RHBA-2020:4425 - OpenShift Container Platform 4.5.18 bug fix update

Issued: 2020-11-10

OpenShift Container Platform release 4.5.18 is now available. The list of bug fixes that are included in the update is documented in the RHBA-2020:4425 advisory. The RPM packages that are included in the update are provided by the RHBA-2020:4426 advisory.

Space precluded documenting all of the container images for this release in the advisory. See the following article for notes on the container images in this release:

OpenShift Container Platform 4.5.18 container image list

1.8.27.1. Upgrading

To upgrade an existing OpenShift Container Platform 4.5 cluster to this latest release, see Updating a cluster by using the CLI for instructions.

1.8.28. RHBA-2020:5051 - OpenShift Container Platform 4.5.19 bug fix update

Issued: 2020-11-17

OpenShift Container Platform release 4.5.19 is now available. The list of bug fixes that are included in the update is documented in the RHBA-2020:5051 advisory. The RPM packages that are included in the update are provided by the RHBA-2020:5052 advisory.

Space precluded documenting all of the container images for this release in the advisory. See the following article for notes on the container images in this release:

OpenShift Container Platform 4.5.19 container image list

1.8.28.1. Upgrading

To upgrade an existing OpenShift Container Platform 4.5 cluster to this latest release, see Updating a cluster by using the CLI for instructions.

1.8.29. RHSA-2020:5118 - Moderate: OpenShift Container Platform 4.5.20 bug fix and security update

Issued: 2020-11-24

OpenShift Container Platform release 4.5.20, which includes a security update for golang, is now available. The list of bug fixes that are included in the update is documented in the RHSA-2020:5118 advisory. The RPM packages that are included in the update are provided by the RHSA-2020:5119 advisory.

Space precluded documenting all of the container images for this release in the advisory. See the following article for notes on the container images in this release:

OpenShift Container Platform 4.5.20 container image list

1.8.29.1. Upgrading

To upgrade an existing OpenShift Container Platform 4.5 cluster to this latest release, see Updating a cluster by using the CLI for instructions.

1.8.30. RHSA-2020:5194 - Moderate: OpenShift Container Platform 4.5.21 bug fix and security update

Issued: 2020-12-01

OpenShift Container Platform release 4.5.21, which includes a security update for openshift-enterprise-hyperkube, is now available. The list of bug fixes that are included in the update is documented in the RHSA-2020:5194 advisory. The RPM packages that are included in the update are provided by the RHBA-2020:5193 advisory.

Space precluded documenting all of the container images for this release in the advisory. See the following article for notes on the container images in this release:

OpenShift Container Platform 4.5.21 container image list

1.8.30.1. Upgrading

To upgrade an existing OpenShift Container Platform 4.5 cluster to this latest release, see Updating a cluster by using the CLI for instructions.

1.8.31. RHBA-2020:5051 - OpenShift Container Platform 4.5.22 bug fix update

Issued: 2020-12-08

OpenShift Container Platform release 4.5.22 is now available. The list of bug fixes that are included in the update is documented in the RHBA-2020:5250 advisory. The RPM packages that are included in the update are provided by the RHBA-2020:5251 advisory.

Space precluded documenting all of the container images for this release in the advisory. See the following article for notes on the container images in this release:

OpenShift Container Platform 4.5.22 container image list

1.8.31.1. Upgrading

To upgrade an existing OpenShift Container Platform 4.5 cluster to this latest release, see Updating a cluster by using the CLI for instructions.

1.8.32. RHSA-2020:5359 - Moderate: OpenShift Container Platform 4.5.23 bug fix and security update

Issued: 2020-12-15

OpenShift Container Platform release 4.5.23, which includes a security update for kubernetes, is now available. The list of bug fixes that are included in the update is documented in the RHSA-2020:5359 advisory. The RPM packages that are included in the update are provided by the RHBA-2020:5356 advisory.

Space precluded documenting all of the container images for this release in the advisory. See the following article for notes on the container images in this release:

OpenShift Container Platform 4.5.23 container image list

1.8.32.1. Upgrading

To upgrade an existing OpenShift Container Platform 4.5 cluster to this latest release, see Updating a cluster by using the CLI for instructions.

1.8.33. RHBA-2020:5468 - Moderate: OpenShift Container Platform 4.5.24 bug fix update

Issued: 2020-12-21

OpenShift Container Platform release 4.5.24 is now available. The list of bug fixes that are included in the update is documented in the RHBA-2020:5468 advisory. The RPM packages that are included in the update are provided by the RHBA-2020:5469 advisory.

Space precluded documenting all of the container images for this release in the advisory. See the following article for notes on the container images in this release:

OpenShift Container Platform 4.5.24 container image list

1.8.33.1. Upgrading

To upgrade an existing OpenShift Container Platform 4.5 cluster to this latest release, see Updating a cluster by using the CLI for instructions.

1.8.34. RHBA-2021:0033 - OpenShift Container Platform 4.5.27 bug fix update

Issued: 2021-01-19

OpenShift Container Platform release 4.5.27 is now available. The list of bug fixes that are included in the update is documented in the RHBA-2021:0033 advisory. The RPM packages that are included in the update are provided by the RHSA-2021:0034 advisory.

Space precluded documenting all of the container images for this release in the advisory. See the following article for notes on the container images in this release:

OpenShift Container Platform 4.5.27 container image list

1.8.34.1. Upgrading

To upgrade an existing OpenShift Container Platform 4.5 cluster to this latest release, see Updating a cluster by using the CLI for instructions.

1.8.35. RHBA-2021:0175 - OpenShift Container Platform 4.5.28 bug fix update

Issued: 2021-01-26

OpenShift Container Platform release 4.5.28 is now available. The list of bug fixes that are included in the update is documented in the RHBA-2021:0175 advisory. There are no RPM packages for this release.

Space precluded documenting all of the container images for this release in the advisory. See the following article for notes on the container images in this release:

OpenShift Container Platform 4.5.28 container image list

1.8.35.1. Upgrading

To upgrade an existing OpenShift Container Platform 4.5 cluster to this latest release, see Updating a cluster by using the CLI for instructions.

1.8.36. RHBA-2021:0231 - OpenShift Container Platform 4.5.30 bug fix update

Issued: 2021-02-02

OpenShift Container Platform release 4.5.30 is now available. The list of bug fixes that are included in the update is documented in the RHBA-2021:0231 advisory. The RPM packages that are included in the update are provided by the RHBA-2021:0232 advisory.

Space precluded documenting all of the container images for this release in the advisory. See the following article for notes on the container images in this release:

OpenShift Container Platform 4.5.30 container image list

1.8.36.1. Upgrading

To upgrade an existing OpenShift Container Platform 4.5 cluster to this latest release, see Updating a cluster by using the CLI for instructions.

1.8.37. RHSA-2021:0313 - OpenShift Container Platform 4.5.31 bug fix and security update

Issued: 2021-02-09

OpenShift Container Platform release 4.5.31 is now available. The list of bug fixes that are included in the update is documented in the RHSA-2021:0313 advisory. The RPM packages that are included in the update are provided by the RHBA-2021:0314 advisory.

Space precluded documenting all of the container images for this release in the advisory. See the following article for notes on the container images in this release:

OpenShift Container Platform 4.5.31 container image list

1.8.37.1. Upgrading

To upgrade an existing OpenShift Container Platform 4.5 cluster to this latest release, see Updating a cluster by using the CLI for instructions.

1.8.38. RHSA-2021:0428 - OpenShift Container Platform 4.5.33 bug fix and security update

Issued: 2021-03-03

OpenShift Container Platform release 4.5.33 is now available. The list of bug fixes that are included in the update is documented in the RHSA-2021:0428 advisory. The RPM packages that are included in the update are provided by the RHSA-2021:0429 advisory.

Space precluded documenting all of the container images for this release in the advisory. See the following article for notes on the container images in this release:

OpenShift Container Platform 4.5.33 container image list

1.8.38.1. Features

1.8.38.1.1. Enhancements to Insights Operator

With this update, the Insights Operator now collects information from the MachineConfigPools cluster. This information is useful for troubleshooting. For more information, see BZ#1887763.

1.8.38.2. Bug fixes

  • Previously, an incorrect OVN-kubernetes security rule blocked certain inbound connections. While rare, some attempts to connect to a pod would fail spuriously. This update fixes the iptables to block the intended connections, which results in no spurious failures. (BZ#1921283)
  • Previously, a watch cache in the Kubernetes API was initialized from the global revision (etcd) and could remain for an undefined period if no changes were made. This behavior sometimes led to a situation in which a client got a resource version (RV) from a server that had observed a newer RV, disconnected from it due to a network error, and reconnected to a server that was behind, resulting in Timeout: Too large resource version errors. With this release, the reflector is fixed so that it can recover from these errors, and Operators that use the client-go library for getting notifications from the server can recover and make progress upon receiving the errors. (BZ#1877346)
  • Previously, attempts to write to a nil writer might have led to invalid memory address or nil pointer dereference errors. Sharing the same instance of the writer might have also led to an index out of range [43] with length 30 and recovered from err index > windowEnd error. This update fixes a data race in the SerializeObject function of the kube-apiserver. (BZ#1879208)
  • Previously, a misplaced array index while pruning records from memory would cause excessive memory usage and fail to remove old reports from the archive. This update changes the array index key so that prune successfully removes records from memory without causing excessive memory usage. (BZ#1894243)
  • Previously, the Red Hat Enterprise Linux CoreOS (RHCOS) was using a stage repo location for the kernel-rt package. Consequently, the kernel-rt package would not synchronize to the vanilla kernel package. This update changes the RHCOS build config to use the production repo location, which properly syncs the kernel-rt package with the vanilla kernel package. (BZ#1922262)

1.8.38.3. Upgrading

To upgrade an existing OpenShift Container Platform 4.5 cluster to this latest release, see Updating a cluster by using the CLI for instructions.

1.8.39. RHBA-2021:0714 - OpenShift Container Platform 4.5.34 bug fix and security update

Issued: 2021-03-10

OpenShift Container Platform release 4.5.34 is now available. The list of bug fixes that are included in the update is documented in the RHBA-2021:0714 advisory. The RPM packages that are included in the update are provided by the RHSA-2021:0713 advisory.

Space precluded documenting all of the container images for this release in the advisory. See the following article for notes on the container images in this release:

OpenShift Container Platform 4.5.34 container image list

1.8.39.1. Upgrading

To upgrade an existing OpenShift Container Platform 4.5 cluster to this latest release, see Updating a cluster by using the CLI for instructions.

1.8.40. RHSA-2021:0785 - OpenShift Container Platform 4.5.35 bug fix and security update

Issued: 2021-03-17

OpenShift Container Platform release 4.5.35 is now available. The list of bug fixes that are included in the update is documented in the RHSA-2021:0785 advisory. The RPM packages that are included in the update are provided by the RHSA-2021:0786 advisory.

Space precluded documenting all of the container images for this release in the advisory. See the following article for notes on the container images in this release:

OpenShift Container Platform 4.5.35 container image list

1.8.40.1. Upgrading

To upgrade an existing OpenShift Container Platform 4.5 cluster to this latest release, see Updating a cluster by using the CLI for instructions.

1.8.41. RHBA-2021:0840 - OpenShift Container Platform 4.5.36 bug fix update

Issued: 2021-03-24

OpenShift Container Platform release 4.5.36 is now available. The list of bug fixes that are included in the update is documented in the RHBA-2021:0840 advisory. The RPM packages that are included in the update are provided by the RHBA-2021:0841 advisory.

Space precluded documenting all of the container images for this release in the advisory. See the following article for notes on the container images in this release:

OpenShift Container Platform 4.5.36 container image list

1.8.41.1. Upgrading

To upgrade an existing OpenShift Container Platform 4.5 cluster to this latest release, see Updating a cluster by using the CLI for instructions.

1.8.42. RHBA-2021:1015 - OpenShift Container Platform 4.5.37 bug fix and security update

Issued: 2021-04-12

OpenShift Container Platform release 4.5.37 is now available. The list of bug fixes that are included in the update is documented in the RHBA-2021:1015 advisory. The RPM packages that are included in the update are provided by the RHSA-2021:1016 advisory.

Space precluded documenting all of the container images for this release in the advisory. See the following article for notes on the container images in this release:

OpenShift Container Platform 4.5.37 container image list

1.8.42.1. Upgrading

To upgrade an existing OpenShift Container Platform 4.5 cluster to this latest release, see Updating a cluster by using the CLI for instructions.

1.8.43. RHBA-2021:1300 - OpenShift Container Platform 4.5.38 bug fix update

Issued: 2021-04-28

OpenShift Container Platform release 4.5.38 is now available. The list of bug fixes that are included in the update is documented in the RHBA-2021:1300 advisory. The RPM packages that are included in the update are provided by the RHBA-2021:1302 advisory.

Space precluded documenting all of the container images for this release in the advisory. See the following article for notes on the container images in this release:

OpenShift Container Platform 4.5.38 container image list

1.8.43.1. Upgrading

To upgrade an existing OpenShift Container Platform 4.5 cluster to this latest release, see Updating a cluster by using the CLI for instructions.

1.8.44. RHBA-2021:1491 - OpenShift Container Platform 4.5.39 bug fix update

Issued: 2021-05-13

OpenShift Container Platform release 4.5.39 is now available. The list of bug fixes that are included in the update is documented in the RHBA-2021:1491 advisory. The RPM packages that are included in the update are provided by the RHBA-2021:1492 advisory.

Space precluded documenting all of the container images for this release in the advisory. See the following article for notes on the container images in this release:

OpenShift Container Platform 4.5.39 container image list

1.8.44.1. Upgrading

To upgrade an existing OpenShift Container Platform 4.5 cluster to this latest release, see Updating a cluster by using the CLI for instructions.

1.8.45. RHBA-2021:2056 - OpenShift Container Platform 4.5.40 bug fix and security update

Issued: 2021-05-26

OpenShift Container Platform release 4.5.40 is now available. The list of bug fixes that are included in the update is documented in the RHBA-2021:2056 advisory. The RPM packages that are included in the update are provided by the RHSA-2021:2057 advisory.

Space precluded documenting all of the container images for this release in the advisory. See the following article for notes on the container images in this release:

OpenShift Container Platform 4.5.40 container image list

1.8.45.1. Upgrading

To upgrade an existing OpenShift Container Platform 4.5 cluster to this latest release, see Updating a cluster by using the CLI for instructions.

Red Hat logoGithubRedditYoutubeTwitter

学习

尝试、购买和销售

社区

关于红帽文档

通过我们的产品和服务,以及可以信赖的内容,帮助红帽用户创新并实现他们的目标。

让开源更具包容性

红帽致力于替换我们的代码、文档和 Web 属性中存在问题的语言。欲了解更多详情,请参阅红帽博客.

關於紅帽

我们提供强化的解决方案,使企业能够更轻松地跨平台和环境(从核心数据中心到网络边缘)工作。

© 2024 Red Hat, Inc.