Issued:
2020-05-18
Updated:
2020-05-18

RHBA-2020:2133 - OpenShift Container Platform 4.4.4 bug fix update

Synopsis

OpenShift Container Platform 4.4.4 bug fix update

Type/Severity

Bug Fix Advisory None

Topic

Red Hat OpenShift Container Platform release 4.4.4 is now available with updates to packages and images that fix several bugs.

Description

Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.

This advisory contains the container images for Red Hat OpenShift Container Platform 4.4.4. See the following advisory for the RPM packages for this release:

https://access.redhat.com/errata/RHBA-2020:2132

Space precludes documenting all of the container images in this advisory. See the following Release Notes documentation, which will be updated shortly for this release, for details about these changes:

https://docs.openshift.com/container-platform/4.4/release_notes/ocp-4-4-release-notes.html

You may download the oc tool and use it to inspect release image metadata as follows:

$ oc adm release info quay.io/openshift-release-dev/ocp-release:4.4.4

The image digest is sha256:baa687f29b0ac155d8f4c6914056d36d68f343feb9c1e82b46eef95819d00be5

This update fixes the following bugs:

  • Some Red Hat OpenStack environments could enforce a policy where VMs were unable to boot with ephemeral disks and need to boot from a Cinder volume. As a result, it was impossible to install OpenShift Container Platform with IPI because the bootstrap node would be unavailable. Now, the bootstrap node follows the rootVolume setting from the controlPlane machine pool. OpenShift Container Platform with IPI will now install successfully. (BZ#1828238)

  • Cluster-network-operator on Kuryr bootstrapping had no logic to remove deprecated security group rules when they were replaced by new ones. The security group rules were left in place, causing incorrect security settings on environments updated from OpenShift Container Platform 4.3 to 4.4. Now, cluster-network-operator removes the old security group rules and pods are updated correctly. (BZ#1832899)

  • On high incoming log rates Fluentd could flood the node's filesystem because the buffer queues were not limited. A node under disk pressure could crash the nodes and applications would be rescheduled as a result. Now, The Fluentd buffer queue per output is limited to fixed amount of chunks (default 32), reducing node disk pressure. (BZ#1826861)

  • A code change removed variables set by the ENV statement in a Dockerfile from the internal list of variables to use when later resolving arguments in the Dockerfile. Now, the code has been updated to add variables defined by the ENV statement into the internal list of variables. (BZ#1817175)

  • SVG errors were logged in the browser console due to incorrect attributes. Now, the patternfly and react-charts packages have been updated from upstream and SVG errors are no longer present. (BZ1765074)

All OpenShift Container Platform 4.4 users are advised to upgrade to these updated packages and images.

Solution

For OpenShift Container Platform 4.4 see the following documentation, which will be updated shortly for release 4.4.4, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:

https://docs.openshift.com/container-platform/4.4/release_notes/ocp-4-4-release-notes.html

Details on how to access this content are available at This page is not included, but the link has been rewritten to point to the nearest parent document.https://docs.openshift.com/container-platform/4.4/updating/updating-cluster-cli.html.

Affected Products

ProductVersionArch
Red Hat OpenShift Container Platform4.4x86_64
Red Hat OpenShift Container Platform4.4x86_64

Fixes

CVEs

References

(none)

Additional information