- Issued:
- 2021-04-12
- Updated:
- 2021-04-12
RHBA-2021:1167 - Openshift Logging Bug Fix Release 5.0.2 -
Synopsis
Openshift Logging Bug Fix Release (5.0.2)
Type/Severity
Bug Fix Advisory None
Topic
Openshift Logging Bug Fix Release (5.0.2)
Description
Openshift Logging Bug Fix Release (5.0.2)
You use the Red Hat OpenShift Logging product to forward, store, and visualize log data from your cluster.
Changes to the Red Hat OpenShift Logging product:
-
If you did not set
.proxyin the cluster installation configuration, and then configured a global proxy on the installed cluster, a bug prevented Fluentd from forwarding logs to Elasticsearch. To work around this issue, in the proxy/cluster configuration, setno_proxyto.svc.cluster.localso it skips internal traffic. The current release fixes the proxy configuration issue. Now, if you configure the global proxy after installing an OpenShift cluster, Fluentd forwards logs to Elasticsearch. (LOG-1187, BZ#1915448) -
Previously, forwarding logs to Kafka using chained certificates failed with error "state=error: certificate verify failed (unable to get local issuer certificate)." Logs could not be forwarded to a Kafka broker with a certificate signed by an intermediate CA. This happened because fluentd Kafka plugin could only handle a single CA certificate supplied in the ca-bundle.crt entry of the corresponding secret. The current release fixes this issue. It enables the fluentd Kafka plugin to handle multiple CA certificates supplied in the ca-bundle.crt entry of the corresponding secret. Now, logs can be forwarded to a Kafka broker with a certificate signed by an intermediate CA. (LOG-1216, LOG-1218, BZ#1904380)
-
Previously, an update in the cluster service version (CSV) accidentally introduced resource/limits for the OpenShift Elasticsearch operator container. Under specific conditions, this issue prevented the operator from being scheduled. The current release fixes this issue by removing the CSV resource/limits for the operator container. Now, the operator gets scheduled without issues. (LOG-1254, BZ#1944048)
Solution
For OpenShift Container Platform 4.7 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:
https://docs.openshift.com/container-platform/4.7/release_notes/ocp-4-7-release-notes.html
For Red Hat OpenShift Logging 5.0, see the following instructions to apply this update:
https://docs.openshift.com/container-platform/4.7/logging/cluster-logging-upgrading.html
Affected Products
| Product | Version | Arch |
|---|---|---|
| Red Hat OpenShift Container Platform | 4.7 | x86_64 |
Fixes
(none)
CVEs
References
Additional information
- The Red Hat security contact is This content is not included.secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.
- Offline Security Data data is available for integration with other systems. See Offline Security Data API to get started.