You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: release_notes/ocp-4-19-release-notes.adoc
+129-3Lines changed: 129 additions & 3 deletions
Original file line number
Diff line number
Diff line change
@@ -22,7 +22,7 @@ You must use {op-system} machines for the control plane and for the compute mach
22
22
//Removed the note per https://issues.redhat.com/browse/GRPA-3517
23
23
//Removed paragraph about the RHEL package because mode workers are removed from 4.19, per Scott Dodson
24
24
//Even-numbered release lifecycle verbiage (Comment in for even-numbered releases)
25
-
////
25
+
////
26
26
Starting from {product-title} 4.14, the Extended Update Support (EUS) phase for even-numbered releases increases the total available lifecycle to 24 months on all supported architectures, including `x86_64`, 64-bit ARM (`aarch64`), {ibm-power-name} (`ppc64le`), and {ibm-z-name} (`s390x`) architectures. Beyond this, Red{nbsp}Hat also offers a 12-month additional EUS add-on, denoted as _Additional EUS Term 2_, that extends the total available lifecycle from 24 months to 36 months. The Additional EUS Term 2 is available on all architecture variants of {product-title}. For more information about support for all versions, see the link:https://access.redhat.com/support/policy/updates/openshift[Red Hat {product-title} Life Cycle Policy].
27
27
////
28
28
@@ -1219,6 +1219,132 @@ For more information about the unsupported, community-maintained, version of the
* Previously, VMs in a cluster that ran on {azure-short} failed because the attached network interface controller (NIC) was in a `ProvisioningFailed` state.
1229
+
With this release, the Machine API controller checks the provisioning status of a NIC and refreshes the VMs on a regular basis to prevent this issue.
* Previously, in larger clusters that had other subsystems using certificate signing requests (CSRs), the CSR approver counted unrelated, unapproved CSRs towards its total and prevented further approvals.
1233
+
With this release, the CSR approver uses a `signerName` property as a filter and only includes CSRs that it can approve.
1234
+
As a result, the CSR approver only prevents new approvals when there are a large number of unapproved CSRs for the relevant `signerName` values.
* Previously, the Machine API controller read only the zone number to populate machine zone information.
1238
+
For machines in {azure-short} regions that only support availability sets, the set number represents the zone, so the Machine API controller did not populate their zone information.
1239
+
With this release, the Machine API controller references the {azure-short} fault domain property.
1240
+
This property works for availability sets and availability zones, so the controller correctly reads the fault domain in each case and machines always report a zone.
* Previously, increased granularity in {gcp-short} zone API error messages caused the machine controller to mistakenly mark some machines with invalid configurations as valid with a temporary cloud error.
1244
+
This behavior prevented invalid machines from transitioning to a failed state.
1245
+
With this release, the machine controller handles the more granular error messages correctly so that machines with an invalid zone or project ID correctly move to a failed state.
* Previously, installing an {aws-short} cluster failed in certain environments on existing subnets when the `publicIp` parameter in the compute machine set CR was set to `false`.
1297
+
With this release, a fix ensures that a configuration value set for `publicIp` no longer causes issues when the installation program provisions machines for your {aws-short} cluster in certain environments.
* Previously, when the {aws-short} `DHCPOptionSet` parameter was configured to use a custom domain name that contains a trailing period (`.`), {product-title} installation failed.
1307
+
With this release, the logic that extracts the hostname of EC2 instances and turns them into kubelet node names trims trailing periods so that the resulting Kubernetes object name is valid.
1308
+
Trailing periods in this parameter no longer cause installation to fail. (link:https://issues.redhat.com/browse/OCPBUGS-45306[OCPBUGS-45306])
1309
+
1310
+
* Previously, the number of {azure-short} availability set fault domains used a fixed value of `2`.
1311
+
This setting works in most {azure-short} regions because fault domain counts are typically at least 2.
1312
+
However, this setting failed in the `centraluseuap` and `eastusstg` regions.
1313
+
With this release, the number of availability set fault domains in a region is set dynamically.
* Previously, some services became stuck in a pending state due to incorrect or missing annotations.
1321
+
With this release, validation added to the {azure-short} `service.beta.kubernetes.io/azure-load-balancer-tcp-idle-timeout` and {gcp-short} `cloud.google.com/network-tier` annotations resolves the issue.
* Previously, the Machine API sometimes detected an unhealthy control plane node during cluster creation on {ibm-cloud-title} and attempted to replace the node.
1334
+
This effectively destroyed the cluster.
1335
+
With this release, the Machine API only attempts to replace unhealthy compute nodes during cluster creation and does not attempt to replace unhealthy control plane nodes.
* Previously, a bug fix altered the availability set configuration by changing the fault domain count to use the maximum available value instead of a fixed value of `2`.
1344
+
This inadvertently caused scaling issues for compute machine sets created before the bug fix, as the controller attempted to change immutable availability sets.
1345
+
With this release, availability sets are no longer modified after creation, allowing affected compute machine sets to scale properly.
* Previously, image importing from blocked registries would fail if those registries were configured with `NeverContactSource`, even when mirror registries were set up. With this update, image importing is no longer blocked when a registry has mirrors configured. This ensures that image imports succeed even if the original source was set to `NeverContactSource` in the `ImageDigestMirrorSet` or `ImageTagMirrorSet` resources. (link:https://issues.redhat.com/browse/OCPBUGS-44432[*OCPBUGS-44432*])
1376
+
* Previously, image importing from blocked registries would fail if those registries were configured with `NeverContactSource`, even when mirror registries were set up. With this update, image importing is no longer blocked when a registry has mirrors configured. This ensures that image imports succeed even if the original source was set to `NeverContactSource` in the `ImageDigestMirrorSet` or `ImageTagMirrorSet` resources. (link:https://issues.redhat.com/browse/OCPBUGS-44432[OCPBUGS-44432])
* Previously, if you attempted to install an {aws-first} cluster with minimum privileges and you did not specify an instance type in the `install-config.yaml` file, installation of the cluster failed. This issue happened because the installation program could not find supported instance types that the cluster uses in availability zones. For example, the `m6i.xlarge` default instance type was unavailable in `ap-southeast-4` and `eu-south-2` availability zones. With this release, the `openshift-install` program now requires the `ec2:DescribeInstanceTypeOfferings` {aws-short} permission to prevent the installation of the cluster from failing in situations where `m6i.xlarge` or another supported instance type is unavailable in a supported availability zone. (link:https://issues.redhat.com/browse/OCPBUGS-46596[*OCPBUGS-46596*])
1382
+
* Previously, if you attempted to install an {aws-first} cluster with minimum privileges and you did not specify an instance type in the `install-config.yaml` file, installation of the cluster failed. This issue happened because the installation program could not find supported instance types that the cluster could use in supported availability zones. For example, the `m6i.xlarge` default instance type was unavailable in `ap-southeast-4` and `eu-south-2` availability zones. With this release, the `openshift-install` program now requires the `ec2:DescribeInstanceTypeOfferings` {aws-short} permission to prevent the installation of the cluster from failing in situations where `m6i.xlarge` or another supported instance type is unavailable in a supported availability zone. (link:https://issues.redhat.com/browse/OCPBUGS-46596[OCPBUGS-46596])
0 commit comments