Headline
RHSA-2022:0056: Red Hat Security Advisory: OpenShift Container Platform 4.10.3 security update
Red Hat OpenShift Container Platform release 4.10.3 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
Related CVEs:
- CVE-2021-3121: gogo/protobuf: plugin/unmarshal/unmarshal.go lacks certain index validation
- CVE-2021-3749: nodejs-axios: Regular expression denial of service in trim function
- CVE-2021-39226: grafana: Snapshot authentication bypass
- CVE-2021-43813: grafana: directory traversal vulnerability
- CVE-2021-44716: golang: net/http: limit growth of header canonicalization cache
- CVE-2021-44717: golang: syscall: don’t close fd 0 on ForkExec error
- CVE-2022-21673: grafana: Forward OAuth Identity Token can allow users to access some data sources
Skip to navigation Skip to main content
Utilities
- Subscriptions
- Downloads
- Containers
- Support Cases
Infrastructure and Management
- Red Hat Enterprise Linux
- Red Hat Virtualization
- Red Hat Identity Management
- Red Hat Directory Server
- Red Hat Certificate System
- Red Hat Satellite
- Red Hat Subscription Management
- Red Hat Update Infrastructure
- Red Hat Insights
- Red Hat Ansible Automation Platform
Cloud Computing
- Red Hat OpenShift
- Red Hat CloudForms
- Red Hat OpenStack Platform
- Red Hat OpenShift Container Platform
- Red Hat OpenShift Data Science
- Red Hat OpenShift Online
- Red Hat OpenShift Dedicated
- Red Hat Advanced Cluster Security for Kubernetes
- Red Hat Advanced Cluster Management for Kubernetes
- Red Hat Quay
- Red Hat CodeReady Workspaces
- Red Hat OpenShift Service on AWS
Storage
- Red Hat Gluster Storage
- Red Hat Hyperconverged Infrastructure
- Red Hat Ceph Storage
- Red Hat OpenShift Data Foundation
Runtimes
- Red Hat Runtimes
- Red Hat JBoss Enterprise Application Platform
- Red Hat Data Grid
- Red Hat JBoss Web Server
- Red Hat Single Sign On
- Red Hat support for Spring Boot
- Red Hat build of Node.js
- Red Hat build of Thorntail
- Red Hat build of Eclipse Vert.x
- Red Hat build of OpenJDK
- Red Hat build of Quarkus
- Red Hat CodeReady Studio
Integration and Automation
- Red Hat Process Automation
- Red Hat Process Automation Manager
- Red Hat Decision Manager
All Products
Issued:
2022-03-10
Updated:
2022-03-10
RHSA-2022:0056 - Security Advisory
- Overview
- Updated Packages
Synopsis
Moderate: OpenShift Container Platform 4.10.3 security update
Type/Severity
Security Advisory: Moderate
Topic
Red Hat OpenShift Container Platform release 4.10.3 is now available with
updates to packages and images that fix several bugs and add enhancements.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Description
Red Hat OpenShift Container Platform is Red Hat’s cloud computing
Kubernetes application platform solution designed for on-premise or private
cloud deployments.
This advisory contains the container images for Red Hat OpenShift Container
Platform 4.10.3. See the following advisory for the RPM packages for this
release:
https://access.redhat.com/errata/RHSA-2022:0055
Space precludes documenting all of the container images in this advisory.
See the following Release Notes documentation, which will be updated
shortly for this release, for details about these changes:
https://docs.openshift.com/container-platform/4.10/release_notes/ocp-4-10-release-notes.html
Security Fix(es):
- gogo/protobuf: plugin/unmarshal/unmarshal.go lacks certain index validation (CVE-2021-3121)
- grafana: Snapshot authentication bypass (CVE-2021-39226)
- golang: net/http: limit growth of header canonicalization cache (CVE-2021-44716)
- nodejs-axios: Regular expression denial of service in trim function (CVE-2021-3749)
- golang: syscall: don’t close fd 0 on ForkExec error (CVE-2021-44717)
- grafana: Forward OAuth Identity Token can allow users to access some data sources (CVE-2022-21673)
- grafana: directory traversal vulnerability (CVE-2021-43813)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.
You may download the oc tool and use it to inspect release image metadata
as follows:
(For x86_64 architecture)
$ oc adm release info
quay.io/openshift-release-dev/ocp-release:4.10.3-x86_64
The image digest is
sha256:7ffe4cd612be27e355a640e5eec5cd8f923c1400d969fd590f806cffdaabcc56
(For s390x architecture)
$ oc adm release info
quay.io/openshift-release-dev/ocp-release:4.10.3-s390x
The image digest is
sha256:4cf21a9399da1ce8427246f251ae5dedacfc8c746d2345f9cfe039ed9eda3e69
(For ppc64le architecture)
$ oc adm release info
quay.io/openshift-release-dev/ocp-release:4.10.3-ppc64le
The image digest is
sha256:4ee571da1edf59dfee4473aa4604aba63c224bf8e6bcf57d048305babbbde93c
All OpenShift Container Platform 4.10 users are advised to upgrade to these
updated packages and images when they are available in the appropriate
release channel. To check for available updates, use the OpenShift Console
or the CLI oc command. Instructions for upgrading a cluster are available
at
https://docs.openshift.com/container-platform/4.10/updating/updating-cluster-cli.html
Affected Products
- Red Hat OpenShift Container Platform 4.10 for RHEL 8 x86_64
- Red Hat OpenShift Container Platform for IBM Z and LinuxONE 4.10 for RHEL 8 s390x
- Red Hat OpenShift Container Platform for ARM 64 4.10 aarch64
Fixes
- BZ - 1808240 - Always return metrics value for pods under the user’s namespace
- BZ - 1815189 - feature flagged UI does not always become available after operator installation
- BZ - 1825034 - e2e: Mock CSI tests fail on IBM ROKS clusters
- BZ - 1826225 - edge terminated h2 (gRPC) connections need a haproxy template change to work correctly
- BZ - 1860774 - csr for vSphere egress nodes were not approved automatically during cert renewal
- BZ - 1878106 - token inactivity timeout is not shortened after oauthclient/oauth config values are lowered
- BZ - 1878925 - ‘oc adm upgrade --to …’ rejects versions which occur only in history, while the cluster-version operator supports history fallback
- BZ - 1880738 - origin e2e test deletes original worker
- BZ - 1882983 - oVirt csi driver should refuse to provision RWX and ROX PV
- BZ - 1886450 - Keepalived router id check not documented for RHV/VMware IPI
- BZ - 1889488 - The metrics endpoint for the Scheduler is not protected by RBAC
- BZ - 1894431 - Router pods fail to boot if the SSL certificate applied is missing an empty line at the bottom
- BZ - 1896474 - Path based routing is broken for some combinations
- BZ - 1897431 - CIDR support for additional network attachment with the bridge CNI plug-in
- BZ - 1903408 - NodePort externalTrafficPolicy does not work for ovn-kubernetes
- BZ - 1907433 - Excessive logging in image operator
- BZ - 1909906 - The router fails with PANIC error when stats port already in use
- BZ - 1911173 - [MSTR-998] Many charts’ legend names show {{}} instead of words
- BZ - 1914053 - pods assigned with Multus whereabouts IP get stuck in ContainerCreating state after node rebooting.
- BZ - 1916169 - a reboot while MCO is applying changes leaves the node in undesirable state and MCP looks fine (UPDATED=true)
- BZ - 1917893 - [ovirt] install fails: due to terraform error “Cannot attach Virtual Disk: Disk is locked” on vm resource
- BZ - 1921627 - GCP UPI installation failed due to exceeding gcp limitation of instance group name
- BZ - 1921650 - CVE-2021-3121 gogo/protobuf: plugin/unmarshal/unmarshal.go lacks certain index validation
- BZ - 1926522 - oc adm catalog does not clean temporary files
- BZ - 1927478 - Default CatalogSources deployed by marketplace do not have toleration for tainted nodes.
- BZ - 1928141 - kube-storage-version-migrator constantly reporting type “Upgradeable” status Unknown
- BZ - 1928285 - [LSO][OCS][arbiter] OCP Console shows no results while in fact underlying setup of LSO localvolumeset and it’s storageclass is not yet finished, confusing users
- BZ - 1931594 - [sig-cli] oc --request-timeout works as expected fails frequently on s390x
- BZ - 1933847 - Prometheus goes unavailable (both instances down) during 4.8 upgrade
- BZ - 1937085 - RHV UPI inventory playbook missing guarantee_memory
- BZ - 1937196 - [aws ebs csi driver] events for block volume expansion may cause confusion
- BZ - 1938236 - vsphere-problem-detector does not support overriding log levels via storage CR
- BZ - 1939401 - missed labels for CMO/openshift-state-metric/telemeter-client/thanos-querier pods
- BZ - 1939435 - Setting an IPv6 address in noProxy field causes error in openshift installer
- BZ - 1939552 - [sig-api-machinery] CustomResourcePublishOpenAPI [Privileged:ClusterAdmin] works for CRD preserving unknown fields in an embedded object [Conformance] [Suite:openshift/conformance/parallel/minimal] [Suite:k8s]
- BZ - 1942913 - ThanosSidecarUnhealthy isn’t resilient to WAL replays.
- BZ - 1943363 - [ovn] CNO should gracefully terminate ovn-northd
- BZ - 1945274 - ostree-finalize-staged.service failed while upgrading a rhcos node to 4.6.17
- BZ - 1948080 - authentication should not set Available=False APIServices_Error with 503s
- BZ - 1949262 - Prometheus Statefulsets should have 2 replicas and hard affinity set
- BZ - 1949672 - [GCP] Update 4.8 UPI template to match ignition version: 3.2.0
- BZ - 1950827 - [LSO] localvolumediscoveryresult name is not friendly to customer
- BZ - 1952576 - csv_succeeded metric not present in olm-operator for all successful CSVs
- BZ - 1953264 - “remote error: tls: bad certificate” logs in prometheus-operator container
- BZ - 1955300 - Machine config operator reports unavailable for 23m during upgrade
- BZ - 1955489 - Alertmanager Statefulsets should have 2 replicas and hard affinity set
- BZ - 1955490 - Thanos ruler Statefulsets should have 2 replicas and hard affinity set
- BZ - 1955544 - [IPI][OSP] densed master-only installation with 0 workers fails due to missing worker security group on masters
- BZ - 1956496 - Needs SR-IOV Docs Upstream
- BZ - 1956739 - Permission for authorized_keys for core user changes from core user to root when changed the pull secret
- BZ - 1956776 - [vSphere] Installer should do pre-check to ensure user-provided network name is valid
- BZ - 1956964 - upload a boot-source to OpenShift virtualization using the console
- BZ - 1957547 - [RFE]VM name is not auto filled in dev console
- BZ - 1958349 - ovn-controller doesn’t release the memory after cluster-density run
- BZ - 1959352 - [scale] failed to get pod annotation: timed out waiting for annotations
- BZ - 1960378 - icsp allows mirroring of registry root - install-config imageContentSources does not
- BZ - 1960674 - Broken test: [sig-imageregistry][Serial][Suite:openshift/registry/serial] Image signature workflow can push a signed image to openshift registry and verify it [Suite:openshift/conformance/serial]
- BZ - 1961317 - storage ClusterOperator does not declare ClusterRoleBindings in relatedObjects
- BZ - 1961391 - String updates
- BZ - 1961509 - DHCP daemon pod should have CPU and memory requests set but not limits
- BZ - 1962066 - Edit machine/machineset specs not working
- BZ - 1962206 - openshift-multus/dhcp-daemon set should meet platform requirements for update strategy that have maxUnavailable update of 10 or 33 percent
- BZ - 1963053 - `oc whoami --show-console` should show the web console URL, not the server api URL
- BZ - 1964112 - route SimpleAllocationPlugin: host name validation errors: spec.host: Invalid value: … must be no more than 63 characters
- BZ - 1964327 - Support containers with name:tag@digest
- BZ - 1964789 - Send keys and disconnect does not work for VNC console
- BZ - 1965368 - ClusterQuotaAdmission received non-meta object - message constantly reported in OpenShift Container Platform 4.7
- BZ - 1966445 - Unmasking a service doesn’t work if it masked using MCO
- BZ - 1966477 - Use GA version in KAS/OAS/OauthAS to avoid: “audit.k8s.io/v1beta1” is deprecated and will be removed in a future release, use “audit.k8s.io/v1” instead
- BZ - 1966521 - kube-proxy’s userspace implementation consumes excessive CPU
- BZ - 1968364 - [Azure] when using ssh type ed25519 bootstrap fails to come up
- BZ - 1970021 - nmstate does not persist its configuration due to overlay systemd-connections-merged mount
- BZ - 1970218 - MCO writes incorrect file contents if compression field is specified
- BZ - 1970331 - [sig-auth][Feature:SCC][Early] should not have pod creation failures during install [Suite:openshift/conformance/parallel]
- BZ - 1970805 - Cannot create build when docker image url contains dir structure
- BZ - 1972033 - [azure] PV region node affinity is failure-domain.beta.kubernetes.io instead of topology.kubernetes.io
- BZ - 1972827 - image registry does not remain available during upgrade
- BZ - 1972962 - Should set the minimum value for the `–max-icsp-size` flag of `oc adm catalog mirror`
- BZ - 1973447 - ovn-dbchecker peak memory spikes to ~500MiB during cluster-density run
- BZ - 1975826 - ovn-kubernetes host directed traffic cannot be offloaded as CT zone 64000 is not established
- BZ - 1976301 - [ci] e2e-azure-upi is permafailing
- BZ - 1976399 - During the upgrade from OpenShift 4.5 to OpenShift 4.6 the election timers for the OVN north and south databases did not change.
- BZ - 1976674 - CCO didn’t set Upgradeable to False when cco mode is configured to Manual on azure platform
- BZ - 1976894 - Unidling a StatefulSet does not work as expected
- BZ - 1977319 - [Hive] Remove stale cruft installed by CVO in earlier releases
- BZ - 1977414 - Build Config timed out waiting for condition 400: Bad Request
- BZ - 1977929 - [RFE] Display Network Attachment Definitions from openshift-multus namespace during OCS deployment via UI using Multus
- BZ - 1978528 - systemd-coredump started and failed intermittently for unknown reasons
- BZ - 1978581 - machine-config-operator: remove runlevel from mco namespace
- BZ - 1979562 - Cluster operators: don’t show messages when neither progressing, degraded or unavailable
- BZ - 1979962 - AWS SDN Network Stress tests have not passed in 4.9 release-openshift-origin-installer-e2e-aws-sdn-network-stress-4.9
- BZ - 1979966 - OCP builds always fail when run on RHEL7 nodes
- BZ - 1981396 - Deleting pool inside pool page the pool stays in Ready phase in the heading
- BZ - 1981549 - Machine-config daemon does not recover from broken Proxy configuration
- BZ - 1981867 - [sig-cli] oc explain should contain proper fields description for special types [Suite:openshift/conformance/parallel]
- BZ - 1981941 - Terraform upgrade required in openshift-installer to resolve multiple issues
- BZ - 1982063 - ‘Control Plane’ is not translated in Simplified Chinese language in Home->Overview page
- BZ - 1982498 - Default registry credential path should be adjusted to use containers/auth.json for oc commands
- BZ - 1982662 - Workloads - DaemonSets - Add storage: i18n misses
- BZ - 1982726 - kube-apiserver audit logs show a lot of 404 errors for DELETE “*/secrets/encryption-config” on single node clusters
- BZ - 1983758 - upgrades are failing on disruptive tests
- BZ - 1983964 - Need Device plugin configuration for the NIC “needVhostNet” & “isRdma”
- BZ - 1984592 - global pull secret not working in OCP4.7.4+ for additional private registries
- BZ - 1985073 - new-in-4.8 ExtremelyHighIndividualControlPlaneCPU fires on some GCP update jobs
- BZ - 1985486 - Cluster Proxy not used during installation on OSP with Kuryr
- BZ - 1985724 - VM Details Page missing translations
- BZ - 1985838 - [OVN] CNO exportNetworkFlows does not clear collectors when deleted
- BZ - 1985933 - Downstream image registry recommendation
- BZ - 1985965 - oVirt CSI driver does not report volume stats
- BZ - 1986216 - [scale] SNO: Slow Pod recovery due to “timed out waiting for OVS port binding”
- BZ - 1986237 - “MachineNotYetDeleted” in Pending state , alert not fired
- BZ - 1986239 - crictl create fails with “PID namespace requested, but sandbox infra container invalid”
- BZ - 1986302 - console continues to fetch prometheus alert and silences for normal user
- BZ - 1986314 - Current MTV installation for KubeVirt import flow creates unusable Forklift UI
- BZ - 1986338 - error creating list of resources in Import YAML
- BZ - 1986502 - yaml multi file dnd duplicates previous dragged files
- BZ - 1986819 - fix string typos for hot-plug disks
- BZ - 1987044 - [OCPV48] Shutoff VM is being shown as “Starting” in WebUI when using spec.runStrategy Manual/RerunOnFailure
- BZ - 1987136 - Declare operatorframework.io/arch.* labels for all operators
- BZ - 1987257 - Go-http-client user-agent being used for oc adm mirror requests
- BZ - 1987263 - fsSpaceFillingUpWarningThreshold not aligned to Kubernetes Garbage Collection Threshold
- BZ - 1987445 - MetalLB integration: All gateway routers in the cluster answer ARP requests for LoadBalancer services IP
- BZ - 1988406 - SSH key dropped when selecting “Customize virtual machine” in UI
- BZ - 1988440 - Network operator changes ovnkube-config too early causing ovnkube-master pods to crashloop during cluster upgrade
- BZ - 1988483 - Azure drop ICMP need to frag FRAG when using OVN: openshift-apiserver becomes False after env runs some time due to communication between one master to pods on another master fails with “Unable to connect to the server”
- BZ - 1988879 - Virtual media based deployment fails on Dell servers due to pending Lifecycle Controller jobs
- BZ - 1989438 - expected replicas is wrong
- BZ - 1989502 - Developer Catalog is disappearing after short time
- BZ - 1989843 - ‘More’ and ‘Show Less’ functions are not translated on several page
- BZ - 1990014 - oc debug <pod-name> does not work for Windows pods
- BZ - 1990190 - e2e testing failed with basic manifest: reason/ExternalProvisioning waiting for a volume to be created
- BZ - 1990193 - ‘more’ and ‘Show Less’ is not being translated on Home -> Search page
- BZ - 1990255 - Partial or all of the Nodes/StorageClasses don’t appear back on UI after text is removed from search bar
- BZ - 1990489 - etcdHighNumberOfFailedGRPCRequests fires only on metal env in CI
- BZ - 1990506 - Missing udev rules in initramfs for /dev/disk/by-id/scsi-* symlinks
- BZ - 1990556 - get-resources.sh doesn’t honor the no_proxy settings even with no_proxy var
- BZ - 1990625 - Ironic agent registers with SLAAC address with privacy-stable
- BZ - 1990635 - CVO does not recognize the channel change if desired version and channel changed at the same time
- BZ - 1991067 - github.com can not be resolved inside pods where cluster is running on openstack.
- BZ - 1991573 - Enable typescript strictNullCheck on network-policies files
- BZ - 1991641 - Baremetal Cluster Operator still Available After Delete Provisioning
- BZ - 1991770 - The logLevel and operatorLogLevel values do not work with Cloud Credential Operator
- BZ - 1991819 - Misspelled word “ocurred” in oc inspect cmd
- BZ - 1991942 - Alignment and spacing fixes
- BZ - 1992414 - Two rootdisks show on storage step if ‘This is a CD-ROM boot source’ is checked
- BZ - 1992453 - The configMap failed to save on VM environment tab
- BZ - 1992466 - The button ‘Save’ and ‘Reload’ are not translated on vm environment tab
- BZ - 1992475 - The button ‘Open console in New Window’ and ‘Disconnect’ are not translated on vm console tab
- BZ - 1992509 - Could not customize boot source due to source PVC not found
- BZ - 1992541 - all the alert rules’ annotations “summary” and “description” should comply with the OpenShift alerting guidelines
- BZ - 1992580 - storageProfile should stay with the same value by check/uncheck the apply button
- BZ - 1992592 - list-type missing in oauth.config.openshift.io for identityProviders breaking Server Side Apply
- BZ - 1992777 - [IBMCLOUD] Default “ibm_iam_authorization_policy” is not working as expected in all scenarios
- BZ - 1993364 - cluster destruction fails to remove router in BYON with Kuryr as primary network (even after BZ 1940159 got fixed)
- BZ - 1993376 - periodic-ci-openshift-release-master-ci-4.6-upgrade-from-stable-4.5-e2e-azure-upgrade is permfailing
- BZ - 1994094 - Some hardcodes are detected at the code level in OpenShift console components
- BZ - 1994142 - Missing required cloud config fields for IBM Cloud
- BZ - 1994733 - MetalLB: IP address is not assigned to service if there is duplicate IP address in two address pools
- BZ - 1995021 - resolv.conf and corefile sync slows down/stops after keepalived container restart
- BZ - 1995335 - [SCALE] ovnkube CNI: remove ovs flows check
- BZ - 1995493 - Add Secret to workload button and Actions button are not aligned on secret details page
- BZ - 1995531 - Create RDO-based Ironic image to be promoted to OKD
- BZ - 1995545 - Project drop-down amalgamates inside main screen while creating storage system for odf-operator
- BZ - 1995887 - [OVN]After reboot egress node, lr-policy-list was not correct, some duplicate records or missed internal IPs
- BZ - 1995924 - CMO should report `Upgradeable: false` when HA workload is incorrectly spread
- BZ - 1996023 - kubernetes.io/hostname values are larger than filter when create localvolumeset from webconsole
- BZ - 1996108 - Allow backwards compatibility of shared gateway mode to inject host-based routes into OVN
- BZ - 1996624 - 100% of the cco-metrics/cco-metrics targets in openshift-cloud-credential-operator namespace are down
- BZ - 1996630 - Fail to delete the first Authorized SSH Key input box on Advanced page
- BZ - 1996647 - Provide more useful degraded message in auth operator on DNS errors
- BZ - 1996736 - Large number of 501 lr-policies in INCI2 env
- BZ - 1996886 - timedout waiting for flows during pod creation and ovn-controller pegged on worker nodes
- BZ - 1996916 - Special Resource Operator(SRO) - Fail to deploy simple-kmod on GCP
- BZ - 1996928 - Enable default operator indexes on ARM
- BZ - 1997028 - prometheus-operator update removes env var support for thanos-sidecar
- BZ - 1997059 - Failed to create cluster in AWS us-east-1 region due to a local zone is used
- BZ - 1997226 - Ingresscontroller reconcilations failing but not shown in operator logs or status of ingresscontroller.
- BZ - 1997245 - “Subscription already exists in openshift-storage namespace” error message is seen while installing odf-operator via UI
- BZ - 1997269 - Have to refresh console to install kube-descheduler
- BZ - 1997478 - Storage operator is not available after reboot cluster instances
- BZ - 1997509 - flake: [sig-cli] oc builds new-build [Skipped:Disconnected] [Suite:openshift/conformance/parallel]
- BZ - 1997967 - storageClass is not reserved from default wizard to customize wizard
- BZ - 1998035 - openstack IPI CI: custom var-lib-etcd.mount (ramdisk) unit is racing due to incomplete After/Before order
- BZ - 1998038 - [e2e][automation] add tests for UI for VM disk hot-plug
- BZ - 1998087 - Fix CephHealthCheck wrapping contents and add data-tests for HealthItem and SecondaryStatus
- BZ - 1998174 - Create storageclass gp3-csi after install ocp cluster on aws
- BZ - 1998183 - “r: Bad Gateway” info is improper
- BZ - 1998235 - Firefox warning: Cookie “csrf-token” will be soon rejected
- BZ - 1998377 - Filesystem table head is not full displayed in disk tab
- BZ - 1998378 - Virtual Machine is ‘Not available’ in Home -> Overview -> Cluster inventory
- BZ - 1998519 - Add fstype when create localvolumeset instance on web console
- BZ - 1998951 - Keepalived conf ingress peer on in Dual stack cluster contains both IPv6 and IPv4 addresses
- BZ - 1999076 - [UI] Page Not Found error when clicking on Storage link provided in Overview page
- BZ - 1999079 - creating pods before sriovnetworknodepolicy sync up succeed will cause node unschedulable
- BZ - 1999091 - Console update toast notification can appear multiple times
- BZ - 1999133 - removing and recreating static pod manifest leaves pod in error state
- BZ - 1999246 - .indexignore is not ingore when oc command load dc configuration
- BZ - 1999250 - ArgoCD in GitOps operator can’t manage namespaces
- BZ - 1999255 - ovnkube-node always crashes out the first time it starts
- BZ - 1999261 - ovnkube-node log spam (and security token leak?)
- BZ - 1999309 - While installing odf-operator via UI, web console update pop-up navigates to OperatorHub -> Operator Installation page
- BZ - 1999314 - console-operator is slow to mark Degraded as False once console starts working
- BZ - 1999425 - kube-apiserver with "[SHOULD NOT HAPPEN] failed to update managedFields" err="failed to convert new object (machine.openshift.io/v1beta1, Kind=MachineHealthCheck)
- BZ - 1999556 - “master” pool should be updated before the CVO reports available at the new version occurred
- BZ - 1999578 - AWS EFS CSI tests are constantly failing
- BZ - 1999603 - Memory Manager allows Guaranteed QoS Pod with hugepages requested is exactly equal to the left over Hugepages
- BZ - 1999619 - cloudinit is malformatted if a user sets a password during VM creation flow
- BZ - 1999621 - Empty ssh_authorized_keys entry is added to VM’s cloudinit if created from a customize flow
- BZ - 1999649 - MetalLB: Only one type of IP address can be assigned to service on dual stack cluster from a address pool that have both IPv4 and IPv6 addresses defined
- BZ - 1999668 - openshift-install destroy cluster panic’s when given invalid credentials to cloud provider (Azure Stack Hub)
- BZ - 1999734 - IBM Cloud CIS Instance CRN missing in infrastructure manifest/resource
- BZ - 1999771 - revert “force cert rotation every couple days for development” in 4.10
- BZ - 1999784 - CVE-2021-3749 nodejs-axios: Regular expression denial of service in trim function
- BZ - 1999796 - Openshift Console `Helm` tab is not showing helm releases in a namespace when there is high number of deployments in the same namespace.
- BZ - 1999836 - Admin web-console inconsistent status summary of sparse ClusterOperator conditions
- BZ - 1999903 - Click “This is a CD-ROM boot source” ticking “Use template size PVC” on pvc upload form
- BZ - 1999983 - No way to clear upload error from template boot source
- BZ - 2000081 - [IPI baremetal] The metal3 pod failed to restart when switching from Disabled to Managed provisioning without specifying provisioningInterface parameter
- BZ - 2000096 - Git URL is not re-validated on edit build-config form reload
- BZ - 2000216 - Successfully imported ImageStreams are not resolved in DeploymentConfig
- BZ - 2000236 - Confusing usage message from dynkeepalived CLI
- BZ - 2000268 - Mark cluster unupgradable if vcenter, esxi versions or HW versions are unsupported
- BZ - 2000430 - bump cluster-api-provider-ovirt version in installer
- BZ - 2000450 - 4.10: Enable static PV multi-az test
- BZ - 2000490 - All critical alerts shipped by CMO should have links to a runbook
- BZ - 2000521 - Kube-apiserver CO degraded due to failed conditional check (ConfigObservationDegraded)
- BZ - 2000573 - Incorrect StorageCluster CR created and ODF cluster getting installed with 2 Zone OCP cluster
- BZ - 2000628 - ibm-flashsystem-storage-storagesystem got created without any warning even when the attempt was cancelled
- BZ - 2000651 - ImageStreamTag alias results in wrong tag and invalid link in Web Console
- BZ - 2000754 - IPerf2 tests should be lower
- BZ - 2000846 - Structure logs in the entire codebase of Local Storage Operator
- BZ - 2000872 - [tracker] container is not able to list on some directories within the nfs after upgrade to 4.7.24
- BZ - 2000877 - OCP ignores STOPSIGNAL in Dockerfile and sends SIGTERM
- BZ - 2000938 - CVO does not respect changes to a Deployment strategy
- BZ - 2000963 - ‘Inline-volume (default fs)] volumes should store data’ tests are failing on OKD with updated selinux-policy
- BZ - 2001008 - [MachineSets] CloneMode defaults to linkedClone, but I don’t have snapshot and should be fullClone
- BZ - 2001240 - Remove response headers for downloads of binaries from OpenShift WebConsole
- BZ - 2001295 - Remove openshift:kubevirt-machine-controllers decleration from machine-api
- BZ - 2001317 - OCP Platform Quota Check - Inaccurate MissingQuota error
- BZ - 2001337 - Details Card in ODF Dashboard mentions OCS
- BZ - 2001339 - fix text content hotplug
- BZ - 2001413 - [e2e][automation] add/delete nic and disk to template
- BZ - 2001441 - Test: oc adm must-gather runs successfully for audit logs - fail due to startup log
- BZ - 2001442 - Empty termination.log file for the kube-apiserver has too permissive mode
- BZ - 2001479 - IBM Cloud DNS unable to create/update records
- BZ - 2001566 - Enable alerts for prometheus operator in UWM
- BZ - 2001575 - Clicking on the perspective switcher shows a white page with loader
- BZ - 2001577 - Quick search placeholder is not displayed properly when the search string is removed
- BZ - 2001578 - [e2e][automation] add tests for vm dashboard tab
- BZ - 2001605 - PVs remain in Released state for a long time after the claim is deleted
- BZ - 2001617 - BucketClass Creation is restricted on 1st page but enabled using side navigation options
- BZ - 2001620 - Cluster becomes degraded if it can’t talk to Manila
- BZ - 2001760 - While creating 'Backing Store’, 'Bucket Class’, ‘Namespace Store’ user is navigated to ‘Installed Operators’ page after clicking on ODF
- BZ - 2001761 - Unable to apply cluster operator storage for SNO on GCP platform.
- BZ - 2001765 - Some error message in the log of diskmaker-manager caused confusion
- BZ - 2001784 - show loading page before final results instead of showing a transient message No log files exist
- BZ - 2001804 - Reload feature on Environment section in Build Config form does not work properly
- BZ - 2001810 - cluster admin unable to view BuildConfigs in all namespaces
- BZ - 2001817 - Failed to load RoleBindings list that will lead to ‘Role name’ is not able to be selected on Create RoleBinding page as well
- BZ - 2001823 - OCM controller must update operator status
- BZ - 2001825 - [SNO]ingress/authentication clusteroperator degraded when enable ccm from start
- BZ - 2001835 - Could not select image tag version when create app from dev console
- BZ - 2001855 - Add capacity is disabled for ocs-storagecluster
- BZ - 2001856 - Repeating event: MissingVersion no image found for operand pod
- BZ - 2001959 - Side nav list borders don’t extend to edges of container
- BZ - 2002007 - Layout issue on “Something went wrong” page
- BZ - 2002010 - ovn-kube may never attempt to retry a pod creation
- BZ - 2002012 - Cannot change volume mode when cloning a VM from a template
- BZ - 2002027 - Two instances of Dotnet helm chart show as one in topology
- BZ - 2002075 - opm render does not automatically pulling in the image(s) used in the deployments
- BZ - 2002121 - [OVN] upgrades failed for IPI OSP16 OVN IPSec cluster
- BZ - 2002125 - Network policy details page heading should be updated to Network Policy details
- BZ - 2002133 - [e2e][automation] add support/virtualization and improve deleteResource
- BZ - 2002134 - [e2e][automation] add test to verify vm details tab
- BZ - 2002215 - Multipath day1 not working on s390x
- BZ - 2002238 - Image stream tag is not persisted when switching from yaml to form editor
- BZ - 2002262 - [vSphere] Incorrect user agent in vCenter sessions list
- BZ - 2002266 - SinkBinding create form doesn’t allow to use subject name, instead of label selector
- BZ - 2002276 - OLM fails to upgrade operators immediately
- BZ - 2002300 - Altering the Schedule Profile configurations doesn’t affect the placement of the pods
- BZ - 2002354 - Missing DU configuration “Done” status reporting during ZTP flow
- BZ - 2002362 - Dynamic Plugin - ConsoleRemotePlugin for webpack doesn’t use commonjs
- BZ - 2002368 - samples should not go degraded when image allowedRegistries blocks imagestream creation
- BZ - 2002372 - Pod creation failed due to mismatched pod IP address in CNI and OVN
- BZ - 2002397 - Resources search is inconsistent
- BZ - 2002434 - CRI-O leaks some children PIDs
- BZ - 2002443 - Getting undefined error on create local volume set page
- BZ - 2002461 - DNS operator performs spurious updates in response to API’s defaulting of service’s internalTrafficPolicy
- BZ - 2002504 - When the openshift-cluster-storage-operator is degraded because of "VSphereProblemDetectorController_SyncError", the insights operator is not sending the logs from all pods.
- BZ - 2002559 - User preference for topology list view does not follow when a new namespace is created
- BZ - 2002567 - Upstream SR-IOV worker doc has broken links
- BZ - 2002588 - Change text to be sentence case to align with PF
- BZ - 2002657 - ovn-kube egress IP monitoring is using a random port over the node network
- BZ - 2002713 - CNO: OVN logs should have millisecond resolution
- BZ - 2002748 - [ICNI2] ‘ErrorAddingLogicalPort’ failed to handle external GW check: timeout waiting for namespace event
- BZ - 2002759 - Custom profile should not allow not including at least one required HTTP2 ciphersuite
- BZ - 2002763 - Two storage systems getting created with external mode RHCS
- BZ - 2002808 - KCM does not use web identity credentials
- BZ - 2002834 - Cluster-version operator does not remove unrecognized volume mounts
- BZ - 2002896 - Incorrect result return when user filter data by name on search page
- BZ - 2002950 - Why spec.containers.command is not created with “oc create deploymentconfig <dc-name> --image=<image> – <command>”
- BZ - 2003096 - [e2e][automation] check bootsource URL is displaying on review step
- BZ - 2003113 - OpenShift Baremetal IPI installer uses first three defined nodes under hosts in install-config for master nodes instead of filtering the hosts with the master role
- BZ - 2003120 - CI: Uncaught error with ResizeObserver on operand details page
- BZ - 2003145 - Duplicate operand tab titles causes “two children with the same key” warning
- BZ - 2003164 - OLM, fatal error: concurrent map writes
- BZ - 2003178 - [FLAKE][knative] The UI doesn’t show updated traffic distribution after accepting the form
- BZ - 2003193 - Kubelet/crio leaks netns and veth ports in the host
- BZ - 2003195 - OVN CNI should ensure host veths are removed
- BZ - 2003204 - Jenkins all new container images (openshift4/ose-jenkins) not supporting '-e JENKINS_PASSWORD=password’ ENV which was working for old container images
- BZ - 2003206 - Namespace stuck terminating: Failed to delete all resource types, 1 remaining: unexpected items still remain in namespace
- BZ - 2003239 - "[sig-builds][Feature:Builds][Slow] can use private repositories as build input" tests fail outside of CI
- BZ - 2003244 - Revert libovsdb client code
- BZ - 2003251 - Patternfly components with list element has list item bullet when they should not.
- BZ - 2003252 - "[sig-builds][Feature:Builds][Slow] starting a build using CLI start-build test context override environment BUILD_LOGLEVEL in buildconfig" tests do not work as expected outside of CI
- BZ - 2003269 - Rejected pods should be filtered from admission regression
- BZ - 2003357 - QE- Removing the epic tags for gherkin tags related to 4.9 Release
- BZ - 2003426 - [e2e][automation] add test for vm details bootorder
- BZ - 2003496 - [e2e][automation] add test for vm resources requirment settings
- BZ - 2003641 - All metal ipi jobs are failing in 4.10
- BZ - 2003651 - ODF4.9+LSO4.8 installation via UI, StorageCluster move to error state
- BZ - 2003655 - [IPI ON-PREM] Keepalived chk_default_ingress track script failed even though default router pod runs on node
- BZ - 2003683 - Samples operator is panicking in CI
- BZ - 2003711 - [UI] Empty file ceph-external-cluster-details-exporter.py downloaded from external cluster “Connection Details” page
- BZ - 2003715 - Error on creating local volume set after selection of the volume mode
- BZ - 2003743 - Remove workaround keeping /boot RW for kdump support
- BZ - 2003775 - etcd pod on CrashLoopBackOff after master replacement procedure
- BZ - 2003788 - CSR reconciler report error constantly when BYOH CSR approved by other Approver
- BZ - 2003792 - Monitoring metrics query graph flyover panel is useless
- BZ - 2003808 - Add Sprint 207 translations
- BZ - 2003845 - Project admin cannot access image vulnerabilities view
- BZ - 2003859 - sdn emits events with garbage messages
- BZ - 2003896 - (release-4.10) ApiRequestCounts conditional gatherer
- BZ - 2004009 - 4.10: Fix multi-az zone scheduling e2e for 5 control plane replicas
- BZ - 2004051 - CMO can report as being Degraded while node-exporter is deployed on all nodes
- BZ - 2004059 - [e2e][automation] fix current tests for downstream
- BZ - 2004060 - Trying to use basic spring boot sample causes crash on Firefox
- BZ - 2004101 - [UI] When creating storageSystem deployment type dropdown under advanced setting doesn’t close after selection
- BZ - 2004127 - [flake] openshift-controller-manager event reason/SuccessfulDelete occurs too frequently
- BZ - 2004203 - build config’s created prior to 4.8 with image change triggers can result in trigger storm in OCM/openshift-apiserver
- BZ - 2004313 - [RHOCP 4.9.0-rc.0] Failing to deploy Azure cluster from the macOS installer - ignition_bootstrap.ign: no such file or directory
- BZ - 2004449 - Boot option recovery menu prevents image boot
- BZ - 2004451 - The backup filename displayed in the RecentBackup message is incorrect
- BZ - 2004459 - QE - Modified the AddFlow gherkin scripts and automation scripts
- BZ - 2004508 - TuneD issues with the recent ConfigParser changes.
- BZ - 2004510 - openshift-gitops operator hooks gets unauthorized (401) errors during jobs executions
- BZ - 2004542 - [osp][octavia lb] cannot create LoadBalancer type svcs
- BZ - 2004578 - Monitoring and node labels missing for an external storage platform
- BZ - 2004585 - prometheus-k8s-0 cpu usage keeps increasing for the first 3 days
- BZ - 2004596 - [4.10] Bootimage bump tracker
- BZ - 2004597 - Duplicate ramdisk log containers running
- BZ - 2004600 - Duplicate ramdisk log containers running
- BZ - 2004609 - output of “crictl inspectp” is not complete
- BZ - 2004625 - BMC credentials could be logged if they change
- BZ - 2004632 - When LE takes a large amount of time, multiple whereabouts are seen
- BZ - 2004721 - ptp/worker custom threshold doesn’t change ptp events threshold
- BZ - 2004736 - [knative] Create button on new Broker form is inactive despite form being filled
- BZ - 2004796 - [e2e][automation] add test for vm scheduling policy
- BZ - 2004814 - (release-4.10) OCM controller - change type of the etc-pki-entitlement secret to opaque
- BZ - 2004870 - [External Mode] Insufficient spacing along y-axis in RGW Latency Performance Card
- BZ - 2004901 - [e2e][automation] improve kubevirt devconsole tests
- BZ - 2004962 - Console frontend job consuming too much CPU in CI
- BZ - 2005014 - state of ODF StorageSystem is misreported during installation or uninstallation
- BZ - 2005052 - Adding a MachineSet selector matchLabel causes orphaned Machines
- BZ - 2005179 - pods status filter is not taking effect
- BZ - 2005182 - sync list of deprecated apis about to be removed
- BZ - 2005282 - Storage cluster name is given as title in StorageSystem details page
- BZ - 2005355 - setuptools 58 makes Kuryr CI fail
- BZ - 2005407 - ClusterNotUpgradeable Alert should be set to Severity Info
- BZ - 2005415 - PTP operator with sidecar api configured throws bind: address already in use
- BZ - 2005507 - SNO spoke cluster failing to reach coreos.live.rootfs_url is missing url in console
- BZ - 2005554 - The switch status of the button “Show default project” is not revealed correctly in code
- BZ - 2005581 - 4.8.12 to 4.9 upgrade hung due to cluster-version-operator pod CrashLoopBackOff: error creating clients: invalid configuration: no configuration has been provided, try setting KUBERNETES_MASTER environment variable
- BZ - 2005761 - QE - Implementing crw-basic feature file
- BZ - 2005783 - Fix accessibility issues in the “Internal” and “Internal - Attached Mode” Installation Flow
- BZ - 2005811 - vSphere Problem Detector operator - ServerFaultCode: InvalidProperty
- BZ - 2005854 - SSH NodePort service is created for each VM
- BZ - 2005901 - KS, KCM and KA going Degraded during master nodes upgrade
- BZ - 2005902 - Current UI flow for MCG only deployment is confusing and doesn’t reciprocate any message to the end-user
- BZ - 2005926 - PTP operator NodeOutOfPTPSync rule is using max offset from the master instead of openshift_ptp_clock_state metrics
- BZ - 2005971 - Change telemeter to report the Application Services product usage metrics
- BZ - 2005997 - SELinux domain container_logreader_t does not have a policy to follow sym links for log files
- BZ - 2006025 - Description to use an existing StorageClass while creating StorageSystem needs to be re-phrased
- BZ - 2006060 - ocs-storagecluster-storagesystem details are missing on UI for MCG Only and MCG only in LSO mode deployment types
- BZ - 2006101 - Power off fails for drivers that don’t support Soft power off
- BZ - 2006243 - Metal IPI upgrade jobs are running out of disk space
- BZ - 2006291 - bootstrapProvisioningIP set incorrectly when provisioningNetworkCIDR doesn’t use the 0th address
- BZ - 2006308 - Backing Store YAML tab on click displays a blank screen on UI
- BZ - 2006325 - Multicast is broken across nodes
- BZ - 2006329 - Console only allows Web Terminal Operator to be installed in OpenShift Operators
- BZ - 2006364 - IBM Cloud: Set resourceGroupId for resourceGroups, not simply resource
- BZ - 2006561 - [sig-instrumentation] Prometheus when installed on the cluster shouldn’t have failing rules evaluation [Skipped:Disconnected] [Suite:openshift/conformance/parallel]
- BZ - 2006690 - OS boot failure “x64 Exception Type 06 - Invalid Opcode Exception”
- BZ - 2006714 - add retry for etcd errors in kube-apiserver
- BZ - 2006767 - KubePodCrashLooping may not fire
- BZ - 2006803 - Set CoreDNS cache entries for forwarded zones
- BZ - 2006861 - Add Sprint 207 part 2 translations
- BZ - 2006945 - race condition can cause crashlooping bootstrap kube-apiserver in cluster-bootstrap
- BZ - 2006947 - e2e-aws-proxy for 4.10 is permafailing with samples operator errors
- BZ - 2006975 - clusteroperator/etcd status condition should not change reasons frequently due to EtcdEndpointsDegraded
- BZ - 2007085 - Intermittent failure mounting /run/media/iso when booting live ISO from USB stick
- BZ - 2007136 - Creation of BackingStore, BucketClass, NamespaceStore fails
- BZ - 2007271 - CI Integration for Knative test cases
- BZ - 2007289 - kubevirt tests are failing in CI
- BZ - 2007322 - Devfile/Dockerfile import does not work for unsupported git host
- BZ - 2007328 - Updated patternfly to v4.125.3 and pf.quickstarts to v1.2.3.
- BZ - 2007379 - Events are not generated for master offset for ordinary clock
- BZ - 2007443 - [ICNI 2.0] Loadbalancer pods do not establish BFD sessions with all workers that host pods for the routed namespace
- BZ - 2007455 - cluster-etcd-operator: render command should fail if machineCidr contains reserved address
- BZ - 2007495 - Large label value for the metric kubelet_started_pods_errors_total with label message when there is a error
- BZ - 2007522 - No new local-storage-operator-metadata-container is build for 4.10
- BZ - 2007551 - No new ose-aws-efs-csi-driver-operator-bundle-container is build for 4.10
- BZ - 2007580 - Azure cilium installs are failing e2e tests
- BZ - 2007581 - Too many haproxy processes in default-router pod causing high load average after upgrade from v4.8.3 to v4.8.10
- BZ - 2007677 - Regression: core container io performance metrics are missing for pod, qos, and system slices on nodes
- BZ - 2007692 - 4.9 “old-rhcos” jobs are permafailing with storage test failures
- BZ - 2007710 - ci/prow/e2e-agnostic-cmd job is failing on prow
- BZ - 2007757 - must-gather extracts imagestreams in the “openshift” namespace, but not Templates
- BZ - 2007802 - AWS machine actuator get stuck if machine is completely missing
- BZ - 2008096 - TestAWSFinalizerDeleteS3Bucket sometimes fails to teardown operator
- BZ - 2008119 - The serviceAccountIssuer field on Authentication CR is reseted to “” when installation process
- BZ - 2008151 - Topology breaks on clicking in empty state
- BZ - 2008185 - Console operator go.mod should use go 1.16.version
- BZ - 2008201 - openstack-az job is failing on haproxy idle test
- BZ - 2008207 - vsphere CSI driver doesn’t set resource limits
- BZ - 2008223 - gather_audit_logs: fix oc command line to get the current audit profile
- BZ - 2008235 - The Save button in the Edit DC form remains disabled
- BZ - 2008256 - Update Internationalization README with scope info
- BZ - 2008321 - Add correct documentation link for MON_DISK_LOW
- BZ - 2008462 - Disable PodSecurity feature gate for 4.10
- BZ - 2008490 - Backing store details page does not contain all the kebab actions.
- BZ - 2008521 - gcp-hostname service should correct invalid search entries in resolv.conf
- BZ - 2008532 - CreateContainerConfigError:: failed to prepare subPath for volumeMount
- BZ - 2008539 - Registry doesn’t fall back to secondary ImageContentSourcePolicy Mirror
- BZ - 2008540 - HighlyAvailableWorkloadIncorrectlySpread always fires on upgrade on cluster with two workers
- BZ - 2008599 - Azure Stack UPI does not have Internal Load Balancer
- BZ - 2008612 - Plugin asset proxy does not pass through browser cache headers
- BZ - 2008712 - VPA webhook timeout prevents all pods from starting
- BZ - 2008733 - kube-scheduler: exposed /debug/pprof port
- BZ - 2008911 - Prometheus repeatedly scaling prometheus-operator replica set
- BZ - 2008926 - [sig-api-machinery] API data in etcd should be stored at the correct location and version for all resources [Serial] [Suite:openshift/conformance/serial]
- BZ - 2008987 - OpenShift SDN Hosted Egress IP’s are not being scheduled to nodes after upgrade to 4.8.12
- BZ - 2009055 - Instances of OCS to be replaced with ODF on UI
- BZ - 2009078 - NetworkPodsCrashLooping alerts in upgrade CI jobs
- BZ - 2009083 - opm blocks pruning of existing bundles during add
- BZ - 2009111 - [IPI-on-GCP] ‘Install a cluster with nested virtualization enabled’ failed due to unable to launch compute instances
- BZ - 2009131 - [e2e][automation] add more test about vmi
- BZ - 2009148 - [e2e][automation] test vm nic presets and options
- BZ - 2009233 - ACM policy object generated by PolicyGen conflicting with OLM Operator
- BZ - 2009253 - [BM] [IPI] [DualStack] apiVIP and ingressVIP should be of the same primary IP family
- BZ - 2009298 - Service created for VM SSH access is not owned by the VM and thus is not deleted if the VM is deleted
- BZ - 2009384 - UI changes to support BindableKinds CRD changes
- BZ - 2009404 - ovnkube-node pod enters CrashLoopBackOff after OVN_IMAGE is swapped
- BZ - 2009424 - Deployment upgrade is failing availability check
- BZ - 2009454 - Change web terminal subscription permissions from get to list
- BZ - 2009465 - container-selinux should come from rhel8-appstream
- BZ - 2009514 - Bump OVS to 2.16-15
- BZ - 2009555 - Supermicro X11 system not booting from vMedia with AI
- BZ - 2009623 - Console: Observe > Metrics page: Table pagination menu shows bullet points
- BZ - 2009664 - Git Import: Edit of knative service doesn’t work as expected for git import flow
- BZ - 2009699 - Failure to validate flavor RAM
- BZ - 2009754 - Footer is not sticky anymore in import forms
- BZ - 2009785 - CRI-O’s version file should be pinned by MCO
- BZ - 2009791 - Installer: ibmcloud ignores install-config values
- BZ - 2009823 - [sig-arch] events should not repeat pathologically - reason/VSphereOlderVersionDetected Marking cluster un-upgradeable because one or more VMs are on hardware version vmx-13
- BZ - 2009840 - cannot build extensions on aarch64 because of unavailability of rhel-8-advanced-virt repo
- BZ - 2009859 - Large number of sessions created by vmware-vsphere-csi-driver-operator during e2e tests
- BZ - 2009873 - Stale Logical Router Policies and Annotations for a given node
- BZ - 2009879 - There should be test-suite coverage to ensure admin-acks work as expected
- BZ - 2009888 - SRO package name collision between official and community version
- BZ - 2010073 - uninstalling and then reinstalling sriov-network-operator is not working
- BZ - 2010174 - 2 PVs get created unexpectedly with different paths that actually refer to the same device on the node.
- BZ - 2010181 - Environment variables not getting reset on reload on deployment edit form
- BZ - 2010310 - [sig-instrumentation][Late] OpenShift alerting rules should have description and summary annotations [Skipped:Disconnected] [Suite:openshift/conformance/parallel]
- BZ - 2010341 - OpenShift Alerting Rules Style-Guide Compliance
- BZ - 2010342 - Local console builds can have out of memory errors
- BZ - 2010345 - OpenShift Alerting Rules Style-Guide Compliance
- BZ - 2010348 - Reverts PIE build mode for K8S components
- BZ - 2010352 - OpenShift Alerting Rules Style-Guide Compliance
- BZ - 2010354 - OpenShift Alerting Rules Style-Guide Compliance
- BZ - 2010359 - OpenShift Alerting Rules Style-Guide Compliance
- BZ - 2010368 - OpenShift Alerting Rules Style-Guide Compliance
- BZ - 2010376 - OpenShift Alerting Rules Style-Guide Compliance
- BZ - 2010662 - Cluster is unhealthy after image-registry-operator tests
- BZ - 2010663 - OpenShift Alerting Rules Style-Guide Compliance (ovn-kubernetes subcomponent)
- BZ - 2010665 - Bootkube tries to use oc after cluster bootstrap is done and there is no API
- BZ - 2010698 - [BM] [IPI] [Dual Stack] Installer must ensure ipv6 short forms too if clusterprovisioning IP is specified as ipv6 address
- BZ - 2010719 - etcdHighNumberOfFailedGRPCRequests runbook is missing
- BZ - 2010864 - Failure building EFS operator
- BZ - 2010910 - ptp worker events unable to identify interface for multiple interfaces
- BZ - 2010911 - RenderOperatingSystem() returns wrong OS version on OCP 4.7.24
- BZ - 2010921 - Azure Stack Hub does not handle additionalTrustBundle
- BZ - 2010931 - SRO CSV uses non default category “Drivers and plugins”
- BZ - 2010946 - concurrent CRD from ovirt-csi-driver-operator gets reconciled by CVO after deployment, changing CR as well.
- BZ - 2011038 - optional operator conditions are confusing
- BZ - 2011063 - CVE-2021-39226 grafana: Snapshot authentication bypass
- BZ - 2011171 - diskmaker-manager constantly redeployed by LSO when creating LV’s
- BZ - 2011293 - Build pod are not pulling images if we are not explicitly giving the registry name with the image
- BZ - 2011368 - Tooltip in pipeline visualization shows misleading data
- BZ - 2011386 - [sig-arch] Check if alerts are firing during or after upgrade success — alert KubePodNotReady fired for 60 seconds with labels
- BZ - 2011411 - Managed Service’s Cluster overview page contains link to missing Storage dashboards
- BZ - 2011443 - Cypress tests assuming Admin Perspective could fail on shared/reference cluster
- BZ - 2011513 - Kubelet rejects pods that use resources that should be freed by completed pods
- BZ - 2011668 - Machine stuck in deleting phase in VMware “reconciler failed to Delete machine”
- BZ - 2011693 - (release-4.10) “insightsclient_request_recvreport_total” metric is always incremented
- BZ - 2011698 - After upgrading cluster to 4.8 the kube-state-metrics service doesn’t export namespace labels anymore
- BZ - 2011733 - Repository README points to broken documentarion link
- BZ - 2011753 - Ironic resumes clean before raid configuration job is actually completed
- BZ - 2011809 - The nodes page in the openshift console doesn’t work. You just get a blank page
- BZ - 2011822 - Obfuscation doesn’t work at clusters with OVN
- BZ - 2011882 - SRO helm charts not synced with templates
- BZ - 2011893 - Validation: BMC driver ipmi is not supported for secure UEFI boot
- BZ - 2011896 - [4.10] ClusterVersion Upgradeable=False MultipleReasons should include all messages
- BZ - 2011903 - vsphere-problem-detector: session leak
- BZ - 2011927 - OLM should allow users to specify a proxy for GRPC connections
- BZ - 2011956 - [tracker] Kubelet rejects pods that use resources that should be freed by completed pods
- BZ - 2011960 - [tracker] Storage operator is not available after reboot cluster instances
- BZ - 2011971 - ICNI2 pods are stuck in ContainerCreating state
- BZ - 2011972 - Ingress operator not creating wildcard route for hypershift clusters
- BZ - 2011977 - SRO bundle references non-existent image
- BZ - 2012069 - Refactoring Status controller
- BZ - 2012177 - [OCP 4.9 + OCS 4.8.3] Overview tab is missing under Storage after successful deployment on UI
- BZ - 2012228 - ibmcloud: credentialsrequests invalid for machine-api-operator: resource-group
- BZ - 2012233 - [IBMCLOUD] IPI: "Exceeded limit of remote rules per security group (the limit is 5 remote rules per security group)"
- BZ - 2012235 - [IBMCLOUD] IPI: IBM cloud provider requires ResourceGroupName in cloudproviderconfig
- BZ - 2012317 - Dynamic Plugins: ListPageCreateDropdown items cut off
- BZ - 2012407 - [e2e][automation] improve vm tab console tests
- BZ - 2012426 - ThanosSidecarBucketOperationsFailed/ThanosSidecarUnhealthy alerts don’t have namespace label
- BZ - 2012562 - migration condition is not detected in list view
- BZ - 2012770 - when using expression metric openshift_apps_deploymentconfigs_last_failed_rollout_time namespace label is re-written
- BZ - 2012780 - The port 50936 used by haproxy is occupied by kube-apiserver
- BZ - 2012838 - Setting the default maximum container root partition size for Overlay with CRI-O stop working
- BZ - 2012902 - Neutron Ports assigned to Completed Pods are not reused Edit
- BZ - 2012915 - kube_persistentvolumeclaim_labels and kube_persistentvolume_labels are missing in OCP 4.8 monitoring stack
- BZ - 2012971 - Disable operands deletes
- BZ - 2013034 - Cannot install to openshift-nmstate namespace
- BZ - 2013127 - OperatorHub links could not be opened in a new tabs (sharing and open a deep link works fine)
- BZ - 2013199 - post reboot of node SRIOV policy taking huge time
- BZ - 2013203 - UI breaks when trying to create block pool before storage cluster/system creation
- BZ - 2013222 - Full breakage for nightly payload promotion
- BZ - 2013273 - Nil pointer exception when phc2sys options are missing
- BZ - 2013321 - TuneD: high CPU utilization of the TuneD daemon.
- BZ - 2013416 - Multiple assets emit different content to the same filename
- BZ - 2013431 - Application selector dropdown has incorrect font-size and positioning
- BZ - 2013528 - mapi_current_pending_csr is always set to 1 on OpenShift Container Platform 4.8
- BZ - 2013545 - Service binding created outside topology is not visible
- BZ - 2013599 - Scorecard support storage is not included in ocp4.9
- BZ - 2013632 - Correction/Changes in Quick Start Guides for ODF 4.9 (Install ODF guide)
- BZ - 2013646 - fsync controller will show false positive if gaps in metrics are observed.
- BZ - 2013710 - ZTP Operator subscriptions for 4.9 release branch should point to 4.9 by default
- BZ - 2013751 - Service details page is showing wrong in-cluster hostname
- BZ - 2013787 - There are two tittle ‘Network Attachment Definition Details’ on NAD details page
- BZ - 2013871 - Resource table headings are not aligned with their column data
- BZ - 2013895 - Cannot enable accelerated network via MachineSets on Azure
- BZ - 2013920 - “–collector.filesystem.ignored-mount-points is DEPRECATED and will be removed in 2.0.0, use --collector.filesystem.mount-points-exclude”
- BZ - 2013930 - Create Buttons enabled for Bucket Class, Backingstore and Namespace Store in the absence of Storagesystem(or MCG)
- BZ - 2013969 - oVIrt CSI driver fails on creating PVCs on hosted engine storage domain
- BZ - 2013990 - Observe dashboard crashs on reload when perspective has changed (in another tab)
- BZ - 2013996 - Project detail page: Action “Delete Project” does nothing for the default project
- BZ - 2014071 - Payload imagestream new tags not properly updated during cluster upgrade
- BZ - 2014153 - SRIOV exclusive pooling
- BZ - 2014202 - [OCP-4.8.10] OVN-Kubernetes: service IP is not responding when egressIP set to the namespace
- BZ - 2014238 - AWS console test is failing on importing duplicate YAML definitions
- BZ - 2014245 - Several aria-labels, external links, and labels aren’t internationalized
- BZ - 2014248 - Several files aren’t internationalized
- BZ - 2014352 - Could not filter out machine by using node name on machines page
- BZ - 2014464 - Unexpected spacing/padding below navigation groups in developer perspective
- BZ - 2014471 - Helm Release notes tab is not automatically open after installing a chart for other languages
- BZ - 2014486 - Integration Tests: OLM single namespace operator tests failing
- BZ - 2014488 - Custom operator cannot change orders of condition tables
- BZ - 2014497 - Regex slows down different forms and creates too much recursion errors in the log
- BZ - 2014538 - Kuryr controller crash looping on self._get_vip_port(loadbalancer).id ‘NoneType’ object has no attribute ‘id’
- BZ - 2014614 - Metrics scraping requests should be assigned to exempt priority level
- BZ - 2014710 - TestIngressStatus test is broken on Azure
- BZ - 2014954 - The prometheus-k8s-{0,1} pods are CrashLoopBackoff repeatedly
- BZ - 2014995 - oc adm must-gather cannot gather audit logs with ‘None’ audit profile
- BZ - 2015115 - [RFE] PCI passthrough
- BZ - 2015133 - [IBMCLOUD] ServiceID API key credentials seems to be insufficient for ccoctl ‘–resource-group-name’ parameter
- BZ - 2015154 - Support ports defined networks and primarySubnet
- BZ - 2015274 - Yarn dev fails after updates to dynamic plugin JSON schema logic
- BZ - 2015337 - 4.9.0 GA MetalLB operator image references need to be adjusted to match production
- BZ - 2015386 - Possibility to add labels to the built-in OCP alerts
- BZ - 2015395 - Table head on Affinity Rules modal is not fully expanded
- BZ - 2015416 - CI implementation for Topology plugin
- BZ - 2015418 - Project Filesystem query returns No datapoints found
- BZ - 2015420 - No vm resource in project view’s inventory
- BZ - 2015422 - No conflict checking on snapshot name
- BZ - 2015472 - Form and YAML view switch button should have distinguishable status
- BZ - 2015481 - [4.10] sriov-network-operator daemon pods are failing to start
- BZ - 2015493 - Cloud Controller Manager Operator does not respect ‘additionalTrustBundle’ setting
- BZ - 2015496 - Storage - PersistentVolumes : Claim colum value ‘No Claim’ in English
- BZ - 2015498 - [UI] Add capacity when not applicable (for MCG only deployment and External mode cluster) fails to pass any info. to user and tries to just load a blank screen on ‘Add Capacity’ button click
- BZ - 2015506 - Home - Search - Resources - APIRequestCount : hard to select an item from ellipsis menu
- BZ - 2015515 - Kubelet checks all providers even if one is configured: NoCredentialProviders: no valid providers in chain.
- BZ - 2015535 - Administration - ResourceQuotas - ResourceQuota details: Inside Pie chart ‘x% used’ is in English
- BZ - 2015549 - Observe - Metrics: Column heading and pagination text is in English
- BZ - 2015557 - Workloads - DeploymentConfigs : Error message is in English
- BZ - 2015568 - Compute - Nodes : CPU column’s values are in English
- BZ - 2015635 - Storage operator fails causing installation to fail on ASH
- BZ - 2015660 - “Finishing boot source customization” screen should not use term “patched”
- BZ - 2015793 - [hypershift] The collect-profiles job’s pods should run on the control-plane node
- BZ - 2015806 - Metrics view in Deployment reports “Forbidden” when not cluster-admin
- BZ - 2015819 - Conmon sandbox processes run on non-reserved CPUs with workload partitioning
- BZ - 2015837 - OS_CLOUD overwrites install-config’s platform.openstack.cloud
- BZ - 2015950 - update from 4.7.22 to 4.8.11 is failing due to large amount of secrets to watch
- BZ - 2015952 - RH CodeReady Workspaces Operator in e2e testing will soon fail
- BZ - 2016004 - [RFE] RHCOS: help determining whether a user-provided image was already booted (Ignition provisioning already performed)
- BZ - 2016008 - [4.10] Bootimage bump tracker
- BZ - 2016052 - No e2e CI presubmit configured for release component azure-file-csi-driver
- BZ - 2016053 - No e2e CI presubmit configured for release component azure-file-csi-driver-operator
- BZ - 2016054 - No e2e CI presubmit configured for release component cluster-autoscaler
- BZ - 2016055 - No e2e CI presubmit configured for release component console
- BZ - 2016058 - openshift-sync does not synchronise in “ose-jenkins:v4.8”
- BZ - 2016064 - No e2e CI presubmit configured for release component ibm-cloud-controller-manager
- BZ - 2016065 - No e2e CI presubmit configured for release component ibmcloud-machine-controllers
- BZ - 2016175 - Pods get stuck in ContainerCreating state when attaching volumes fails on SNO clusters.
- BZ - 2016179 - Add Sprint 208 translations
- BZ - 2016228 - Collect Profiles pprof secret is hardcoded to openshift-operator-lifecycle-manager
- BZ - 2016235 - should update to 7.5.11 for grafana resources version label
- BZ - 2016296 - Openshift virtualization : Create Windows Server 2019 VM using template : Fails
- BZ - 2016334 - shiftstack: SRIOV nic reported as not supported
- BZ - 2016352 - Some pods start before CA resources are present
- BZ - 2016367 - Empty task box is getting created for a pipeline without finally task
- BZ - 2016435 - Duplicate AlertmanagerClusterFailedToSendAlerts alerts
- BZ - 2016438 - Feature flag gating is missing in few extensions contributed via knative plugin
- BZ - 2016442 - OCPonRHV: pvc should be in Bound state and without error when choosing default sc
- BZ - 2016446 - [OVN-Kubernetes] Egress Networkpolicy is failing Intermittently for statefulsets
- BZ - 2016453 - Complete i18n for GaugeChart defaults
- BZ - 2016479 - iface-id-ver is not getting updated for existing lsp
- BZ - 2016925 - Dashboards with All filter, change to a specific value and change back to All, data will disappear
- BZ - 2016951 - dynamic actions list is not disabling “open console” for stopped vms
- BZ - 2016955 - m5.large instance type for bootstrap node is hardcoded causing deployments to fail if instance type is not available
- BZ - 2016988 - NTO does not set io_timeout and max_retries for AWS Nitro instances
- BZ - 2017016 - [REF] Virtualization menu
- BZ - 2017036 - [sig-network-edge][Feature:Idling] Unidling should handle many TCP connections fails in periodic-ci-openshift-release-master-ci-4.9-e2e-openstack-ovn
- BZ - 2017050 - Dynamic Plugins: Shared modules loaded multiple times, breaking use of PatternFly
- BZ - 2017130 - t is not a function error navigating to details page
- BZ - 2017141 - Project dropdown has a dynamic inline width added which can cause min-width issue
- BZ - 2017244 - ovirt csi operator static files creation is in the wrong order
- BZ - 2017276 - [4.10] Volume mounts not created with the correct security context
- BZ - 2017327 - When run opm index prune failed with error removing operator package cic-operator FOREIGN KEY constraint failed.
- BZ - 2017427 - NTO does not restart TuneD daemon when profile application is taking too long
- BZ - 2017535 - Broken Argo CD link image on GitOps Details Page
- BZ - 2017547 - Siteconfig application sync fails with The AgentClusterInstall is invalid: spec.provisionRequirements.controlPlaneAgents: Required value when updating images references
- BZ - 2017564 - On-prem prepender dispatcher script overwrites DNS search settings
- BZ - 2017565 - CCMO does not handle additionalTrustBundle on Azure Stack
- BZ - 2017566 - MetalLB: Web Console -Create Address pool form shows address pool name twice
- BZ - 2017606 - [e2e][automation] add test to verify send key for VNC console
- BZ - 2017650 - [OVN]EgressFirewall cannot be applied correctly if cluster has windows nodes
- BZ - 2017656 - VM IP address is “undefined” under VM details -> ssh field
- BZ - 2017663 - SSH password authentication is disabled when public key is not supplied
- BZ - 2017680 - [gcp] Couldn’t enable support for instances with GPUs on GCP
- BZ - 2017732 - [KMS] Prevent creation of encryption enabled storageclass without KMS connection set
- BZ - 2017752 - (release-4.10) obfuscate identity provider attributes in collected authentication.operator.openshift.io resource
- BZ - 2017756 - overlaySize setting on containerruntimeconfig is ignored due to cri-o defaults
- BZ - 2017761 - [e2e][automation] dummy bug for 4.9 test dependency
- BZ - 2017872 - Add Sprint 209 translations
- BZ - 2017874 - The installer is incorrectly checking the quota for X instances instead of G and VT instances
- BZ - 2017879 - Add Chinese translation for “alternate”
- BZ - 2017882 - multus: add handling of pod UIDs passed from runtime
- BZ - 2017909 - [ICNI 2.0] ovnkube-masters stop processing add/del events for pods
- BZ - 2018042 - HorizontalPodAutoscaler CPU averageValue did not show up in HPA metrics GUI
- BZ - 2018093 - Managed cluster should ensure control plane pods do not run in best-effort QoS
- BZ - 2018094 - the tooltip length is limited
- BZ - 2018152 - CNI pod is not restarted when It cannot start servers due to ports being used
- BZ - 2018208 - e2e-metal-ipi-ovn-ipv6 are failing 75% of the time
- BZ - 2018234 - user settings are saved in local storage instead of on cluster
- BZ - 2018264 - Delete Export button doesn’t work in topology sidebar (general issue with unknown CSV?)
- BZ - 2018272 - Deployment managed by link and topology sidebar links to invalid resource page (at least for Exports)
- BZ - 2018275 - Topology graph doesn’t show context menu for Export CSV
- BZ - 2018279 - Edit and Delete confirmation modals for managed resource should close when the managed resource is clicked
- BZ - 2018380 - Migrate docs links to access.redhat.com
- BZ - 2018413 - Error: context deadline exceeded, OCP 4.8.9
- BZ - 2018428 - PVC is deleted along with VM even with “Delete Disks” unchecked
- BZ - 2018445 - [e2e][automation] enhance tests for downstream
- BZ - 2018446 - [e2e][automation] move tests to different level
- BZ - 2018449 - [e2e][automation] add test about create/delete network attachment definition
- BZ - 2018490 - [4.10] Image provisioning fails with file name too long
- BZ - 2018495 - Fix typo in internationalization README
- BZ - 2018542 - Kernel upgrade does not reconcile DaemonSet
- BZ - 2018880 - Get ‘No datapoints found.’ when query metrics about alert rule KubeCPUQuotaOvercommit and KubeMemoryQuotaOvercommit
- BZ - 2018884 - QE - Adapt crw-basic feature file to OCP 4.9/4.10 changes
- BZ - 2018935 - go.sum not updated, that ART extracts version string from, WAS: Missing backport from 4.9 for Kube bump PR#950
- BZ - 2018965 - e2e-metal-ipi-upgrade is permafailing in 4.10
- BZ - 2018985 - The rootdisk size is 15Gi of windows VM in customize wizard
- BZ - 2019001 - AWS: Operator degraded (CredentialsFailing): 1 of 6 credentials requests are failing to sync.
- BZ - 2019096 - Update SRO leader election timeout to support SNO
- BZ - 2019129 - SRO in operator hub points to wrong repo for README
- BZ - 2019181 - Performance profile does not apply
- BZ - 2019198 - ptp offset metrics are not named according to the log output
- BZ - 2019219 - [IBMCLOUD]: cloud-provider-ibm missing IAM permissions in CCCMO CredentialRequest
- BZ - 2019284 - Stop action should not in the action list while VMI is not running
- BZ - 2019346 - zombie processes accumulation and Argument list too long
- BZ - 2019360 - [RFE] Virtualization Overview page
- BZ - 2019452 - Logger object in LSO appends to existing logger recursively
- BZ - 2019591 - Operator install modal body that scrolls has incorrect padding causing shadow position to be incorrect
- BZ - 2019634 - Pause and migration is enabled in action list for a user who has view only permission
- BZ - 2019636 - Actions in VM tabs should be disabled when user has view only permission
- BZ - 2019639 - “Take snapshot” should be disabled while VM image is still been importing
- BZ - 2019645 - Create button is not removed on “Virtual Machines” page for view only user
- BZ - 2019646 - Permission error should pop-up immediately while clicking “Create VM” button on template page for view only user
- BZ - 2019647 - “Remove favorite” and “Create new Template” should be disabled in template action list for view only user
- BZ - 2019717 - cant delete VM with un-owned pvc attached
- BZ - 2019722 - The shared-resource-csi-driver-node pod runs as “BestEffort” qosClass
- BZ - 2019739 - The shared-resource-csi-driver-node uses imagePullPolicy as “Always”
- BZ - 2019744 - [RFE] Suggest users to download newest RHEL 8 version
- BZ - 2019809 - [OVN][Upgrade] After upgrade to 4.7.34 ovnkube-master pods are in CrashLoopBackOff/ContainerCreating and other multiple issues at OVS/OVN level
- BZ - 2019827 - Display issue with top-level menu items running demo plugin
- BZ - 2019832 - 4.10 Nightlies blocked: Failed to upgrade authentication, operator was degraded
- BZ - 2019886 - Kuryr unable to finish ports recovery upon controller restart
- BZ - 2019948 - [RFE] Restructring Virtualization links
- BZ - 2019972 - The Nodes section doesn’t display the csr of the nodes that are trying to join the cluster
- BZ - 2019977 - Installer doesn’t validate region causing binary to hang with a 60 minute timeout
- BZ - 2019986 - Dynamic demo plugin fails to build
- BZ - 2019992 - instance:node_memory_utilisation:ratio metric is incorrect
- BZ - 2020001 - Update dockerfile for demo dynamic plugin to reflect dir change
- BZ - 2020003 - MCD does not regard “dangling” symlinks as a files, attempts to write through them on next backup, resulting in “not writing through dangling symlink” error and degradation.
- BZ - 2020107 - cluster-version-operator: remove runlevel from CVO namespace
- BZ - 2020153 - Creation of Windows high performance VM fails
- BZ - 2020216 - installer: Azure storage container blob where is stored bootstrap.ign file shouldn’t be public
- BZ - 2020250 - Replacing deprecated ioutil
- BZ - 2020257 - Dynamic plugin with multiple webpack compilation passes may fail to build
- BZ - 2020275 - ClusterOperators link in console returns blank page during upgrades
- BZ - 2020377 - permissions error while using tcpdump option with must-gather
- BZ - 2020489 - coredns_dns metrics don’t include the custom zone metrics data due to CoreDNS prometheus plugin is not defined
- BZ - 2020498 - “Show PromQL” button is disabled
- BZ - 2020625 - [AUTH-52] User fails to login from web console with keycloak OpenID IDP after enable group membership sync feature
- BZ - 2020638 - [4.7] CI conformance test failures related to CustomResourcePublishOpenAPI
- BZ - 2020664 - DOWN subports are not cleaned up
- BZ - 2020904 - When trying to create a connection from the Developer view between VMs, it fails
- BZ - 2021016 - ‘Prometheus Stats’ of dashboard ‘Prometheus Overview’ miss data on console compared with Grafana
- BZ - 2021017 - 404 page not found error on knative eventing page
- BZ - 2021031 - QE - Fix the topology CI scripts
- BZ - 2021048 - [RFE] Added MAC Spoof check
- BZ - 2021053 - Metallb operator presented as community operator
- BZ - 2021067 - Extensive number of requests from storage version operator in cluster
- BZ - 2021081 - Missing PolicyGenTemplate for configuring Local Storage Operator LocalVolumes
- BZ - 2021135 - [azure-file-csi-driver] “make unit-test” returns non-zero code, but tests pass
- BZ - 2021141 - Cluster should allow a fast rollout of kube-apiserver is failing on single node
- BZ - 2021151 - Sometimes the DU node does not get the performance profile configuration applied and MachineConfigPool stays stuck in Updating
- BZ - 2021152 - imagePullPolicy is “Always” for ptp operator images
- BZ - 2021191 - Project admins should be able to list available network attachment defintions
- BZ - 2021205 - Invalid URL in git import form causes validation to not happen on URL change
- BZ - 2021322 - cluster-api-provider-azure should populate purchase plan information
- BZ - 2021337 - Dynamic Plugins: ResourceLink doesn’t render when passed a groupVersionKind
- BZ - 2021364 - Installer requires invalid AWS permission s3:GetBucketReplication
- BZ - 2021400 - Bump documentationBaseURL to 4.10
- BZ - 2021405 - [e2e][automation] VM creation wizard Cloud Init editor
- BZ - 2021433 - "[sig-builds][Feature:Builds][pullsearch] docker build where the registry is not specified" test fail permanently on disconnected
- BZ - 2021466 - [e2e][automation] Windows guest tool mount
- BZ - 2021544 - OCP 4.6.44 - Ingress VIP assigned as secondary IP in ovs-if-br-ex and added to resolv.conf as nameserver
- BZ - 2021551 - Build is not recognizing the USER group from an s2i image
- BZ - 2021607 - Unable to run openshift-install with a vcenter hostname that begins with a numeric character
- BZ - 2021629 - api request counts for current hour are incorrect
- BZ - 2021632 - [UI] Clicking on odf-operator breadcrumb from StorageCluster details page displays empty page
- BZ - 2021693 - Modals assigned modal-lg class are no longer the correct width
- BZ - 2021724 - Observe > Dashboards: Graph lines are not visible when obscured by other lines
- BZ - 2021731 - CCO occasionally down, reporting networksecurity.googleapis.com API as disabled
- BZ - 2021936 - Kubelet version in RPMs should be using Dockerfile label instead of git tags
- BZ - 2022050 - [BM][IPI] Failed during bootstrap - unable to read client-key /var/lib/kubelet/pki/kubelet-client-current.pem
- BZ - 2022053 - dpdk application with vhost-net is not able to start
- BZ - 2022114 - Console logging every proxy request
- BZ - 2022144 - 1 of 3 ovnkube-master pods stuck in clbo after ipi bm deployment - dualstack (Intermittent)
- BZ - 2022251 - wait interval in case of a failed upload due to 403 is unnecessarily long
- BZ - 2022399 - MON_DISK_LOW troubleshooting guide link when clicked, gives 404 error .
- BZ - 2022447 - ServiceAccount in manifests conflicts with OLM
- BZ - 2022502 - Patternfly tables with a checkbox column are not displaying correctly because of conflicting css rules.
- BZ - 2022509 - getOverrideForManifest does not check manifest.GVK.Group
- BZ - 2022536 - WebScale: duplicate ecmp next hop error caused by multiple of the same gateway IPs in ovnkube cache
- BZ - 2022612 - no namespace field for "Kubernetes / Compute Resources / Namespace (Pods)" admin console dashboard
- BZ - 2022627 - Machine object not picking up external FIP added to an openstack vm
- BZ - 2022646 - configure-ovs.sh failure - Error: unknown connection ‘WARN:’
- BZ - 2022707 - Observe / monitoring dashboard shows forbidden errors on Dev Sandbox
- BZ - 2022801 - Add Sprint 210 translations
- BZ - 2022811 - Fix kubelet log rotation file handle leak
- BZ - 2022812 - [SCALE] ovn-kube service controller executes unnecessary load balancer operations
- BZ - 2022824 - Large number of sessions created by vmware-vsphere-csi-driver-operator during e2e tests
- BZ - 2022880 - Pipeline renders with minor visual artifact with certain task dependencies
- BZ - 2022886 - Incorrect URL in operator description
- BZ - 2023042 - CRI-O filters custom runtime allowed annotation when both custom workload and custom runtime sections specified under the config
- BZ - 2023060 - [e2e][automation] Windows VM with CDROM migration
- BZ - 2023077 - [e2e][automation] Home Overview Virtualization status
- BZ - 2023090 - [e2e][automation] Examples of Import URL for VM templates
- BZ - 2023102 - [e2e][automation] Cloudinit disk of VM from custom template
- BZ - 2023216 - ACL for a deleted egressfirewall still present on node join switch
- BZ - 2023228 - Remove Tech preview badge on Trigger components 1.6 OSP on OCP 4.9
- BZ - 2023238 - [sig-devex][Feature:ImageEcosystem][python][Slow] hot deploy for openshift python image Django example should work with hot deploy
- BZ - 2023342 - SCC admission should take ephemeralContainers into account
- BZ - 2023356 - Devfiles can’t be loaded in Safari on macOS (403 - Forbidden)
- BZ - 2023434 - Update Azure Machine Spec API to accept Marketplace Images
- BZ - 2023500 - Latency experienced while waiting for volumes to attach to node
- BZ - 2023522 - can’t remove package from index: database is locked
- BZ - 2023560 - “Network Attachment Definitions” has no project field on the top in the list view
- BZ - 2023592 - [e2e][automation] add mac spoof check for nad
- BZ - 2023604 - ACL violation when deleting a provisioning-configuration resource
- BZ - 2023607 - console returns blank page when normal user without any projects visit Installed Operators page
- BZ - 2023638 - Downgrade support level for extended control plane integration to Dev Preview
- BZ - 2023657 - inconsistent behaviours of adding ssh key on rhel node between 4.9 and 4.10
- BZ - 2023675 - Changing CNV Namespace
- BZ - 2023779 - Fix Patch 104847 in 4.9
- BZ - 2023781 - initial hardware devices is not loading in wizard
- BZ - 2023832 - CCO updates lastTransitionTime for non-Status changes
- BZ - 2023839 - Bump recommended FCOS to 34.20211031.3.0
- BZ - 2023865 - Console css overrides prevent dynamic plug-in PatternFly tables from displaying correctly
- BZ - 2023950 - make test-e2e-operator on kubernetes-nmstate results in failure to pull image from “registry:5000” repository
- BZ - 2023985 - [4.10] OVN idle service cannot be accessed after upgrade from 4.8
- BZ - 2024055 - External DNS added extra prefix for the TXT record
- BZ - 2024108 - Occasionally node remains in SchedulingDisabled state even after update has been completed sucessfully
- BZ - 2024190 - e2e-metal UPI is permafailing with inability to find rhcos.json
- BZ - 2024199 - 400 Bad Request error for some queries for the non admin user
- BZ - 2024220 - Cluster monitoring checkbox flickers when installing Operator in all-namespace mode
- BZ - 2024262 - Sample catalog is not displayed when one API call to the backend fails
- BZ - 2024309 - cluster-etcd-operator: defrag controller needs to provide proper observability
- BZ - 2024316 - modal about support displays wrong annotation
- BZ - 2024328 - [oVirt / RHV] PV disks are lost when machine deleted while node is disconnected
- BZ - 2024399 - Extra space is in the translated text of “Add/Remove alternate service” on Create Route page
- BZ - 2024448 - When ssh_authorized_keys is empty in form view it should not appear in yaml view
- BZ - 2024493 - Observe > Alerting > Alerting rules page throws error trying to destructure undefined
- BZ - 2024515 - test-blocker: Ceph-storage-plugin tests failing
- BZ - 2024535 - hotplug disk missing OwnerReference
- BZ - 2024537 - WINDOWS_IMAGE_LINK does not refer to windows cloud image
- BZ - 2024547 - Detail page is breaking for namespace store , backing store and bucket class.
- BZ - 2024551 - KMS resources not getting created for IBM FlashSystem storage
- BZ - 2024586 - Special Resource Operator(SRO) - Empty image in BuildConfig when using RT kernel
- BZ - 2024613 - pod-identity-webhook starts without tls
- BZ - 2024617 - vSphere CSI tests constantly failing with Rollout of the monitoring stack failed and is degraded
- BZ - 2024665 - Bindable services are not shown on topology
- BZ - 2024731 - linuxptp container: unnecessary checking of interfaces
- BZ - 2024750 - i18n some remaining OLM items
- BZ - 2024804 - gcp-pd-csi-driver does not use trusted-ca-bundle when cluster proxy configured
- BZ - 2024826 - [RHOS/IPI] Masters are not joining a clusters when installing on OpenStack
- BZ - 2024841 - test Keycloak with latest tag
- BZ - 2024859 - Not able to deploy an existing image from private image registry using developer console
- BZ - 2024880 - Egress IP breaks when network policies are applied
- BZ - 2024900 - Operator upgrade kube-apiserver
- BZ - 2024932 - console throws “Unauthorized” error after logging out
- BZ - 2024933 - openshift-sync plugin does not sync existing secrets/configMaps on start up
- BZ - 2025093 - Installer does not honour diskformat specified in storage policy and defaults to zeroedthick
- BZ - 2025230 - ClusterAutoscalerUnschedulablePods should not be a warning
- BZ - 2025266 - CreateResource route has exact prop which need to be removed
- BZ - 2025301 - [e2e][automation] VM actions availability in different VM states
- BZ - 2025304 - overwrite storage section of the DV spec instead of the pvc section
- BZ - 2025431 - [RFE]Provide specific windows source link
- BZ - 2025458 - [IPI-AWS] cluster-baremetal-operator pod in a crashloop state after patching from 4.7.21 to 4.7.36
- BZ - 2025464 - [aws] openshift-install gather bootstrap collects logs for bootstrap and only one master node
- BZ - 2025467 - [OVN-K][ETP=local] Host to service backed by ovn pods doesn’t work for ExternalTrafficPolicy=local
- BZ - 2025481 - Update VM Snapshots UI
- BZ - 2025488 - [DOCS] Update the doc for nmstate operator installation
- BZ - 2025592 - ODC 4.9 supports invalid devfiles only
- BZ - 2025765 - It should not try to load from storageProfile after unchecking"Apply optimized StorageProfile settings"
- BZ - 2025767 - VMs orphaned during machineset scaleup
- BZ - 2025770 - [e2e] non-priv seems looking for v2v-vmware configMap in ns “kubevirt-hyperconverged” while using customize wizard
- BZ - 2025788 - [IPI on azure]Pre-check on IPI Azure, should check VM Size’s vCPUsAvailable instead of vCPUs for the sku.
- BZ - 2025821 - Make “Network Attachment Definitions” available to regular user
- BZ - 2025823 - The console nav bar ignores plugin separator in existing sections
- BZ - 2025830 - CentOS capitalizaion is wrong
- BZ - 2025837 - Warn users that the RHEL URL expire
- BZ - 2025884 - External CCM deploys openstack-cloud-controller-manager from quay.io/openshift/origin-*
- BZ - 2025903 - [UI] RoleBindings tab doesn’t show correct rolebindings
- BZ - 2026104 - [sig-imageregistry][Feature:ImageAppend] Image append should create images by appending them [Skipped:Disconnected] [Suite:openshift/conformance/parallel]
- BZ - 2026178 - OpenShift Alerting Rules Style-Guide Compliance
- BZ - 2026209 - Updation of task is getting failed (tekton hub integration)
- BZ - 2026223 - Internal error occurred: failed calling webhook “ptpconfigvalidationwebhook.openshift.io”
- BZ - 2026321 - [UPI on Azure] Shall we remove allowedValue about VMSize in ARM templates
- BZ - 2026343 - [upgrade from 4.5 to 4.6] .status.connectionState.address of catsrc community-operators is not correct
- BZ - 2026352 - Kube-Scheduler revision-pruner fail during install of new cluster
- BZ - 2026374 - aws-pod-identity-webhook go.mod version out of sync with build environment
- BZ - 2026383 - Error when rendering custom Grafana dashboard through ConfigMap
- BZ - 2026387 - node tuning operator metrics endpoint serving old certificates after certificate rotation
- BZ - 2026396 - Cachito Issues: sriov-network-operator Image build failure
- BZ - 2026488 - openshift-controller-manager - delete event is repeating pathologically
- BZ - 2026489 - ThanosRuleRuleEvaluationLatencyHigh alerts when a big quantity of alerts defined.
- BZ - 2026560 - Cluster-version operator does not remove unrecognized volume mounts
- BZ - 2026699 - fixed a bug with missing metadata
- BZ - 2026813 - add Mellanox CX-6 Lx DeviceID 101f NIC support in SR-IOV Operator
- BZ - 2026898 - Description/details are missing for Local Storage Operator
- BZ - 2027132 - Use the specific icon for Fedora and CentOS template
- BZ - 2027238 - “Node Exporter / USE Method / Cluster” CPU utilization graph shows incorrect legend
- BZ - 2027272 - KubeMemoryOvercommit alert should be human readable
- BZ - 2027281 - [Azure] External-DNS cannot find the private DNS zone in the resource group
- BZ - 2027288 - Devfile samples can’t be loaded after fixing it on Safari (redirect caching issue)
- BZ - 2027299 - The status of checkbox component is not revealed correctly in code
- BZ - 2027311 - K8s watch hooks do not work when fetching core resources
- BZ - 2027342 - Alert ClusterVersionOperatorDown is firing on OpenShift Container Platform after ca certificate rotation
- BZ - 2027363 - The azure-file-csi-driver and azure-file-csi-driver-operator don’t use the downstream images
- BZ - 2027387 - [IBMCLOUD] Terraform ibmcloud-provider buffers entirely the qcow2 image causing spikes of 5GB of RAM during installation
- BZ - 2027498 - [IBMCloud] SG Name character length limitation
- BZ - 2027501 - [4.10] Bootimage bump tracker
- BZ - 2027524 - Delete Application doesn’t delete Channels or Brokers
- BZ - 2027563 - e2e/add-flow-ci.feature fix accessibility violations
- BZ - 2027585 - CVO crashes when changing spec.upstream to a cincinnati graph which includes invalid conditional edges
- BZ - 2027629 - Gather ValidatingWebhookConfiguration and MutatingWebhookConfiguration resource definitions
- BZ - 2027685 - openshift-cluster-csi-drivers pods crashing on PSI
- BZ - 2027745 - default samplesRegistry prevents the creation of imagestreams when registrySources.allowedRegistries is enforced
- BZ - 2027824 - ovnkube-master CrashLoopBackoff: panic: Expected slice or struct but got string
- BZ - 2027917 - No settings in hostfirmwaresettings and schema objects for masters
- BZ - 2027927 - sandbox creation fails due to obsolete option in /etc/containers/storage.conf
- BZ - 2027982 - nncp stucked at ConfigurationProgressing
- BZ - 2028019 - Max pending serving CSRs allowed in cluster machine approver is not right for UPI clusters
- BZ - 2028024 - After deleting a SpecialResource, the node is still tagged although the driver is removed
- BZ - 2028030 - Panic detected in cluster-image-registry-operator pod
- BZ - 2028042 - Desktop viewer for Windows VM shows “no Service for the RDP (Remote Desktop Protocol) can be found”
- BZ - 2028054 - Cloud controller manager operator can’t get leader lease when upgrading from 4.8 up to 4.9
- BZ - 2028106 - [RFE] Use dynamic plugin actions for kubevirt plugin
- BZ - 2028141 - Console tests doesn’t pass on Node.js 15 and 16
- BZ - 2028160 - Remove i18nKey in network-policy-peer-selectors.tsx
- BZ - 2028162 - Add Sprint 210 translations
- BZ - 2028170 - Remove leading and trailing whitespace
- BZ - 2028174 - Add Sprint 210 part 2 translations
- BZ - 2028187 - Console build doesn’t pass on Node.js 16 because node-sass doesn’t support it
- BZ - 2028217 - Cluster-version operator does not default Deployment replicas to one
- BZ - 2028240 - Multiple CatalogSources causing higher CPU use than necessary
- BZ - 2028268 - Password parameters are listed in FirmwareSchema in spite that cannot and shouldn’t be set in HostFirmwareSettings
- BZ - 2028325 - disableDrain should be set automatically on SNO
- BZ - 2028484 - AWS EBS CSI driver’s livenessprobe does not respect operator’s loglevel
- BZ - 2028531 - Missing netFilter to the list of parameters when platform is OpenStack
- BZ - 2028610 - Installer doesn’t retry on GCP rate limiting
- BZ - 2028685 - LSO repeatedly reports errors while diskmaker-discovery pod is starting
- BZ - 2028695 - destroy cluster does not prune bootstrap instance profile
- BZ - 2028731 - The containerruntimeconfig controller has wrong assumption regarding the number of containerruntimeconfigs
- BZ - 2028802 - CRI-O panic due to invalid memory address or nil pointer dereference
- BZ - 2028816 - VLAN IDs not released on failures
- BZ - 2028881 - Override not working for the PerformanceProfile template
- BZ - 2028885 - Console should show an error context if it logs an error object
- BZ - 2028949 - Masthead dropdown item hover text color is incorrect
- BZ - 2028963 - Whereabouts should reconcile stranded IP addresses
- BZ - 2029034 - enabling ExternalCloudProvider leads to inoperative cluster
- BZ - 2029178 - Create VM with wizard - page is not displayed
- BZ - 2029181 - Missing CR from PGT
- BZ - 2029273 - wizard is not able to use if project field is “All Projects”
- BZ - 2029369 - Cypress tests github rate limit errors
- BZ - 2029371 - patch pipeline–worker nodes unexpectedly reboot during scale out
- BZ - 2029394 - missing empty text for hardware devices at wizard review
- BZ - 2029414 - Alibaba Disk snapshots with XFS filesystem cannot be used
- BZ - 2029416 - Alibaba Disk CSI driver does not use credentials provided by CCO / ccoctl
- BZ - 2029521 - EFS CSI driver cannot delete volumes under load
- BZ - 2029570 - Azure Stack Hub: CSI Driver does not use user-ca-bundle
- BZ - 2029579 - Clicking on an Application which has a Helm Release in it causes an error
- BZ - 2029644 - New resource FirmwareSchema - reset_required exists for Dell machines and doesn’t for HPE
- BZ - 2029645 - Sync upstream 1.15.0 downstream
- BZ - 2029671 - VM action “pause” and “clone” should be disabled while VM disk is still being importing
- BZ - 2029742 - [ovn] Stale lr-policy-list and snat rules left for egressip
- BZ - 2029750 - cvo keep restart due to it fail to get feature gate value during the initial start stage
- BZ - 2029785 - CVO panic when an edge is included in both edges and conditionaledges
- BZ - 2029843 - Downstream ztp-site-generate-rhel8 4.10 container image missing content(/home/ztp)
- BZ - 2030003 - HFS CRD: Attempt to set Integer parameter to not-numeric string value - no error
- BZ - 2030029 - [4.10][goroutine]Namespace stuck terminating: Failed to delete all resource types, 1 remaining: unexpected items still remain in namespace
- BZ - 2030228 - Fix StorageSpec resources field to use correct API
- BZ - 2030229 - Mirroring status card reflect wrong data
- BZ - 2030240 - Hide overview page for non-privileged user
- BZ - 2030305 - Export App job do not completes
- BZ - 2030347 - kube-state-metrics exposes metrics about resource annotations
- BZ - 2030364 - Shared resource CSI driver monitoring is not setup correctly
- BZ - 2030488 - Numerous Azure CI jobs are Failing with Partially Rendered machinesets
- BZ - 2030534 - Node selector/tolerations rules are evaluated too early
- BZ - 2030539 - Prometheus is not highly available
- BZ - 2030556 - Don’t display Description or Message fields for alerting rules if those annotations are missing
- BZ - 2030568 - Operator installation fails to parse operatorframework.io/initialization-resource annotation
- BZ - 2030574 - console service uses older “service.alpha.openshift.io” for the service serving certificates.
- BZ - 2030677 - BOND CNI: There is no option to configure MTU on a Bond interface
- BZ - 2030692 - NPE in PipelineJobListener.upsertWorkflowJob
- BZ - 2030801 - CVE-2021-44716 golang: net/http: limit growth of header canonicalization cache
- BZ - 2030806 - CVE-2021-44717 golang: syscall: don’t close fd 0 on ForkExec error
- BZ - 2030847 - PerformanceProfile API version should be v2
- BZ - 2030961 - Customizing the OAuth server URL does not apply to upgraded cluster
- BZ - 2031006 - Application name input field is not autofocused when user selects “Create application”
- BZ - 2031012 - Services of type loadbalancer do not work if the traffic reaches the node from an interface different from br-ex
- BZ - 2031040 - Error screen when open topology sidebar for a Serverless / knative service which couldn’t be started
- BZ - 2031049 - [vsphere upi] pod machine-config-operator cannot be started due to panic issue
- BZ - 2031057 - Topology sidebar for Knative services shows a small pod ring with “0 undefined” as tooltip
- BZ - 2031060 - Failing CSR Unit test due to expired test certificate
- BZ - 2031085 - ovs-vswitchd running more threads than expected
- BZ - 2031141 - Some pods not able to reach k8s api svc IP 198.223.0.1
- BZ - 2031228 - CVE-2021-43813 grafana: directory traversal vulnerability
- BZ - 2031502 - [RFE] New common templates crash the ui
- BZ - 2031685 - Duplicated forward upstreams should be removed from the dns operator
- BZ - 2031699 - The displayed ipv6 address of a dns upstream should be case sensitive
- BZ - 2031797 - [RFE] Order and text of Boot source type input are wrong
- BZ - 2031826 - CI tests needed to confirm driver-toolkit image contents
- BZ - 2031831 - OCP Console - Global CSS overrides affecting dynamic plugins
- BZ - 2031839 - Starting from Go 1.17 invalid certificates will render a cluster dysfunctional
- BZ - 2031858 - GCP beta-level Role (was: CCO occasionally down, reporting networksecurity.googleapis.com API as disabled)
- BZ - 2031875 - [RFE]: Provide online documentation for the SRO CRD (via oc explain)
- BZ - 2031926 - [ipv6dualstack] After SVC conversion from single stack only to RequireDualStack, cannot curl NodePort from the node itself
- BZ - 2032006 - openshift-gitops-application-controller-0 failed to schedule with sufficient node allocatable resource
- BZ - 2032111 - arm64 cluster, create project and deploy the example deployment, pod is CrashLoopBackOff due to the image is built on linux+amd64
- BZ - 2032141 - open the alertrule link in new tab, got empty page
- BZ - 2032179 - [PROXY] external dns pod cannot reach to cloud API in the cluster behind a proxy
- BZ - 2032296 - Cannot create machine with ephemeral disk on Azure
- BZ - 2032407 - UI will show the default openshift template wizard for HANA template
- BZ - 2032415 - Templates page - remove “support level” badge and add “support level” column which should not be hard coded
- BZ - 2032421 - [RFE] UI integration with automatic updated images
- BZ - 2032516 - Not able to import git repo with .devfile.yaml
- BZ - 2032521 - openshift-installer intermittent failure on AWS with “Error: Provider produced inconsistent result after apply” when creating the aws_vpc_dhcp_options_association resource
- BZ - 2032547 - hardware devices table have filter when table is empty
- BZ - 2032565 - Deploying compressed files with a MachineConfig resource degrades the MachineConfigPool
- BZ - 2032566 - Cluster-ingress-router does not support Azure Stack
- BZ - 2032573 - Adopting enforces deploy_kernel/ramdisk which does not work with deploy_iso
- BZ - 2032589 - DeploymentConfigs ignore resolve-names annotation
- BZ - 2032732 - Fix styling conflicts due to recent console-wide CSS changes
- BZ - 2032831 - Knative Services and Revisions are not shown when Service has no ownerReference
- BZ - 2032851 - Networking is “not available” in Virtualization Overview
- BZ - 2032926 - Machine API components should use K8s 1.23 dependencies
- BZ - 2032994 - AddressPool IP is not allocated to service external IP wtih aggregationLength 24
- BZ - 2032998 - Can not achieve 250 pods/node with OVNKubernetes in a multiple worker node cluster
- BZ - 2033013 - Project dropdown in user preferences page is broken
- BZ - 2033044 - Unable to change import strategy if devfile is invalid
- BZ - 2033098 - Conjunction in ProgressiveListFooter.tsx is not translatable
- BZ - 2033111 - IBM VPC operator library bump removed global CLI args
- BZ - 2033138 - “No model registered for Templates” shows on customize wizard
- BZ - 2033215 - Flaky CI: crud/other-routes.spec.ts fails sometimes with an cypress ace/a11y AssertionError: 1 accessibility violation was detected
- BZ - 2033239 - [IPI on Alibabacloud] ‘openshift-install’ gets the wrong region (‘cn-hangzhou’) selected
- BZ - 2033257 - unable to use configmap for helm charts
- BZ - 2033271 - [IPI on Alibabacloud] destroying cluster succeeded, but the resource group deletion wasn’t triggered
- BZ - 2033290 - Product builds for console are failing
- BZ - 2033382 - MAPO is missing machine annotations
- BZ - 2033391 - csi-driver-shared-resource-operator sets unused CVO-manifest annotations
- BZ - 2033403 - Devfile catalog does not show provider information
- BZ - 2033404 - Cloud event schema is missing source type and resource field is using wrong value
- BZ - 2033407 - Secure route data is not pre-filled in edit flow form
- BZ - 2033422 - CNO not allowing LGW conversion from SGW in runtime
- BZ - 2033434 - Offer darwin/arm64 oc in clidownloads
- BZ - 2033489 - CCM operator failing on baremetal platform
- BZ - 2033518 - [aws-efs-csi-driver]Should not accept invalid FSType in sc for AWS EFS driver
- BZ - 2033524 - [IPI on Alibabacloud] interactive installer cannot list existing base domains
- BZ - 2033536 - [IPI on Alibabacloud] bootstrap complains invalid value for alibabaCloud.resourceGroupID when updating “cluster-infrastructure-02-config.yml” status, which leads to bootstrap failed and all master nodes NotReady
- BZ - 2033538 - Gather Cost Management Metrics Custom Resource
- BZ - 2033579 - SRO cannot update the special-resource-lifecycle ConfigMap if the data field is undefined
- BZ - 2033587 - Flaky CI test project-dashboard.scenario.ts: Resource Quotas Card was not found on project detail page
- BZ - 2033634 - list-style-type: disc is applied to the modal dropdowns
- BZ - 2033720 - Update samples in 4.10
- BZ - 2033728 - Bump OVS to 2.16.0-33
- BZ - 2033729 - remove runtime request timeout restriction for azure
- BZ - 2033745 - Cluster-version operator makes upstream update service / Cincinnati requests more frequently than intended
- BZ - 2033749 - Azure Stack Terraform fails without Local Provider
- BZ - 2033750 - Local volume should pull multi-arch image for kube-rbac-proxy
- BZ - 2033751 - Bump kubernetes to 1.23
- BZ - 2033752 - make verify fails due to missing yaml-patch
- BZ - 2033784 - set kube-apiserver degraded=true if webhook matches a virtual resource
- BZ - 2034004 - [e2e][automation] add tests for VM snapshot improvements
- BZ - 2034068 - [e2e][automation] Enhance tests for 4.10 downstream
- BZ - 2034087 - [OVN] EgressIP was assigned to the node which is not egress node anymore
- BZ - 2034097 - [OVN] After edit EgressIP object, the status is not correct
- BZ - 2034102 - [OVN] Recreate the deleted EgressIP object got InvalidEgressIP warning
- BZ - 2034129 - blank page returned when clicking ‘Get started’ button
- BZ - 2034144 - [OVN AWS] ovn-kube egress IP monitoring cannot detect the failure on ovn-k8s-mp0
- BZ - 2034153 - CNO does not verify MTU migration for OpenShiftSDN
- BZ - 2034155 - [OVN-K] [Multiple External Gateways] Per pod SNAT is disabled
- BZ - 2034170 - Use function.knative.dev for Knative Functions related labels
- BZ - 2034190 - unable to add new VirtIO disks to VMs
- BZ - 2034192 - Prometheus fails to insert reporting metrics when the sample limit is met
- BZ - 2034243 - regular user cant load template list
- BZ - 2034245 - installing a cluster on aws, gcp always fails with “Error: Incompatible provider version”
- BZ - 2034248 - GPU/Host device modal is too small
- BZ - 2034257 - regular user `Create VM` missing permissions alert
- BZ - 2034285 - [sig-api-machinery] API data in etcd should be stored at the correct location and version for all resources [Serial] [Suite:openshift/conformance/serial]
- BZ - 2034287 - do not block upgrades if we can’t create storageclass in 4.10 in vsphere
- BZ - 2034300 - Du validator policy is NonCompliant after DU configuration completed
- BZ - 2034319 - Negation constraint is not validating packages
- BZ - 2034322 - CNO doesn’t pick up settings required when ExternalControlPlane topology
- BZ - 2034350 - The CNO should implement the Whereabouts IP reconciliation cron job
- BZ - 2034362 - update description of disk interface
- BZ - 2034398 - The Whereabouts IPPools CRD should include the podref field
- BZ - 2034409 - Default CatalogSources should be pointing to 4.10 index images
- BZ - 2034410 - Metallb BGP, BFD: prometheus is not scraping the frr metrics
- BZ - 2034413 - cloud-network-config-controller fails to init with secret “cloud-credentials” not found in manual credential mode
- BZ - 2034460 - Summary: cloud-network-config-controller does not account for different environment
- BZ - 2034474 - Template’s boot source is “Unknown source” before and after set enableCommonBootImageImport to true
- BZ - 2034477 - [OVN] Multiple EgressIP objects configured, EgressIPs weren’t working properly
- BZ - 2034493 - Change cluster version operator log level
- BZ - 2034513 - [OVN] After update one EgressIP in EgressIP object, one internal IP lost from lr-policy-list
- BZ - 2034527 - IPI deployment fails ‘timeout reached while inspecting the node’ when provisioning network ipv6
- BZ - 2034528 - [IBM VPC] volumeBindingMode should be WaitForFirstConsumer
- BZ - 2034534 - Update ose-machine-api-provider-openstack images to be consistent with ART
- BZ - 2034537 - Update team
- BZ - 2034559 - KubeAPIErrorBudgetBurn firing outside recommended latency thresholds
- BZ - 2034563 - [Azure] create machine with wrong ephemeralStorageLocation value success
- BZ - 2034577 - Current OVN gateway mode should be reflected on node annotation as well
- BZ - 2034621 - context menu not popping up for application group
- BZ - 2034622 - Allow volume expansion by default in vsphere CSI storageclass 4.10
- BZ - 2034624 - Warn about unsupported CSI driver in vsphere operator
- BZ - 2034647 - missing volumes list in snapshot modal
- BZ - 2034648 - Rebase openshift-controller-manager to 1.23
- BZ - 2034650 - Rebase openshift/builder to 1.23
- BZ - 2034705 - vSphere: storage e2e tests logging configuration data
- BZ - 2034743 - EgressIP: assigning the same egress IP to a second EgressIP object after a ovnkube-master restart does not fail.
- BZ - 2034766 - Special Resource Operator(SRO) - no cert-manager pod created in dual stack environment
- BZ - 2034785 - ptpconfig with summary_interval cannot be applied
- BZ - 2034823 - RHEL9 should be starred in template list
- BZ - 2034838 - An external router can inject routes if no service is added
- BZ - 2034839 - Jenkins sync plugin does not synchronize ConfigMap having label role=jenkins-agent
- BZ - 2034879 - Lifecycle hook’s name and owner shouldn’t be allowed to be empty
- BZ - 2034881 - Cloud providers components should use K8s 1.23 dependencies
- BZ - 2034884 - ART cannot build the image because it tries to download controller-gen
- BZ - 2034889 - `oc adm prune deployments` does not work
- BZ - 2034898 - Regression in recently added Events feature
- BZ - 2034957 - update openshift-apiserver to kube 1.23.1
- BZ - 2035015 - ClusterLogForwarding CR remains stuck remediating forever
- BZ - 2035093 - openshift-cloud-network-config-controller never runs on Hypershift cluster
- BZ - 2035141 - [RFE] Show GPU/Host devices in template’s details tab
- BZ - 2035146 - “kubevirt-plugin~PVC cannot be empty” shows on add-disk modal while adding existing PVC
- BZ - 2035167 - [cloud-network-config-controller] unable to deleted cloudprivateipconfig when deleting
- BZ - 2035199 - IPv6 support in mtu-migration-dispatcher.yaml
- BZ - 2035239 - e2e-metal-ipi-virtualmedia tests are permanently failing
- BZ - 2035250 - Peering with ebgp peer over multi-hops doesn’t work
- BZ - 2035264 - [RFE] Provide a proper message for nonpriv user who not able to add PCI devices
- BZ - 2035315 - invalid test cases for AWS passthrough mode
- BZ - 2035318 - Upgrade management workflow needs to allow custom upgrade graph path for disconnected env
- BZ - 2035321 - Add Sprint 211 translations
- BZ - 2035326 - [ExternalCloudProvider] installation with additional network on workers fails
- BZ - 2035328 - Ccoctl does not ignore credentials request manifest marked for deletion
- BZ - 2035333 - Kuryr orphans ports on 504 errors from Neutron
- BZ - 2035348 - Fix two grammar issues in kubevirt-plugin.json strings
- BZ - 2035393 - oc set data --dry-run=server makes persistent changes to configmaps and secrets
- BZ - 2035409 - OLM E2E test depends on operator package that’s no longer published
- BZ - 2035439 - SDN Automatic assignment EgressIP on GCP returned node IP adress not egressIP address
- BZ - 2035453 - [IPI on Alibabacloud] 2 worker machines stuck in Failed phase due to connection to ‘ecs-cn-hangzhou.aliyuncs.com’ timeout, although the specified region is ‘us-east-1’
- BZ - 2035454 - [IPI on Alibabacloud] the OSS bucket created during installation for image registry is not deleted after destroying the cluster
- BZ - 2035467 - UI: Queried metrics can’t be ordered on Oberve->Metrics page
- BZ - 2035494 - [SDN Migration]ovnkube-node pods CrashLoopBackOff after sdn migrated to ovn for RHEL workers
- BZ - 2035515 - [IBMCLOUD] allowVolumeExpansion should be true in storage class
- BZ - 2035602 - [e2e][automation] add tests for Virtualization Overview page cards
- BZ - 2035703 - Roles -> RoleBindings tab doesn’t show RoleBindings correctly
- BZ - 2035704 - RoleBindings list page filter doesn’t apply
- BZ - 2035705 - Azure ‘Destroy cluster’ get stuck when the cluster resource group is already not existing.
- BZ - 2035757 - [IPI on Alibabacloud] one master node turned NotReady which leads to installation failed
- BZ - 2035772 - AccessMode and VolumeMode is not reserved for customize wizard
- BZ - 2035847 - Two dashes in the Cronjob / Job pod name
- BZ - 2035859 - the output of opm render doesn’t contain olm.constraint which is defined in dependencies.yaml
- BZ - 2035882 - [BIOS setting values] Create events for all invalid settings in spec
- BZ - 2035903 - One redundant capi-operator credential requests in “oc adm extract --credentials-requests”
- BZ - 2035910 - [UI] Manual approval options are missing after ODF 4.10 installation starts when Manual Update approval is chosen
- BZ - 2035927 - Cannot enable HighNodeUtilization scheduler profile
- BZ - 2035933 - volume mode and access mode are empty in customize wizard review tab
- BZ - 2035969 - "ip a " shows “Error: Peer netns reference is invalid” after create test pods
- BZ - 2035986 - Some pods under kube-scheduler/kube-controller-manager are using the deprecated annotation
- BZ - 2036006 - [BIOS setting values] Attempt to set Integer parameter results in preparation error
- BZ - 2036029 - New added cloud-network-config operator doesn’t supported aws sts format credential
- BZ - 2036096 - [azure-file-csi-driver] there are no e2e tests for NFS backend
- BZ - 2036113 - cluster scaling new nodes ovs-configuration fails on all new nodes
- BZ - 2036567 - [csi-driver-nfs] Upstream merge: Bump k8s libraries to 1.23
- BZ - 2036569 - [cloud-provider-openstack] Upstream merge: Bump k8s libraries to 1.23
- BZ - 2036577 - OCP 4.10 nightly builds from 4.10.0-0.nightly-s390x-2021-12-18-034912 to 4.10.0-0.nightly-s390x-2022-01-11-233015 fail to upgrade from OCP 4.9.11 and 4.9.12 for network type OVNKubernetes for zVM hypervisor environments
- BZ - 2036622 - sdn-controller crashes when restarted while a previous egress IP assignment exists
- BZ - 2036717 - Valid AlertmanagerConfig custom resource with valid a mute time interval definition is rejected
- BZ - 2036826 - `oc adm prune deployments` can prune the RC/RS
- BZ - 2036827 - The ccoctl still accepts CredentialsRequests without ServiceAccounts on GCP platform
- BZ - 2036861 - kube-apiserver is degraded while enable multitenant
- BZ - 2036937 - Command line tools page shows wrong download ODO link
- BZ - 2036940 - oc registry login fails if the file is empty or stdout
- BZ - 2036951 - [cluster-csi-snapshot-controller-operator] proxy settings is being injected in container
- BZ - 2036989 - Route URL copy to clipboard button wraps to a separate line by itself
- BZ - 2036990 - ZTP “DU Done inform policy” never becomes compliant on multi-node clusters
- BZ - 2036993 - Machine API components should use Go lang version 1.17
- BZ - 2037036 - The tuned profile goes into degraded status and ksm.service is displayed in the log.
- BZ - 2037061 - aws and gcp CredentialsRequest manifests missing ServiceAccountNames list for cluster-api
- BZ - 2037073 - Alertmanager container fails to start because of startup probe never being successful
- BZ - 2037075 - Builds do not support CSI volumes
- BZ - 2037167 - Some log level in ibm-vpc-block-csi-controller are hard code
- BZ - 2037168 - IBM-specific Deployment manifest for package-server-manager should be excluded on non-IBM cluster-profiles
- BZ - 2037182 - PingSource badge color is not matched with knativeEventing color
- BZ - 2037203 - “Running VMs” card is too small in Virtualization Overview
- BZ - 2037209 - [IPI on Alibabacloud] worker nodes are put in the default resource group unexpectedly
- BZ - 2037237 - Add “This is a CD-ROM boot source” to customize wizard
- BZ - 2037241 - default TTL for noobaa cache buckets should be 0
- BZ - 2037246 - Cannot customize auto-update boot source
- BZ - 2037276 - [IBMCLOUD] vpc-node-label-updater may fail to label nodes appropriately
- BZ - 2037288 - Remove stale image reference
- BZ - 2037331 - Ensure the ccoctl behaviors are similar between aws and gcp on the existing resources
- BZ - 2037483 - Rbacs for Pods within the CBO should be more restrictive
- BZ - 2037484 - Bump dependencies to k8s 1.23
- BZ - 2037554 - Mismatched wave number error message should include the wave numbers that are in conflict
- BZ - 2037622 - [4.10-Alibaba CSI driver][Restore size for volumesnapshot/volumesnapshotcontent is showing as 0 in Snapshot feature for Alibaba platform]
- BZ - 2037635 - impossible to configure custom certs for default console route in ingress config
- BZ - 2037637 - configure custom certificate for default console route doesn’t take effect for OCP >= 4.8
- BZ - 2037638 - Builds do not support CSI volumes as volume sources
- BZ - 2037664 - text formatting issue in Installed Operators list table
- BZ - 2037680 - [IPI on Alibabacloud] sometimes operator ‘cloud-controller-manager’ tells empty VERSION, due to conflicts on listening tcp :8080
- BZ - 2037689 - [IPI on Alibabacloud] sometimes operator ‘cloud-controller-manager’ tells empty VERSION, due to conflicts on listening tcp :8080
- BZ - 2037801 - Serverless installation is failing on CI jobs for e2e tests
- BZ - 2037813 - Metal Day 1 Networking - networkConfig Field Only Accepts String Format
- BZ - 2037856 - use lease for leader election
- BZ - 2037891 - 403 Forbidden error shows for all the graphs in each grafana dashboard after upgrade from 4.9 to 4.10
- BZ - 2037903 - Alibaba Cloud: delete-ram-user requires the credentials-requests
- BZ - 2037904 - upgrade operator deployment failed due to memory limit too low for manager container
- BZ - 2038021 - [4.10-Alibaba CSI driver][Default volumesnapshot class is not added/present after successful cluster installation]
- BZ - 2038034 - non-privileged user cannot see auto-update boot source
- BZ - 2038053 - Bump dependencies to k8s 1.23
- BZ - 2038088 - Remove ipa-downloader references
- BZ - 2038160 - The `default` project missed the annotation : openshift.io/node-selector: “”
- BZ - 2038166 - Starting from Go 1.17 invalid certificates will render a cluster non-functional
- BZ - 2038196 - must-gather is missing collecting some metal3 resources
- BZ - 2038240 - Error when configuring a file using permissions bigger than decimal 511 (octal 0777)
- BZ - 2038253 - Validator Policies are long lived
- BZ - 2038272 - Failures to build a PreprovisioningImage are not reported
- BZ - 2038384 - Azure Default Instance Types are Incorrect
- BZ - 2038389 - Failing test: [sig-arch] events should not repeat pathologically
- BZ - 2038412 - Import page calls the git file list unnecessarily twice from GitHub/GitLab/Bitbucket
- BZ - 2038465 - Upgrade chromedriver to 90.x to support Mac M1 chips
- BZ - 2038481 - kube-controller-manager-guard and openshift-kube-scheduler-guard pods being deleted and restarted on a cordoned node when drained
- BZ - 2038596 - Auto egressIP for OVN cluster on GCP: After egressIP object is deleted, egressIP still takes effect
- BZ - 2038663 - update kubevirt-plugin OWNERS
- BZ - 2038691 - [AUTH-8] Panic on user login when the user belongs to a group in the IdP side and the group already exists via “oc adm groups new”
- BZ - 2038705 - Update ptp reviewers
- BZ - 2038761 - Open Observe->Targets page, wait for a while, page become blank
- BZ - 2038768 - All the filters on the Observe->Targets page can’t work
- BZ - 2038772 - Some monitors failed to display on Observe->Targets page
- BZ - 2038793 - [SDN EgressIP] After reboot egress node, the egressip was lost from egress node
- BZ - 2038827 - should add user containers in /etc/subuid and /etc/subgid to support run pods in user namespaces
- BZ - 2038832 - New templates for centos stream8 are missing registry suggestions in create vm wizard
- BZ - 2038840 - [SDN EgressIP]cloud-network-config-controller pod was CrashLoopBackOff after some operation
- BZ - 2038864 - E2E tests fail because multi-hop-net was not created
- BZ - 2038879 - All Builds are getting listed in DeploymentConfig under workloads on OpenShift Console
- BZ - 2038934 - CSI driver operators should use the trusted CA bundle when cluster proxy is configured
- BZ - 2038968 - Move feature gates from a carry patch to openshift/api
- BZ - 2039056 - Layout issue with breadcrumbs on API explorer page
- BZ - 2039057 - Kind column is not wide enough in API explorer page
- BZ - 2039064 - Bulk Import e2e test flaking at a high rate
- BZ - 2039065 - Diagnose and fix Bulk Import e2e test that was previously disabled
- BZ - 2039085 - Cloud credential operator configuration failing to apply in hypershift/ROKS clusters
- BZ - 2039099 - [OVN EgressIP GCP] After reboot egress node, egressip that was previously assigned got lost
- BZ - 2039109 - [FJ OCP4.10 Bug]: startironic.sh failed to pull the image of image-customization container when behind a proxy
- BZ - 2039119 - CVO hotloops on Service openshift-monitoring/cluster-monitoring-operator
- BZ - 2039170 - [upgrade]Error shown on registry operator “missing the cloud-provider-config configmap” after upgrade
- BZ - 2039227 - Improve image customization server parameter passing during installation
- BZ - 2039241 - Improve image customization server parameter passing during installation
- BZ - 2039244 - Helm Release revision history page crashes the UI
- BZ - 2039294 - SDN controller metrics cannot be consumed correctly by prometheus
- BZ - 2039311 - oc Does Not Describe Build CSI Volumes
- BZ - 2039315 - Helm release list page should only fetch secrets for deployed charts
- BZ - 2039321 - SDN controller metrics are not being consumed by prometheus
- BZ - 2039330 - Create NMState button doesn’t work in OperatorHub web console
- BZ - 2039339 - cluster-ingress-operator should report Unupgradeable if user has modified the aws resources annotations
- BZ - 2039345 - CNO does not verify the minimum MTU value for IPv6/dual-stack clusters.
- BZ - 2039359 - `oc adm prune deployments` can’t prune the RS where the associated Deployment no longer exists
- BZ - 2039382 - gather_metallb_logs does not have execution permission
- BZ - 2039406 - logout from rest session after vsphere operator sync is finished
- BZ - 2039408 - Add GCP region northamerica-northeast2 to allowed regions
- BZ - 2039414 - Cannot see the weights increased for NodeAffinity, InterPodAffinity, TaintandToleration
- BZ - 2039425 - No need to set KlusterletAddonConfig CR applicationManager->enabled: true in RAN ztp deployment
- BZ - 2039491 - oc - git:// protocol used in unit tests
- BZ - 2039516 - Bump OVN to ovn21.12-21.12.0-25
- BZ - 2039529 - Project Dashboard Resource Quotas Card empty state test flaking at a high rate
- BZ - 2039534 - Diagnose and fix Project Dashboard Resource Quotas Card test that was previously disabled
- BZ - 2039541 - Resolv-prepender script duplicating entries
- BZ - 2039586 - [e2e] update centos8 to centos stream8
- BZ - 2039618 - VM created from SAP HANA template leads to 404 page if leave one network parameter empty
- BZ - 2039619 - [AWS] In tree provisioner storageclass aws disk type should contain ‘gp3’ and csi provisioner storageclass default aws disk type should be ‘gp3’
- BZ - 2039670 - Create PDBs for control plane components
- BZ - 2039678 - Page goes blank when create image pull secret
- BZ - 2039689 - [IPI on Alibabacloud] Pay-by-specification NAT is no longer supported
- BZ - 2039743 - React missing key warning when open operator hub detail page (and maybe others as well)
- BZ - 2039756 - React missing key warning when open KnativeServing details
- BZ - 2039770 - Observe dashboard doesn’t react on time-range changes after browser reload when perspective is changed in another tab
- BZ - 2039776 - Observe dashboard shows nothing if the URL links to an non existing dashboard
- BZ - 2039781 - [GSS] OBC is not visible by admin of a Project on Console
- BZ - 2039798 - Contextual binding with Operator backed service creates visual connector instead of Service binding connector
- BZ - 2039868 - Insights Advisor widget is not in the disabled state when the Insights Operator is disabled
- BZ - 2039880 - Log level too low for control plane metrics
- BZ - 2039919 - Add E2E test for router compression feature
- BZ - 2039981 - ZTP for standard clusters installs stalld on master nodes
- BZ - 2040132 - Flag --port has been deprecated, This flag has no effect now and will be removed in v1.24. You can use --secure-port instead
- BZ - 2040136 - external-dns-operator pod keeps restarting and reports error: timed out waiting for cache to be synced
- BZ - 2040143 - [IPI on Alibabacloud] suggest to remove region “cn-nanjing” or provide better error message
- BZ - 2040150 - Update ConfigMap keys for IBM HPCS
- BZ - 2040160 - [IPI on Alibabacloud] installation fails when region does not support pay-by-bandwidth
- BZ - 2040285 - Bump build-machinery-go for console-operator to pickup change in yaml-patch repository
- BZ - 2040357 - bump OVN to ovn-2021-21.12.0-11.el8fdp
- BZ - 2040376 - “unknown instance type” error for supported m6i.xlarge instance
- BZ - 2040394 - Controller: enqueue the failed configmap till services update
- BZ - 2040467 - Cannot build ztp-site-generator container image
- BZ - 2040504 - Change AWS EBS GP3 IOPS in MachineSet doesn’t take affect in OpenShift 4
- BZ - 2040521 - RouterCertsDegraded certificate could not validate route hostname v4-0-config-system-custom-router-certs.apps
- BZ - 2040535 - Auto-update boot source is not available in customize wizard
- BZ - 2040540 - ovs hardware offload: ovsargs format error when adding vf netdev name
- BZ - 2040603 - rhel worker scaleup playbook failed because missing some dependency of podman
- BZ - 2040616 - rolebindings page doesn’t load for normal users
- BZ - 2040620 - [MAPO] Error pulling MAPO image on installation
- BZ - 2040653 - Topology sidebar warns that another component is updated while rendering
- BZ - 2040655 - User settings update fails when selecting application in topology sidebar
- BZ - 2040661 - Different react warnings about updating state on unmounted components when leaving topology
- BZ - 2040670 - Permafailing CI job: periodic-ci-openshift-release-master-nightly-4.10-e2e-gcp-libvirt-cert-rotation
- BZ - 2040671 - [Feature:IPv6DualStack] most tests are failing in dualstack ipi
- BZ - 2040694 - Three upstream HTTPClientConfig struct fields missing in the operator
- BZ - 2040705 - Du policy for standard cluster runs the PTP daemon on masters and workers
- BZ - 2040710 - cluster-baremetal-operator cannot update BMC subscription CR
- BZ - 2040741 - Add CI test(s) to ensure that metal3 components are deployed in vSphere, OpenStack and None platforms
- BZ - 2040782 - Import YAML page blocks input with more then one generateName attribute
- BZ - 2040783 - The Import from YAML summary page doesn’t show the resource name if created via generateName attribute
- BZ - 2040791 - Default PGT policies must be ‘inform’ to integrate with the Lifecycle Operator
- BZ - 2040793 - Fix snapshot e2e failures
- BZ - 2040880 - do not block upgrades if we can’t connect to vcenter
- BZ - 2041087 - MetalLB: MetalLB CR is not upgraded automatically from 4.9 to 4.10
- BZ - 2041093 - autounattend.xml missing
- BZ - 2041204 - link to templates in virtualization-cluster-overview inventory card is to all templates
- BZ - 2041319 - [IPI on Alibabacloud] installation in region “cn-shanghai” failed, due to “Resource alicloud_vswitch CreateVSwitch Failed…InvalidCidrBlock.Overlapped”
- BZ - 2041326 - Should bump cluster-kube-descheduler-operator to kubernetes version V1.23
- BZ - 2041329 - aws and gcp CredentialsRequest manifests missing ServiceAccountNames list for cloud-network-config-controller
- BZ - 2041361 - [IPI on Alibabacloud] Disable session persistence and removebBandwidth peak of listener
- BZ - 2041441 - Provision volume with size 3000Gi even if sizeRange: '[10-2000]GiB’ in storageclass on IBM cloud
- BZ - 2041466 - Kubedescheduler version is missing from the operator logs
- BZ - 2041475 - React components should have a (mostly) unique name in react dev tools to simplify code analyses
- BZ - 2041483 - MetallB: quay.io/openshift/origin-kube-rbac-proxy:4.10 deploy Metallb CR is missing (controller and speaker pods)
- BZ - 2041492 - Spacing between resources in inventory card is too small
- BZ - 2041509 - GCP Cloud provider components should use K8s 1.23 dependencies
- BZ - 2041510 - cluster-baremetal-operator doesn’t run baremetal-operator’s subscription webhook
- BZ - 2041541 - audit: ManagedFields are dropped using API not annotation
- BZ - 2041546 - ovnkube: set election timer at RAFT cluster creation time
- BZ - 2041554 - use lease for leader election
- BZ - 2041581 - KubeDescheduler operator log shows “Use of insecure cipher detected”
- BZ - 2041583 - etcd and api server cpu mask interferes with a guaranteed workload
- BZ - 2041598 - Including CA bundle in Azure Stack cloud config causes MCO failure
- BZ - 2041605 - Dynamic Plugins: discrepancy in proxy alias documentation/implementation
- BZ - 2041620 - bundle CSV alm-examples does not parse
- BZ - 2041641 - Fix inotify leak and kubelet retaining memory
- BZ - 2041671 - Delete templates leads to 404 page
- BZ - 2041694 - [IPI on Alibabacloud] installation fails when region does not support the cloud_essd disk category
- BZ - 2041734 - ovs hwol: VFs are unbind when switchdev mode is enabled
- BZ - 2041750 - [IPI on Alibabacloud] trying “create install-config” with region "cn-wulanchabu (China (Ulanqab))" (or "ap-southeast-6 (Philippines (Manila))", "cn-guangzhou (China (Guangzhou))") failed due to invalid endpoint
- BZ - 2041763 - The Observe > Alerting pages no longer have their default sort order applied
- BZ - 2041830 - CI: ovn-kubernetes-master-e2e-aws-ovn-windows is broken
- BZ - 2041854 - Communities / Local prefs are applied to all the services regardless of the pool, and only one community is applied
- BZ - 2041882 - cloud-network-config operator can’t work normal on GCP workload identity cluster
- BZ - 2041888 - Intermittent incorrect build to run correlation, leading to run status updates applied to wrong build, builds stuck in non-terminal phases
- BZ - 2041926 - [IPI on Alibabacloud] Installer ignores public zone when it does not exist
- BZ - 2041971 - [vsphere] Reconciliation of mutating webhooks didn’t happen
- BZ - 2041989 - CredentialsRequest manifests being installed for ibm-cloud-managed profile
- BZ - 2041999 - [PROXY] external dns pod cannot recognize custom proxy CA
- BZ - 2042001 - unexpectedly found multiple load balancers
- BZ - 2042029 - kubedescheduler fails to install completely
- BZ - 2042036 - [IBMCLOUD] “openshift-install explain installconfig.platform.ibmcloud” contains not yet supported custom vpc parameters
- BZ - 2042049 - Seeing warning related to unrecognized feature gate in kubescheduler & KCM logs
- BZ - 2042059 - update discovery burst to reflect lots of CRDs on openshift clusters
- BZ - 2042069 - Revert toolbox to rhcos-toolbox
- BZ - 2042169 - Can not delete egressnetworkpolicy in Foreground propagation
- BZ - 2042181 - MetalLB: User should not be allowed add same bgp advertisement twice in BGP address pool
- BZ - 2042265 - [IBM]“–scale-down-utilization-threshold” doesn’t work on IBMCloud
- BZ - 2042274 - Storage API should be used when creating a PVC
- BZ - 2042315 - Baremetal IPI deployment with IPv6 control plane and disabled provisioning network fails as the nodes do not pass introspection
- BZ - 2042366 - Lifecycle hooks should be independently managed
- BZ - 2042370 - [IPI on Alibabacloud] installer panics when the zone does not have an enhanced NAT gateway
- BZ - 2042382 - [e2e][automation] CI takes more then 2 hours to run
- BZ - 2042395 - Add prerequisites for active health checks test
- BZ - 2042438 - Missing rpms in openstack-installer image
- BZ - 2042466 - Selection does not happen when switching from Topology Graph to List View
- BZ - 2042493 - No way to verify if IPs with leading zeros are still valid in the apiserver
- BZ - 2042567 - insufficient info on CodeReady Containers configuration
- BZ - 2042600 - Alone, the io.kubernetes.cri-o.Devices option poses a security risk
- BZ - 2042619 - Overview page of the console is broken for hypershift clusters
- BZ - 2042655 - [IPI on Alibabacloud] cluster becomes unusable if there is only one kube-apiserver pod running
- BZ - 2042711 - [IBMCloud] Machine Deletion Hook cannot work on IBMCloud
- BZ - 2042715 - [AliCloud] Machine Deletion Hook cannot work on AliCloud
- BZ - 2042770 - [IPI on Alibabacloud] with vpcID & vswitchIDs specified, the installer would still try creating NAT gateway unexpectedly
- BZ - 2042829 - Topology performance: HPA was fetched for each Deployment (Pod Ring)
- BZ - 2042851 - Create template from SAP HANA template flow - VM is created instead of a new template
- BZ - 2042906 - Edit machineset with same machine deletion hook name succeed
- BZ - 2042960 - azure-file CI fails with “gid(0) in storageClass and pod fsgroup(1000) are not equal”
- BZ - 2043003 - [IPI on Alibabacloud] ‘destroy cluster’ of a failed installation (bug2041694) stuck after ‘stage=Nat gateways’
- BZ - 2043042 - [Serial] [sig-auth][Feature:OAuthServer] [RequestHeaders] [IdP] test RequestHeaders IdP [Suite:openshift/conformance/serial]
- BZ - 2043043 - Cluster Autoscaler should use K8s 1.23 dependencies
- BZ - 2043064 - Topology performance: Unnecessary rerenderings in topology nodes (unchanged mobx props)
- BZ - 2043078 - Favorite system projects not visible in the project selector after toggling "Show default projects".
- BZ - 2043117 - Recommended operators links are erroneously treated as external
- BZ - 2043130 - Update CSI sidecars to the latest release for 4.10
- BZ - 2043234 - Missing validation when creating several BGPPeers with the same peerAddress
- BZ - 2043240 - Sync openshift/descheduler with sigs.k8s.io/descheduler
- BZ - 2043254 - crio does not bind the security profiles directory
- BZ - 2043296 - Ignition fails when reusing existing statically-keyed LUKS volume
- BZ - 2043297 - [4.10] Bootimage bump tracker
- BZ - 2043316 - RHCOS VM fails to boot on Nutanix AOS
- BZ - 2043446 - Rebase aws-efs-utils to the latest upstream version.
- BZ - 2043556 - Add proper ci-operator configuration to ironic and ironic-agent images
- BZ - 2043577 - DPU network operator
- BZ - 2043651 - Fix bug with exp. backoff working correcly when setting nextCheck in vsphere operator
- BZ - 2043675 - Too many machines deleted by cluster autoscaler when scaling down
- BZ - 2043683 - Revert bug 2039344 Ignoring IPv6 addresses against etcd cert validation
- BZ - 2043709 - Logging flags no longer being bound to command line
- BZ - 2043721 - Installer bootstrap hosts using outdated kubelet containing bugs
- BZ - 2043731 - [IBMCloud] terraform outputs missing for ibmcloud bootstrap and worker ips for must-gather
- BZ - 2043759 - Bump cluster-ingress-operator to k8s.io/api 1.23
- BZ - 2043780 - Bump router to k8s.io/api 1.23
- BZ - 2043787 - Bump cluster-dns-operator to k8s.io/api 1.23
- BZ - 2043801 - Bump CoreDNS to k8s.io/api 1.23
- BZ - 2043802 - EgressIP stopped working after single egressIP for a netnamespace is switched to the other node of HA pair after the first egress node is shutdown
- BZ - 2043961 - [OVN-K] If pod creation fails, retry doesn’t work as expected.
- BZ - 2044201 - Templates golden image parameters names should be supported
- BZ - 2044244 - Builds are failing after upgrading the cluster with builder image [jboss-webserver-5/jws56-openjdk8-openshift-rhel8]
- BZ - 2044248 - [IBMCloud][vpc.block.csi.ibm.io]Cluster common user use the storageclass without parameter “csi.storage.k8s.io/fstype” create pvc,pod successfully but write data to the pod’s volume failed of “Permission denied”
- BZ - 2044303 - [ovn][cloud-network-config-controller] cloudprivateipconfigs ips were left after deleting egressip objects
- BZ - 2044347 - Bump to kubernetes 1.23.3
- BZ - 2044481 - collect sharedresource cluster scoped instances with must-gather
- BZ - 2044496 - Unable to create hardware events subscription - failed to add finalizers
- BZ - 2044628 - CVE-2022-21673 grafana: Forward OAuth Identity Token can allow users to access some data sources
- BZ - 2044680 - Additional libovsdb performance and resource consumption fixes
- BZ - 2044704 - Observe > Alerting pages should not show runbook links in 4.10
- BZ - 2044717 - [e2e] improve tests for upstream test environment
- BZ - 2044724 - Remove namespace column on VM list page when a project is selected
- BZ - 2044745 - Upgrading cluster from 4.9 to 4.10 on Azure (ARO) causes the cloud-network-config-controller pod to CrashLoopBackOff
- BZ - 2044808 - machine-config-daemon-pull.service: use `cp` instead of `cat` when extracting MCD in OKD
- BZ - 2045024 - CustomNoUpgrade alerts should be ignored
- BZ - 2045112 - vsphere-problem-detector has missing rbac rules for leases
- BZ - 2045199 - SnapShot with Disk Hot-plug hangs
- BZ - 2045561 - Cluster Autoscaler should use the same default Group value as Cluster API
- BZ - 2045591 - Reconciliation of aws pod identity mutating webhook did not happen
- BZ - 2045849 - Add Sprint 212 translations
- BZ - 2045866 - MCO Operator pod spam “Error creating event” warning messages in 4.10
- BZ - 2045878 - Sync upstream 1.16.0 downstream; includes hybrid helm plugin
- BZ - 2045916 - [IBMCloud] Default machine profile in installer is unreliable
- BZ - 2045927 - [FJ OCP4.10 Bug]: Podman failed to pull the IPA image due to the loss of proxy environment
- BZ - 2046025 - [IPI on Alibabacloud] pre-configured alicloud DNS private zone is deleted after destroying cluster, please clarify
- BZ - 2046137 - oc output for unknown commands is not human readable
- BZ - 2046296 - When creating multiple consecutive egressIPs on GCP not all of them get assigned to the instance
- BZ - 2046297 - Bump DB reconnect timeout
- BZ - 2046517 - In Notification drawer, the “Recommendations” header shows when there isn’t any recommendations
- BZ - 2046597 - Observe > Targets page may show the wrong service monitor is multiple monitors have the same namespace & label selectors
- BZ - 2046626 - Allow setting custom metrics for Ansible-based Operators
- BZ - 2046683 - [AliCloud]“–scale-down-utilization-threshold” doesn’t work on AliCloud
- BZ - 2047025 - Installation fails because of Alibaba CSI driver operator is degraded
- BZ - 2047190 - Bump Alibaba CSI driver for 4.10
- BZ - 2047238 - When using communities and localpreferences together, only localpreference gets applied
- BZ - 2047255 - alibaba: resourceGroupID not found
- BZ - 2047258 - [aws-usgov] fatal error occurred if AMI is not provided for AWS GovCloud regions
- BZ - 2047317 - Update HELM OWNERS files under Dev Console
- BZ - 2047455 - [IBM Cloud] Update custom image os type
- BZ - 2047496 - Add image digest feature
- BZ - 2047779 - do not degrade cluster if storagepolicy creation fails
- BZ - 2047927 - ‘oc get project’ caused ‘Observed a panic: cannot deep copy core.NamespacePhase’ when AllRequestBodies is used
- BZ - 2047929 - use lease for leader election
- BZ - 2047975 - [sig-network][Feature:Router] The HAProxy router should override the route host for overridden domains with a custom value [Skipped:Disconnected] [Suite:openshift/conformance/parallel]
- BZ - 2048046 - New route annotation to show another URL or hide topology URL decorator doesn’t work for Knative Services
- BZ - 2048048 - Application tab in User Preferences dropdown menus are too wide.
- BZ - 2048050 - Topology list view items are not highlighted on keyboard navigation
- BZ - 2048117 - [IBM]Shouldn’t change status.storage.bucket and status.storage.resourceKeyCRN when update sepc.stroage,ibmcos with invalid value
- BZ - 2048413 - Bond CNI: Failed to attach Bond NAD to pod
- BZ - 2048443 - Image registry operator panics when finalizes config deletion
- BZ - 2048478 - [alicloud] CCM deploys alibaba-cloud-controller-manager from quay.io/openshift/origin-*
- BZ - 2048484 - SNO: cluster-policy-controller failed to start due to missing serving-cert/tls.crt
- BZ - 2048598 - Web terminal view is broken
- BZ - 2048836 - ovs-configure mis-detecting the ipv6 status on IPv4 only cluster causing Deployment failure
- BZ - 2048891 - Topology page is crashed
- BZ - 2049003 - 4.10: [IBMCloud] ibm-vpc-block-csi-node does not specify an update strategy, only resource requests, or priority class
- BZ - 2049043 - Cannot create VM from template
- BZ - 2049156 - ‘oc get project’ caused ‘Observed a panic: cannot deep copy core.NamespacePhase’ when AllRequestBodies is used
- BZ - 2049886 - Placeholder bug for OCP 4.10.0 metadata release
- BZ - 2049890 - Warning annotation for pods with cpu requests or limits on single-node OpenShift cluster without workload partitioning
- BZ - 2050189 - [aws-efs-csi-driver] Merge upstream changes since v1.3.2
- BZ - 2050190 - [aws-ebs-csi-driver] Merge upstream changes since v1.2.0
- BZ - 2050227 - Installation on PSI fails with: ‘openstack platform does not have the required standard-attr-tag network extension’
- BZ - 2050247 - Failing test in periodics: [sig-network] Services should respect internalTrafficPolicy=Local Pod and Node, to Pod (hostNetwork: true) [Feature:ServiceInternalTrafficPolicy] [Skipped:Network/OVNKubernetes] [Suite:openshift/conformance/parallel] [Suite:k8s]
- BZ - 2050250 - Install fails to bootstrap, complaining about DefragControllerDegraded and sad members
- BZ - 2050310 - ContainerCreateError when trying to launch large (>500) numbers of pods across nodes
- BZ - 2050370 - alert data for burn budget needs to be updated to prevent regression
- BZ - 2050393 - ZTP missing support for local image registry and custom machine config
- BZ - 2050557 - Can not push images to image-registry when enabling KMS encryption in AlibabaCloud
- BZ - 2050737 - Remove metrics and events for master port offsets
- BZ - 2050801 - Vsphere upi tries to access vsphere during manifests generation phase
- BZ - 2050883 - Logger object in LSO does not log source location accurately
- BZ - 2051692 - co/image-registry is degrade because ImagePrunerDegraded: Job has reached the specified backoff limit
- BZ - 2052062 - Whereabouts should implement client-go 1.22+
- BZ - 2052125 - [4.10] Crio appears to be coredumping in some scenarios
- BZ - 2052210 - [aws-c2s] kube-apiserver crashloops due to missing cloud config
- BZ - 2052339 - Failing webhooks will block an upgrade to 4.10 mid-way through the upgrade.
- BZ - 2052458 - [IBM Cloud] ibm-vpc-block-csi-controller does not specify an update strategy, priority class, or only resource requests
- BZ - 2052598 - kube-scheduler should use configmap lease
- BZ - 2052599 - kube-controller-manger should use configmap lease
- BZ - 2052600 - Failed to scaleup RHEL machine against OVN cluster due to jq tool is required by configure-ovs.sh
- BZ - 2052609 - [vSphere CSI driver Operator] RWX volumes counts metrics `vsphere_rwx_volumes_total` not valid
- BZ - 2052611 - MetalLB: BGPPeer object does not have ability to set ebgpMultiHop
- BZ - 2052612 - MetalLB: Webhook Validation: Two BGPPeers instances can have different router ID set.
- BZ - 2052644 - Infinite OAuth redirect loop post-upgrade to 4.10.0-rc.1
- BZ - 2052666 - [4.10.z] change gitmodules to rhcos-4.10 branch
- BZ - 2052756 - [4.10] PVs are not being cleaned up after PVC deletion
- BZ - 2053175 - oc adm catalog mirror throws ‘missing signature key’ error when using file://local/index
- BZ - 2053218 - ImagePull fails with error “unable to pull manifest from example.com/busy.box:v5 invalid reference format”
- BZ - 2053252 - Sidepanel for Connectors/workloads in topology shows invalid tabs
- BZ - 2053268 - inability to detect static lifecycle failure
- BZ - 2053314 - requestheader IDP test doesn’t wait for cleanup, causing high failure rates
- BZ - 2053323 - OpenShift-Ansible BYOH Unit Tests are Broken
- BZ - 2053339 - Remove dev preview badge from IBM FlashSystem deployment windows
- BZ - 2053751 - ztp-site-generate container is missing convenience entrypoint
- BZ - 2053945 - [4.10] Failed to apply sriov policy on intel nics
- BZ - 2054109 - Missing “app” label
- BZ - 2054154 - RoleBinding in project without subject is causing “Project access” page to fail
- BZ - 2054244 - Latest pipeline run should be listed on the top of the pipeline run list
- BZ - 2054288 - console-master-e2e-gcp-console is broken
- BZ - 2054562 - DPU network operator 4.10 branch need to sync with master
- BZ - 2054897 - Unable to deploy hw-event-proxy operator
- BZ - 2055193 - e2e-metal-ipi-serial-ovn-ipv6 is failing frequently
- BZ - 2055358 - Summary Interval Hardcoded in PTP Operator if Set in the Global Body Instead of Command Line
- BZ - 2055371 - Remove Check which enforces summary_interval must match logSyncInterval
- BZ - 2055689 - [ibm]Operator storage PROGRESSING and DEGRADED is true during fresh install for ocp4.11
- BZ - 2055894 - CCO mint mode will not work for Azure after sunsetting of Active Directory Graph API
- BZ - 2056441 - AWS EFS CSI driver should use the trusted CA bundle when cluster proxy is configured
- BZ - 2056479 - ovirt-csi-driver-node pods are crashing intermittently
- BZ - 2056572 - reconcilePrecaching error: cannot list resource “clusterserviceversions” in API group “operators.coreos.com” at the cluster scope"
- BZ - 2056629 - [4.10] EFS CSI driver can’t unmount volumes with “wait: no child processes”
- BZ - 2056878 - (dummy bug) ovn-kubernetes ExternalTrafficPolicy still SNATs
- BZ - 2056928 - Ingresscontroller LB scope change behaviour differs for different values of aws-load-balancer-internal annotation
- BZ - 2056948 - post 1.23 rebase: regression in service-load balancer reliability
- BZ - 2057438 - Service Level Agreement (SLA) always show ‘Unknown’
- BZ - 2057721 - Fix Proxy support in RHACM 2.4.2
- BZ - 2057724 - Image creation fails when NMstateConfig CR is empty
- BZ - 2058641 - [4.10] Pod density test causing problems when using kube-burner
- BZ - 2059761 - 4.9.23-s390x-machine-os-content manifest invalid when mirroring content for disconnected install
- BZ - 2060610 - Broken access to public images: Unable to connect to the server: no basic auth credentials
- BZ - 2060956 - service domain can’t be resolved when networkpolicy is used in OCP 4.10-rc
CVEs
- CVE-2014-3577
- CVE-2016-10228
- CVE-2017-14502
- CVE-2018-20843
- CVE-2018-1000858
- CVE-2019-8625
- CVE-2019-8710
- CVE-2019-8720
- CVE-2019-8743
- CVE-2019-8764
- CVE-2019-8766
- CVE-2019-8769
- CVE-2019-8771
- CVE-2019-8782
- CVE-2019-8783
- CVE-2019-8808
- CVE-2019-8811
- CVE-2019-8812
- CVE-2019-8813
- CVE-2019-8814
- CVE-2019-8815
- CVE-2019-8816
- CVE-2019-8819
- CVE-2019-8820
- CVE-2019-8823
- CVE-2019-8835
- CVE-2019-8844
- CVE-2019-8846
- CVE-2019-9169
- CVE-2019-13050
- CVE-2019-13627
- CVE-2019-14889
- CVE-2019-15903
- CVE-2019-19906
- CVE-2019-20454
- CVE-2019-20807
- CVE-2019-25013
- CVE-2020-1730
- CVE-2020-3862
- CVE-2020-3864
- CVE-2020-3865
- CVE-2020-3867
- CVE-2020-3868
- CVE-2020-3885
- CVE-2020-3894
- CVE-2020-3895
- CVE-2020-3897
- CVE-2020-3899
- CVE-2020-3900
- CVE-2020-3901
- CVE-2020-3902
- CVE-2020-8927
- CVE-2020-9802
- CVE-2020-9803
- CVE-2020-9805
- CVE-2020-9806
- CVE-2020-9807
- CVE-2020-9843
- CVE-2020-9850
- CVE-2020-9862
- CVE-2020-9893
- CVE-2020-9894
- CVE-2020-9895
- CVE-2020-9915
- CVE-2020-9925
- CVE-2020-9952
- CVE-2020-10018
- CVE-2020-11793
- CVE-2020-13434
- CVE-2020-14391
- CVE-2020-15358
- CVE-2020-15503
- CVE-2020-25660
- CVE-2020-25677
- CVE-2020-27618
- CVE-2020-27781
- CVE-2020-29361
- CVE-2020-29362
- CVE-2020-29363
- CVE-2021-3121
- CVE-2021-3326
- CVE-2021-3449
- CVE-2021-3450
- CVE-2021-3516
- CVE-2021-3517
- CVE-2021-3518
- CVE-2021-3520
- CVE-2021-3521
- CVE-2021-3537
- CVE-2021-3541
- CVE-2021-3733
- CVE-2021-3749
- CVE-2021-20305
- CVE-2021-21684
- CVE-2021-22946
- CVE-2021-22947
- CVE-2021-25215
- CVE-2021-27218
- CVE-2021-30666
- CVE-2021-30761
- CVE-2021-30762
- CVE-2021-33928
- CVE-2021-33929
- CVE-2021-33930
- CVE-2021-33938
- CVE-2021-36222
- CVE-2021-37750
- CVE-2021-39226
- CVE-2021-41190
- CVE-2021-43813
- CVE-2021-44716
- CVE-2021-44717
- CVE-2022-0532
- CVE-2022-21673
- CVE-2022-24407
Red Hat OpenShift Container Platform 4.10 for RHEL 8
SRPM
x86_64
Red Hat OpenShift Container Platform for IBM Z and LinuxONE 4.10 for RHEL 8
SRPM
s390x
Red Hat OpenShift Container Platform for ARM 64 4.10
SRPM
aarch64
The Red Hat security contact is [email protected]. More contact details at https://access.redhat.com/security/team/contact/.