Back to index

4.10.24

Download the installer for your operating system or run

oc adm release extract --tools quay.io/openshift-release-dev/ocp-release:4.10.24-x86_64

Tests:

• Blocking jobs
  • upgrade Succeeded release-openshift-origin-installer-e2e-aws-upgrade
  • upgrade-minor Succeeded release-openshift-origin-installer-e2e-aws-upgrade
• Informing jobs
  • aws-sdn-upgrade-4.10-micro Succeeded (3 retries) periodic-ci-openshift-release-master-nightly-4.10-e2e-aws-upgrade
  • aws-serial Succeeded (1 retries) periodic-ci-openshift-release-master-nightly-4.10-e2e-aws-serial
  • gcp-ovn-upgrade-4.10-minor Pending (2 retries) periodic-ci-openshift-release-master-ci-4.10-upgrade-from-stable-4.9-e2e-gcp-ovn-upgrade

Upgrades from:

• 4.10.23 (changes) - F F F S F F F F F F F F F F F F F F F F F F F F F F F
• 4.10.22 (changes) - Failed
• 4.10.21 (changes) - Failed
• 4.10.20 (changes) - Failed Failed
• 4.10.18 (changes) - Failed
• 4.10.15 (changes) - Failed
• 4.10.13 (changes) - Failed
• 4.10.11 (changes) - Failed
• 4.10.9 (changes) - Failed
• 4.10.7 (changes) - Failed
• 4.10.6 (changes) - Failed
• 4.10.5 - Failed
• 4.10.4 (changes) - Failed
• 4.10.3 (changes) - Success
• 4.9.44 (changes) - S F F F F F F F S F F
• 4.9.43 (changes) - F F F F
• 4.9.42 (changes) - Success
• 4.9.41 (changes) - Success
• 4.9.40 (changes) - Failed
• 4.9.36 (changes) - Failed
• 4.9.33 (changes) - Failed
• 4.9.30 (changes) - Failed
• 4.9.27 (changes) - Success
• 4.9.24 (changes) - Failed
• 4.9.23 (changes) - Failed
• 4.9.22 (changes) - Failed
• 4.9.21 (changes) - Failed
• 4.9.19 (changes) - Failed

Upgrades to:

• 4.11.20 (changes) - Failed
• 4.11.19 (changes) - Failed
• 4.11.9 (changes) - Failed
• 4.11.4 (changes) - Failed
• 4.11.3 (changes) - F F F
• 4.11.2 (changes) - F F F
• 4.11.1 (changes) - Failed Success
• 4.11.0 (changes) - F F S
• 4.11.0-rc.7 (changes) - Success
• 4.11.0-rc.6 (changes) - F S S S S
• 4.11.0-rc.5 (changes) - Success
• 4.10.33 (changes) - Failed
• 4.10.32 (changes) - Failed
• 4.10.31 (changes) - S F S
• 4.10.30 (changes) - F F S
• 4.10.29 (changes) - Success
• 4.10.28 (changes) - Failed
• 4.10.27 (changes) - Failed
• 4.10.26 (changes) - Success
• 4.10.25 (changes) - S F F F F F

---

Loading changelog, this may take a while ...

Changes from 4.10.5

Created: 2022-07-20 07:22:27 +0000 UTC

Image Digest: sha256:aab51636460b5a9757b736a29bc92ada6e6e6282e46b06e6fd483063d590d62a

Release 4.10.24 was created from registry.ci.openshift.org/ocp/release:4.10.0-0.nightly-2022-07-19-210744

Components

• Kubernetes upgraded from 1.23.3 to 1.23.5
• Red Hat Enterprise Linux CoreOS upgraded from 410.84.202203141348-0 to 410.84.202207140725-0 (diff)

Removed images

• cluster-capi-controllers
• cluster-capi-operator

Rebuilt images without code change

• alibaba-cloud-controller-manager git db2d118a sha256:df2ca7f54a8d34f568a92c077c56ed8983fffc51146b55964971c1f970288aaa
• alibaba-machine-controllers git 02061213 sha256:ea1f013e3a6fca4d1d7777c455f0e34be49bebd2cb1ccac16b140d49196916e3
• aws-cloud-controller-manager git d85867fe sha256:8c00e6df3b34edfdf8c3bbf4d23b39fa91de238d322f657dc4d8341f3db77e70
• aws-ebs-csi-driver git 8ba0c7a8 sha256:23e6126f81f2cfedbe7b1fe251bcbad4c2365ed7ee12576b67fc56fcf587863a
• aws-pod-identity-webhook git 7f9eb87a sha256:97253518289360f50c3de3be8bf508fadf50a18935e7990d2bdde658080fdb9d
• azure-cloud-controller-manager git 07f13351 sha256:ab592552bb6f276206acfe2d930a375a6469773613a0c7337a4f318c167cdf45
• azure-cloud-node-manager git 07f13351 sha256:0a456b7ba3eb1dc739c78e400fec57f382221f3ebf33554732b53e3d8dc8712e
• azure-disk-csi-driver git 3d79d39e sha256:7b2c006c283e3e427f9e613bdc5449e0c8b1fd4c09d20845601719edb7ab8b9e
• azure-file-csi-driver git f88155b4 sha256:aa1556eaf6dae00fb8bb34c495faecaeebb9e374176f8e01ca46de025e63f2f8
• azure-file-csi-driver-operator git 3807eb37 sha256:85fe6f78cd27adec4c597d06e6f681f807d5582b1c7cd121de26351f3ccf1e7f
• baremetal-machine-controllers git 0716ee4c sha256:3555186adf6d0d79b9edf02935eb49ae8f61084c5117ff3e2066556caaf7ca6f
• cloud-credential-operator git aa551025 sha256:7a3376e6677d457d54e90d9e4b0b34f26ed4e406065c378005a9408674506527
• cluster-autoscaler git 25d3ad55 sha256:ece0fdfc6a4ee72f6fe21e5100fac0276986aab5b380cc7c657177a1389509b5
• cluster-bootstrap git f22d1c60 sha256:cb786b2e448e5cfd290e801c9ddcb0c389ac7e7f16b79b77ab8f8ce8a1e3249d
• cluster-dns-operator git bc48e0aa sha256:132250626db1a76bb49a23a5593db1a9ba8cc237003c6f8d3781ac7cb268b2f5
• cluster-kube-controller-manager-operator git ca3ff539 sha256:cc83500a51c225da8f897a506be19c8271bdc7839b3d1e47d9f870d00025edb6
• cluster-openshift-apiserver-operator git 224b294e sha256:1b5f6a51eccc5c3f56389f3f423858f31c27ea7c6dc25d139196e9852d7b8d2d
• cluster-openshift-controller-manager-operator git b8b65d15 sha256:398becea0e9d87e94ee42d6a5e3c2afc2fbfbfab11394a61c03957f69ad600d1
• cluster-policy-controller git 8e5b3651 sha256:6eb2d82ed0bd65de1ecca019b2483b01ade5954b79d53c342449f8fcbe77044a
• cluster-samples-operator git d41950dc sha256:25a2301d546119b4dd68a21607c3cd79e85f56a675cf3ca1b77a53469e351464
• configmap-reloader git 22a40ce7 sha256:777111fc99844b71b012b69c6f67cf73a60c76be351943240a9169fcf00c45fa
• container-networking-plugins git 55e1cf1c sha256:87a166dd8f21d8ba612ee0f49dc8839cb222f77156dcb67ed82e1c3ed13127cb
• coredns git 3ec1ee7d sha256:4c6a585c8a4f3944ab010bb89ab4fc89cc87ba9ce5428a463cfd68c9a5649f48
• csi-driver-manila git df0b27de sha256:8669914f068501bdb755e484418b49dff9bc6eeb9bb07e07bf7e2e261a7496b1
• csi-driver-nfs git 3448830c sha256:e322662d8fa936c134d449b5f56b60038b0e21c04971011739cbf72b18c490bf
• csi-driver-shared-resource git d06ff18b sha256:078da3dec4ec9825f45712cb4b5500d61097ef813cef446f8c5b56617d7740b0
• csi-driver-shared-resource-operator git 662615b3 sha256:2782057e05351081a8bc0f237736327eb5ae66fe8bcec14dec4a7613f366460b
• csi-external-attacher git 27e71f2b sha256:379cf019a7a78452596263ceea1adf98714dd8a985f09531c029560526a6b15c
• csi-external-provisioner git 31de1e19 sha256:d2988ce4a7a8cfeeefab8456435531faafe3804d3ad0b78822fb1eb0e95fcbad
• csi-external-resizer git e5934091 sha256:408df31ea13f536abf7e25500e0127695659f13078633b302d7fccfdb29dbb6e
• csi-external-snapshotter git fe4a0a2f sha256:172c3384fae890209db5795e988d68f9d947c0573800099a002478203fe7c71b
• csi-livenessprobe git 8c1a5bca sha256:8524c9458dd9517ae6d72b447c8c822ee3960b0bf660c6388d046b0ed8f3704f
• csi-node-driver-registrar git bb0bd823 sha256:8886eb8d0f279a077eb667c59488cae3154a8e4f92be25e92df8590e7d9e62df
• csi-snapshot-controller git fe4a0a2f sha256:d0e506b786984b64baccb7f778b9d66428157e66ca516c14e9363399049c2b47
• csi-snapshot-validation-webhook git fe4a0a2f sha256:53501ab17ffbc07722ee37dea9a4b88d9e52c0a8d3117510ceb6073ea38c535f
• docker-builder git 24d8db40 sha256:119f8096655464ede18a1be74531251323d6a0d50773b8d58dabc07fa64c0304
• driver-toolkit git 0c77c8d6 sha256:84edddb4322cfe50d8545c41014a8f5595a4260a20d9a269e144909c5949582b
• egress-router-cni git 5c56bc8a sha256:748fbfabc432acef10b37e564688ba5e0fe934361ecb1913e40fa4d34cdd6bd3
• gcp-cloud-controller-manager git 4dc728d0 sha256:8b9a92276f84629472c0c9ab379d1e7da6a4a1638d4d2291acacbdb1dfaeda3e
• gcp-machine-controllers git 3fe46c8b sha256:2a04576d52958bcfda335d82768846f8869dcb8da004b4b6139ff664fa1b9389
• gcp-pd-csi-driver git 19e9a57f sha256:6885e79c6ddd2c593b39a13630c75f1af6351199940973b24f93e9b5e795cede
• grafana git 48aec355 sha256:7dd4fca1f03f65c7837e3b3420d1df10ff612ac36f5f1e8ecbec0d6fc0c49659
• ibm-cloud-controller-manager git e3039120 sha256:f5c20ea0c5df3636194a02aff2226c0a8285438277fd28c7ab6f98cc215e5be3
• ibm-vpc-block-csi-driver git d54e3706 sha256:849f33260d8cdd4720630ed86c46beb9ca76cbe83982fe04073090f69adf0616
• ibm-vpc-node-label-updater git 7074dfc3 sha256:b3f241d18f0bacf3129b12775b4269fc22a6c4173d0862fcf96bf9f408effa57
• ibmcloud-machine-controllers git 7449a94f sha256:772edcafbacf208e6094b25f0ce924f5e3c9651a611dd28e8493f1ce274d9874
• ironic-hardware-inventory-recorder git 62469223 sha256:85840b86fb1d189616b2f9f6371f3ab8f76654e2c5ff2fe1b130b95617dd289b
• ironic-machine-os-downloader git 81fe2974 sha256:bf7dc8b573d8776f8e3ca0bb4605b6c2d35f2c52dc5badbf261c6f717e949893
• ironic-static-ip-manager git 45a1c542 sha256:fa83f24b892664b7060e777ac5cd4f4cdac234678f12981edf04df3e5da4c7b2
• k8s-prometheus-adapter git 4052b317 sha256:8e8ccc0bc92245b24afc762c98b24ecbf24a9b28a7d4fe497de790e761633411
• keepalived-ipfailover git 5d526c41 sha256:2787d50587694a64c146026cf9f764f8526599589504d9a43bbaa9d4bff796ae
• kube-rbac-proxy git 4f198b2b sha256:6c7f41cd2202ff4a687baff9133a1ccba8e77311b96cef2a781831353db90be4
• kube-storage-version-migrator git 901a6d22 sha256:0d20224a81633274071ae8fbf9c5f013cb386858a4f16cf46f53ef8508a11584
• libvirt-machine-controllers git 3b330b72 sha256:eed0f48ed00838fb9c5879bc6b6e5481ea14bf14ea1116985ce4bbecc2be53aa
• machine-os-content sha256:7e2b14a0df142f178dcb1fb2d59e1401eaaff5a87e7b87e20441f1e077ef3a8f
• multus-admission-controller git d7a7fe5d sha256:b5bcc1882b9afe3fd26f3e68da2cf1b72cf7f31850dc634f0d38c1515d8c4092
• multus-networkpolicy git bfcc6c85 sha256:e6e98f8f447fed3e27ceb7e83886295e037f6ebea7e604808cf9917f46c617e0
• multus-route-override-cni git 707dd380 sha256:c43036d5bb262560b97134548b85cc8e1a6ad9b2477f6985ee146e4e215d1c6c
• network-tools git bcfec9c5 sha256:4960434212de04c015a7fa081d81d906258360e5c7843dead22a59584e3b310d
• oauth-proxy git 799d414b sha256:dcb61fe5e82c0d01b90155f20b0b6ce37446867ca0d005b727fc073f86ed1354
• oauth-server git 245b95f8 sha256:5085b404248def7058806ad61102dad09a02208777bf15fd4e275c435bd6031a
• openshift-controller-manager git 2c2d50db sha256:83fc8253611fc117513c9b5381d1849b3fe57d24300618cfc7def83fdc7fdb88
• openstack-cinder-csi-driver git df0b27de sha256:f52a840ce398e4c852b000a9dd14044785d27a6461aa6d871bbfc8570e3659a1
• openstack-cloud-controller-manager git df0b27de sha256:80e193b9e36e7262afedbaf1d6608d542eb1614187a12d3720c506531ac57ca2
• openstack-machine-api-provider git 2401f74d sha256:5876036a0b15e58566fd0c9cde4c67b4c0d1dcdc56ee743da690dd0b89579d90
• operator-marketplace git 80b92ecf sha256:ba93e06839b0c0cdcd9a29e515ed588d41eb71fd422dd42dfe92906bfab88fe8
• ovirt-csi-driver git 633cbb6d sha256:c4240dae68a407256b481e84c9931c88fcdef9ad79003a35bfb26120328e61f4
• ovirt-machine-controllers git 35ce9aaf sha256:5f55a0c0979ef0961fef7f267d2ce56c3f05f1dae8d8dac8811f68cf2811abbd
• powervs-machine-controllers git c1d68e7b sha256:3353f58c8ad5b5a1a1e7e4a9acf815b39de690e673ad09bc2c56f1ca682b8a1b
• prom-label-proxy git 5f4c8992 sha256:9053faaf26e77ee41b159cc91af3bfdc9e76c5d707e5b4675b462d1be45af267
• prometheus git 3c6cd55e sha256:36b41684d64f1f0ff932f994d8d37b96c91c19f1b725b97bbb31b5faa3656eb5
• prometheus-alertmanager git 01339596 sha256:a061f390054dfb0869ef862f9cd6160af4e6c2cae2214629fd4145ad68692d82
• prometheus-node-exporter git 0eed3102 sha256:7cb1aa390a4ce1b9c733f2aa508b463fe96de104aac245c1d068ec3f113d8b0b
• service-ca-operator git 1611373e sha256:65e6a5433b03f5be3e11798c4b6874ecc30bc81535712c240d9aa282e00228e5
• telemeter git 2c9c76e6 sha256:7126d7321ba855bf24aa4e7e03ac92c5ecacc19ad567ab6fbd3b3e2b2b991e4f
• thanos git 10ca1d38 sha256:037a178d5e046fdae2d51a7e758713adcb57348471fde203e0bd3af4c6f7b77b
• vsphere-cloud-controller-manager git 25b98d3b sha256:920de3b037df8e9649a4a0e50f60507a9a202fc9de12f3a7b95748ca89829684
• vsphere-csi-driver git e310f4d3 sha256:cb8f3566d3fb7e380dfff6a9c291ed60d7c700477377e77b154c266e7c4a66ad
• vsphere-csi-driver-syncer git e310f4d3 sha256:3c1ed18541701e1dc2e579498593e197dc6dedebc1ecd8f5971ad92ce5ea2ded

alibaba-cloud-csi-driver

• Bug 2076671: 4.10: Add a parameter to the schema to automatically increase volume sizes #14
• Full changelog

alibaba-disk-csi-driver-operator

• Bug 2076671: Auto increase volume size to 20 GiB in the default storage class #28
• Full changelog

aws-ebs-csi-driver-operator

• Bug 2077894: Set custom endpoint environment variable if available #154
• Full changelog

aws-machine-controllers

• Bug 2083270: Custom DHCP Option Set: empty domain-name is a valid custom domain #37
• Full changelog

azure-disk-csi-driver-operator

• Bug 2097439: Only use credentials that are provided by the azure-inject-credential… #50
• Full changelog

azure-machine-controllers

• Bug 2093275: update getAvailabilitySetName function #23
• Full changelog

baremetal-installer, installer, installer-artifacts

• Bug 2099673: Collect whole journal and netstat data #6035
• Bug 2097753: Bootstrap timeout increase #6017
• Bug 2083632: Delete all the ports from tagged Neutron networks. #5882
• Bug 2077904: Fix empty string usage in ValidateForProvisioning #5835
• Bug 2045771: bump RHCOS 4.10 bootimage metadata #5932
• Bug 2083335: Set rc-manager=unmanaged for on-prem bootstrap #5876
• Bug 2084547: update azure arm templates to support customer provided vnet #5892
• Bug 2083327: [release-4.10] Add ‘ARG TAGS=“”’ line for each build step #5874
• Bug 2076613: [release-4.10] data/data/coreos/fcos.json: update initial FCOS to 35.20220327.3.0 #5820
• Bug 2079589: azurestack: stop pinning to Standard_LRS for disk type #5851
• Bug 2041765: Update BMO vendor #5705
• Bug 2077411: for vsphere ipi add cluster domain to the uploaded vm configs so that 30-local-dns-prepender can use it #5827
• Bug 2068948: Update region check for coreos AMIs #5752
• Bug 2072135: vsphere: Use Managed Object ID for networks instead of potentially duplicate name. #5773
• Bug 2062429: IBMCloud: Missing infra providertype #5693
• Bug 2065808: stop considering Mint mode as supported on Azure (#5699) #5717
• Bug 2064731: fix(ibmcloud): Properly match regex for DNS destroy #5711
• Full changelog

baremetal-operator

• Bug 2097695: Stop treating missing network as fatal error #230
• Full changelog

baremetal-runtimecfg

• Bug 2084187: Avoid kubernetes node port range #178
• Full changelog

cli, cli-artifacts, deployer, tools

• Bug 2095584: Backport oc adm catalog mirror –continue-on-error flag #1170
• Bug 2084591: [inspect] Add namespace-scoped networking resources to inspect #1133
• Bug 2087248: Add the ReleaseAccepted condition to the oc adm upgrade command #1147
• Bug 2080151: Remove network CRDs scheme registration #1122
• Bug 2084429: Fix project command auto completion #1131
• Bug 2077332: pkg/cli/admin/upgrade: Use PATCH instead of POST for spec updates #1114
• Bug 2079325: Fix kubectl version to 1.23.0 #1117
• Bug 2068763: make sure that we check for resorces and files before picking the simplest path #1098
• Bug 2068474: expose –keep-startup flag for oc debug #1097
• Bug 2049427: Enhancing the output provided when backup collections are attempted #1056
• Bug 2060419: reuse SourceRepository.DetectAuth during argument classification for consistent interaction with private source repositories #1083
• Full changelog

cloud-network-config-controller

• Bug 2075444: Get subnet information from subnet instead of from network addresses #40
• Bug 2076935: azure: default empty environment to AzurePublicCloud #37
• Bug 2062133: Fix Azure VNET lookup when the NIC’s subnet is in a different resource group #28
• Full changelog

cluster-authentication-operator

• Bug 2084054: only ever include certificates in the oauth-serving-cert CM #577
• Full changelog

cluster-autoscaler-operator

• Bug 2069095: add leader election flags to autoscaler deployment #243
• Full changelog

cluster-baremetal-operator

• Synchronize OWNERS from master #274
• Bug 2091738: Fix interpretation of Deployment Status Conditions #267
• Full changelog

cluster-cloud-controller-manager-operator

• Bug 2099499: Backport resourceapply changes for being able to recreate daemonsets/deployments #194
• Bug 2079791: Ensure release version is injected into all controller status clients #187
• Full changelog

cluster-config-operator

• Bug 2072739: [release-4.10] Bump openshift/api to a83e6f8f1d #247
• Full changelog

cluster-csi-snapshot-controller-operator

• Bug 2062197: Fix race when setting Progressing condition #115
• Full changelog

cluster-etcd-operator

• Bug 2086451: fix races in etcdclient #828
• fixing unit test health flakes with tolerance #882
• Bug 2105148: fix degraded missing cluster version #878
• Bug 2102793: avoid extrapolation in leaderhip alert #870
• Bug 2095579: etcdHighNumberOfFailedGRPCRequests alerts with wrong results #850
• Bug 2101912: Upping defrag timeout to 1 minute #866
• Bug 2095114: cluster-backup.sh script has a conflict to use the ‘/etc/kubernetes/static-pod-certs’ folder if a custom API certificate is defined #848
• Bug 2010346: Add summary to etcd alert rules #825
• Bug 2088131: remove etcd_perf before restore #836
• Bug 2082312: Adding Thomas to reviewers, adding Allen to approvers #817
• Bug 2080554: manually disable defrag #809
• Bug 2079660: pkg/operator/upgradebackupcontroller: Pivot from Failing to ReleaseAccepted #806
• Bug 2055833: Increase IBMCloud VPC heartbeat timeout to 500ms and leader election timeout to 2500ms #794
• Bug 2059632: pkg/operator/metriccontroller/fsync_controller: Fix “treshold” -> “thresholds” typos #757
• Bug 2076773: Update owners to add new team members #793
• Bug 2059347: Fix FSyncController degraded latch #755
• Bug 2069825: turn on initial corruption check #771
• Full changelog

cluster-image-registry-operator

• Bug 2083242: IR-253: add prometheus rules for image registry operations metrics #786
• Bug 2083242: IR-120: Add prometheus rules for image stream tags rules #777
• Bug 2083242: IR-120: Implementing metrics for ImageStreams #775
• Bug 2084514: Fix cloudfront middleware configuration #780
• Bug 2083559: IBMCloud: Add admin permissions to CR #778
• Bug 2074050: Deployment annotations, runtimeClassName override and fs policy change #765
• Full changelog

cluster-ingress-operator

• Bug 2097735: Fix loadBalancerServiceAnnotationsChanged check and update #784
• Bug 2100630: Fix flakey logic in haproxy timeout tests #792
• Bug 2082161: Delete LoadBalancer-type service finalizer logic #755
• BUG 2063283: Disable keepalive for canary probe #719
• Bug 2059210: Set Upgradeable=False if default cert has no SAN #710
• Full changelog

cluster-kube-apiserver-operator

• Bug 2071030: OCP 4.10 should be firing APIRemovedInNextEUSReleaseInUse for APIs removed in 1.25 #1335
• Full changelog

cluster-kube-scheduler-operator

• Bug 2089336: Fix bootstrap leader election config #429
• Full changelog

cluster-kube-storage-version-migrator-operator

• Updating ose-cluster-kube-storage-version-migrator-operator images to be consistent with ART #65
• Full changelog

cluster-machine-approver

• Bug 2072928: Reconcile recently approved CSRs by other controllers #162
• Full changelog

cluster-monitoring-operator

• Bug 2098505: Backport PR#1692 to release-4.10 #1695
• Bug 2083242: IR-254: Collecting registry and image stream usage #1694
• Bug 2089806: Refactors CreateRouteIfNotExists to CreateOrUpdateRoute #1677
• Bug 2090422: pkg/manifest: Allow retention to be configurable for Thanos-Ruler in UWM #1678
• Bug 2090602: Federation for UWM metrics #1657
• Bug 2083460: Set timeout across Grafana components #1654
• Bug 2077722: Adjust NodeFilesystemSpaceFillingUp thresholds according default kubelet GC behavior #1665
• Bug 2075757: UWM: add SAR capabilities to prometheus cluster role #1653
• Bug 2075757: use bearer token as fall-back authn method #1641
• Bug 2062452: React to changes in clusteroperators #1585
• Bug 2060756: Properly deal with an empty console URL #1582
• Full changelog

cluster-network-operator

• Bug 2077384: Bump max value of hist quantile for kuryr_cni_request_duration #1388
• Bug 2084591: Cleanup CNO relatedObjects #1467
• Bug 2085510: OCPVE-106 Customize rollout strategy to fix SNO upgrade #1445
• Bug 2078501: [release-4.10] Drop Node update permission for sdn-node #1410
• Bug 2058508: Add rolling update strategy for Kuryr-CNI. #1321
• Bug 2083593: Add default-route field to egress-router k8s.v1.cni.cncf.io/networks #1436
• Bug 2079031: Make the use of the ip-reconciler cronjob opt-in by detecting IPAM type usage [backport 4.10] #1398
• Bug 2081149: Reserve port TCP/9104 for cluster-network-operator #1418
• Adds dougbtv to owners [release-4.10] #1401
• Bug 2058672: ip-reconciler cronjob specification requires hostnetwork, api-int lb usage & proper backoff [backport 4.10] #1322
• Bug 2057961: Do not apply OVN-Kubernetes PodDisruptionBudget on single-node clusters #1317
• Full changelog

cluster-node-tuning-operator

• Ignore Profile updates triggered by old operands (#357) #357
• Full changelog

cluster-storage-operator

• Bug 2102242: Add missing ibm cloud annotations to prometheus rbac #293
• Bug 2072191: cluster storage operator AWS credentialsrequest lacks KMS privileges #268
• Full changelog

cluster-update-keys

• Updating ose-cluster-update-keys images to be consistent with ART #41
• Full changelog

cluster-version-operator

• Bug 2108292: pkg/cvo: retain initial completed update history entry #798
• Bug 2094078: pkg/cvo/updatepayload: Guard against ‘rm -fR -whatever’ with ./* #787
• Bug 2090150: pkg/cvo/sync_worker.go: Save overrides #782
• Bug 2083370: Do not save desired update on load failures #776
• Bug 2080058: pkg/cvo/updatepayload: Prune previous payload downloads #769
• Bug 2071211: lib/resourcebuilder/batch: Stop waiting on Job deadline exceeded #764
• Bug 2064991: pkg/cvo: Separate payload load from payload apply #753
• Bug 2052839: pkg/cvo/sync_worker: Use current state, not suggested state, for guarding Initializing->Updating #738
• Full changelog

console

• Bug 2092832: Check if spec is available in MCP details page #11629
• Bug 2084629: Add params prop to HorizontalNav component #11488
• Bug 2100330: disable upload for sourceRef templates #11774
• Bug 2104889: Fix topology sidebar update issues #11798
• Bug 2052416: fix offensive vm names #11778
• Bug 2094194: fix bug where log stream pauses in Chrome #11654
• Bug 2100345: fix clone vm error creating DV #11770
• Bug 2097338: Filter virtualization alerts in status card #11715
• Bug 2094215: Pass contextSource to TopologyApplicationActionProvider #11656
• Bug 2099600: Topology toolbars are unaligned to other toolbars #11703
• Bug 2095637: Disable update channel validation as well #11753
• Bug 2078699: Display disk size in correct units #11746
• Bug 2099527: Bug fix context menu position on topology #11735
• Bug 2078699: Display disk size in GiB in VM customize wizard #11733
• Bug 2079985: use the correct Alertmanager tenancy proxy #11418
• Bug 2094348: Display only running VMs in Virtualization Overview chart #11659
• Bug 2095217: Fix SSH command string #11679
• Bug 2062980: fixes uri case for event sink #11175
• Bug 2092496: [release-4.10] Added vault_tenants_sa to the list of supported providers #11584
• Bug 2094863: fix web terminal start #11672
• Bug 2094211: Change Ping source spec.jsonData (deprecated) field to spec.data #11655
• Bug 2090750: Handle medik8s node maintenance #11581
• Bug 2091482: change metrics queries based on metrics level configurations #11595
• Bug 2089589: add debounce to tektonhub versions api call to avoid many calls #11552
• Bug 2092140: Avoid using ‘gp2’ hardcoded storage class #11618
• Bug 2089315: fix rolebinding in DevConsole dropping all subjects when updating #11545
• Bug 2095637: Fix failing backend test after devfile registry update #11710
• Bug 2094001: Add high priority alerts to overview #11647
• Bug 2092168: Add ‘Unavailable’ status to clusteroperator status filter #11619
• Bug 2088210: Monitoring: Fix first panel sometimes not rendered #11528
• Bug 2090124: Removing SSH service selectors to minimum required #11565
• Bug 2081946: Fix default branch param in pipeline import from git flow #11442
• Bug 2091402: cloud-init User check for Windows VM refuses to accept capitalized #11592
• Bug 2084430: fixes apiversion for k8s svc and resource selection for sink for form yaml switcher #11482
• Bug 2087065: show Limit exceeded state for large number of nodes in topology #11506
• Bug 2050273: Update MON_DISK_LOW whitelisted alert documentation URL #11411
• Bug 2089162: Change learn more link in virtualization -> migration tool #11541
• Bug 2089547: Eliminate use of lookaside cache and move to Cachito #11551
• Bug 2088430: Set dashboards timeout based on selected timespan #11532
• Bug 2084091: MCG standalone deployment page goes blank when the KMS option is enabled #11479
• Bug 2088247: Different status shows on VM list page and details page #11538
• Bug 2087041: back port conditional updates #11487
• Bug 2088281: Attached disk keeps in loading status when add disk to a power off VM by non-privileged user #11530
• Bug 2088246: Overview page crash if no labels available #11525
• Bug 2051433: [release-4.10] Create HANA VM does not use values from customized HANA templates #11011
• Bug 2088255: Adding missing annotations to create VM from YAML #11527
• Bug 2088019: The default YAML on vm wizard is not latest #11522
• Bug 2083729: Fix Filter Dropdown State Management #11471
• Bug 2084489: Create VM from template that has sourceRef - will now reflect sourceRef at yaml #11485
• Bug 2076989: Fix ResourceQuota dashboard card and ACRQ donut label #11367
• Bug 2083385: fix bug where “Update blocked” label incorrectly displa… #11466
• Bug 2076370: fix CRD name filter #11356
• Bug 2083551: customize wizard is crashed #11469
• Bug 2076275: Update and scope our breadcrumb padding rule so it doesn’t effect a pure implementation #11365
• Bug 2076777: add update mode to Update cluster #11364
• Bug 2074163: remove .pf-c-button.pf-m-link override #11315
• Bug 2071904: Translate Extensions On Each Language Change #11348
• Bug 2078385: Remove reference to deprecated v2v-vmware ConfigMap #11387
• Bug 2076369: fix bug where ClusterRole > RoleBindings did not display… #11354
• Bug 2073477: Add IBM Flashsystem volume types #11308
• Bug 2077641: Improve Firehose cache, so that it does not return unexpected data also if isList differs on two concurrent calls #11382
• Bug 2065008: add a hardcoded blog link as fallback in guided tours #11193
• Bug 2074571: fix bug where Cluster Settings shows 0 of N, 0% progres… #11319
• Bug 2073023: Fix WebSockets not reconnecting during upgrade #11302
• Bug 2072839: fix bug where RoleBindings are not displaying in ClusterRole > RoleBindings #11297
• Bug 2069246: Fixed the render of a Tab Extension when there is a version present #11242
• Bug 2076221: Fix failing TestGetRegistrySamples test #11351
• Bug 2057218: Added support for customized wizard - new templates #11341
• Bug 2069959: Update getting started blog link #11255
• Bug 2074895: Display correct disk size in Edit disk modal #11329
• Bug 2061250: Update ConsolePlugin manifest #11267
• Bug 2072440: avoid pre-fetching tekton hub task versions in pipeline builder #11290
• Bug 2067719: correct ChannelDocLink url #11225
• Bug 2069913: Fix disabling community tasks in pipeline builder issue #11253
• Bug 2059186: Don’t pass Authorization header when not needed #11108
• Bug 2048892: Add empty state to running VMs card #10986
• Bug 2054949: Disabling Vault SA based auth for storage class encryption #11064
• Bug 2049762: Cannot change storage class of boot disk when creating VM #10994
• Bug 2054650: Allow custom template namespace #11057
• Bug 2067983: Pipeline metrics: use prometheus-tenancy API to get data #11226
• Bug 2065480: Fix VolumeSnapshot creation sort #11196
• Bug 2064988: [Tekton Hub] show read more link in the task quick search details pane #11192
• Bug 2057507: Decode secrets before authorizing repository #11094
• Bug 2052414: Add started-by annotation to pipelines created with “Start last run” #11015
• Bug 2059807: Show standalone resources as sink and not the one’s owned by other resource #11119
• Bug 2065672: Fix alert from showing an object #11200
• Bug 2060090: updates versions for kafka and kafkaTopic #11127
• Bug 2059989: Fix to add labels to webhook secrets created during import #11125
• Bug 2056512: fix ClusterOperator Status, Version col sorts #11084
• Bug 2064510: Change the tekton hub api endpoint to use v1 api #11186
• Full changelog

console-operator

• Bug 2076453: Console operator should not block installation/upgrade process when set to Removed state #649
• Bug 2059992: Re-enable TestMetricsEndpoint e2e test case #646
• Bug 2054535: ODF quickstart permissions check #637
• Bug 2054199: Dockerfile.rhel7: add new Helm CRD, ProjectHelmChartRepository #636
• Full changelog

csi-driver-manila-operator

• Bug 2091649: SWEET32: Improve TLS configuration for Kube RBAC Proxy #150
• Full changelog

docker-registry

• Bug 2099416: Support authentication using gcp workload identity federation #336
• Bug 2085414: forward http.StatusTooManyRequests to client #332
• Bug 2069807: Bug 2060362: Revert “Support authentication using gcp workload identity federation” #321
• Bug 2061785: Fix ICSP for subrepositories #318
• Full changelog

etcd

• Update OWNERS #123
• Bug 2077498: Merge Upstream etcd 3.5.3 into Openshift 4.10 #118
• PR 13923 to release-3.5 #13938
• Dockerfile*: Switch baseimage to k8s hosted one #13862
• Set backend to cindex before recovering the lessor in applySnapshot #13933
• Support linearizable renew lease #13932
• clientv3: filter learners members during autosync #13917
• etcdserver: upgrade the golang.org/x/crypto dependency #13669
• Fix the data inconsistency issue by adding a txPostLockHook into the backend #13908
• server: Save consistency index and term to backend even when they decrease #13904
• go.mod: Upgrade to prometheus/client_golang v1.11.1 #13895
• server: Add verification of whether lock was called within out outsid… #13887
• Fix inconsistent log format #13866
• Makefile: Fix wrong target #13858
• Update go to 1.16.15 #13832
• Fix offline defrag in etcdctl #13792
• backport 3.5: #13676 load all leases from backend #13726
• server/storage/backend: restore original bolt db options after defrag #13701
• Always print raft term in decimal when displaying member list in json #13727
• *: fix IsOptsWithFromKey #13736
• enhance health check endpoint to support serializable request #13706
• Trim the suffix dot from the srv.Target for etcd-client DNS lookup #13714
• Update dep: gopkg.in/yaml.v2 v2.2.8 -> v2.4.0 due to: CVE-2019-11254 [release 3.5] #13616
• Backport watchablestore runlock bug fix to release-3.5 #13541
• Set the backend again after recovering v3 backend from snapshot #13501
• Backport Lease Checkpoints fix to release-3.5 #13515
• Backport PR 13308 to release-3.5 #13477
• cherry-pick to 3.5 from #13467 exclude the same alarm type activated by multiple peers #13476
• storage/backend: Add a gauge to indicate if defrag is active (backport) #13395
• Dockerfile: bump debian bullseye-20210927 #13380
• Cherry pick “Fix http2 authority header in single endpoint scenario” to release-3.5 #13375
• Fix for v3.5 Ensure that cluster members stored in v2store and backend are in sync #13348
• Stop using tip golang version in CI #13349
• [backport 3.5]: Automated cherry pick of #13145 #13237 #13257
• Full changelog

gcp-pd-csi-driver-operator

• Bug 2098655: gcp cluster rollback fails due to storage failure #49
• Full changelog

haproxy-router

• Bug 2076371: generateRouteHostRegexp: Escape blanks #385
• Full changelog

hyperkube, pod

• Bug 2106414: UPSTREAM: 109103: cpu/memory manager containerMap memory leak #1318
• Bug 2103381: UPSTREAM: <carry>: update list of deprecated apis #1306
• Bug 2104928: UPSTREAM: 109932: fix: exclude non-ready nodes and deleted nodes from azure load balancers #1263
• Bug 2067464: Backport 107821 and 107831 #1241
• Bug 2075831: UPSTREAM: 109487: Disable JobTrackingWithFinalizers due to unresolved… #1244
• Bug 2074094: UPSTREAM: <carry>: An APIRequestCount without dots in the name can cause a panic #1237
• Bug 2069311: UPSTREAM: <carry>: use hardcoded rest mapper from library-go #1231
• Bug 2065774: Backport 108723 OutofCpu Fixes #1221
• Bug 2065620: Rebase 1.23.5 #1220
• Automated cherry pick of #108631: Remove apf_fd from httplog #108634
• Update Go to 1.17.8 #108559
• Bump konnectivity-client@v0.0.30 #108438
• Automated cherry pick of #107131: Fix default config flags #108401
• Automated cherry pick of #108410: fix dryrun when ca file exists #108469
• Automated cherry pick of #107121: fix regression introduced by PR 100320 #108465
• Automated cherry pick of #107764: wrap error from RunCordonOrUncordon #107938
• Automated cherry pick of #107413: kube-proxy: fix duplicate port opening #108294
• Automated cherry pick of #107997: cronjob_controllerv2: do not filter jobs to be reconciled by #108306
• Automated cherry pick of #108209: increase Azure ACR credential provider timeout #108226
• Automated cherry pick of #108149: fix: do not return early in the node informer when there is #108177
• Automated cherry pick of #108167: Fix nodes volumesAttached status not updated #108461
• Automated cherry pick of #108002: kubeadm: fix the bug that ‘kubeadm init –dry-run #108120
• test/e2e/framework: include the new control plane taint for “–non-blocking-taints” #108336
• /test/e2e_kubeadm: adjust label / taint checks for 1.23 #108170
• Automated cherry pick of #108127: test/e2e_kubeadm: fix matching UnversionedKubeletConfigMap #108128
• Automated cherry pick of #107900: Add an e2e test for updating a static pod while it #107931
• Automated cherry pick of #108198: Updating EndpointSlice strategy to retain node name in #108201
• Automated cherry pick of #108138: Revert v1beta1 PodDisruptionBudget select patchStrategy #108139
• Automated cherry pick of #107670: Ignore container notfound error while getPodstatuses #108164
• Automated cherry pick of #107789: Mark device as uncertain if unmount device succeeds #107791
• Update Go to 1.17.7 #108100
• Automated cherry pick of #107575: fix: azurefile volumeid conflict in csi migration #107850
• Automated cherry pick of #106715: set secondary address on host-network pods #107988
• Automated cherry pick of #107970: Make JSON schema round tripping test more strict #108030
• Automated cherry pick of #107956: Deeply copy JSONSchemaProps.XValidations. #107968
• Automated cherry pick of #107786: Revert “Fix comparison between FQDN and hostname” #107902
• Automated cherry pick of #107847: service REST: Call Decorator(old) on update path #107875
• Automated cherry pick of #106280: Set max results if its not set #107651
• Automated cherry pick of #107695: kubelet: fix podstatus not containing pod full name #107761
• Full changelog

hypershift

• cache registry files #1567
• feat(oauth): allow challenge override for OpenID #1543
• Add fallback set cache value from old token #1531
• Set Recommended Leader Election Values #1507
• feat(cpo): Support disable profiling annotation #1501
• Use ImagePullPolicyIfNotPresent for HO #1483
• Updated secret permissions to conform to kubernetes CIS benchmark #1480
• Ensure that everything uses imagePullPolicy IfNotPResent for resiliency #1475
• Add missing control plane prometheus rules #1471
• Ensure cache is set during token rotation before reconciling #1461
• Fix(cpo): Propagate TLS security profile config to kube-controller-manager and kube-scheduler #1416
• feat(cpo): adhere to upgrade order from kube version skew policy #1410
• Set shutdown params to improve graceful shutdown #1387
• fix(cpo): Scope down secrets access for olm collect profiles cj #1378
• move to ga apis for all components now that management clusters at minimum release boundary #1361
• configure cipher suites to prevent using medium strength ssl ciphers #1359
• Use apiserver host/port from InfraStatus in reconciling Kube API Server #1333
• Ignition server: Actually use workdir #1317
• Use forked processes instead of pods to generate ignition payload #1311
• disable reconcile of registry config in IBMCloud deployments #1309
• feat(cpo): Disable PodSecurity for 4.10 #1289
• Disable PodSecurity admission in 4.11 as it breaks conformance #1286
• Expose a service account signing key in the API #1265
• release-4.10 - Create valid route names with long namespace names #1252
• Fast-Forward from main #1233
• e2e: Don’t enable user workload monitoring on management clusters #1231
• Fix priority class for olm cronjob and verify priorityclasses in e2e #1226
• e2e: Don’t fail test on transient recoverable API lookup #1230
• Hypershift operator: Give a priority that is higher than any controlplane component #1229
• Get autoscaler/machine-approver images from the payload #1090
• Document KubeVirt Platform Ingress Setup #1213
• AntiAffinity rules to spread KubeVirt VMs across mgmt nodes #1218
• Retry EIP tagging failures during infra creation #1219
• Fix CPO to work with 4.11 #1217
• read apiserver-network-proxy image from ocp payload #1215
• Add support for AdditionalTrustBundle #972
• docs for DNS indirection #1208
• docs: Upgrade mkdocs/material to fix Netlify breakages #1212
• Dump: Always create an archive #1204
• Update staticcheck to a version that works with go 1.18 #1207
• Unique OpenShift vxlan port for KubeVirt Platform #1206
• Registry configuration: reconcile only what we need to changes #1202
• enable external-dns registry #1198
• sync MaxConcurrentReconciles across all controllers #1199
• add external-dns flags to CI install make target #1163
• KAS: Set proxy, but exempt pod and service CIDR #1200
• HO: Don’t report NotFund for hostedcluster as error #1192
• Forward from main #1190
• Revert “PKI: Use ECDSA keys by default” #1195
• add required-api to availablity prober for OLM and HCCO #1193
• Trigger reconcile when paused time is up #1184
• Fix ko entries and update ignition-server dev docs #1191
• Converge helper binaries and ignition-server into CPO binary #1169
• KAS: Never set proxy #1187
• fix AWS HostedCluster fixture to set hostname in alignment with endpointAccess #1188
• Use patch instead of update when updating HCP status and finalizers #1186
• Introduce OIDCConfigurationInvalid condition for OIDC setup validation #1180
• e2e: adjust budgets #1183
• Fix OLM container restart flakes in CI #1185
• Make clusterID optional in HostedControlPlane clusterID #1179
• Hypershift-operator: Increase worker count #1181
• Forward from main #1178
• Add ClusterID to HostedCluster #1151
• Remove CAPI-provider-agent ClusterRole from hypershift Agent platform #1162
• Fix typo in how to pause reconciliation doc #1174
• Update release-4.10 branch with latest from main #1173
• Ensure that all control plane pods use the cluster’s pull secret #1172
• PKI: Use ECDSA keys by default #1167
• dev: specify a more useful ko base image #1165
• Unify hypershift install make targets #1171
• Run unitests with racedetector and -count=25 to detect flakes #1166
• Dump: Dump guest cluster nodes #1170
• Add proxy support #1157
• Resources: Improve runtime of test #1168
• ensure token minter, socks proxy, and availablity prober are versioned with the control plane operator to prevent large scale restarts on hypershift operator upgrades for IBM Cloud #1164
• add clusterid label to admin kubeconfig secret #1154
• Fix events message unit test flake #1161
• Switching KubeVirt platform’s default ingress to NodePort #1150
• Update release-4.10 branch with latest from main #1160
• e2e: support dns indirection #1149
• Surface cloud error conditions for HostedCluster resources #1135
• feat(cpo): Support OLM catalog placement #1139
• Allow overriding images at the hypershift operator level #1155
• Remove capi-provider-agent role from hypershift management #1153
• Restructure how-to docs to categorise per platform #1147
• Alow hypershift operator to grant RBAC permissions to the cpai-provider-agent #1152
• Enable DNS indirection to control plane endpoints #1145
• Forward from main #1148
• Validate that agent namespace exists #1138
• Agent: each hostedcluster provider should have it’s own role and role binding in the agent namespace #1137
• Documented howto BM agent/none #1079
• prevent privilege esclation by explicitly not allowing the escalate and bind verbs with rbac on the control plane operator #1136
• Run the konnektivity agent DS with hostnetwork #1142
• Azure: Fix image name to match what HPO expects #1141
• Rename variable for machineconfig and pretty print message #1140
• add konnectivity proxy sidecar to ingress-operator to ensure it can properly perform in cluster canary healthchecks #1131
• Azure: Add multi-AZ support #1127
• Azure: Stop logging errors during role assignment retry #1120
• Azure: Use an apiserver port that ends with 443 to make conformance tests happy #1133
• Give control-plane-operator access to the pull secret #1132
• add https prefix for proper redirects of console url #1129
• Move oidc configmap management back into install command #1128
• fix dns crd reconciliation for ibm cloud or providers that provide a subdomain #1123
• Fix create nodepool azure command #1118
• Azure: Fix credentials log #1126
• Updated secret permissions to 416 #1124
• Add missing readiness probes on HA deployments #1106
• Fix type in azurecluser for Private DNS name #1119
• Azure: Make the rootdisksize on nodepool configurable #1097
• Full changelog

ibm-vpc-block-csi-driver-operator

• Bug 2077419: [4.10] [ibm-vpc-block] Unable to change default storage class #35
• Full changelog

image-customization-controller

• Bug 2098627: Remove the container at exit #56
• Update OWNERS to current team status #53
• Bug 2061977: Add delay between ironic-agent restart, but restart forever #54
• Bug 2061977: Restart ironic-agent.service when it fails #43
• Full changelog

insights-operator

• Backport console helm installs to 4.10 (#638) #638
• Bug 2081844: Fix the clusteroperator conditions values when IO is (#619) #619
• Bug 2079318: Remove PSP gatherer (#608) (#615) #608
• Bug 2072848: Gather namespace names with overlapping UIDs (#605) #605
• Gather some error messages from the kube-controller-manager containers (#598) #598
• Full changelog

ironic

• Bug 2080442: Update sushy version #272
• Full changelog

ironic-agent

• Bug 2100775: Include Fix discovering WWN/serial for devicemapper devices #56
• Bug 2100836: Add missing multipath modules #55
• Bug 2089312: multipath fix for passive paths #52
• Bug 2053752: import time #49
• Bug 2053752: Bump retries for UEFI boot configuration #48
• Bug 2061278: [release-4.10] Retry UEFI boot Configuration #43
• Bug 2048481: Update ironic-python-agent to latest bugfix version #38
• Full changelog

jenkins, jenkins-agent-base, jenkins-agent-maven, jenkins-agent-nodejs

• Bug 2095620: Bump matrix-project plugin to 1.20 #1453
• Bug 2080204: Correctly declare Jenkins URL with trailing slash #1441
• Bug 2076253: Mitigate multiple CVEs #1430
• Bug 2075135: set necessary JVM args to allow jenkins JVM to come up on a FIPS node #1425
• Bug 2069134: [release-4.10] Update bundle-plugins.txt #1420
• Bug 2069134: [release-4.10] Enable supply-chain check #1417
• Bug 2061616: [release-4.10] Compute bundle plugins in build #1398
• Bug 2063898: [release-4.10] 2022-02-15 Security Advisory #1403
• Bug 2062053: Add Jitendar to OWNERS file #1401
• Bug 2055653: Add xmlstarlet to handle JENKINS_PASSWORD properly #1391
• Full changelog

kube-proxy, sdn

• Bug 2078501: [release-4.10] Remove node-tainting for too-small MTU #422
• Bug 2087763: Probe failures and pod restarts during 4.7 to 4.8 upgrade #431
• Bug 2082451: Masquerade in cluster traffic that is marked for egress IP #430
• Bug 2066466: Fix releasing egress IP in cloud environments #416
• Bug 2064807: Rebase SDN k8 1.23.4 #415
• Bug 2062859: mixed ingress and egress policies can result in half-isolated pods #410
• Full changelog

kube-state-metrics

• Bug 2085329: Use v1 PodDisruptionBudget and CronJob resources #72
• Full changelog

kuryr-cni, kuryr-controller

• Bug 2082079: Parallelize ports removal #663
• Bug 2097277: Use upper-constraints.txt from stable/xena in UT #673
• Bug 2077384: Increase cni_request_duration buckets #656
• Bug 2055661: Update KLB .spec.provider when required #637
• Full changelog

machine-api-operator

• Bug 2086104: Set vCenter client request timeout #1017
• Full changelog

machine-config-operator

• Bug 2084187: Avoid kubernetes node port range #3145
• Bug 2099686: controller: de-couple FIPS and realtime detection #3201
• Bug 2098626: configure-ovs: improve handling of static ip and mac address configuration #3197
• Bug 2096564: Bug fix for node drain caused by ICSP objects #3181
• Bug 2089757: configure-ovs: avoid restarting NetworkManager #3159
• Bug 2085410: OVN Kubernetes configure-ovs-network set static if conversion metric #3147
• Bug 2081317: configure-ovs.sh: Provide store hint for default route interface #3131
• Bug 2076493: [on-prem] make Corefile api matching stricter #3095
• Bug 2082567: [vsphere] remove warning encountered on vSphere UPI cluster without API VIP #3138
• Bug 2069798: ClusterRoleUpdated/ClusterRoleBindingUpdated Spamming Event Logs #3045
• Bug 2079097: Ensure only one apiserver-watcher process is active on a node. #3121
• Bug 2071696: Add KUBELET_NODEIP_HINT to nodeip-configuration #3058
• Bug 2072621: Fix bootstrap-unit test failure caused by #3008 #3109
• Bug 2076308: Move removeUpdateInProgressTaint functionality to mcc #3091
• Bug 2072621: [OCPNODE-869] Create a drop-in file for cri-o’s seccomp use default config #3008
• Bug 2070492: configure-ovs: move dhcp config from br-ex to ovs-if-br-ex #3049
• Bug 2062666: configure-ovs: reload NM only when necessary #3005
• Bug 2062290: Add –templates flag to MCC bootstrap command #2997
• Bug 2063326: [release-4.10] Ensure directories are created with usable permission bits #3012
• Bug 2060954: Explicitly set keyfile as the default plugin #2985
• Full changelog

machine-os-images

• Bug 2090022: Get rid of lookaside cache in OCP build #17
• Revert .ci-operator.yaml #18
• Updating ose-machine-os-images images to be consistent with ART #9
• Bug 2077305: Remove destination coreos if it exists #14
• Full changelog

multus-cni

• Bug 2084289: Bumps net-attach-def client library (for CNI v1.0 IP compatibility) [backport 4.10] #128
• Updating multus-cni images to be consistent with ART #110
• Full changelog

multus-whereabouts-ipam-cni

• Bug 2065488: Sync upstream for context improvements for reconciler [backport 4.10] #88
• Full changelog

must-gather

• Bug 2059777: Fix the namespace extract filter #288
• Bug 2106559: fix gather_insights collection #322
• Bug 2084591: Add networking resources #307
• Bug 2069554: Collect NMState resources when operator is installed #294
• Full changelog

network-interface-bond-cni

• Bug 2101841: Backport Fix incorrect bond name issue #36
• Bug 2084289: Backport IPAM fixes [4.10] #34
• Full changelog

network-metrics-daemon

• Updating ose-network-metrics-daemon images to be consistent with ART (#40) #40
• Fix field selector (#50) #50
• Added METRIC_TEST_IMAGE var (#47) #47
• Full changelog

oauth-apiserver

• Bug 2094022: Update 4.10 to 1.23 #79
• Full changelog

oc-mirror

• Bug 2075051: [release-4.10] fix: adds handling for channel with different prefixes in cincinnati.go (#413) #413
• build(deps): bump operator-registry dep to v1.21.1 (#390) #390
• Bug 2064901: fix(associations): modifies association return values to allows image… (#359) #359
• Bug 2065500: resolves multiple channel heads in merged catalogs (#372) #372
• chore: adds dynamic version info for version command with ldflags (#328) (#334) #328
• Full changelog

openshift-apiserver

• Add coreydaley as reviewer/approver for pkg/build #298
• Full changelog

openshift-state-metrics

• Updating openshift-state-metrics images to be consistent with ART #80
• Bug 2052804: adding new build comments required for go 1.17 #83
• Full changelog

openstack-cinder-csi-driver-operator

• Bug 2091649: SWEET32: Improve TLS configuration for Kube RBAC Proxy #89
• Full changelog

openstack-machine-controllers

• Bug 2077380: Fix InstanceCreate port & trunk cleanup #233
• Bug 2071538: Address CVE-2022-21698 #226
• Bug 2050064: Ensure subnets belong to the queried network #219
• Full changelog

operator-lifecycle-manager, operator-registry

• Bug 2106838: remove broken thread-safety (#2697) #340
• Bug 2101802: opm bug fix #327
• Bug 2095329: [release-4.10] Bump go to v1.17 (#922) #310
• Bug 2080609: Fix GRPC CheckRegistryServer function (#2756) #298
• Bug 2071941: Replace collect-profile jobs that haven’t completed #277
• Bug 2070131: Fix a bug in deletion of webhook service for replacement #272
• Full changelog

ovirt-csi-driver-operator

• Bug 2050118: Add custom CA bundle support #84
• Bug 2070525: Recreate oVirt connection for every sync #94
• Full changelog

ovn-kubernetes

• Bug 2105275: Fix egressips for pods recreated with same name #1179
• Bug 2107903: Append the SNAT rule in management chain #1201
• Bug 2105265: EGW: Clean Stale Conntrack Entries #1191
• Bug 2099680: [release-4.10] libovsdb fixes for empty values #1164
• Bug 2105276: Fix panics in DestroyNetworkPolicy if policy is nil #1182
• Bug 2099206: Update logging for specific policy when creating it #1149
• Bug 2099822: Fix pointer loop var #1153
• Bug 2091157: [release-4.10] Free IPs and delete resources for completed pods #1152
• Bug 2092501: Fixes finding default gateway for configured GW interface #1131
• Bug 2095193: duplicated IPs can be assigned to multiple Pods #1132
• Bug 2088582: Bumps OVN to 21.12.0-58.el8fdp #1101
• Bug 2086891: policy: Fix multicast allow policy type. #1093
• Bug 2088040: Delete ChassisPrivate along with Chassis #1099
• Bug 2077129: [release-4.10] Fixes secondary bridge #1044
• Bug 2088627: EgressIP NATs are not being cleared correctly from the logical router #1098
• Bug 2087203: enable exportloopref linter and fix violations #1095
• Bug 2082467: Fix cluster/status parsing for single-member db cluster (SNO) #1082
• Bug 2083116: delete SNAT2NIP if pod.node == egressNodeServingPod #1084
• Bug 2080069: Cleanup conntrack entries when services are deleted #1061
• Bug 2080895: Ensure stale information is not present in metrics with labels when they change #1070
• Bug 2080882: Fix incorrectly logged error when searching for ovnkube master pod #1069
• Bug 2080925: Don’t spawn go routines for adding metric events #1071
• Bug 2079546: [release-4.10] call clearInitialNodeNetworkUnavailableCondition for noHostSubnet nodes #1057
• Bug 2065780: [release-4.10][backport] Fix cleaning VF representor ports #1001
• Bug 2073411: Fix ETP=local for host->svc traffic #1063
• Bug 2073137: Fix lgw flows for ingress-svc traffic #1026
• Bug 2074839: [release-4.10] fix ipv6 network policy #1043
• Bug 2052017: Retry Pod Deletions on Failure #1025
• Bug 2059354: [4.10z] After reboot egress node, lr-policy-list was not correct #994
• fix so that this branch can build #7
• Bug 2055381: [release-4.10] support new ingress pipeline option for ACLs #6
• Bug 2061804: [4.10] Fixes “ErrorAddingLogicalPort: duplicate IP found in ECMP Pod route cache!” for same pod #990
• Bug 2063834: backport 2052975 to 4.10 #995
• Full changelog

prometheus-config-reloader, prometheus-operator

• Bug 2060718: Add relabel validations #161
• Full changelog

tests

• Bug 2080198: skip tests for etcd leaders when etcd revisions change a lot #27076
• Bug 2080759: Remove BlueOcean annotation check #27065
• Bug 2077995: Best matcher single node OVN #27048
• Bug 2059845: [test]: bump upper bounds for AWS single node and GCP #27055
• Bug 2077414: MGMT-9440: Fix single node serial tests API crash #27037
• Bug 2074714: synthetictests: skip “alert/Watchdog must have no gaps or changes” on SNO upgrades #27011
• Bug 2074448: exclude loki-promtail from duplicated events #27010
• Bug 2077516: don’t fail when a query returns warnings #27039
• Bug 2059845: operators should not create watch channels very often: bump OpenStack monitoring operator #26879
• Bug 2076265: [release-4.10] test: switch to testing CapBnd over CapInh #27021
• Bug 2060592: only add failure when no event was found for the target revision #26881
• Bug 2055381: cleanup network policy ACL extended test #26946
• Full changelog

vsphere-csi-driver-operator

• Bug 2108003: 4.10: Don’t block upgrades when another CSI driver is found #99
• Bug 2095824: Report max. nr. of attachable volumes per node #91
• Full changelog

vsphere-problem-detector

• Bug 2055895: change NodePerfCheck criteria to be based on average latency #76
• Full changelog

---

View changelog in Markdown or change previous release: 4.10.234.10.224.10.214.10.204.10.194.10.184.10.174.10.164.10.154.10.144.10.134.10.124.10.114.10.104.10.94.10.84.10.74.10.64.10.54.10.44.10.34.10.24.10.14.10.04.10.0-rc.84.10.0-rc.74.10.0-rc.64.10.0-rc.54.10.0-rc.44.10.0-rc.34.10.0-rc.24.10.0-rc.14.10.0-rc.04.10.0-fc.44.10.0-fc.34.10.0-fc.24.10.0-fc.14.10.0-fc.04.9.554.9.544.9.534.9.524.9.514.9.504.9.494.9.484.9.474.9.464.9.454.9.444.9.434.9.424.9.414.9.404.9.394.9.384.9.374.9.364.9.354.9.344.9.334.9.324.9.314.9.304.9.294.9.284.9.274.9.264.9.254.9.244.9.234.9.224.9.214.9.204.9.194.9.184.9.174.9.164.9.154.9.144.9.134.9.124.9.114.9.104.9.94.9.84.9.74.9.64.9.54.9.44.9.34.9.24.9.14.9.04.9.0-rc.84.9.0-rc.74.9.0-rc.64.9.0-rc.54.9.0-rc.44.9.0-rc.34.9.0-rc.24.9.0-rc.14.9.0-rc.04.9.0-fc.14.9.0-fc.04.8.574.8.564.8.554.8.544.8.534.8.524.8.514.8.504.8.494.8.484.8.474.8.464.8.454.8.444.8.434.8.424.8.414.8.404.8.394.8.384.8.374.8.364.8.354.8.344.8.334.8.324.8.314.8.304.8.294.8.284.8.274.8.264.8.254.8.244.8.234.8.224.8.214.8.204.8.194.8.184.8.174.8.164.8.154.8.144.8.134.8.124.8.114.8.104.8.94.8.84.8.74.8.64.8.54.8.44.8.34.8.24.8.14.8.04.8.0-rc.34.8.0-rc.24.8.0-rc.14.8.0-rc.04.8.0-fc.94.8.0-fc.84.8.0-fc.74.8.0-fc.64.8.0-fc.54.8.0-fc.44.8.0-fc.34.8.0-fc.24.8.0-fc.14.8.0-fc.04.7.604.7.594.7.584.7.574.7.564.7.554.7.544.7.534.7.524.7.514.7.504.7.494.7.484.7.474.7.464.7.454.7.444.7.434.7.424.7.414.7.404.7.394.7.384.7.374.7.364.7.354.7.344.7.334.7.324.7.314.7.304.7.294.7.284.7.274.7.264.7.254.7.244.7.234.7.224.7.214.7.204.7.194.7.184.7.174.7.164.7.154.7.144.7.134.7.124.7.114.7.104.7.94.7.84.7.74.7.64.7.54.7.44.7.34.7.24.7.14.7.04.7.0-rc.34.7.0-rc.24.7.0-rc.14.7.0-rc.04.7.0-fc.54.7.0-fc.44.7.0-fc.34.7.0-fc.24.7.0-fc.14.7.0-fc.04.6.624.6.614.6.604.6.594.6.584.6.574.6.564.6.554.6.544.6.534.6.524.6.514.6.504.6.494.6.484.6.474.6.464.6.454.6.444.6.434.6.424.6.414.6.404.6.394.6.384.6.374.6.364.6.354.6.344.6.334.6.324.6.314.6.304.6.294.6.284.6.274.6.264.6.254.6.244.6.234.6.224.6.214.6.204.6.194.6.184.6.174.6.164.6.154.6.144.6.134.6.124.6.114.6.104.6.94.6.84.6.74.6.64.6.54.6.44.6.34.6.24.6.14.6.04.6.0-rc.44.6.0-rc.34.6.0-rc.24.6.0-rc.14.6.0-rc.04.6.0-fc.94.6.0-fc.84.6.0-fc.74.6.0-fc.64.6.0-fc.54.6.0-fc.44.6.0-fc.3───4.13.0-0.nightly-2023-02-03-0240184.13.0-0.nightly-2023-02-02-1504194.13.0-0.nightly-2023-02-02-0754534.13.0-0.nightly-2023-02-02-0320184.13.0-0.nightly-2023-02-01-2116084.13.0-0.nightly-2023-02-01-1648424.13.0-0.nightly-2023-02-01-1120034.13.0-0.nightly-2023-01-31-1740144.13.0-0.nightly-2023-01-31-0723584.13.0-0.nightly-2023-01-27-165107───4.13.0-0.ci-2023-02-03-0300334.13.0-0.ci-2023-02-02-2100334.13.0-0.ci-2023-02-02-1500334.13.0-0.ci-2023-02-02-0900334.13.0-0.ci-2023-02-02-0300334.13.0-0.ci-2023-02-01-2100334.13.0-0.ci-2023-02-01-1500334.13.0-0.ci-2023-02-01-0900334.13.0-0.ci-2023-01-31-1500334.13.0-0.ci-2023-01-27-131032───4.12.0-0.nightly-2023-02-03-0354364.12.0-0.nightly-2023-02-02-1808274.12.0-0.nightly-2023-02-02-1203254.12.0-0.nightly-2023-02-01-2306334.12.0-0.nightly-2023-01-31-2328284.12.0-0.nightly-2023-01-31-1633444.12.0-0.nightly-2023-01-31-0701454.12.0-0.nightly-2023-01-30-2129594.12.0-0.nightly-2023-01-30-0836484.12.0-0.nightly-2023-01-24-1504154.12.0-0.nightly-2023-01-19-110743───4.12.0-0.ci-2023-02-02-2338104.12.0-0.ci-2023-02-02-1738104.12.0-0.ci-2023-02-02-0354414.12.0-0.ci-2023-02-01-2033024.12.0-0.ci-2023-02-01-1432104.12.0-0.ci-2023-02-01-0354024.12.0-0.ci-2023-01-31-1747254.12.0-0.ci-2023-01-31-0648524.12.0-0.ci-2023-01-30-2159454.12.0-0.ci-2023-01-30-0819564.12.0-0.ci-2023-01-27-052652───4.11.0-0.nightly-2023-02-02-1051024.11.0-0.nightly-2023-02-01-2242394.11.0-0.nightly-2023-02-01-1659354.11.0-0.nightly-2023-02-01-1044384.11.0-0.nightly-2023-01-31-1202424.11.0-0.nightly-2023-01-31-0547454.11.0-0.nightly-2023-01-30-181827───4.11.0-0.ci-2023-02-02-2147524.11.0-0.ci-2023-02-02-0939494.11.0-0.ci-2023-02-02-0339494.11.0-0.ci-2023-02-01-2139494.11.0-0.ci-2023-02-01-1539494.11.0-0.ci-2023-02-01-0735514.11.0-0.ci-2023-01-31-1416464.11.0-0.ci-2023-01-31-051231───4.10.0-0.nightly-2023-02-03-0248584.10.0-0.nightly-2023-02-02-2348024.10.0-0.nightly-2023-02-02-1425124.10.0-0.nightly-2023-02-02-0250304.10.0-0.nightly-2023-02-01-1714384.10.0-0.nightly-2023-02-01-1247364.10.0-0.nightly-2023-02-01-0630514.10.0-0.nightly-2023-01-31-1747354.10.0-0.nightly-2023-01-31-1344114.10.0-0.nightly-2023-01-31-0751534.10.0-0.nightly-2023-01-31-020819───4.10.0-0.ci-2023-02-03-0309484.10.0-0.ci-2023-02-02-2109484.10.0-0.ci-2023-02-02-1125284.10.0-0.ci-2023-02-01-2252534.10.0-0.ci-2023-02-01-1217364.10.0-0.ci-2023-02-01-0617364.10.0-0.ci-2023-02-01-0004094.10.0-0.ci-2023-01-31-143515───4.9.0-0.nightly-2023-02-03-0458484.9.0-0.nightly-2023-02-01-1832454.9.0-0.nightly-2023-02-01-1607044.9.0-0.nightly-2023-02-01-1303184.9.0-0.nightly-2023-02-01-0547114.9.0-0.nightly-2023-01-31-1957044.9.0-0.nightly-2023-01-31-0618484.9.0-0.nightly-2023-01-26-0040094.9.0-0.nightly-2023-01-18-1143364.9.0-0.nightly-2023-01-16-104834───4.9.0-0.ci-2023-02-03-0616274.9.0-0.ci-2023-02-03-0007204.9.0-0.ci-2023-02-02-0048424.9.0-0.ci-2023-02-01-1936554.9.0-0.ci-2023-02-01-1659034.9.0-0.ci-2023-02-01-1629034.9.0-0.ci-2023-02-01-1252134.9.0-0.ci-2023-01-23-1210234.9.0-0.ci-2023-01-13-0308054.9.0-0.ci-2023-01-13-023805───4.8.0-0.nightly-2023-02-01-2024214.8.0-0.nightly-2023-01-31-1845124.8.0-0.nightly-2023-01-31-1805124.8.0-0.nightly-2023-01-31-0204394.8.0-0.nightly-2023-01-20-035453───4.8.0-0.ci-2023-02-01-1942474.8.0-0.ci-2023-02-01-1912474.8.0-0.ci-2023-01-31-1645584.8.0-0.ci-2023-01-31-1615584.8.0-0.ci-2023-01-31-0222494.8.0-0.ci-2023-01-23-1215184.8.0-0.ci-2023-01-20-2000294.8.0-0.ci-2023-01-20-185512───4.7.0-0.nightly-2023-01-30-1924454.7.0-0.nightly-2023-01-28-0054404.7.0-0.nightly-2022-11-01-1719474.7.0-0.nightly-2022-10-31-1144174.7.0-0.nightly-2022-10-27-1239064.7.0-0.nightly-2022-10-17-061132───4.7.0-0.ci-2023-01-31-1906494.7.0-0.ci-2023-01-30-1910264.7.0-0.ci-2023-01-26-1901374.7.0-0.ci-2023-01-25-2218474.7.0-0.ci-2023-01-25-2148474.7.0-0.ci-2022-12-19-1523324.7.0-0.ci-2022-12-19-1453324.7.0-0.ci-2022-12-14-082739───4.6.0-0.nightly-2022-11-17-1332454.6.0-0.nightly-2022-11-01-1643484.6.0-0.nightly-2022-10-27-0759414.6.0-0.nightly-2022-10-19-2319474.6.0-0.nightly-2022-10-12-040627───4.6.0-0.ci-2023-01-26-2035444.6.0-0.ci-2023-01-26-1958334.6.0-0.ci-2023-01-26-1822344.6.0-0.ci-2023-01-13-1026334.6.0-0.ci-2022-12-19-1526534.6.0-0.ci-2022-12-19-145653───4.13.0-ec.24.13.0-ec.14.13.0-ec.04.12.0-ec.54.12.0-ec.44.12.0-ec.34.12.0-ec.24.12.0-ec.14.12.0-ec.0

Source code for this page located on github