Addressed issues

The following issues have been addressed in the Mirantis Container Cloud release 2.19.0 along with the Cluster releases 11.3.0 and 7.9.0:

  • [16379, 23865] Fixed the issue that caused an Equinix-based management or managed cluster update to fail with the FailedAttachVolume and FailedMount warnings.

  • [24286] Fixed the issue wherein creation of a new Equinix-based managed cluster failed due to failure to release a new vRouter ID.

  • [24722] Fixed the issue that caused Ceph clusters to be broken on Equinix-based managed clusters deployed on a Container Cloud instance with a non-default (different from region-one) region configured.

  • [24806] Fixed the issue wherein the dhcp-option=tag parameters were not applied to dnsmasq.conf during the bootstrap of a bare metal management cluster with a multi-rack topology.

  • [17778] Fixed the issue wherein the Container Cloud web UI displayed the new release version while update for some nodes was still in progress.

  • [24676] Fixed the issue wherein the deployment of an Equinix-based management cluster failed with the following error message:

    Failed waiting for OIDC configuration readiness: timed out waiting for the
    condition
    
  • [25050] For security reasons, disabled the deprecated TLS v1.0 and v1.1 for the mcc-cache and kaas-ui Container Cloud services.

  • [25256] Optimized the number of simultaneous connections to etcd to be open during configuration of Calico policies.

  • [24914] Fixed the issue wherein Helm Controller was getting stuck during readiness checks due to the timeout for helmclient being not set.

  • [24317] Fixed a number of security vulnerabilities in the Container Cloud Docker images:

    • Updated the following Docker images to fix CVE-2022-24407 and CVE-2022-0778:

      • admission-controller

      • agent-controller

      • aws-cluster-api-controller

      • aws-credentials-controller

      • azure-cluster-api-controller

      • azure-credentials-controller

      • bootstrap-controller

      • byo-cluster-api-controller

      • byo-credentials-controller

      • ceph-kcc-controller

      • cluster-api-provider-baremetal

      • equinix-cluster-api-controller

      • equinix-credentials-controller

      • event-controller

      • iam-controller

      • imc-sync

      • kaas-exporter

      • kproxy

      • license-controller

      • machinepool-controller

      • openstack-cluster-api-controller

      • os-credentials-controller

      • portforward-controller

      • proxy-controller

      • rbac-controller

      • release-controller

      • rhellicense-controller

      • scope-controller

      • storage-discovery

      • user-controller

      • vsphere-cluster-api-controller

      • vsphere-credentials-controller

    • Updated aws-ebs-csi-driver to fix the following Amazon Linux Security Advisories:

    • Updated keycloak to fix the following security vulnerabilities:

    • Updated busybox, iam/api, iam/helm, and nginx to fix CVE-2022-28391

    • Updated frontend to fix CVE-2022-27404

    • Updated kube-proxy to fix CVE-2022-1292