Addressed issues¶
The following issues have been addressed in the Mirantis Container Cloud release 2.19.0 along with the Cluster releases 11.3.0 and 7.9.0:
[16379, 23865] Fixed the issue that caused an Equinix-based management or managed cluster update to fail with the FailedAttachVolume and FailedMount warnings.
[24286] Fixed the issue wherein creation of a new Equinix-based managed cluster failed due to failure to release a new vRouter ID.
[24722] Fixed the issue that caused Ceph clusters to be broken on Equinix-based managed clusters deployed on a Container Cloud instance with a non-default (different from
region-one
) region configured.[24806] Fixed the issue wherein the
dhcp-option=tag
parameters were not applied todnsmasq.conf
during the bootstrap of a bare metal management cluster with a multi-rack topology.[17778] Fixed the issue wherein the Container Cloud web UI displayed the new release version while update for some nodes was still in progress.
[24676] Fixed the issue wherein the deployment of an Equinix-based management cluster failed with the following error message:
Failed waiting for OIDC configuration readiness: timed out waiting for the condition
[25050] For security reasons, disabled the deprecated TLS v1.0 and v1.1 for the
mcc-cache
andkaas-ui
Container Cloud services.[25256] Optimized the number of simultaneous connections to etcd to be open during configuration of Calico policies.
[24914] Fixed the issue wherein Helm Controller was getting stuck during readiness checks due to the timeout for
helmclient
being not set.[24317] Fixed a number of security vulnerabilities in the Container Cloud Docker images:
Updated the following Docker images to fix CVE-2022-24407 and CVE-2022-0778:
admission-controller
agent-controller
aws-cluster-api-controller
aws-credentials-controller
azure-cluster-api-controller
azure-credentials-controller
bootstrap-controller
byo-cluster-api-controller
byo-credentials-controller
ceph-kcc-controller
cluster-api-provider-baremetal
equinix-cluster-api-controller
equinix-credentials-controller
event-controller
iam-controller
imc-sync
kaas-exporter
kproxy
license-controller
machinepool-controller
openstack-cluster-api-controller
os-credentials-controller
portforward-controller
proxy-controller
rbac-controller
release-controller
rhellicense-controller
scope-controller
storage-discovery
user-controller
vsphere-cluster-api-controller
vsphere-credentials-controller
Updated
aws-ebs-csi-driver
to fix the following Amazon Linux Security Advisories:Updated
keycloak
to fix the following security vulnerabilities:Updated
busybox
,iam/api
,iam/helm
, andnginx
to fix CVE-2022-28391Updated
frontend
to fix CVE-2022-27404Updated
kube-proxy
to fix CVE-2022-1292