Mirantis Container Cloud (MCC) becomes part of Mirantis OpenStack for Kubernetes (MOSK)!

We are bringing MCC documentation into the MOSK documentation set so you can find everything in one place. The current MCC documentation portal will be retired soon, so we encourage you to update your bookmarks and workflows for continued easy access to the latest content.

Addressed issues

The following issues have been addressed in the Mirantis Container Cloud release 2.19.0 along with the Cluster releases 11.3.0 and 7.9.0:

• [16379, 23865] Fixed the issue that caused an Equinix-based management or managed cluster update to fail with the FailedAttachVolume and FailedMount warnings.

• [24286] Fixed the issue wherein creation of a new Equinix-based managed cluster failed due to failure to release a new vRouter ID.

• [24722] Fixed the issue that caused Ceph clusters to be broken on Equinix-based managed clusters deployed on a Container Cloud instance with a non-default (different from region-one) region configured.

• [24806] Fixed the issue wherein the dhcp-option=tag parameters were not applied to dnsmasq.conf during the bootstrap of a bare metal management cluster with a multi-rack topology.

• [17778] Fixed the issue wherein the Container Cloud web UI displayed the new release version while update for some nodes was still in progress.

• [24676] Fixed the issue wherein the deployment of an Equinix-based management cluster failed with the following error message:

  Failed waiting for OIDC configuration readiness: timed out waiting for the
  condition
  

• [25050] For security reasons, disabled the deprecated TLS v1.0 and v1.1 for the mcc-cache and kaas-ui Container Cloud services.

• [25256] Optimized the number of simultaneous connections to etcd to be open during configuration of Calico policies.

• [24914] Fixed the issue wherein Helm Controller was getting stuck during readiness checks due to the timeout for helmclient being not set.

• [24317] Fixed a number of security vulnerabilities in the Container Cloud Docker images:

  • Updated the following Docker images to fix CVE-2022-24407 and CVE-2022-0778:

    admission-controller agent-controller aws-cluster-api-controller aws-credentials-controller azure-cluster-api-controller azure-credentials-controller bootstrap-controller byo-cluster-api-controller

    byo-credentials-controller ceph-kcc-controller cluster-api-provider-baremetal equinix-cluster-api-controller equinix-credentials-controller event-controller iam-controller imc-sync

    kaas-exporter kproxy license-controller machinepool-controller openstack-cluster-api-controller os-credentials-controller portforward-controller proxy-controller

    rbac-controller release-controller rhellicense-controller scope-controller storage-discovery user-controller vsphere-cluster-api-controller vsphere-credentials-controller

  • Updated aws-ebs-csi-driver to fix the following Amazon Linux Security Advisories:

    • ALAS2-2021-1722

    • ALAS2-2022-1758

    • ALAS2-2022-1759

    • ALAS2-2022-1764

  • Updated keycloak to fix the following security vulnerabilities:

    • RHSA-2022:0658

    • RHSA-2022:0951

    • RHSA-2021:3891

    • RHSA-2021:4903

    • CVE-2019-20916

  • Updated busybox, iam/api, iam/helm, and nginx to fix CVE-2022-28391

  • Updated frontend to fix CVE-2022-27404

  • Updated kube-proxy to fix CVE-2022-1292