Issues resolutions requiring manual application

Issues resolutions requiring manual application


Before proceeding with the manual steps below, verify that you have performed the steps described in Apply maintenance updates.

[31360] Ubuntu security

Fixed the following Ubuntu security issues:

To apply the fixes, perform the steps described in Mirantis Technical Bulletin.

[31387] Cannot use encrypted pillar inside another variable

Implemented the possibility to configure the cluster model of a new MCP deployment to download Debian packages, Git mirrors, VM images, or any files required for cluster deployment from a secured HTTP/HTTPS server that can be accessible through login credentials. Such functionality may be required for offline installations when internal mirrors are secured.

The deployment engineer can define the user ID and password encrypted parameters in the cluster Reclass model and use them in URLs to access the required sources. For example:

    secured_source_username: <ENCRYPTED_USERNAME>
    secured_source_password: <ENCRYPTED_PASSWORD>
        source: "deb http://${_param:secured_source_username}:${_param:secured_source_password} xenial main"

Previously, the source parameter was not able to decrypt values for the login credentials during the APT mirrors configuration that led to a deployment failure. In MCP 2019.2.5, each Salt state using sources from any HTTP/HTTPS secured server has been updated with specific parameters that enables the deployment engineer to set the secured source properties.