# 4.7.0-0.okd-2021-09-19-013247 Created: 2021-09-19 07:48:41 +0000 UTC Image Digest: `sha256:dbf6525b1580c9cf0d03b8841b6f9b0a9c05dc306a825bc66d37ab0c9d342094` Promoted from registry.ci.openshift.org/origin/release:4.7.0-0.okd-2021-09-19-013247 ## Changes from 4.7.0-0.okd-2021-08-22-163618 ### Components * Kubernetes upgraded from 1.20.0-beta.2 to 1.20.10 ### Rebuilt images without code change * [cluster-autoscaler](https://github.com/openshift/kubernetes-autoscaler) git [8b2e494f](https://github.com/openshift/kubernetes-autoscaler/commit/8b2e494f7796639b46f9867407fe21546cfc01c3) `sha256:d325e4692f62f1d1d1c97ddf657a4bb160e609c3fe7f37c73d103522779acdd3` * [cluster-ingress-operator](https://github.com/openshift/cluster-ingress-operator) git [b86f935f](https://github.com/openshift/cluster-ingress-operator/commit/b86f935f5e693f48dbf6ec23a490422b6e295eb7) `sha256:2b17372e5c73f22de98c5e5086094cd0950071c9cd11bb0ffbb4c917aa82516a` * [cluster-version-operator](https://github.com/openshift/cluster-version-operator) git [cc81827c](https://github.com/openshift/cluster-version-operator/commit/cc81827c1bfe322bd78d2fa0d9b34d532190d850) `sha256:f9da8257ac7457e0876bc0e68211f42ce176abc39856773b2c9b4668ba777dd2` * [k8s-prometheus-adapter](https://github.com/openshift/k8s-prometheus-adapter) git [212d80b4](https://github.com/openshift/k8s-prometheus-adapter/commit/212d80b4bd35fc6f19ec9ec537d0261a2a300cfd) `sha256:0fd96409c78c80e2369452c4d45034094973b316335d8c9cb1c937eb9c89dee3` ### [aws-ebs-csi-driver-operator](https://github.com/openshift/aws-ebs-csi-driver-operator/tree/3a9ff17d523a342ee71a967a2b82d5cf044f1eb8) * [Bug 1996070](https://bugzilla.redhat.com/show_bug.cgi?id=1996070): Add maxUnavailable to DaemonSets [#135](https://github.com/openshift/aws-ebs-csi-driver-operator/pull/135) * [Full changelog](https://github.com/openshift/aws-ebs-csi-driver-operator/compare/97f73eb7de4b474497169771239dcd81990d3f2e...3a9ff17d523a342ee71a967a2b82d5cf044f1eb8) ### [cli, cli-artifacts, deployer, tools](https://github.com/openshift/oc/tree/e6f2e9b10e0c5f788dceb996badbaf9d6d625ffd) * [Bug 1995074](https://bugzilla.redhat.com/show_bug.cgi?id=1995074): revert incorrect allowance of ssh:// prefix with scp styled URLs [#902](https://github.com/openshift/oc/pull/902) * [Full changelog](https://github.com/openshift/oc/compare/d1ffb3c4b74fa8a478f63be1df429479182ee3b0...e6f2e9b10e0c5f788dceb996badbaf9d6d625ffd) ### [cluster-network-operator](https://github.com/openshift/cluster-network-operator/tree/c4b5b42127ac0ebd9ce5c5c57c1a15949319bdc1) * [Bug 1996063](https://bugzilla.redhat.com/show_bug.cgi?id=1996063): Use 10% for nw-check-target maxUnavailable [#1184](https://github.com/openshift/cluster-network-operator/pull/1184) * [Full changelog](https://github.com/openshift/cluster-network-operator/compare/9a9a870010c99e11747fce0232487a2f2c27dfa6...c4b5b42127ac0ebd9ce5c5c57c1a15949319bdc1) ### [cluster-openshift-apiserver-operator](https://github.com/openshift/cluster-openshift-apiserver-operator/tree/df9b1a45165dd1a2cc17b5a885370093bb237e41) * [Bug 1996045](https://bugzilla.redhat.com/show_bug.cgi?id=1996045): bindata: run openshift-apiserver as root explicitly. [#468](https://github.com/openshift/cluster-openshift-apiserver-operator/pull/468) * [Full changelog](https://github.com/openshift/cluster-openshift-apiserver-operator/compare/fa6d8e1cc9d57566fa3fbe4dbb361892ccf9e17d...df9b1a45165dd1a2cc17b5a885370093bb237e41) ### [console](https://github.com/openshift/console/tree/3432f1cc6cb07a8f1210dc26ebe84efde3de752b) * [Bug 1973707](https://bugzilla.redhat.com/show_bug.cgi?id=1973707): Add chart URl to annotations during helm install/upgrade [#9299](https://github.com/openshift/console/pull/9299) * [Bug 1995617](https://bugzilla.redhat.com/show_bug.cgi?id=1995617): Fix Pipeline Download All [#9839](https://github.com/openshift/console/pull/9839) * [Full changelog](https://github.com/openshift/console/compare/3cb2ea65a159f6f8d2a273721a4e271f8450adad...3432f1cc6cb07a8f1210dc26ebe84efde3de752b) ### [csi-driver-manila-operator](https://github.com/openshift/csi-driver-manila-operator/tree/b652a62f269127e6e9195383eab951d59c6d7a6d) * [Bug 2002555](https://bugzilla.redhat.com/show_bug.cgi?id=2002555): Do not degrade cluster on failure to reach Manila [#126](https://github.com/openshift/csi-driver-manila-operator/pull/126) * [Bug 1987036](https://bugzilla.redhat.com/show_bug.cgi?id=1987036): Use cluster Proxy when available [#110](https://github.com/openshift/csi-driver-manila-operator/pull/110) * [Bug 1996070](https://bugzilla.redhat.com/show_bug.cgi?id=1996070): Add maxUnavailable to DaemonSets [#116](https://github.com/openshift/csi-driver-manila-operator/pull/116) * [Full changelog](https://github.com/openshift/csi-driver-manila-operator/compare/00b1f648e74d8008ce32ae65eb4d6d8b5ac1bbed...b652a62f269127e6e9195383eab951d59c6d7a6d) ### [docker-builder](https://github.com/openshift/builder/tree/5a46979e5e747b6df27a1b50ec0c922a172298f2) * [Bug 1995074](https://bugzilla.redhat.com/show_bug.cgi?id=1995074): bump(s2i): revert incorrect ssh scp fix [#261](https://github.com/openshift/builder/pull/261) * [Bug 1924455](https://bugzilla.redhat.com/show_bug.cgi?id=1924455): Update dependencies to address CVE-2021-3121 [#258](https://github.com/openshift/builder/pull/258) * [Full changelog](https://github.com/openshift/builder/compare/82eeeac0c8cbad90f951885cc11939ecd51eda76...5a46979e5e747b6df27a1b50ec0c922a172298f2) ### [gcp-pd-csi-driver-operator](https://github.com/openshift/gcp-pd-csi-driver-operator/tree/d40dd57595673e4737fa77e29a955f6beefac284) * [Bug 1996070](https://bugzilla.redhat.com/show_bug.cgi?id=1996070): Add maxUnavailable to DaemonSets [#33](https://github.com/openshift/gcp-pd-csi-driver-operator/pull/33) * [Full changelog](https://github.com/openshift/gcp-pd-csi-driver-operator/compare/9ffe95b9499258b8e2b5e1b8df9889abe3c9f73f...d40dd57595673e4737fa77e29a955f6beefac284) ### [hello-openshift, tests](https://github.com/openshift/origin/tree/8b31c8bd88c20a8eb0a7ea32b7e42fdbae212731) * [Bug 1983616](https://bugzilla.redhat.com/show_bug.cgi?id=1983616): Wait longer in tests where namespace cleanup is slow [#26282](https://github.com/openshift/origin/pull/26282) * [Full changelog](https://github.com/openshift/origin/compare/24f464bff3559617d73d5b4ec57332ff22ac000b...8b31c8bd88c20a8eb0a7ea32b7e42fdbae212731) ### [hyperkube](https://github.com/openshift/kubernetes/tree/bbbc0799c02950831c42c7a2ab0a04594b854d4a) * [Bug 1993753](https://bugzilla.redhat.com/show_bug.cgi?id=1993753): UPSTREAM: 104348: Pass additional flags to subpath mount to avoid fla… [#941](https://github.com/openshift/kubernetes/pull/941) * [Bug 2003027](https://bugzilla.redhat.com/show_bug.cgi?id=2003027): Rebase 1.20.10 [#935](https://github.com/openshift/kubernetes/pull/935) * [Bug 1996846](https://bugzilla.redhat.com/show_bug.cgi?id=1996846): UPSTREAM: 98571: kubelet: Stop probing a pod during graceful shutdown [#901](https://github.com/openshift/kubernetes/pull/901) * Automated cherry pick of #104182: Avoid spurious calls to update/delete validation [#104209](https://github.com/openshift/kubernetes/pull/104209) * Update to go1.15.15 [#104215](https://github.com/openshift/kubernetes/pull/104215) * Automated cherry pick of #103019: Fix frameworkImpl.extenders being not set [#103030](https://github.com/openshift/kubernetes/pull/103030) * Automated cherry pick of #102576: kubelet: do not call RemoveAll on volumes directory for [#103828](https://github.com/openshift/kubernetes/pull/103828) * Automated cherry pick of #96984: APF e2e: wait for steady state before proceeding [#103825](https://github.com/openshift/kubernetes/pull/103825) * Automated cherry pick of #104135: Update configure-helper.sh [#104180](https://github.com/openshift/kubernetes/pull/104180) * Automated cherry pick of #103794: feat: Provide IPv6 support for internal load balancer [#104027](https://github.com/openshift/kubernetes/pull/104027) * Automated cherry pick of #104161 upstream release 1.20 [#104191](https://github.com/openshift/kubernetes/pull/104191) * Automated cherry pick of #103997: Fix: ignore not a VMSS error for VMAS nodes in [#104068](https://github.com/openshift/kubernetes/pull/104068) * Automated cherry pick of #102539: Fix closing of decorated watcher channel on timeout [#102542](https://github.com/openshift/kubernetes/pull/102542) * Automated cherry pick of #102928: Simplify use of the fake dynamic client [#103615](https://github.com/openshift/kubernetes/pull/103615) * Automated cherry pick of #103895: Update to using apiserver-network-proxy v1.22 [#103932](https://github.com/openshift/kubernetes/pull/103932) * Automated cherry pick of #103831: disable aufs module [#103928](https://github.com/openshift/kubernetes/pull/103928) * Automated cherry pick of #102584: Fix race in attachdetach tests [#103455](https://github.com/openshift/kubernetes/pull/103455) * Automated cherry pick of #103823: Make CSR cleaner tolerate objects with invalid [#103949](https://github.com/openshift/kubernetes/pull/103949) * Updated to use konnectivity client v0.0.20, and implemented placeholder context [#103702](https://github.com/openshift/kubernetes/pull/103702) * (scheduler e2e) Create balanced pods in parallel [#102488](https://github.com/openshift/kubernetes/pull/102488) * Cherry pick of #103470: fix: return empty VMAS name if using standalone VM [#103600](https://github.com/openshift/kubernetes/pull/103600) * Update to go1.15.14 [#103677](https://github.com/openshift/kubernetes/pull/103677) * Automated cherry pick of #103235: Update debian-base image to buster-v1.8.0 [#103490](https://github.com/openshift/kubernetes/pull/103490) * Automated cherry pick of #96966: p&f e2e test: log response header for better troubleshooting [#103171](https://github.com/openshift/kubernetes/pull/103171) * Automated cherry pick of #103138: Loadbalancer IngressIP policy should be configured as non-DSR [#103139](https://github.com/openshift/kubernetes/pull/103139) * Automated cherry pick of #103133 on 1.20: switch scheduler to generate the merge patch on pod status instead of the full pod [#103278](https://github.com/openshift/kubernetes/pull/103278) * Automated cherry pick of #99680: fix error of setting negative value for containerLogMaxSize [#102390](https://github.com/openshift/kubernetes/pull/102390) * Manual cherry pick of #103318: Bump SMD to v4.1.2 to pick up #102749 fix [#103320](https://github.com/openshift/kubernetes/pull/103320) * Automated cherry pick of #102892: Do not throw error when we can't get canonical path [#102999](https://github.com/openshift/kubernetes/pull/102999) * Automated cherry pick of #102925: Fix Node Resources plugins score when there are pods with no [#102995](https://github.com/openshift/kubernetes/pull/102995) * Automated cherry pick of #101595: Update cos-gpu-installer image [#102035](https://github.com/openshift/kubernetes/pull/102035) * Automated cherry pick of #102845: Remove error wrap from logs [#102853](https://github.com/openshift/kubernetes/pull/102853) * Update to go1.15.13 [#102786](https://github.com/openshift/kubernetes/pull/102786) * Automated cherry pick of #101592: chunk target operatation for aws targetGroup [#101813](https://github.com/openshift/kubernetes/pull/101813) * Automated cherry pick of #102673: feat: remove ephemeral-storage etcd requirement [#102704](https://github.com/openshift/kubernetes/pull/102704) * Automated cherry pick of #102683: endpointslicemirroring controller mirror address status [#102703](https://github.com/openshift/kubernetes/pull/102703) * Cherry pick of #101739: fix: avoid nil-pointer panic when checking the frontend IP configuration [#101886](https://github.com/openshift/kubernetes/pull/101886) * Automated cherry pick of #101495: Fix cleanupMountpoint issue for Windows [#101543](https://github.com/openshift/kubernetes/pull/101543) * Automated cherry pick of #96843: Remove unnecessary snapshot ability check [#102580](https://github.com/openshift/kubernetes/pull/102580) * Cherry pick of #102516: serviceOwnsFrontendIP shouldn't report error when the public IP doesn't match [#102547](https://github.com/openshift/kubernetes/pull/102547) * Automated cherry pick of #102498: sched: fix a bug that a preemptor pod exists as a phantom [#102674](https://github.com/openshift/kubernetes/pull/102674) * Automated cherry pick of #102306: Return UnschedulableAndUnresolvable instead of Error when [#102515](https://github.com/openshift/kubernetes/pull/102515) * Automated cherry pick of #98510: Ignore transient errors when gather stats [#102499](https://github.com/openshift/kubernetes/pull/102499) * Speed up PV provisioning for vsphere driver [#102350](https://github.com/openshift/kubernetes/pull/102350) * Automated cherry pick of #102083: fix: delete non existing disk issue [#102164](https://github.com/openshift/kubernetes/pull/102164) * Automated cherry pick of #102005: Azure: avoid setting cached Sku when updating VMSS and VMSS [#102118](https://github.com/openshift/kubernetes/pull/102118) * Automated cherry pick of #101615: fix removing pods from podTopologyHints mapping [#101896](https://github.com/openshift/kubernetes/pull/101896) * Automated cherry pick of #101652: Add jitter to lease controller [#101861](https://github.com/openshift/kubernetes/pull/101861) * Automated cherry pick of #100326: Fix watchForLockfileContention memory leak [#101796](https://github.com/openshift/kubernetes/pull/101796) * Automated cherry pick of #100948: Avoid caching the VMSS instances whose network profile is nil [#101826](https://github.com/openshift/kubernetes/pull/101826) * Automated cherry pick of #102176: Fix VolumeAttachment garbage collection for migrated PVs [#102457](https://github.com/openshift/kubernetes/pull/102457) * Revert "Cleanup portforward streams after their usage" [1.20] [#102586](https://github.com/openshift/kubernetes/pull/102586) * Automated cherry pick of #102213: Upgrade konnectivity-client for GRPC connection fixes [#102313](https://github.com/openshift/kubernetes/pull/102313) * Automated cherry pick of #102302: Update debian-iptables to buster-v1.6.1 [#102341](https://github.com/openshift/kubernetes/pull/102341) * Automated cherry pick of #102027: Remove unnecessary quotes from get-kube scripts [#102043](https://github.com/openshift/kubernetes/pull/102043) * Automated cherry pick of #102105: Respect annotation size limit for SSA last-applied. [#102183](https://github.com/openshift/kubernetes/pull/102183) * Automated cherry pick of #102224: Fix expired unit test certs [#102226](https://github.com/openshift/kubernetes/pull/102226) * Automated cherry pick of #101358: Ref counting is only applicable to Remote endpoints [#102000](https://github.com/openshift/kubernetes/pull/102000) * Automated cherry pick of #101950: Make watch order conformance test reliable [#101981](https://github.com/openshift/kubernetes/pull/101981) * Automated cherry pick of #101737: Use CSI driver to determine unique name for migrated in-tree [#101802](https://github.com/openshift/kubernetes/pull/101802) * 1.20 Cherry-pick: Fixed the Dockerfile for the build-image to build from KUBE_BASE_IMAGE_REGISTRY [#100587](https://github.com/openshift/kubernetes/pull/100587) * Update to go1.15.12 [#101845](https://github.com/openshift/kubernetes/pull/101845) * Automated cherry pick of #99839: Cleanup portforward streams after their usage [#100952](https://github.com/openshift/kubernetes/pull/100952) * Cherry pick of #101752: fix: not tagging static public IP [#101818](https://github.com/openshift/kubernetes/pull/101818) * Automated cherry pick of #100944: Ensure service deleted when the Azure resource group has been deleted [#101498](https://github.com/openshift/kubernetes/pull/101498) * Automated cherry pick of #100731: Normalize share name to not include capital letters [#101550](https://github.com/openshift/kubernetes/pull/101550) * Automated cherry pick of #101398: fix: set "host is down" as corrupted mount [#101519](https://github.com/openshift/kubernetes/pull/101519) * Automated cherry pick of #101005: Set namespace when using kubectl create service [#101769](https://github.com/openshift/kubernetes/pull/101769) * Automated cherry pick of #101235: fix: azure file namespace issue in csi translation [#101354](https://github.com/openshift/kubernetes/pull/101354) * Automated cherry pick of #99550: fix smb mount issue on Windows [#99705](https://github.com/openshift/kubernetes/pull/99705) * Automated cherry pick of #100103: Updating EndpointSlice controllers to avoid duplicate [#101763](https://github.com/openshift/kubernetes/pull/101763) * Add duration encoder to structured logger [#101158](https://github.com/openshift/kubernetes/pull/101158) * Automated cherry pick of #101347: Extend pod start timeout to 5min for storage subpath [#101545](https://github.com/openshift/kubernetes/pull/101545) * cherry pick of #100913: no watch endpointslice in userpace mode [#101503](https://github.com/openshift/kubernetes/pull/101503) * Automated cherry pick of #101093: Fix `startupProbe` behaviour changed [#101224](https://github.com/openshift/kubernetes/pull/101224) * Automated cherry pick of #99336: pkg/kubelet: improve the node informer sync check [#101345](https://github.com/openshift/kubernetes/pull/101345) * Automated cherry pick of #100959: DelegatingAuthenticationOptions TokenReview request timeout [#101103](https://github.com/openshift/kubernetes/pull/101103) * Automated cherry pick of #96882: Make parallel build memory threshold configurable [#101363](https://github.com/openshift/kubernetes/pull/101363) * Automated cherry pick of #101084: Updating EndpointSlice validation to match Endpoints [#101386](https://github.com/openshift/kubernetes/pull/101386) * Automated cherry pick of #100200: respect ExecProbeTimeout and #101006: exec test should not run in Parallel [#101126](https://github.com/openshift/kubernetes/pull/101126) * Automated cherry pick of #101306: Additional CVE-2021-3121 fix [#101326](https://github.com/openshift/kubernetes/pull/101326) * Automated cherry pick of #100762: list pod list once to avoid timeout [#101038](https://github.com/openshift/kubernetes/pull/101038) * Update to go1.15.11 [#101192](https://github.com/openshift/kubernetes/pull/101192) * Automated cherry pick of #100678: apf: exempt probes /healthz /livez /readyz [#101112](https://github.com/openshift/kubernetes/pull/101112) * Automated cherry pick of #98571: Stop probing a pod during graceful shutdown [#100525](https://github.com/openshift/kubernetes/pull/100525) * Bump Cluster Autoscaler to v1.20.0 [#97012](https://github.com/openshift/kubernetes/pull/97012) * Cherry pick of #100690: azure: fix node public IP not able to fetch issues from IMDS [#100912](https://github.com/openshift/kubernetes/pull/100912) * Automated cherry pick of #99169: Use the correct volum handle format for GCE regional PD. [#100075](https://github.com/openshift/kubernetes/pull/100075) * cherry pick #100341 #98576 on 1.20 to enable SSA with APIService [#100714](https://github.com/openshift/kubernetes/pull/100714) * Automated cherry pick of #98210 upstream release 1.20 [#100722](https://github.com/openshift/kubernetes/pull/100722) * Cherry pick of #100694: Cherry pick #574 from Cloud Provider Azure: do not tag user created public IPs [#100691](https://github.com/openshift/kubernetes/pull/100691) * Automated cherry pick of #97431: additional subnet configuration for AWS ELB [#100414](https://github.com/openshift/kubernetes/pull/100414) * Automated cherry pick of #99595: Support > 5 ports in L4 ILB. [#100379](https://github.com/openshift/kubernetes/pull/100379) * Automated cherry pick of #99858: fix a bug where only service with less than 100 ports can [#100312](https://github.com/openshift/kubernetes/pull/100312) * Automated cherry pick of fixes for "large leases overload event etcd" issue (96836) [#100084](https://github.com/openshift/kubernetes/pull/100084) * Automated cherry pick of #95655: Moving docker options to daemon.json [#100157](https://github.com/openshift/kubernetes/pull/100157) * Automated cherry pick of #99958: For LoadBalancer Service type don't create a HNS policy for empty or … [#100228](https://github.com/openshift/kubernetes/pull/100228) * Revert "Automated cherry pick of #97417: fix azure file secret not found issue" [#100399](https://github.com/openshift/kubernetes/pull/100399) * Automated cherry pick of #100638: apf: fix data race in queueset [#100667](https://github.com/openshift/kubernetes/pull/100667) * Automated cherry pick of #98116: slice mirroring controller mirror annotations [#100443](https://github.com/openshift/kubernetes/pull/100443) * Automated cherry pick of #98477: update gogo/protobuf to v1.3.2 [#100501](https://github.com/openshift/kubernetes/pull/100501) * Automated cherry pick of #100254: apf: handle error from PollImmediateUntil [#100524](https://github.com/openshift/kubernetes/pull/100524) * automated cherry pick of #100056 e2e fix: loosen configmap to 10 in resource quota [#100111](https://github.com/openshift/kubernetes/pull/100111) * Automated cherry pick of #100505: Fixed describe ingress causing SEGFAULT [#100541](https://github.com/openshift/kubernetes/pull/100541) * Update sigs.k8s.io/structured-merge-diff to v4.0.3 [#99038](https://github.com/openshift/kubernetes/pull/99038) * Update to go1.15.10 [#100375](https://github.com/openshift/kubernetes/pull/100375) * Automated cherry pick of #95783: webhook config manager: HasSynced returns true when the [#100493](https://github.com/openshift/kubernetes/pull/100493) * Automated cherry pick of #99946: tweak validation to avoid mutation [#100315](https://github.com/openshift/kubernetes/pull/100315) * Automated cherry pick of #99795: Increasing maximum number of ports allowed in EndpointSlice [#100380](https://github.com/openshift/kubernetes/pull/100380) * Automated cherry pick of #98336: update metadata-concealment to 1.6 for removing legacy [#100461](https://github.com/openshift/kubernetes/pull/100461) * Automated cherry pick of #99600: Count pod overhead as an entity's resource usage [#100037](https://github.com/openshift/kubernetes/pull/100037) * Automated cherry pick of #95301: Automatically remove orphaned pod's dangling volumes [#100060](https://github.com/openshift/kubernetes/pull/100060) * vendor: upgrading cAdvisor to 0.38.8 [#99207](https://github.com/openshift/kubernetes/pull/99207) * Automated cherry pick of #99756: Updating EndpointSliceMirroring controller to wait for cache [#100143](https://github.com/openshift/kubernetes/pull/100143) * Automated cherry pick of #99464: Number of sockets is assumed to be same as NUMA nodes [#99493](https://github.com/openshift/kubernetes/pull/99493) * Automated cherry pick of #99345: Updating EndpointSlice controller to wait for cache to be [#100113](https://github.com/openshift/kubernetes/pull/100113) * Automated cherry pick of #98200: Fix dbus shutdown events not continuing if they are not valid [#99091](https://github.com/openshift/kubernetes/pull/99091) * Automated cherry pick of #96021: Dont remove volumes when saveVolumeData fails [#98930](https://github.com/openshift/kubernetes/pull/98930) * Automated cherry pick of #98088: Fix repeatedly aquire the inhibit lock [#99255](https://github.com/openshift/kubernetes/pull/99255) * Automated cherry pick of #98005: Sync node status during kubelet node shutdown [#99254](https://github.com/openshift/kubernetes/pull/99254) * Automated cherry pick of #99463: Use Lstat in plugin watcher to avoid Windows problem #99723: Fix issue in checking domain socket for plugin watcher [#99744](https://github.com/openshift/kubernetes/pull/99744) * Balance nodes in scheduling e2e [#98811](https://github.com/openshift/kubernetes/pull/98811) * Automated cherry pick of #99825: Ensure only one LoadBalancer rule is created when HA mode is [#99826](https://github.com/openshift/kubernetes/pull/99826) * Automated cherry pick of #98830 upstream release 1.20 [#99008](https://github.com/openshift/kubernetes/pull/99008) * Automated cherry pick of #97957 upstream release 1.20 [#99438](https://github.com/openshift/kubernetes/pull/99438) * Automated cherry pick of #97950: remove executable permission bits [#99253](https://github.com/openshift/kubernetes/pull/99253) * Automated cherry pick of #98555: Storage e2e: Remove pd csi driver installation in GKE [#99164](https://github.com/openshift/kubernetes/pull/99164) * Automated cherry pick of #99538: Skip visiting empty secret and configmap names [#99587](https://github.com/openshift/kubernetes/pull/99587) * Cherry pick #96876 in controller to 1.20: fix nodelifecyle controller not add NoExecute taint bug [#98168](https://github.com/openshift/kubernetes/pull/98168) * Automated cherry pick of #98305: kube-proxy: clear conntrack entries after rules are in place [#99017](https://github.com/openshift/kubernetes/pull/99017) * Bump konnectivity-client to v0.0.15 in release-1.20 [#99171](https://github.com/openshift/kubernetes/pull/99171) * Automated cherry pick of #97700: OWNERS: Update SIG Release aliases [#98369](https://github.com/openshift/kubernetes/pull/98369) * Fix conformance metadata release 1.20 [#99081](https://github.com/openshift/kubernetes/pull/99081) * Update to go1.15.8 [#98962](https://github.com/openshift/kubernetes/pull/98962) * Automated cherry pick of #98103: kubelet: Delete static pods gracefully [#98316](https://github.com/openshift/kubernetes/pull/98316) * Automated cherry pick of #94087: node sync at least once [#97995](https://github.com/openshift/kubernetes/pull/97995) * Cherry pick of #98254:Fix the kube-scheduler binary's description of … [#98786](https://github.com/openshift/kubernetes/pull/98786) * Automated cherry pick of #95111: make podTopologyHints protected by lock [#98429](https://github.com/openshift/kubernetes/pull/98429) * Automated cherry pick of #98755 upstream release 1.20 [#98838](https://github.com/openshift/kubernetes/pull/98838) * Automated cherry pick of #98750: Fix nil pointer dereference in disruption controller [#98775](https://github.com/openshift/kubernetes/pull/98775) * Automated cherry pick of #98836: kubeadm: get k8s CI version markers from k8s infra bucket [#98842](https://github.com/openshift/kubernetes/pull/98842) * Automated cherry pick of #98715: fix kube-scheduler cannot send event because the Note field [#98794](https://github.com/openshift/kubernetes/pull/98794) * Update region_pd e2e test to support PV have GA topology [#98733](https://github.com/openshift/kubernetes/pull/98733) * Automated cherry pick of #98311: Fix translation of Cinder storage classess to CSI [#98608](https://github.com/openshift/kubernetes/pull/98608) * Automated cherry pick of #98350: aggregate errors when putting vmss [#98351](https://github.com/openshift/kubernetes/pull/98351) * Automated cherry pick of #97877: fix azure file migration issue [#98328](https://github.com/openshift/kubernetes/pull/98328) * Automated cherry pick of #94599: Fixes Attach Detach Controller reconciler race reading #96617: Recover CSI volumes from dangling attachments [#98224](https://github.com/openshift/kubernetes/pull/98224) * Cherry pick #465 in cloud provider azure to 1.20: Cleanup subnet in frontend IP configs [#98132](https://github.com/openshift/kubernetes/pull/98132) * Automated cherry pick of #96821: Use volumeHandle as PV name when translating EBS inline [#98030](https://github.com/openshift/kubernetes/pull/98030) * Use non privileged ports in scheduling conformance test [#97236](https://github.com/openshift/kubernetes/pull/97236) * Automated cherry pick of #97003: make hostPort match test linuxonly [#98109](https://github.com/openshift/kubernetes/pull/98109) * Automated cherry pick of #96491: Avoid checking the entire backend service URL for FR [#97356](https://github.com/openshift/kubernetes/pull/97356) * Automated cherry pick of #96751: Lower the frequency of volume plugin deprecation warning [#97892](https://github.com/openshift/kubernetes/pull/97892) * cherry pick of #95269: fix the panic when kubelet registers if a node object already exists with no Status.Capacity or Status.Allocatable [#97803](https://github.com/openshift/kubernetes/pull/97803) * Automated cherry pick of #98068: Ensure invalid cluster-scoped children do not block cleanup of valid namespaced children [#98105](https://github.com/openshift/kubernetes/pull/98105) * Automated cherry pick of #98436: Resolve IP addresses of host-only in filtered dialer [#98438](https://github.com/openshift/kubernetes/pull/98438) * Automated cherry pick of #98430: Deflake ingress updates [#98442](https://github.com/openshift/kubernetes/pull/98442) * Automated cherry pick of #97764 upstream release 1.20: ignore cgroup driver check in windows node upgrade [#98383](https://github.com/openshift/kubernetes/pull/98383) * Automated cherry pick of #97754: kubectl-convert import known versions [#98002](https://github.com/openshift/kubernetes/pull/98002) * Automated cherry pick of #97087: kubeadm: change the default image repository for CI images [#98274](https://github.com/openshift/kubernetes/pull/98274) * Automated cherry pick of #97820: handle webhook authenticator and authorizer error [#97862](https://github.com/openshift/kubernetes/pull/97862) * Automated cherry pick of #96754: reduce buckets for etcd_request_duration_seconds [#98183](https://github.com/openshift/kubernetes/pull/98183) * vendor: update cAdvisor to v0.38.7 [#98014](https://github.com/openshift/kubernetes/pull/98014) * Automated cherry pick of #97980: Revert "Merge pull request #92817 from kmala/kubelet" [#97998](https://github.com/openshift/kubernetes/pull/97998) * Automated cherry pick of #97954: fixes nil panic for nil delegated auth options [#97969](https://github.com/openshift/kubernetes/pull/97969) * Automated cherry pick of #97206: clean up executing request on panic [#97463](https://github.com/openshift/kubernetes/pull/97463) * Automated cherry pick of #97860: move all variables in sampleAndWaterMarkHistograms::innerSet [#97866](https://github.com/openshift/kubernetes/pull/97866) * cherry-pick part of #97451: fix counting error in service/nodeport/loadbalancer quota check [#97826](https://github.com/openshift/kubernetes/pull/97826) * automated-cherry-pick-of-#97625: use default unkown sock for kubeadm cmd if cri detect is not needed [#97847](https://github.com/openshift/kubernetes/pull/97847) * Automated cherry pick of #97740: Release reserved GCE IP address after ensure completes. [#97770](https://github.com/openshift/kubernetes/pull/97770) * Automated cherry pick of #97082: fix: azure file latency issue for metadata-heavy workload [#97439](https://github.com/openshift/kubernetes/pull/97439) * Cherry pick 443 and 448 from cloud provider azure to 1.20 [#97639](https://github.com/openshift/kubernetes/pull/97639) * Automated cherry pick of #97323: fix the deadlock in priority and fairness config controller [#97464](https://github.com/openshift/kubernetes/pull/97464) * Automated cherry pick of #97417: fix azure file secret not found issue [#97449](https://github.com/openshift/kubernetes/pull/97449) * Automated cherry pick of #97699: Ensure reproducible builds when build through docker [#97732](https://github.com/openshift/kubernetes/pull/97732) * Automated cherry pick of #97427: Fix bug in CPUManager with race on map acccess [#97529](https://github.com/openshift/kubernetes/pull/97529) * Automated cherry pick of #97254: Create OWNERS for most of the API Priority and Fairness impl [#97671](https://github.com/openshift/kubernetes/pull/97671) * Automated cherry pick of #97006: Fix cadvisor machine metrics [#97691](https://github.com/openshift/kubernetes/pull/97691) * Automated cherry pick of #97259 upstream release 1.20 [#97297](https://github.com/openshift/kubernetes/pull/97297) * Automated cherry pick of #97016: fix migration logic [#97106](https://github.com/openshift/kubernetes/pull/97106) * Revert "Use host IP instead of localhost for control plane component … [#97301](https://github.com/openshift/kubernetes/pull/97301) * Automated cherry pick of #97013: Fix FibreChannel volume plugin corrupting filesystem on [#97197](https://github.com/openshift/kubernetes/pull/97197) * cherry-pick to 1.20: etcd version for 1.19 is 3.4.13 for cve fixes [#97284](https://github.com/openshift/kubernetes/pull/97284) * vendor: update cAdvisor to v0.38.6 [#97175](https://github.com/openshift/kubernetes/pull/97175) * Automated cherry pick of #97127: Revert "iAdd host IP to etcd listen client URLs." [#97128](https://github.com/openshift/kubernetes/pull/97128) * Add AcceleratorStats to cri_stats_provider for 1.20 [#97018](https://github.com/openshift/kubernetes/pull/97018) * [Full changelog](https://github.com/openshift/kubernetes/compare/4593a24e8fd58d0921e09d2c35f9d67245a9070b...bbbc0799c02950831c42c7a2ab0a04594b854d4a) ### [kube-proxy, sdn](https://github.com/openshift/sdn/tree/a41bdcc3533c6eaf8f17e1e4bb52c1bde155f578) * [Bug 1987297](https://bugzilla.redhat.com/show_bug.cgi?id=1987297): when assigning and releasing egressIP try more than once before failing [#327](https://github.com/openshift/sdn/pull/327) * [Bug 2001531](https://bugzilla.redhat.com/show_bug.cgi?id=2001531): improve SDN's OVS healthcheck and logging [#343](https://github.com/openshift/sdn/pull/343) * [Bug 1995872](https://bugzilla.redhat.com/show_bug.cgi?id=1995872): Disable conntrack for vxlan traffic [#338](https://github.com/openshift/sdn/pull/338) * [Full changelog](https://github.com/openshift/sdn/compare/cbd5e4b4db17218a07e650dcc7576d3b6f739521...a41bdcc3533c6eaf8f17e1e4bb52c1bde155f578) ### [kuryr-cni, kuryr-controller](https://github.com/openshift/kuryr-kubernetes/tree/77a9d5eade31e0519d34ff9aa9cf86c1305e25b1) * [Bug 2001518](https://bugzilla.redhat.com/show_bug.cgi?id=2001518): Increase keystoneauth's connection pool size [#554](https://github.com/openshift/kuryr-kubernetes/pull/554) * [Full changelog](https://github.com/openshift/kuryr-kubernetes/compare/c7654fb7ee98d42b3c2329f4ad0039f8f87828f0...77a9d5eade31e0519d34ff9aa9cf86c1305e25b1) ### [machine-api-operator](https://github.com/openshift/machine-api-operator/tree/b37833e07e4ecb6bea8f0cfbfcc349116d5d3c23) * [Bug 1989648](https://bugzilla.redhat.com/show_bug.cgi?id=1989648): Prevent machine from stucking in Deleting phase on vSphere if related node object not found [#895](https://github.com/openshift/machine-api-operator/pull/895) * [Bug 1933586](https://bugzilla.redhat.com/show_bug.cgi?id=1933586): Make sure phase is always set before creation [#858](https://github.com/openshift/machine-api-operator/pull/858) * [Full changelog](https://github.com/openshift/machine-api-operator/compare/e179bb5ce397b543cd3f716f75fa4cd40046e0ad...b37833e07e4ecb6bea8f0cfbfcc349116d5d3c23) ### [machine-config-operator](https://github.com/vrutkovs/machine-config-operator/tree/106a2e7a72267f44c4f4278c89bf867741c30235) * [Bug 1988102](https://bugzilla.redhat.com/show_bug.cgi?id=1988102): [release-4.7] On-prem: add default ingress track script to Keepalived [#2697](https://github.com/vrutkovs/machine-config-operator/pull/2697) * [Bug 1998112](https://bugzilla.redhat.com/show_bug.cgi?id=1998112): vSpehere: disable vmxnet3 tx csum offload [#2738](https://github.com/vrutkovs/machine-config-operator/pull/2738) * [Full changelog](https://github.com/vrutkovs/machine-config-operator/compare/beac376da79c5573f471f7012de8193423686582...106a2e7a72267f44c4f4278c89bf867741c30235) ### [machine-os-content](https://github.com/openshift/okd-machine-os/tree/c82dd5a3945afe8922627df31f29284633613351) * okd-repos: remove failovermethod [#201](https://github.com/openshift/okd-machine-os/pull/201) * overlay: add NetworkManager config to prevent requesting additional MAC [#198](https://github.com/openshift/okd-machine-os/pull/198) * Bump fedora-coreos-config to latest stable [#194](https://github.com/openshift/okd-machine-os/pull/194) * Bump fedora-coreos-config to latest stable [#187](https://github.com/openshift/okd-machine-os/pull/187) * [Full changelog](https://github.com/openshift/okd-machine-os/compare/fb5b625f1459ef6a5943d648e37ca6559ddad26a...c82dd5a3945afe8922627df31f29284633613351) ### [openshift-apiserver](https://github.com/openshift/openshift-apiserver/tree/3c007ad1de009a255a56889761dc2ac440529ffc) * [Bug 1995074](https://bugzilla.redhat.com/show_bug.cgi?id=1995074): revert incorrect ssh scp fix [#242](https://github.com/openshift/openshift-apiserver/pull/242) * [Full changelog](https://github.com/openshift/openshift-apiserver/compare/f9ac08715d1b7890a5aa66a8fb16e847a7f6b727...3c007ad1de009a255a56889761dc2ac440529ffc) ### [openstack-cinder-csi-driver-operator](https://github.com/openshift/openstack-cinder-csi-driver-operator/tree/f77ff88000592657b54ec5a3fe51c316aa57cce2) * [Bug 1996070](https://bugzilla.redhat.com/show_bug.cgi?id=1996070): Add maxUnavailable to DaemonSets [#54](https://github.com/openshift/openstack-cinder-csi-driver-operator/pull/54) * [Full changelog](https://github.com/openshift/openstack-cinder-csi-driver-operator/compare/117ce62c69b399c524850f4ca32324a4ed288acd...f77ff88000592657b54ec5a3fe51c316aa57cce2) ### [openstack-machine-controllers](https://github.com/openshift/cluster-api-provider-openstack/tree/dcb7828fd3753b90a5f617349495e59eca0307d1) * [Bug 2000551](https://bugzilla.redhat.com/show_bug.cgi?id=2000551): Adds Proxy to provider client http transport [#200](https://github.com/openshift/cluster-api-provider-openstack/pull/200) * [Full changelog](https://github.com/openshift/cluster-api-provider-openstack/compare/471cf3ab636c26ed7c9fba6330374a5ea1b36b43...dcb7828fd3753b90a5f617349495e59eca0307d1) ### [operator-lifecycle-manager](https://github.com/operator-framework/operator-lifecycle-manager/tree/ebe84506ec094fc9ef505be8f5185e97d0c763ab) * Fix kubebuilder installation in the build root Dockerfile [#2351](https://github.com/operator-framework/operator-lifecycle-manager/pull/2351) * [Full changelog](https://github.com/operator-framework/operator-lifecycle-manager/compare/4bfcded86491aa59e42d5b4288a79fcc673afc91...ebe84506ec094fc9ef505be8f5185e97d0c763ab) ### [operator-marketplace](https://github.com/operator-framework/operator-marketplace/tree/23f38d3c0385e3fef87848c3378cf6c0a4cbe4d7) * [Bug 1961341](https://bugzilla.redhat.com/show_bug.cgi?id=1961341): [release-4.7] Update openshift rolebindings to v1 [#409](https://github.com/operator-framework/operator-marketplace/pull/409) * [Full changelog](https://github.com/operator-framework/operator-marketplace/compare/96bab9b9f5bb2c8fce141992230cf75e48f14f78...23f38d3c0385e3fef87848c3378cf6c0a4cbe4d7) ### [ovirt-csi-driver-operator](https://github.com/openshift/ovirt-csi-driver-operator/tree/5e51508c107a161416c0ffffdd17163f14136478) * [Bug 1996070](https://bugzilla.redhat.com/show_bug.cgi?id=1996070): Backport maxUnavailable: 10% for DaemonSets [#69](https://github.com/openshift/ovirt-csi-driver-operator/pull/69) * [Full changelog](https://github.com/openshift/ovirt-csi-driver-operator/compare/f8808a04dc6bfe7ce36a8238089dbae7ab29cbb6...5e51508c107a161416c0ffffdd17163f14136478) ### [ovn-kubernetes](https://github.com/openshift/ovn-kubernetes/tree/04375114a527aabd0f5bbf4a2af36479e7853cd8) * [Bug 2001543](https://bugzilla.redhat.com/show_bug.cgi?id=2001543): fix reserve joinSwitch LRP IPs [#721](https://github.com/openshift/ovn-kubernetes/pull/721) * [Bug 2001364](https://bugzilla.redhat.com/show_bug.cgi?id=2001364): [4.7z] Ensure client handling of canceled/dropped OVSDB monitor [#719](https://github.com/openshift/ovn-kubernetes/pull/719) * [Bug 2001998](https://bugzilla.redhat.com/show_bug.cgi?id=2001998): egressfirewall not set after upgrade [#724](https://github.com/openshift/ovn-kubernetes/pull/724) * [Bug 1988495](https://bugzilla.redhat.com/show_bug.cgi?id=1988495): Fix LocalGatway ExternalIP [#638](https://github.com/openshift/ovn-kubernetes/pull/638) * [Bug 1999896](https://bugzilla.redhat.com/show_bug.cgi?id=1999896): Revert "[release-4.7] fix reserve joinSwitch LRP IPs" [#707](https://github.com/openshift/ovn-kubernetes/pull/707) * [Bug 1997574](https://bugzilla.redhat.com/show_bug.cgi?id=1997574): Fix: sync egress IP for missed events on start-up [#687](https://github.com/openshift/ovn-kubernetes/pull/687) * [Bug 1976242](https://bugzilla.redhat.com/show_bug.cgi?id=1976242): Update existing policy ACLs on start [#650](https://github.com/openshift/ovn-kubernetes/pull/650) * [Bug 1997104](https://bugzilla.redhat.com/show_bug.cgi?id=1997104): fix reserve joinSwitch LRP IPs [#683](https://github.com/openshift/ovn-kubernetes/pull/683) * [Bug 1995910](https://bugzilla.redhat.com/show_bug.cgi?id=1995910): Backport ovnkube-trace requires ip package to be installed [#674](https://github.com/openshift/ovn-kubernetes/pull/674) * [Full changelog](https://github.com/openshift/ovn-kubernetes/compare/9581e60ef4d1b32de2a5901cda825c2b4f60ee77...04375114a527aabd0f5bbf4a2af36479e7853cd8)