# 4.7.0-0.okd-2021-09-19-013247 Created: 2021-09-19 07:48:41 +0000 UTC Image Digest: `sha256:dbf6525b1580c9cf0d03b8841b6f9b0a9c05dc306a825bc66d37ab0c9d342094` Promoted from registry.ci.openshift.org/origin/release:4.7.0-0.okd-2021-09-19-013247 ## Changes from 4.7.0-0.okd-2021-08-22-163618 ### Components * Kubernetes upgraded from 1.20.0-beta.2 to 1.20.10 ### Rebuilt images without code change * [cluster-autoscaler](https://github.com/openshift/kubernetes-autoscaler) git [8b2e494f](https://github.com/openshift/kubernetes-autoscaler/commit/8b2e494f7796639b46f9867407fe21546cfc01c3) `sha256:d325e4692f62f1d1d1c97ddf657a4bb160e609c3fe7f37c73d103522779acdd3` * [cluster-ingress-operator](https://github.com/openshift/cluster-ingress-operator) git [b86f935f](https://github.com/openshift/cluster-ingress-operator/commit/b86f935f5e693f48dbf6ec23a490422b6e295eb7) `sha256:2b17372e5c73f22de98c5e5086094cd0950071c9cd11bb0ffbb4c917aa82516a` * [cluster-version-operator](https://github.com/openshift/cluster-version-operator) git [cc81827c](https://github.com/openshift/cluster-version-operator/commit/cc81827c1bfe322bd78d2fa0d9b34d532190d850) `sha256:f9da8257ac7457e0876bc0e68211f42ce176abc39856773b2c9b4668ba777dd2` * [k8s-prometheus-adapter](https://github.com/openshift/k8s-prometheus-adapter) git [212d80b4](https://github.com/openshift/k8s-prometheus-adapter/commit/212d80b4bd35fc6f19ec9ec537d0261a2a300cfd) `sha256:0fd96409c78c80e2369452c4d45034094973b316335d8c9cb1c937eb9c89dee3` ### [aws-ebs-csi-driver-operator](https://github.com/openshift/aws-ebs-csi-driver-operator/tree/3a9ff17d523a342ee71a967a2b82d5cf044f1eb8) * [Bug 1996070](https://bugzilla.redhat.com/show_bug.cgi?id=1996070): Add maxUnavailable to DaemonSets [#135](https://github.com/openshift/aws-ebs-csi-driver-operator/pull/135) * [Full changelog](https://github.com/openshift/aws-ebs-csi-driver-operator/compare/97f73eb7de4b474497169771239dcd81990d3f2e...3a9ff17d523a342ee71a967a2b82d5cf044f1eb8) ### [cli, cli-artifacts, deployer, tools](https://github.com/openshift/oc/tree/e6f2e9b10e0c5f788dceb996badbaf9d6d625ffd) * [Bug 1995074](https://bugzilla.redhat.com/show_bug.cgi?id=1995074): revert incorrect allowance of ssh:// prefix with scp styled URLs [#902](https://github.com/openshift/oc/pull/902) * [Full changelog](https://github.com/openshift/oc/compare/d1ffb3c4b74fa8a478f63be1df429479182ee3b0...e6f2e9b10e0c5f788dceb996badbaf9d6d625ffd) ### [cluster-network-operator](https://github.com/openshift/cluster-network-operator/tree/c4b5b42127ac0ebd9ce5c5c57c1a15949319bdc1) * [Bug 1996063](https://bugzilla.redhat.com/show_bug.cgi?id=1996063): Use 10% for nw-check-target maxUnavailable [#1184](https://github.com/openshift/cluster-network-operator/pull/1184) * [Full changelog](https://github.com/openshift/cluster-network-operator/compare/9a9a870010c99e11747fce0232487a2f2c27dfa6...c4b5b42127ac0ebd9ce5c5c57c1a15949319bdc1) ### [cluster-openshift-apiserver-operator](https://github.com/openshift/cluster-openshift-apiserver-operator/tree/df9b1a45165dd1a2cc17b5a885370093bb237e41) * [Bug 1996045](https://bugzilla.redhat.com/show_bug.cgi?id=1996045): bindata: run openshift-apiserver as root explicitly. [#468](https://github.com/openshift/cluster-openshift-apiserver-operator/pull/468) * [Full changelog](https://github.com/openshift/cluster-openshift-apiserver-operator/compare/fa6d8e1cc9d57566fa3fbe4dbb361892ccf9e17d...df9b1a45165dd1a2cc17b5a885370093bb237e41) ### [console](https://github.com/openshift/console/tree/3432f1cc6cb07a8f1210dc26ebe84efde3de752b) * [Bug 1973707](https://bugzilla.redhat.com/show_bug.cgi?id=1973707): Add chart URl to annotations during helm install/upgrade [#9299](https://github.com/openshift/console/pull/9299) * [Bug 1995617](https://bugzilla.redhat.com/show_bug.cgi?id=1995617): Fix Pipeline Download All [#9839](https://github.com/openshift/console/pull/9839) * [Full changelog](https://github.com/openshift/console/compare/3cb2ea65a159f6f8d2a273721a4e271f8450adad...3432f1cc6cb07a8f1210dc26ebe84efde3de752b) ### [csi-driver-manila-operator](https://github.com/openshift/csi-driver-manila-operator/tree/b652a62f269127e6e9195383eab951d59c6d7a6d) * [Bug 2002555](https://bugzilla.redhat.com/show_bug.cgi?id=2002555): Do not degrade cluster on failure to reach Manila [#126](https://github.com/openshift/csi-driver-manila-operator/pull/126) * [Bug 1987036](https://bugzilla.redhat.com/show_bug.cgi?id=1987036): Use cluster Proxy when available [#110](https://github.com/openshift/csi-driver-manila-operator/pull/110) * [Bug 1996070](https://bugzilla.redhat.com/show_bug.cgi?id=1996070): Add maxUnavailable to DaemonSets [#116](https://github.com/openshift/csi-driver-manila-operator/pull/116) * [Full changelog](https://github.com/openshift/csi-driver-manila-operator/compare/00b1f648e74d8008ce32ae65eb4d6d8b5ac1bbed...b652a62f269127e6e9195383eab951d59c6d7a6d) ### [docker-builder](https://github.com/openshift/builder/tree/5a46979e5e747b6df27a1b50ec0c922a172298f2) * [Bug 1995074](https://bugzilla.redhat.com/show_bug.cgi?id=1995074): bump(s2i): revert incorrect ssh scp fix [#261](https://github.com/openshift/builder/pull/261) * [Bug 1924455](https://bugzilla.redhat.com/show_bug.cgi?id=1924455): Update dependencies to address CVE-2021-3121 [#258](https://github.com/openshift/builder/pull/258) * [Full changelog](https://github.com/openshift/builder/compare/82eeeac0c8cbad90f951885cc11939ecd51eda76...5a46979e5e747b6df27a1b50ec0c922a172298f2) ### [gcp-pd-csi-driver-operator](https://github.com/openshift/gcp-pd-csi-driver-operator/tree/d40dd57595673e4737fa77e29a955f6beefac284) * [Bug 1996070](https://bugzilla.redhat.com/show_bug.cgi?id=1996070): Add maxUnavailable to DaemonSets [#33](https://github.com/openshift/gcp-pd-csi-driver-operator/pull/33) * [Full changelog](https://github.com/openshift/gcp-pd-csi-driver-operator/compare/9ffe95b9499258b8e2b5e1b8df9889abe3c9f73f...d40dd57595673e4737fa77e29a955f6beefac284) ### [hello-openshift, tests](https://github.com/openshift/origin/tree/8b31c8bd88c20a8eb0a7ea32b7e42fdbae212731) * [Bug 1983616](https://bugzilla.redhat.com/show_bug.cgi?id=1983616): Wait longer in tests where namespace cleanup is slow [#26282](https://github.com/openshift/origin/pull/26282) * [Full changelog](https://github.com/openshift/origin/compare/24f464bff3559617d73d5b4ec57332ff22ac000b...8b31c8bd88c20a8eb0a7ea32b7e42fdbae212731) ### [hyperkube](https://github.com/openshift/kubernetes/tree/bbbc0799c02950831c42c7a2ab0a04594b854d4a) * [Bug 1993753](https://bugzilla.redhat.com/show_bug.cgi?id=1993753): UPSTREAM: 104348: Pass additional flags to subpath mount to avoid fla… [#941](https://github.com/openshift/kubernetes/pull/941) * [Bug 2003027](https://bugzilla.redhat.com/show_bug.cgi?id=2003027): Rebase 1.20.10 [#935](https://github.com/openshift/kubernetes/pull/935) * [Bug 1996846](https://bugzilla.redhat.com/show_bug.cgi?id=1996846): UPSTREAM: 98571: kubelet: Stop probing a pod during graceful shutdown [#901](https://github.com/openshift/kubernetes/pull/901) * [Full changelog](https://github.com/openshift/kubernetes/compare/4593a24e8fd58d0921e09d2c35f9d67245a9070b...bbbc0799c02950831c42c7a2ab0a04594b854d4a) ### [kube-proxy, sdn](https://github.com/openshift/sdn/tree/a41bdcc3533c6eaf8f17e1e4bb52c1bde155f578) * [Bug 1987297](https://bugzilla.redhat.com/show_bug.cgi?id=1987297): when assigning and releasing egressIP try more than once before failing [#327](https://github.com/openshift/sdn/pull/327) * [Bug 2001531](https://bugzilla.redhat.com/show_bug.cgi?id=2001531): improve SDN's OVS healthcheck and logging [#343](https://github.com/openshift/sdn/pull/343) * [Bug 1995872](https://bugzilla.redhat.com/show_bug.cgi?id=1995872): Disable conntrack for vxlan traffic [#338](https://github.com/openshift/sdn/pull/338) * [Full changelog](https://github.com/openshift/sdn/compare/cbd5e4b4db17218a07e650dcc7576d3b6f739521...a41bdcc3533c6eaf8f17e1e4bb52c1bde155f578) ### [kuryr-cni, kuryr-controller](https://github.com/openshift/kuryr-kubernetes/tree/77a9d5eade31e0519d34ff9aa9cf86c1305e25b1) * [Bug 2001518](https://bugzilla.redhat.com/show_bug.cgi?id=2001518): Increase keystoneauth's connection pool size [#554](https://github.com/openshift/kuryr-kubernetes/pull/554) * [Full changelog](https://github.com/openshift/kuryr-kubernetes/compare/c7654fb7ee98d42b3c2329f4ad0039f8f87828f0...77a9d5eade31e0519d34ff9aa9cf86c1305e25b1) ### [machine-api-operator](https://github.com/openshift/machine-api-operator/tree/b37833e07e4ecb6bea8f0cfbfcc349116d5d3c23) * [Bug 1989648](https://bugzilla.redhat.com/show_bug.cgi?id=1989648): Prevent machine from stucking in Deleting phase on vSphere if related node object not found [#895](https://github.com/openshift/machine-api-operator/pull/895) * [Bug 1933586](https://bugzilla.redhat.com/show_bug.cgi?id=1933586): Make sure phase is always set before creation [#858](https://github.com/openshift/machine-api-operator/pull/858) * [Full changelog](https://github.com/openshift/machine-api-operator/compare/e179bb5ce397b543cd3f716f75fa4cd40046e0ad...b37833e07e4ecb6bea8f0cfbfcc349116d5d3c23) ### [machine-config-operator](https://github.com/vrutkovs/machine-config-operator/tree/106a2e7a72267f44c4f4278c89bf867741c30235) * [Bug 1988102](https://bugzilla.redhat.com/show_bug.cgi?id=1988102): [release-4.7] On-prem: add default ingress track script to Keepalived [#2697](https://github.com/vrutkovs/machine-config-operator/pull/2697) * [Bug 1998112](https://bugzilla.redhat.com/show_bug.cgi?id=1998112): vSpehere: disable vmxnet3 tx csum offload [#2738](https://github.com/vrutkovs/machine-config-operator/pull/2738) * [Full changelog](https://github.com/vrutkovs/machine-config-operator/compare/beac376da79c5573f471f7012de8193423686582...106a2e7a72267f44c4f4278c89bf867741c30235) ### [machine-os-content](https://github.com/openshift/okd-machine-os/tree/c82dd5a3945afe8922627df31f29284633613351) * okd-repos: remove failovermethod [#201](https://github.com/openshift/okd-machine-os/pull/201) * overlay: add NetworkManager config to prevent requesting additional MAC [#198](https://github.com/openshift/okd-machine-os/pull/198) * Bump fedora-coreos-config to latest stable [#194](https://github.com/openshift/okd-machine-os/pull/194) * Bump fedora-coreos-config to latest stable [#187](https://github.com/openshift/okd-machine-os/pull/187) * [Full changelog](https://github.com/openshift/okd-machine-os/compare/fb5b625f1459ef6a5943d648e37ca6559ddad26a...c82dd5a3945afe8922627df31f29284633613351) ### [openshift-apiserver](https://github.com/openshift/openshift-apiserver/tree/3c007ad1de009a255a56889761dc2ac440529ffc) * [Bug 1995074](https://bugzilla.redhat.com/show_bug.cgi?id=1995074): revert incorrect ssh scp fix [#242](https://github.com/openshift/openshift-apiserver/pull/242) * [Full changelog](https://github.com/openshift/openshift-apiserver/compare/f9ac08715d1b7890a5aa66a8fb16e847a7f6b727...3c007ad1de009a255a56889761dc2ac440529ffc) ### [openstack-cinder-csi-driver-operator](https://github.com/openshift/openstack-cinder-csi-driver-operator/tree/f77ff88000592657b54ec5a3fe51c316aa57cce2) * [Bug 1996070](https://bugzilla.redhat.com/show_bug.cgi?id=1996070): Add maxUnavailable to DaemonSets [#54](https://github.com/openshift/openstack-cinder-csi-driver-operator/pull/54) * [Full changelog](https://github.com/openshift/openstack-cinder-csi-driver-operator/compare/117ce62c69b399c524850f4ca32324a4ed288acd...f77ff88000592657b54ec5a3fe51c316aa57cce2) ### [openstack-machine-controllers](https://github.com/openshift/cluster-api-provider-openstack/tree/dcb7828fd3753b90a5f617349495e59eca0307d1) * [Bug 2000551](https://bugzilla.redhat.com/show_bug.cgi?id=2000551): Adds Proxy to provider client http transport [#200](https://github.com/openshift/cluster-api-provider-openstack/pull/200) * [Full changelog](https://github.com/openshift/cluster-api-provider-openstack/compare/471cf3ab636c26ed7c9fba6330374a5ea1b36b43...dcb7828fd3753b90a5f617349495e59eca0307d1) ### [operator-lifecycle-manager](https://github.com/operator-framework/operator-lifecycle-manager/tree/ebe84506ec094fc9ef505be8f5185e97d0c763ab) * Fix kubebuilder installation in the build root Dockerfile [#2351](https://github.com/operator-framework/operator-lifecycle-manager/pull/2351) * [Full changelog](https://github.com/operator-framework/operator-lifecycle-manager/compare/4bfcded86491aa59e42d5b4288a79fcc673afc91...ebe84506ec094fc9ef505be8f5185e97d0c763ab) ### [operator-marketplace](https://github.com/operator-framework/operator-marketplace/tree/23f38d3c0385e3fef87848c3378cf6c0a4cbe4d7) * [Bug 1961341](https://bugzilla.redhat.com/show_bug.cgi?id=1961341): [release-4.7] Update openshift rolebindings to v1 [#409](https://github.com/operator-framework/operator-marketplace/pull/409) * [Full changelog](https://github.com/operator-framework/operator-marketplace/compare/96bab9b9f5bb2c8fce141992230cf75e48f14f78...23f38d3c0385e3fef87848c3378cf6c0a4cbe4d7) ### [ovirt-csi-driver-operator](https://github.com/openshift/ovirt-csi-driver-operator/tree/5e51508c107a161416c0ffffdd17163f14136478) * [Bug 1996070](https://bugzilla.redhat.com/show_bug.cgi?id=1996070): Backport maxUnavailable: 10% for DaemonSets [#69](https://github.com/openshift/ovirt-csi-driver-operator/pull/69) * [Full changelog](https://github.com/openshift/ovirt-csi-driver-operator/compare/f8808a04dc6bfe7ce36a8238089dbae7ab29cbb6...5e51508c107a161416c0ffffdd17163f14136478) ### [ovn-kubernetes](https://github.com/openshift/ovn-kubernetes/tree/04375114a527aabd0f5bbf4a2af36479e7853cd8) * [Bug 2001543](https://bugzilla.redhat.com/show_bug.cgi?id=2001543): fix reserve joinSwitch LRP IPs [#721](https://github.com/openshift/ovn-kubernetes/pull/721) * [Bug 2001364](https://bugzilla.redhat.com/show_bug.cgi?id=2001364): [4.7z] Ensure client handling of canceled/dropped OVSDB monitor [#719](https://github.com/openshift/ovn-kubernetes/pull/719) * [Bug 2001998](https://bugzilla.redhat.com/show_bug.cgi?id=2001998): egressfirewall not set after upgrade [#724](https://github.com/openshift/ovn-kubernetes/pull/724) * [Bug 1988495](https://bugzilla.redhat.com/show_bug.cgi?id=1988495): Fix LocalGatway ExternalIP [#638](https://github.com/openshift/ovn-kubernetes/pull/638) * [Bug 1999896](https://bugzilla.redhat.com/show_bug.cgi?id=1999896): Revert "[release-4.7] fix reserve joinSwitch LRP IPs" [#707](https://github.com/openshift/ovn-kubernetes/pull/707) * [Bug 1997574](https://bugzilla.redhat.com/show_bug.cgi?id=1997574): Fix: sync egress IP for missed events on start-up [#687](https://github.com/openshift/ovn-kubernetes/pull/687) * [Bug 1976242](https://bugzilla.redhat.com/show_bug.cgi?id=1976242): Update existing policy ACLs on start [#650](https://github.com/openshift/ovn-kubernetes/pull/650) * [Bug 1997104](https://bugzilla.redhat.com/show_bug.cgi?id=1997104): fix reserve joinSwitch LRP IPs [#683](https://github.com/openshift/ovn-kubernetes/pull/683) * [Bug 1995910](https://bugzilla.redhat.com/show_bug.cgi?id=1995910): Backport ovnkube-trace requires ip package to be installed [#674](https://github.com/openshift/ovn-kubernetes/pull/674) * [Full changelog](https://github.com/openshift/ovn-kubernetes/compare/9581e60ef4d1b32de2a5901cda825c2b4f60ee77...04375114a527aabd0f5bbf4a2af36479e7853cd8)