Back to index

Download the installer for your operating system or run

oc adm release extract --tools quay.io/openshift-release-dev/ocp-release:4.10.25-x86_64

Tests:

• Blocking jobs
  • upgrade Succeeded release-openshift-origin-installer-e2e-aws-upgrade
  • upgrade-minor Succeeded release-openshift-origin-installer-e2e-aws-upgrade
• Informing jobs
  • aws-sdn-upgrade-4.10-micro Succeeded periodic-ci-openshift-release-master-nightly-4.10-e2e-aws-upgrade
  • aws-serial Pending periodic-ci-openshift-release-master-nightly-4.10-e2e-aws-serial
  • gcp-ovn-upgrade-4.10-minor Succeeded periodic-ci-openshift-release-master-ci-4.10-upgrade-from-stable-4.9-e2e-gcp-ovn-upgrade

Upgrades from:

• 4.10.24 (changes) - S F F F F F
• 4.10.23 (changes) - Failed Success
• 4.10.22 (changes) - Failed Failed
• 4.10.21 (changes) - Failed
• 4.10.20 (changes) - Failed
• 4.10.16 (changes) - Failed
• 4.10.14 (changes) - Failed
• 4.10.12 (changes) - Failed
• 4.10.10 (changes) - Failed
• 4.10.8 (changes) - Failed
• 4.10.7 (changes) - Failed
• 4.10.6 (changes) - Failed
• 4.10.5 - Failed
• 4.10.4 (changes) - Failed
• 4.10.3 (changes) - Failed
• 4.9.44 (changes) - S F F F S F
• 4.9.43 (changes) - Failed
• 4.9.42 (changes) - Success
• 4.9.41 (changes) - Failed
• 4.9.40 (changes) - Failed
• 4.9.36 (changes) - Success
• 4.9.33 (changes) - Failed
• 4.9.30 (changes) - Failed
• 4.9.27 (changes) - Success
• 4.9.24 (changes) - Failed
• 4.9.23 (changes) - Failed
• 4.9.22 (changes) - Failed
• 4.9.21 (changes) - Failed

Upgrades to:

• 4.11.38 (changes) - Success
• 4.11.21 (changes) - Failed
• 4.11.9 (changes) - Failed
• 4.11.7 (changes) - Failed
• 4.11.6 (changes) - Failed
• 4.11.4 (changes) - Success
• 4.11.3 (changes) - S F S
• 4.11.2 (changes) - F F F
• 4.11.1 (changes) - Failed Failed
• 4.11.0 (changes) - Success
• 4.11.0-rc.7 (changes) - Success
• 4.10.61 (changes) - Success
• 4.10.53 (changes) - Failed
• 4.10.45 (changes) - Failed
• 4.10.36 (changes) - Success Failed
• 4.10.32 (changes) - Success
• 4.10.31 (changes) - S F S
• 4.10.30 (changes) - F F S
• 4.10.28 (changes) - Failed
• 4.10.27 (changes) - Success
• 4.10.26 (changes) - F F F S

---

Loading changelog, this may take a while ...

Changes from 4.10.5

Created: 2022-07-27 09:29:20 +0000 UTC

Image Digest: sha256:ed84fb3fbe026b3bbb4a2637ddd874452ac49c6ead1e15675f257e28664879cc

Release 4.10.25 was created from registry.ci.openshift.org/ocp/release:4.10.0-0.nightly-2022-07-26-232654

Components

• Kubernetes upgraded from 1.23.3 to 1.23.5
• Red Hat Enterprise Linux CoreOS upgraded from 410.84.202203141348-0 to 410.84.202207262020-0 (diff)

Removed images

• cluster-capi-controllers
• cluster-capi-operator

Rebuilt images without code change

• alibaba-cloud-controller-manager git db2d118a sha256:bc3bf6a5d24bb0c782a4680b34ef627043f27cb5c890877bac1d23e7df35d23a
• alibaba-machine-controllers git 02061213 sha256:147d92ba3668288393fc57f1edfe8440697397a7698c2d2f42bebbbd88450c61
• aws-cloud-controller-manager git d85867fe sha256:fee71716ce525ed04a8735570abb9ed33a8dc0b28075e93d31bfd9a5685a5830
• aws-ebs-csi-driver git 8ba0c7a8 sha256:4310e332020025fff550a963fadb5c2d09750cc073ca2dc7f2d3b85fb9baefd3
• aws-pod-identity-webhook git 7f9eb87a sha256:b70c09b0294a0a7379d7c234b8d15c09152afc65fac8fdccb4101100d0e1c8f0
• azure-cloud-controller-manager git 07f13351 sha256:2bdcc0a30dc140476e938c8118dbc75f71923600c732d0b4cd891d090f074733
• azure-cloud-node-manager git 07f13351 sha256:376864b6143162db45b4259d7de97a62c63245b6fdb27518530fd6d20f71ae05
• azure-disk-csi-driver git 3d79d39e sha256:959b0eac39df0279eb7d4bba95f090c72745a9d57550be48dca50b623a331942
• azure-file-csi-driver git f88155b4 sha256:e77afb318cc3263d79b876caff6c275427c0a1c3b7332e5f3582eec6e25f9679
• azure-file-csi-driver-operator git 3807eb37 sha256:880221883e252dd5f9f835385e55ef9bfe9515d8420bbc8131f72f8b24932ec5
• baremetal-machine-controllers git 0716ee4c sha256:c6603605589c15a25dc67295961efbca7ba44daaccd6bc43f5107e9e655cadfa
• cluster-bootstrap git f22d1c60 sha256:3e041c15dbd6c9e695eabcb34631d1ed727c930e08f304217b519ca0ad451e0f
• cluster-dns-operator git bc48e0aa sha256:fd1247554ece77b28772d8354a36ac99e54d4158d45d9e4e736ea044b5f9c7e7
• cluster-kube-controller-manager-operator git ca3ff539 sha256:9c2cf5ac3a0fd931b3561255ac7c3a595790dfac1fdff63c7a8f9c3f936c7788
• cluster-openshift-controller-manager-operator git b8b65d15 sha256:9ee19dfdcfdad32eff8f89eca56965fc3739e29046cb6640b581faf5e6294545
• cluster-policy-controller git 8e5b3651 sha256:f8959640581dd59327dddea6fa485f75d82a8e506454cafb1138247e9a5ec6da
• cluster-samples-operator git d41950dc sha256:1f02fd10639509b02e9d3bc96f7bef8b2eb3fd5077df646c025b8aca2ee2434f
• configmap-reloader git 22a40ce7 sha256:5d761b3e587c8dbe785849df18247e12a127ab3974b6aad5977e51215112b9a6
• coredns git 3ec1ee7d sha256:167c4cc8c700d60ddb29b3dd68263e3f4e8d5885a28bf7efceb6182f4632d00a
• csi-driver-manila git df0b27de sha256:42692e7494c329627ba5e500a6a6beb1029febcd7adbe0c5e853bd366b15d47d
• csi-driver-nfs git 3448830c sha256:0ee2acff2ce466671d84817c83716eed24e5f69480ef11b365c3a993f7c5fb5b
• csi-driver-shared-resource git d06ff18b sha256:9aa73be59a10cdd13981f0d0bc729db04cf8a54a1aab9f5bbd39677027d6f511
• csi-driver-shared-resource-operator git 662615b3 sha256:5aea03513ba5fbbcef33bc19afe600414e1ce86f4903e620a11039eeee55257e
• csi-external-attacher git 27e71f2b sha256:ea3e66e4d35145d05c6f2e0d415bb4a5c1fb6711be5300c41455dc1726c1025a
• csi-external-provisioner git 31de1e19 sha256:12b9686db994e4373c78644706f0d0a47667498014da0d4720124f8cff7b220b
• csi-external-resizer git e5934091 sha256:e88e0b93e65b718aa52e23842f827087b74b4c60e4b9a8e623a69a5ed0f3455d
• csi-external-snapshotter git fe4a0a2f sha256:2046360405a649d093478b99caea295d292f3041b1b116b670afa23589f428d6
• csi-livenessprobe git 8c1a5bca sha256:bea18eb5a8563da088a5c2642d944a93d4669dbb9843507835a2e4e6b927d80a
• csi-node-driver-registrar git bb0bd823 sha256:33fd806600fd405adbbff630c10391af07553536b12999c59a6df6ed69cdcb90
• csi-snapshot-controller git fe4a0a2f sha256:e7948432d93b3b5a4fcc4ce96c4bd926033728fd1c0e34bd5c1ea9d8c06c6ce5
• csi-snapshot-validation-webhook git fe4a0a2f sha256:b8cbee387b817a1447fcc8624b13ec1a534e868ff9103402cb186a7eacf603a1
• docker-builder git 24d8db40 sha256:aecd1cb82ff1d78d0c8363a5bbdfaf7a19652e9f4e31c48e63d18a933624655f
• driver-toolkit git 0c77c8d6 sha256:c2310b158df2d08470e660a4e9bafb5dd9c1d6d8bd355613c77e2e5b33c08a72
• egress-router-cni git 5c56bc8a sha256:224bdc89631e9fb65b4775c3b3a32df9af5cc788d53294f441131a5fd76e448f
• gcp-cloud-controller-manager git 4dc728d0 sha256:18a1061339290549e86403202556c562963aae10a766d3aafb6ab428bef25290
• gcp-machine-controllers git 3fe46c8b sha256:af6f8142632a5752ab626969d11726c87ff8a7883128476193493d27d4c3657f
• gcp-pd-csi-driver git 19e9a57f sha256:db0aa8f0f9df8505bb309f542a8427514cff6ad684f1b9856015f83790d88665
• grafana git 48aec355 sha256:1a737b5b2ce66229ee5ff0af530b4931c2c86aac631c44534f4fdaa67039129a
• ibm-cloud-controller-manager git e3039120 sha256:44750eef0c78f0156368e7a5c1f765eb1eeae3f821c2f562aa9f97b93c01e0b7
• ibm-vpc-block-csi-driver git d54e3706 sha256:7fa1e988cf69de1cd22b287b09e3a53261d2c77b823d132ae023851e322111a4
• ibm-vpc-node-label-updater git 7074dfc3 sha256:ddac00d38898d0d68ecef5168a951706dc995e70a7c5b2044230e1cb48a5c3b4
• ibmcloud-machine-controllers git 7449a94f sha256:b8008e85c92802b12410be775b8d891cf587d09a1a02116d4a4f986fb35f37a5
• ironic-hardware-inventory-recorder git 62469223 sha256:31ab053d19ba229e94786597dc1f04065d25ef4f6ea3ea3b64d4afae2f99e606
• ironic-machine-os-downloader git 81fe2974 sha256:64082aeeb52f87851e46f5c83e81d9392c4288956c5cf41659d34ef54627f4e6
• ironic-static-ip-manager git 45a1c542 sha256:6e3ddd042f0e2557675703d5c70050df67d085d80be29c431a45eaa588e4fde3
• k8s-prometheus-adapter git 4052b317 sha256:3d1b7794b7433e28653f2f52eb861e87371f86d3f6c1133af72eb45211f42f9c
• keepalived-ipfailover git 5d526c41 sha256:6f7b8bbe33729f0b4bf9bbd874cf17639c39272e29a0165a2263015ded1b9218
• kube-rbac-proxy git 4f198b2b sha256:78738deaa12571bbc7be8ada32892436d28f261710a2cb4de80646fd428155f1
• kube-storage-version-migrator git 901a6d22 sha256:938b39610ca4a0af30248e1d489cd59370256f0f228c1d3c9f213f6b1b3effaf
• libvirt-machine-controllers git 3b330b72 sha256:8b55d2aa5efba315d77dae6a39dc1c9d0b7a949e0a405fae52539ed0416a5baf
• machine-os-content sha256:375e222c564e23086be556668cde1f2139237479218b928c40c8e060ad1c6f25
• multus-admission-controller git d7a7fe5d sha256:eef64108a4fbb7470cad119f2256c4f5a239c93ff56c1bc71b91be7fb9906ce0
• multus-networkpolicy git bfcc6c85 sha256:4f285d5f1b499415ce7a3685b307a6f94ea29ea2fad2227e84f1c163acd428a7
• multus-route-override-cni git 707dd380 sha256:db7aa40146470436f6e60a3a3476f17185f8e86a7e4666795e7d700af63c3706
• network-tools git bcfec9c5 sha256:bbc93d24b8c35b34837a534b250247ce0b01f6634eb76db2e3821e7848857d9f
• oauth-proxy git 799d414b sha256:f9b4aabc09c7130752c44b40e56dc16591b27075c9f9f1d802d25ba19c3074bf
• oauth-server git 245b95f8 sha256:8e3426c3897b5398e0f75f914200c83263dbac74b2fb1e7fba04c3d894569705
• openshift-controller-manager git 2c2d50db sha256:a25277fd7f6a0c4be78925a5665a5ff9887c1968227e4075868776b0fb8b539a
• openstack-cinder-csi-driver git df0b27de sha256:bc4cbe4bf18dbe5c8e27430cc5d56d62b366d0f71eb9b2ec428d4726fa51cb76
• openstack-cloud-controller-manager git df0b27de sha256:5d78728297698e810b81f39c9045975ee42bf9eb058907f90123791f6a066adb
• openstack-machine-api-provider git 2401f74d sha256:42b505da01f54eaaca87fed0559a3682d94e0949e6cc4d2438476c27da90e8b5
• operator-marketplace git 80b92ecf sha256:b39c26e21ab326f014e39b85404795dd2f5138b1cdf3a1f32d698408991782ea
• ovirt-csi-driver git 633cbb6d sha256:95d1b0a8c5943d1bd2fa469fe8d581fe171cdc65f9510a41568d5ae572a6178c
• ovirt-machine-controllers git 35ce9aaf sha256:6d4f0a8f63428da23296604283f3a4de648ac0796319562727543943b8a81c4a
• powervs-machine-controllers git c1d68e7b sha256:67ebcdf5656471407ac6d6cff7c7acd3c3705e2409ab6ea561aa1138460df802
• prom-label-proxy git 5f4c8992 sha256:a99f13a11e5387af6816634ff4cd7e3d70611474615f25186052a09bd04f5808
• prometheus git 3c6cd55e sha256:2a8e37672562fe2b8c10e22daef8c80bdf2e8b8369f2808ae688f8a106147a1f
• prometheus-alertmanager git 01339596 sha256:22b9d876bf10ac6c1cb27772a9af76d224d5f9be2b68f61657c5afe00fc578bf
• prometheus-node-exporter git 0eed3102 sha256:f29b8d57031454681dc45f661a4c1b918b99737092af504a8bd7c9ba76d5ee9f
• service-ca-operator git 1611373e sha256:14943019af64e98eb0c5b8e50df8264bd750e1f8b7bec937b6fc99a55dc6d1b7
• telemeter git 2c9c76e6 sha256:e39e317f230d112895c305b434e734b3d5f37e83963958c4d319fd223eae2a19
• thanos git 10ca1d38 sha256:08af8609752e543da226fa61512f3a8fe95c2284bce3631524923e2e71f77beb
• vsphere-cloud-controller-manager git 25b98d3b sha256:5f1739e4fdd473eb0566dee353c11bdaa0eb27412bd8b3d57e264c187afc1443
• vsphere-csi-driver git e310f4d3 sha256:1a6cec5904ccdeb531868603a142c72450de55081aafeca8e4ac984016715d32
• vsphere-csi-driver-syncer git e310f4d3 sha256:3d0fb6614714962e761142d121ce29d25acb9275b9ffad15de17eb8ad72dc5ab

alibaba-cloud-csi-driver

• Bug 2076671: 4.10: Add a parameter to the schema to automatically increase volume sizes #14
• Full changelog

alibaba-disk-csi-driver-operator

• Bug 2076671: Auto increase volume size to 20 GiB in the default storage class #28
• Full changelog

aws-ebs-csi-driver-operator

• Bug 2077894: Set custom endpoint environment variable if available #154
• Full changelog

aws-machine-controllers

• Bug 2109124: Validate unknown regions using AWS API #48
• Bug 2083270: Custom DHCP Option Set: empty domain-name is a valid custom domain #37
• Full changelog

azure-disk-csi-driver-operator

• Bug 2097439: Only use credentials that are provided by the azure-inject-credential… #50
• Full changelog

azure-machine-controllers

• Bug 2093275: update getAvailabilitySetName function #23
• Full changelog

baremetal-installer, installer, installer-artifacts

• Bug 2095319: bump RHCOS 4.10 bootimage metadata #6095
• Bug 2099673: Collect whole journal and netstat data #6035
• Bug 2097753: Bootstrap timeout increase #6017
• Bug 2083632: Delete all the ports from tagged Neutron networks. #5882
• Bug 2077904: Fix empty string usage in ValidateForProvisioning #5835
• Bug 2045771: bump RHCOS 4.10 bootimage metadata #5932
• Bug 2083335: Set rc-manager=unmanaged for on-prem bootstrap #5876
• Bug 2084547: update azure arm templates to support customer provided vnet #5892
• Bug 2083327: [release-4.10] Add ‘ARG TAGS=“”’ line for each build step #5874
• Bug 2076613: [release-4.10] data/data/coreos/fcos.json: update initial FCOS to 35.20220327.3.0 #5820
• Bug 2079589: azurestack: stop pinning to Standard_LRS for disk type #5851
• Bug 2041765: Update BMO vendor #5705
• Bug 2077411: for vsphere ipi add cluster domain to the uploaded vm configs so that 30-local-dns-prepender can use it #5827
• Bug 2068948: Update region check for coreos AMIs #5752
• Bug 2072135: vsphere: Use Managed Object ID for networks instead of potentially duplicate name. #5773
• Bug 2062429: IBMCloud: Missing infra providertype #5693
• Bug 2065808: stop considering Mint mode as supported on Azure (#5699) #5717
• Bug 2064731: fix(ibmcloud): Properly match regex for DNS destroy #5711
• Full changelog

baremetal-operator

• Bug 2097695: Stop treating missing network as fatal error #230
• Full changelog

baremetal-runtimecfg

• Bug 2084187: Avoid kubernetes node port range #178
• Full changelog

cli, cli-artifacts, deployer, tools

• Bug 2095584: Backport oc adm catalog mirror –continue-on-error flag #1170
• Bug 2084591: [inspect] Add namespace-scoped networking resources to inspect #1133
• Bug 2087248: Add the ReleaseAccepted condition to the oc adm upgrade command #1147
• Bug 2080151: Remove network CRDs scheme registration #1122
• Bug 2084429: Fix project command auto completion #1131
• Bug 2077332: pkg/cli/admin/upgrade: Use PATCH instead of POST for spec updates #1114
• Bug 2079325: Fix kubectl version to 1.23.0 #1117
• Bug 2068763: make sure that we check for resorces and files before picking the simplest path #1098
• Bug 2068474: expose –keep-startup flag for oc debug #1097
• Bug 2049427: Enhancing the output provided when backup collections are attempted #1056
• Bug 2060419: reuse SourceRepository.DetectAuth during argument classification for consistent interaction with private source repositories #1083
• Full changelog

cloud-credential-operator

• Bug 2107276: Make ccoctl work with credentials fetched from gcloud cli defaults #479
• Full changelog

cloud-network-config-controller

• Bug 2075444: Get subnet information from subnet instead of from network addresses #40
• Bug 2076935: azure: default empty environment to AzurePublicCloud #37
• Bug 2062133: Fix Azure VNET lookup when the NIC’s subnet is in a different resource group #28
• Full changelog

cluster-authentication-operator

• Bug 2084054: only ever include certificates in the oauth-serving-cert CM #577
• Full changelog

cluster-autoscaler

• Bug 2105110: Have VPA ignore phantom containers named “POD” #236
• Full changelog

cluster-autoscaler-operator

• Bug 2069095: add leader election flags to autoscaler deployment #243
• Full changelog

cluster-baremetal-operator

• Synchronize OWNERS from master #274
• Bug 2091738: Fix interpretation of Deployment Status Conditions #267
• Full changelog

cluster-cloud-controller-manager-operator

• Bug 2099499: Backport resourceapply changes for being able to recreate daemonsets/deployments #194
• Bug 2079791: Ensure release version is injected into all controller status clients #187
• Full changelog

cluster-config-operator

• Bug 2072739: [release-4.10] Bump openshift/api to a83e6f8f1d #247
• Full changelog

cluster-csi-snapshot-controller-operator

• Bug 2062197: Fix race when setting Progressing condition #115
• Full changelog

cluster-etcd-operator

• Bug 2086451: fix races in etcdclient #828
• fixing unit test health flakes with tolerance #882
• Bug 2105148: fix degraded missing cluster version #878
• Bug 2102793: avoid extrapolation in leaderhip alert #870
• Bug 2095579: etcdHighNumberOfFailedGRPCRequests alerts with wrong results #850
• Bug 2101912: Upping defrag timeout to 1 minute #866
• Bug 2095114: cluster-backup.sh script has a conflict to use the ‘/etc/kubernetes/static-pod-certs’ folder if a custom API certificate is defined #848
• Bug 2010346: Add summary to etcd alert rules #825
• Bug 2088131: remove etcd_perf before restore #836
• Bug 2082312: Adding Thomas to reviewers, adding Allen to approvers #817
• Bug 2080554: manually disable defrag #809
• Bug 2079660: pkg/operator/upgradebackupcontroller: Pivot from Failing to ReleaseAccepted #806
• Bug 2055833: Increase IBMCloud VPC heartbeat timeout to 500ms and leader election timeout to 2500ms #794
• Bug 2059632: pkg/operator/metriccontroller/fsync_controller: Fix “treshold” -> “thresholds” typos #757
• Bug 2076773: Update owners to add new team members #793
• Bug 2059347: Fix FSyncController degraded latch #755
• Bug 2069825: turn on initial corruption check #771
• Full changelog

cluster-image-registry-operator

• Bug 2083242: IR-253: add prometheus rules for image registry operations metrics #786
• Bug 2083242: IR-120: Add prometheus rules for image stream tags rules #777
• Bug 2083242: IR-120: Implementing metrics for ImageStreams #775
• Bug 2084514: Fix cloudfront middleware configuration #780
• Bug 2083559: IBMCloud: Add admin permissions to CR #778
• Bug 2074050: Deployment annotations, runtimeClassName override and fs policy change #765
• Full changelog

cluster-ingress-operator

• Bug 2079034: Add allowPrivilegeEscalation to the router container #748
• Bug 2097735: Fix loadBalancerServiceAnnotationsChanged check and update #784
• Bug 2100630: Fix flakey logic in haproxy timeout tests #792
• Bug 2082161: Delete LoadBalancer-type service finalizer logic #755
• BUG 2063283: Disable keepalive for canary probe #719
• Bug 2059210: Set Upgradeable=False if default cert has no SAN #710
• Full changelog

cluster-kube-apiserver-operator

• Bug 2060058: superfluous apirequestcount entries in audit log #1327
• Bug 2071030: OCP 4.10 should be firing APIRemovedInNextEUSReleaseInUse for APIs removed in 1.25 #1335
• Full changelog

cluster-kube-scheduler-operator

• Bug 2089336: Fix bootstrap leader election config #429
• Full changelog

cluster-kube-storage-version-migrator-operator

• Updating ose-cluster-kube-storage-version-migrator-operator images to be consistent with ART #65
• Full changelog

cluster-machine-approver

• Bug 2072928: Reconcile recently approved CSRs by other controllers #162
• Full changelog

cluster-monitoring-operator

• Bug 2099526: Updates jsonnet dependencies, prom-adapter #1715
• Bug 2098505: Backport PR#1692 to release-4.10 #1695
• Bug 2083242: IR-254: Collecting registry and image stream usage #1694
• Bug 2089806: Refactors CreateRouteIfNotExists to CreateOrUpdateRoute #1677
• Bug 2090422: pkg/manifest: Allow retention to be configurable for Thanos-Ruler in UWM #1678
• Bug 2090602: Federation for UWM metrics #1657
• Bug 2083460: Set timeout across Grafana components #1654
• Bug 2077722: Adjust NodeFilesystemSpaceFillingUp thresholds according default kubelet GC behavior #1665
• Bug 2075757: UWM: add SAR capabilities to prometheus cluster role #1653
• Bug 2075757: use bearer token as fall-back authn method #1641
• Bug 2062452: React to changes in clusteroperators #1585
• Bug 2060756: Properly deal with an empty console URL #1582
• Full changelog

cluster-network-operator

• Bug 2077384: Bump max value of hist quantile for kuryr_cni_request_duration #1388
• Bug 2084591: Cleanup CNO relatedObjects #1467
• Bug 2085510: OCPVE-106 Customize rollout strategy to fix SNO upgrade #1445
• Bug 2078501: [release-4.10] Drop Node update permission for sdn-node #1410
• Bug 2058508: Add rolling update strategy for Kuryr-CNI. #1321
• Bug 2083593: Add default-route field to egress-router k8s.v1.cni.cncf.io/networks #1436
• Bug 2079031: Make the use of the ip-reconciler cronjob opt-in by detecting IPAM type usage [backport 4.10] #1398
• Bug 2081149: Reserve port TCP/9104 for cluster-network-operator #1418
• Adds dougbtv to owners [release-4.10] #1401
• Bug 2058672: ip-reconciler cronjob specification requires hostnetwork, api-int lb usage & proper backoff [backport 4.10] #1322
• Bug 2057961: Do not apply OVN-Kubernetes PodDisruptionBudget on single-node clusters #1317
• Full changelog

cluster-node-tuning-operator

• Ignore Profile updates triggered by old operands (#357) #357
• Full changelog

cluster-openshift-apiserver-operator

• [release 4.10] Bug 2109235: openshift-apiserver pods never going NotReady #501
• Full changelog

cluster-storage-operator

• Bug 2098655: gcp cluster rollback fails due to storage failure #300
• Bug 2102242: Add missing ibm cloud annotations to prometheus rbac #293
• Bug 2072191: cluster storage operator AWS credentialsrequest lacks KMS privileges #268
• Full changelog

cluster-update-keys

• Updating ose-cluster-update-keys images to be consistent with ART #41
• Full changelog

cluster-version-operator

• Bug 2108292: pkg/cvo: retain initial completed update history entry #798
• Bug 2094078: pkg/cvo/updatepayload: Guard against ‘rm -fR -whatever’ with ./* #787
• Bug 2090150: pkg/cvo/sync_worker.go: Save overrides #782
• Bug 2083370: Do not save desired update on load failures #776
• Bug 2080058: pkg/cvo/updatepayload: Prune previous payload downloads #769
• Bug 2071211: lib/resourcebuilder/batch: Stop waiting on Job deadline exceeded #764
• Bug 2064991: pkg/cvo: Separate payload load from payload apply #753
• Bug 2052839: pkg/cvo/sync_worker: Use current state, not suggested state, for guarding Initializing->Updating #738
• Full changelog

console

• Bug 2109225: Remove modelsLoaded conditional rendering from ModelStatusBox #11857
• Bug 2106385: Fix CronJob resource version to batch/v1 #11820
• Bug 2106385: redirect v1beta1 CronJobs #11819
• Bug 2095217: VM SSH command generated by UI points at api VIP #11779
• [release 4.10] Bug 2094584: Cant create vm with sysprep #11775
• Bug 2100974: Restore spacing between/below modal body content #11763
• Bug 2092832: Check if spec is available in MCP details page #11629
• Bug 2084629: Add params prop to HorizontalNav component #11488
• Bug 2100330: disable upload for sourceRef templates #11774
• Bug 2104889: Fix topology sidebar update issues #11798
• Bug 2052416: fix offensive vm names #11778
• Bug 2094194: fix bug where log stream pauses in Chrome #11654
• Bug 2100345: fix clone vm error creating DV #11770
• Bug 2097338: Filter virtualization alerts in status card #11715
• Bug 2094215: Pass contextSource to TopologyApplicationActionProvider #11656
• Bug 2099600: Topology toolbars are unaligned to other toolbars #11703
• Bug 2095637: Disable update channel validation as well #11753
• Bug 2078699: Display disk size in correct units #11746
• Bug 2099527: Bug fix context menu position on topology #11735
• Bug 2078699: Display disk size in GiB in VM customize wizard #11733
• Bug 2079985: use the correct Alertmanager tenancy proxy #11418
• Bug 2094348: Display only running VMs in Virtualization Overview chart #11659
• Bug 2095217: Fix SSH command string #11679
• Bug 2062980: fixes uri case for event sink #11175
• Bug 2092496: [release-4.10] Added vault_tenants_sa to the list of supported providers #11584
• Bug 2094863: fix web terminal start #11672
• Bug 2094211: Change Ping source spec.jsonData (deprecated) field to spec.data #11655
• Bug 2090750: Handle medik8s node maintenance #11581
• Bug 2091482: change metrics queries based on metrics level configurations #11595
• Bug 2089589: add debounce to tektonhub versions api call to avoid many calls #11552
• Bug 2092140: Avoid using ‘gp2’ hardcoded storage class #11618
• Bug 2089315: fix rolebinding in DevConsole dropping all subjects when updating #11545
• Bug 2095637: Fix failing backend test after devfile registry update #11710
• Bug 2094001: Add high priority alerts to overview #11647
• Bug 2092168: Add ‘Unavailable’ status to clusteroperator status filter #11619
• Bug 2088210: Monitoring: Fix first panel sometimes not rendered #11528
• Bug 2090124: Removing SSH service selectors to minimum required #11565
• Bug 2081946: Fix default branch param in pipeline import from git flow #11442
• Bug 2091402: cloud-init User check for Windows VM refuses to accept capitalized #11592
• Bug 2084430: fixes apiversion for k8s svc and resource selection for sink for form yaml switcher #11482
• Bug 2087065: show Limit exceeded state for large number of nodes in topology #11506
• Bug 2050273: Update MON_DISK_LOW whitelisted alert documentation URL #11411
• Bug 2089162: Change learn more link in virtualization -> migration tool #11541
• Bug 2089547: Eliminate use of lookaside cache and move to Cachito #11551
• Bug 2088430: Set dashboards timeout based on selected timespan #11532
• Bug 2084091: MCG standalone deployment page goes blank when the KMS option is enabled #11479
• Bug 2088247: Different status shows on VM list page and details page #11538
• Bug 2087041: back port conditional updates #11487
• Bug 2088281: Attached disk keeps in loading status when add disk to a power off VM by non-privileged user #11530
• Bug 2088246: Overview page crash if no labels available #11525
• Bug 2051433: [release-4.10] Create HANA VM does not use values from customized HANA templates #11011
• Bug 2088255: Adding missing annotations to create VM from YAML #11527
• Bug 2088019: The default YAML on vm wizard is not latest #11522
• Bug 2083729: Fix Filter Dropdown State Management #11471
• Bug 2084489: Create VM from template that has sourceRef - will now reflect sourceRef at yaml #11485
• Bug 2076989: Fix ResourceQuota dashboard card and ACRQ donut label #11367
• Bug 2083385: fix bug where “Update blocked” label incorrectly displa… #11466
• Bug 2076370: fix CRD name filter #11356
• Bug 2083551: customize wizard is crashed #11469
• Bug 2076275: Update and scope our breadcrumb padding rule so it doesn’t effect a pure implementation #11365
• Bug 2076777: add update mode to Update cluster #11364
• Bug 2074163: remove .pf-c-button.pf-m-link override #11315
• Bug 2071904: Translate Extensions On Each Language Change #11348
• Bug 2078385: Remove reference to deprecated v2v-vmware ConfigMap #11387
• Bug 2076369: fix bug where ClusterRole > RoleBindings did not display… #11354
• Bug 2073477: Add IBM Flashsystem volume types #11308
• Bug 2077641: Improve Firehose cache, so that it does not return unexpected data also if isList differs on two concurrent calls #11382
• Bug 2065008: add a hardcoded blog link as fallback in guided tours #11193
• Bug 2074571: fix bug where Cluster Settings shows 0 of N, 0% progres… #11319
• Bug 2073023: Fix WebSockets not reconnecting during upgrade #11302
• Bug 2072839: fix bug where RoleBindings are not displaying in ClusterRole > RoleBindings #11297
• Bug 2069246: Fixed the render of a Tab Extension when there is a version present #11242
• Bug 2076221: Fix failing TestGetRegistrySamples test #11351
• Bug 2057218: Added support for customized wizard - new templates #11341
• Bug 2069959: Update getting started blog link #11255
• Bug 2074895: Display correct disk size in Edit disk modal #11329
• Bug 2061250: Update ConsolePlugin manifest #11267
• Bug 2072440: avoid pre-fetching tekton hub task versions in pipeline builder #11290
• Bug 2067719: correct ChannelDocLink url #11225
• Bug 2069913: Fix disabling community tasks in pipeline builder issue #11253
• Bug 2059186: Don’t pass Authorization header when not needed #11108
• Bug 2048892: Add empty state to running VMs card #10986
• Bug 2054949: Disabling Vault SA based auth for storage class encryption #11064
• Bug 2049762: Cannot change storage class of boot disk when creating VM #10994
• Bug 2054650: Allow custom template namespace #11057
• Bug 2067983: Pipeline metrics: use prometheus-tenancy API to get data #11226
• Bug 2065480: Fix VolumeSnapshot creation sort #11196
• Bug 2064988: [Tekton Hub] show read more link in the task quick search details pane #11192
• Bug 2057507: Decode secrets before authorizing repository #11094
• Bug 2052414: Add started-by annotation to pipelines created with “Start last run” #11015
• Bug 2059807: Show standalone resources as sink and not the one’s owned by other resource #11119
• Bug 2065672: Fix alert from showing an object #11200
• Bug 2060090: updates versions for kafka and kafkaTopic #11127
• Bug 2059989: Fix to add labels to webhook secrets created during import #11125
• Bug 2056512: fix ClusterOperator Status, Version col sorts #11084
• Bug 2064510: Change the tekton hub api endpoint to use v1 api #11186
• Full changelog

console-operator

• Bug 2076453: Console operator should not block installation/upgrade process when set to Removed state #649
• Bug 2059992: Re-enable TestMetricsEndpoint e2e test case #646
• Bug 2054535: ODF quickstart permissions check #637
• Bug 2054199: Dockerfile.rhel7: add new Helm CRD, ProjectHelmChartRepository #636
• Full changelog

container-networking-plugins

• Bug 2103175: Sysctl IFNAME [backport 4.10] #63
• Full changelog

csi-driver-manila-operator

• Bug 2091649: SWEET32: Improve TLS configuration for Kube RBAC Proxy #150
• Full changelog

docker-registry

• Bug 2099416: Support authentication using gcp workload identity federation #336
• Bug 2085414: forward http.StatusTooManyRequests to client #332
• Bug 2069807: Bug 2060362: Revert “Support authentication using gcp workload identity federation” #321
• Bug 2061785: Fix ICSP for subrepositories #318
• Full changelog

etcd

• Update OWNERS #123
• Bug 2077498: Merge Upstream etcd 3.5.3 into Openshift 4.10 #118
• PR 13923 to release-3.5 #13938
• Dockerfile*: Switch baseimage to k8s hosted one #13862
• Set backend to cindex before recovering the lessor in applySnapshot #13933
• Support linearizable renew lease #13932
• clientv3: filter learners members during autosync #13917
• etcdserver: upgrade the golang.org/x/crypto dependency #13669
• Fix the data inconsistency issue by adding a txPostLockHook into the backend #13908
• server: Save consistency index and term to backend even when they decrease #13904
• go.mod: Upgrade to prometheus/client_golang v1.11.1 #13895
• server: Add verification of whether lock was called within out outsid… #13887
• Fix inconsistent log format #13866
• Makefile: Fix wrong target #13858
• Update go to 1.16.15 #13832
• Fix offline defrag in etcdctl #13792
• backport 3.5: #13676 load all leases from backend #13726
• server/storage/backend: restore original bolt db options after defrag #13701
• Always print raft term in decimal when displaying member list in json #13727
• *: fix IsOptsWithFromKey #13736
• enhance health check endpoint to support serializable request #13706
• Trim the suffix dot from the srv.Target for etcd-client DNS lookup #13714
• Update dep: gopkg.in/yaml.v2 v2.2.8 -> v2.4.0 due to: CVE-2019-11254 [release 3.5] #13616
• Backport watchablestore runlock bug fix to release-3.5 #13541
• Set the backend again after recovering v3 backend from snapshot #13501
• Backport Lease Checkpoints fix to release-3.5 #13515
• Backport PR 13308 to release-3.5 #13477
• cherry-pick to 3.5 from #13467 exclude the same alarm type activated by multiple peers #13476
• storage/backend: Add a gauge to indicate if defrag is active (backport) #13395
• Dockerfile: bump debian bullseye-20210927 #13380
• Cherry pick “Fix http2 authority header in single endpoint scenario” to release-3.5 #13375
• Fix for v3.5 Ensure that cluster members stored in v2store and backend are in sync #13348
• Stop using tip golang version in CI #13349
• [backport 3.5]: Automated cherry pick of #13145 #13237 #13257
• Full changelog

gcp-pd-csi-driver-operator

• Bug 2098655: gcp cluster rollback fails due to storage failure #49
• Full changelog

haproxy-router

• Bug 2076371: generateRouteHostRegexp: Escape blanks #385
• Full changelog

hyperkube, pod

• Bug 2106414: UPSTREAM: 109103: cpu/memory manager containerMap memory leak #1318
• Bug 2103381: UPSTREAM: <carry>: update list of deprecated apis #1306
• Bug 2104928: UPSTREAM: 109932: fix: exclude non-ready nodes and deleted nodes from azure load balancers #1263
• Bug 2067464: Backport 107821 and 107831 #1241
• Bug 2075831: UPSTREAM: 109487: Disable JobTrackingWithFinalizers due to unresolved… #1244
• Bug 2074094: UPSTREAM: <carry>: An APIRequestCount without dots in the name can cause a panic #1237
• Bug 2069311: UPSTREAM: <carry>: use hardcoded rest mapper from library-go #1231
• Bug 2065774: Backport 108723 OutofCpu Fixes #1221
• Bug 2065620: Rebase 1.23.5 #1220
• Automated cherry pick of #108631: Remove apf_fd from httplog #108634
• Update Go to 1.17.8 #108559
• Bump konnectivity-client@v0.0.30 #108438
• Automated cherry pick of #107131: Fix default config flags #108401
• Automated cherry pick of #108410: fix dryrun when ca file exists #108469
• Automated cherry pick of #107121: fix regression introduced by PR 100320 #108465
• Automated cherry pick of #107764: wrap error from RunCordonOrUncordon #107938
• Automated cherry pick of #107413: kube-proxy: fix duplicate port opening #108294
• Automated cherry pick of #107997: cronjob_controllerv2: do not filter jobs to be reconciled by #108306
• Automated cherry pick of #108209: increase Azure ACR credential provider timeout #108226
• Automated cherry pick of #108149: fix: do not return early in the node informer when there is #108177
• Automated cherry pick of #108167: Fix nodes volumesAttached status not updated #108461
• Automated cherry pick of #108002: kubeadm: fix the bug that ‘kubeadm init –dry-run #108120
• test/e2e/framework: include the new control plane taint for “–non-blocking-taints” #108336
• /test/e2e_kubeadm: adjust label / taint checks for 1.23 #108170
• Automated cherry pick of #108127: test/e2e_kubeadm: fix matching UnversionedKubeletConfigMap #108128
• Automated cherry pick of #107900: Add an e2e test for updating a static pod while it #107931
• Automated cherry pick of #108198: Updating EndpointSlice strategy to retain node name in #108201
• Automated cherry pick of #108138: Revert v1beta1 PodDisruptionBudget select patchStrategy #108139
• Automated cherry pick of #107670: Ignore container notfound error while getPodstatuses #108164
• Automated cherry pick of #107789: Mark device as uncertain if unmount device succeeds #107791
• Update Go to 1.17.7 #108100
• Automated cherry pick of #107575: fix: azurefile volumeid conflict in csi migration #107850
• Automated cherry pick of #106715: set secondary address on host-network pods #107988
• Automated cherry pick of #107970: Make JSON schema round tripping test more strict #108030
• Automated cherry pick of #107956: Deeply copy JSONSchemaProps.XValidations. #107968
• Automated cherry pick of #107786: Revert “Fix comparison between FQDN and hostname” #107902
• Automated cherry pick of #107847: service REST: Call Decorator(old) on update path #107875
• Automated cherry pick of #106280: Set max results if its not set #107651
• Automated cherry pick of #107695: kubelet: fix podstatus not containing pod full name #107761
• Full changelog

hypershift

• adopt existing immutable selectors to prevent errors reconciling components from roks toolkit clusters #1571
• cache registry files #1567
• feat(oauth): allow challenge override for OpenID #1543
• Add fallback set cache value from old token #1531
• Set Recommended Leader Election Values #1507
• feat(cpo): Support disable profiling annotation #1501
• Use ImagePullPolicyIfNotPresent for HO #1483
• Updated secret permissions to conform to kubernetes CIS benchmark #1480
• Ensure that everything uses imagePullPolicy IfNotPResent for resiliency #1475
• Add missing control plane prometheus rules #1471
• Ensure cache is set during token rotation before reconciling #1461
• Fix(cpo): Propagate TLS security profile config to kube-controller-manager and kube-scheduler #1416
• feat(cpo): adhere to upgrade order from kube version skew policy #1410
• Set shutdown params to improve graceful shutdown #1387
• fix(cpo): Scope down secrets access for olm collect profiles cj #1378
• move to ga apis for all components now that management clusters at minimum release boundary #1361
• configure cipher suites to prevent using medium strength ssl ciphers #1359
• Use apiserver host/port from InfraStatus in reconciling Kube API Server #1333
• Ignition server: Actually use workdir #1317
• Use forked processes instead of pods to generate ignition payload #1311
• disable reconcile of registry config in IBMCloud deployments #1309
• feat(cpo): Disable PodSecurity for 4.10 #1289
• Disable PodSecurity admission in 4.11 as it breaks conformance #1286
• Expose a service account signing key in the API #1265
• release-4.10 - Create valid route names with long namespace names #1252
• Fast-Forward from main #1233
• e2e: Don’t enable user workload monitoring on management clusters #1231
• Fix priority class for olm cronjob and verify priorityclasses in e2e #1226
• e2e: Don’t fail test on transient recoverable API lookup #1230
• Hypershift operator: Give a priority that is higher than any controlplane component #1229
• Get autoscaler/machine-approver images from the payload #1090
• Document KubeVirt Platform Ingress Setup #1213
• AntiAffinity rules to spread KubeVirt VMs across mgmt nodes #1218
• Retry EIP tagging failures during infra creation #1219
• Fix CPO to work with 4.11 #1217
• read apiserver-network-proxy image from ocp payload #1215
• Add support for AdditionalTrustBundle #972
• docs for DNS indirection #1208
• docs: Upgrade mkdocs/material to fix Netlify breakages #1212
• Dump: Always create an archive #1204
• Update staticcheck to a version that works with go 1.18 #1207
• Unique OpenShift vxlan port for KubeVirt Platform #1206
• Registry configuration: reconcile only what we need to changes #1202
• enable external-dns registry #1198
• sync MaxConcurrentReconciles across all controllers #1199
• add external-dns flags to CI install make target #1163
• KAS: Set proxy, but exempt pod and service CIDR #1200
• HO: Don’t report NotFund for hostedcluster as error #1192
• Forward from main #1190
• Revert “PKI: Use ECDSA keys by default” #1195
• add required-api to availablity prober for OLM and HCCO #1193
• Trigger reconcile when paused time is up #1184
• Fix ko entries and update ignition-server dev docs #1191
• Converge helper binaries and ignition-server into CPO binary #1169
• KAS: Never set proxy #1187
• fix AWS HostedCluster fixture to set hostname in alignment with endpointAccess #1188
• Use patch instead of update when updating HCP status and finalizers #1186
• Introduce OIDCConfigurationInvalid condition for OIDC setup validation #1180
• e2e: adjust budgets #1183
• Fix OLM container restart flakes in CI #1185
• Make clusterID optional in HostedControlPlane clusterID #1179
• Hypershift-operator: Increase worker count #1181
• Forward from main #1178
• Add ClusterID to HostedCluster #1151
• Remove CAPI-provider-agent ClusterRole from hypershift Agent platform #1162
• Fix typo in how to pause reconciliation doc #1174
• Update release-4.10 branch with latest from main #1173
• Ensure that all control plane pods use the cluster’s pull secret #1172
• PKI: Use ECDSA keys by default #1167
• dev: specify a more useful ko base image #1165
• Unify hypershift install make targets #1171
• Run unitests with racedetector and -count=25 to detect flakes #1166
• Dump: Dump guest cluster nodes #1170
• Add proxy support #1157
• Resources: Improve runtime of test #1168
• ensure token minter, socks proxy, and availablity prober are versioned with the control plane operator to prevent large scale restarts on hypershift operator upgrades for IBM Cloud #1164
• add clusterid label to admin kubeconfig secret #1154
• Fix events message unit test flake #1161
• Switching KubeVirt platform’s default ingress to NodePort #1150
• Update release-4.10 branch with latest from main #1160
• e2e: support dns indirection #1149
• Surface cloud error conditions for HostedCluster resources #1135
• feat(cpo): Support OLM catalog placement #1139
• Allow overriding images at the hypershift operator level #1155
• Remove capi-provider-agent role from hypershift management #1153
• Restructure how-to docs to categorise per platform #1147
• Alow hypershift operator to grant RBAC permissions to the cpai-provider-agent #1152
• Enable DNS indirection to control plane endpoints #1145
• Forward from main #1148
• Validate that agent namespace exists #1138
• Agent: each hostedcluster provider should have it’s own role and role binding in the agent namespace #1137
• Documented howto BM agent/none #1079
• prevent privilege esclation by explicitly not allowing the escalate and bind verbs with rbac on the control plane operator #1136
• Run the konnektivity agent DS with hostnetwork #1142
• Azure: Fix image name to match what HPO expects #1141
• Rename variable for machineconfig and pretty print message #1140
• add konnectivity proxy sidecar to ingress-operator to ensure it can properly perform in cluster canary healthchecks #1131
• Azure: Add multi-AZ support #1127
• Azure: Stop logging errors during role assignment retry #1120
• Azure: Use an apiserver port that ends with 443 to make conformance tests happy #1133
• Give control-plane-operator access to the pull secret #1132
• add https prefix for proper redirects of console url #1129
• Move oidc configmap management back into install command #1128
• fix dns crd reconciliation for ibm cloud or providers that provide a subdomain #1123
• Fix create nodepool azure command #1118
• Azure: Fix credentials log #1126
• Updated secret permissions to 416 #1124
• Add missing readiness probes on HA deployments #1106
• Fix type in azurecluser for Private DNS name #1119
• Azure: Make the rootdisksize on nodepool configurable #1097
• Full changelog

ibm-vpc-block-csi-driver-operator

• Bug 2077419: [4.10] [ibm-vpc-block] Unable to change default storage class #35
• Full changelog

image-customization-controller

• Bug 2098627: Remove the container at exit #56
• Update OWNERS to current team status #53
• Bug 2061977: Add delay between ironic-agent restart, but restart forever #54
• Bug 2061977: Restart ironic-agent.service when it fails #43
• Full changelog

insights-operator

• Backport console helm installs to 4.10 (#638) #638
• Bug 2081844: Fix the clusteroperator conditions values when IO is (#619) #619
• Bug 2079318: Remove PSP gatherer (#608) (#615) #608
• Bug 2072848: Gather namespace names with overlapping UIDs (#605) #605
• Gather some error messages from the kube-controller-manager containers (#598) #598
• Full changelog

ironic

• Bug 2109125: Upgrade version of ironic package to include fix for ZTP deployment #284
• Bug 2080442: Update sushy version #272
• Full changelog

ironic-agent

• Bug 2100775: Include Fix discovering WWN/serial for devicemapper devices #56
• Bug 2100836: Add missing multipath modules #55
• Bug 2089312: multipath fix for passive paths #52
• Bug 2053752: import time #49
• Bug 2053752: Bump retries for UEFI boot configuration #48
• Bug 2061278: [release-4.10] Retry UEFI boot Configuration #43
• Bug 2048481: Update ironic-python-agent to latest bugfix version #38
• Full changelog

jenkins, jenkins-agent-base, jenkins-agent-maven, jenkins-agent-nodejs

• Bug 2095620: Bump matrix-project plugin to 1.20 #1453
• Bug 2080204: Correctly declare Jenkins URL with trailing slash #1441
• Bug 2076253: Mitigate multiple CVEs #1430
• Bug 2075135: set necessary JVM args to allow jenkins JVM to come up on a FIPS node #1425
• Bug 2069134: [release-4.10] Update bundle-plugins.txt #1420
• Bug 2069134: [release-4.10] Enable supply-chain check #1417
• Bug 2061616: [release-4.10] Compute bundle plugins in build #1398
• Bug 2063898: [release-4.10] 2022-02-15 Security Advisory #1403
• Bug 2062053: Add Jitendar to OWNERS file #1401
• Bug 2055653: Add xmlstarlet to handle JENKINS_PASSWORD properly #1391
• Full changelog

kube-proxy, sdn

• Bug 2078501: [release-4.10] Remove node-tainting for too-small MTU #422
• Bug 2087763: Probe failures and pod restarts during 4.7 to 4.8 upgrade #431
• Bug 2082451: Masquerade in cluster traffic that is marked for egress IP #430
• Bug 2066466: Fix releasing egress IP in cloud environments #416
• Bug 2064807: Rebase SDN k8 1.23.4 #415
• Bug 2062859: mixed ingress and egress policies can result in half-isolated pods #410
• Full changelog

kube-state-metrics

• Bug 2085329: Use v1 PodDisruptionBudget and CronJob resources #72
• Full changelog

kuryr-cni, kuryr-controller

• Bug 2082079: Parallelize ports removal #663
• Bug 2097277: Use upper-constraints.txt from stable/xena in UT #673
• Bug 2077384: Increase cni_request_duration buckets #656
• Bug 2055661: Update KLB .spec.provider when required #637
• Full changelog

machine-api-operator

• Bug 2086104: Set vCenter client request timeout #1017
• Full changelog

machine-config-operator

• Bug 2100894: fix MCNameSuffix with kcfg ctrrcfg #3224
• Bug 2084187: Avoid kubernetes node port range #3145
• Bug 2099686: controller: de-couple FIPS and realtime detection #3201
• Bug 2098626: configure-ovs: improve handling of static ip and mac address configuration #3197
• Bug 2096564: Bug fix for node drain caused by ICSP objects #3181
• Bug 2089757: configure-ovs: avoid restarting NetworkManager #3159
• Bug 2085410: OVN Kubernetes configure-ovs-network set static if conversion metric #3147
• Bug 2081317: configure-ovs.sh: Provide store hint for default route interface #3131
• Bug 2076493: [on-prem] make Corefile api matching stricter #3095
• Bug 2082567: [vsphere] remove warning encountered on vSphere UPI cluster without API VIP #3138
• Bug 2069798: ClusterRoleUpdated/ClusterRoleBindingUpdated Spamming Event Logs #3045
• Bug 2079097: Ensure only one apiserver-watcher process is active on a node. #3121
• Bug 2071696: Add KUBELET_NODEIP_HINT to nodeip-configuration #3058
• Bug 2072621: Fix bootstrap-unit test failure caused by #3008 #3109
• Bug 2076308: Move removeUpdateInProgressTaint functionality to mcc #3091
• Bug 2072621: [OCPNODE-869] Create a drop-in file for cri-o’s seccomp use default config #3008
• Bug 2070492: configure-ovs: move dhcp config from br-ex to ovs-if-br-ex #3049
• Bug 2062666: configure-ovs: reload NM only when necessary #3005
• Bug 2062290: Add –templates flag to MCC bootstrap command #2997
• Bug 2063326: [release-4.10] Ensure directories are created with usable permission bits #3012
• Bug 2060954: Explicitly set keyfile as the default plugin #2985
• Full changelog

machine-os-images

• Bug 2090022: Get rid of lookaside cache in OCP build #17
• Revert .ci-operator.yaml #18
• Updating ose-machine-os-images images to be consistent with ART #9
• Bug 2077305: Remove destination coreos if it exists #14
• Full changelog

multus-cni

• Bug 2084289: Bumps net-attach-def client library (for CNI v1.0 IP compatibility) [backport 4.10] #128
• Updating multus-cni images to be consistent with ART #110
• Full changelog

multus-whereabouts-ipam-cni

• Bug 2065488: Sync upstream for context improvements for reconciler [backport 4.10] #88
• Full changelog

must-gather

• Bug 2106842: Add timeout to oc cp command to fix must-gather delays when routers are terminating #323
• Bug 2059777: Fix the namespace extract filter #288
• Bug 2106559: fix gather_insights collection #322
• Bug 2084591: Add networking resources #307
• Bug 2069554: Collect NMState resources when operator is installed #294
• Full changelog

network-interface-bond-cni

• Bug 2101841: Backport Fix incorrect bond name issue #36
• Bug 2084289: Backport IPAM fixes [4.10] #34
• Full changelog

network-metrics-daemon

• Updating ose-network-metrics-daemon images to be consistent with ART (#40) #40
• Fix field selector (#50) #50
• Added METRIC_TEST_IMAGE var (#47) #47
• Full changelog

oauth-apiserver

• Bug 2094022: Update 4.10 to 1.23 #79
• Full changelog

oc-mirror

• Bug 2075051: [release-4.10] fix: adds handling for channel with different prefixes in cincinnati.go (#413) #413
• build(deps): bump operator-registry dep to v1.21.1 (#390) #390
• Bug 2064901: fix(associations): modifies association return values to allows image… (#359) #359
• Bug 2065500: resolves multiple channel heads in merged catalogs (#372) #372
• chore: adds dynamic version info for version command with ldflags (#328) (#334) #328
• Full changelog

openshift-apiserver

• Add coreydaley as reviewer/approver for pkg/build #298
• Full changelog

openshift-state-metrics

• Updating openshift-state-metrics images to be consistent with ART #80
• Bug 2052804: adding new build comments required for go 1.17 #83
• Full changelog

openstack-cinder-csi-driver-operator

• Bug 2091649: SWEET32: Improve TLS configuration for Kube RBAC Proxy #89
• Full changelog

openstack-machine-controllers

• Bug 2077380: Fix InstanceCreate port & trunk cleanup #233
• Bug 2071538: Address CVE-2022-21698 #226
• Bug 2050064: Ensure subnets belong to the queried network #219
• Full changelog

operator-lifecycle-manager, operator-registry

• Bug 2106838: remove broken thread-safety (#2697) #340
• Bug 2101802: opm bug fix #327
• Bug 2095329: [release-4.10] Bump go to v1.17 (#922) #310
• Bug 2080609: Fix GRPC CheckRegistryServer function (#2756) #298
• Bug 2071941: Replace collect-profile jobs that haven’t completed #277
• Bug 2070131: Fix a bug in deletion of webhook service for replacement #272
• Full changelog

ovirt-csi-driver-operator

• Bug 2050118: Add custom CA bundle support #84
• Bug 2070525: Recreate oVirt connection for every sync #94
• Full changelog

ovn-kubernetes

• Bug 2105653: egressIP: node retrieval failure is not respected, causes panic #1185
• Bug 2105275: Fix egressips for pods recreated with same name #1179
• Bug 2107903: Append the SNAT rule in management chain #1201
• Bug 2105265: EGW: Clean Stale Conntrack Entries #1191
• Bug 2099680: [release-4.10] libovsdb fixes for empty values #1164
• Bug 2105276: Fix panics in DestroyNetworkPolicy if policy is nil #1182
• Bug 2099206: Update logging for specific policy when creating it #1149
• Bug 2099822: Fix pointer loop var #1153
• Bug 2091157: [release-4.10] Free IPs and delete resources for completed pods #1152
• Bug 2092501: Fixes finding default gateway for configured GW interface #1131
• Bug 2095193: duplicated IPs can be assigned to multiple Pods #1132
• Bug 2088582: Bumps OVN to 21.12.0-58.el8fdp #1101
• Bug 2086891: policy: Fix multicast allow policy type. #1093
• Bug 2088040: Delete ChassisPrivate along with Chassis #1099
• Bug 2077129: [release-4.10] Fixes secondary bridge #1044
• Bug 2088627: EgressIP NATs are not being cleared correctly from the logical router #1098
• Bug 2087203: enable exportloopref linter and fix violations #1095
• Bug 2082467: Fix cluster/status parsing for single-member db cluster (SNO) #1082
• Bug 2083116: delete SNAT2NIP if pod.node == egressNodeServingPod #1084
• Bug 2080069: Cleanup conntrack entries when services are deleted #1061
• Bug 2080895: Ensure stale information is not present in metrics with labels when they change #1070
• Bug 2080882: Fix incorrectly logged error when searching for ovnkube master pod #1069
• Bug 2080925: Don’t spawn go routines for adding metric events #1071
• Bug 2079546: [release-4.10] call clearInitialNodeNetworkUnavailableCondition for noHostSubnet nodes #1057
• Bug 2065780: [release-4.10][backport] Fix cleaning VF representor ports #1001
• Bug 2073411: Fix ETP=local for host->svc traffic #1063
• Bug 2073137: Fix lgw flows for ingress-svc traffic #1026
• Bug 2074839: [release-4.10] fix ipv6 network policy #1043
• Bug 2052017: Retry Pod Deletions on Failure #1025
• Bug 2059354: [4.10z] After reboot egress node, lr-policy-list was not correct #994
• fix so that this branch can build #7
• Bug 2055381: [release-4.10] support new ingress pipeline option for ACLs #6
• Bug 2061804: [4.10] Fixes “ErrorAddingLogicalPort: duplicate IP found in ECMP Pod route cache!” for same pod #990
• Bug 2063834: backport 2052975 to 4.10 #995
• Full changelog

prometheus-config-reloader, prometheus-operator

• Bug 2060718: Add relabel validations #161
• Full changelog

tests

• Bug 2080198: skip tests for etcd leaders when etcd revisions change a lot #27076
• Bug 2080759: Remove BlueOcean annotation check #27065
• Bug 2077995: Best matcher single node OVN #27048
• Bug 2059845: [test]: bump upper bounds for AWS single node and GCP #27055
• Bug 2077414: MGMT-9440: Fix single node serial tests API crash #27037
• Bug 2074714: synthetictests: skip “alert/Watchdog must have no gaps or changes” on SNO upgrades #27011
• Bug 2074448: exclude loki-promtail from duplicated events #27010
• Bug 2077516: don’t fail when a query returns warnings #27039
• Bug 2059845: operators should not create watch channels very often: bump OpenStack monitoring operator #26879
• Bug 2076265: [release-4.10] test: switch to testing CapBnd over CapInh #27021
• Bug 2060592: only add failure when no event was found for the target revision #26881
• Bug 2055381: cleanup network policy ACL extended test #26946
• Full changelog

vsphere-csi-driver-operator

• Bug 2108003: 4.10: Don’t block upgrades when another CSI driver is found #99
• Bug 2095824: Report max. nr. of attachable volumes per node #91
• Full changelog

vsphere-problem-detector

• Bug 2055895: change NodePerfCheck criteria to be based on average latency #76
• Full changelog

---

View changelog in Markdown or change previous release: 4.10.244.10.234.10.224.10.214.10.204.10.194.10.184.10.174.10.164.10.154.10.144.10.134.10.124.10.114.10.104.10.94.10.84.10.74.10.64.10.54.10.44.10.34.10.24.10.14.10.04.10.0-rc.84.10.0-rc.74.10.0-rc.64.10.0-rc.54.10.0-rc.44.10.0-rc.34.10.0-rc.24.10.0-rc.14.10.0-rc.04.10.0-fc.44.10.0-fc.34.10.0-fc.24.10.0-fc.14.10.0-fc.04.9.594.9.584.9.574.9.564.9.554.9.544.9.534.9.524.9.514.9.504.9.494.9.484.9.474.9.464.9.454.9.444.9.434.9.424.9.414.9.404.9.394.9.384.9.374.9.364.9.354.9.344.9.334.9.324.9.314.9.304.9.294.9.284.9.274.9.264.9.254.9.244.9.234.9.224.9.214.9.204.9.194.9.184.9.174.9.164.9.154.9.144.9.134.9.124.9.114.9.104.9.94.9.84.9.74.9.64.9.54.9.44.9.34.9.24.9.14.9.04.9.0-rc.84.9.0-rc.74.9.0-rc.64.9.0-rc.54.9.0-rc.44.9.0-rc.34.9.0-rc.24.9.0-rc.14.9.0-rc.04.9.0-fc.14.9.0-fc.04.8.574.8.564.8.554.8.544.8.534.8.524.8.514.8.504.8.494.8.484.8.474.8.464.8.454.8.444.8.434.8.424.8.414.8.404.8.394.8.384.8.374.8.364.8.354.8.344.8.334.8.324.8.314.8.304.8.294.8.284.8.274.8.264.8.254.8.244.8.234.8.224.8.214.8.204.8.194.8.184.8.174.8.164.8.154.8.144.8.134.8.124.8.114.8.104.8.94.8.84.8.74.8.64.8.54.8.44.8.34.8.24.8.14.8.04.8.0-rc.34.8.0-rc.24.8.0-rc.14.8.0-rc.04.8.0-fc.94.8.0-fc.84.8.0-fc.74.8.0-fc.64.8.0-fc.54.8.0-fc.44.8.0-fc.34.8.0-fc.24.8.0-fc.14.8.0-fc.04.7.604.7.594.7.584.7.574.7.564.7.554.7.544.7.534.7.524.7.514.7.504.7.494.7.484.7.474.7.464.7.454.7.444.7.434.7.424.7.414.7.404.7.394.7.384.7.374.7.364.7.354.7.344.7.334.7.324.7.314.7.304.7.294.7.284.7.274.7.264.7.254.7.244.7.234.7.224.7.214.7.204.7.194.7.184.7.174.7.164.7.154.7.144.7.134.7.124.7.114.7.104.7.94.7.84.7.74.7.64.7.54.7.44.7.34.7.24.7.14.7.04.7.0-rc.34.7.0-rc.24.7.0-rc.14.7.0-rc.04.7.0-fc.54.7.0-fc.44.7.0-fc.34.7.0-fc.24.7.0-fc.14.7.0-fc.04.6.624.6.614.6.604.6.594.6.584.6.574.6.564.6.554.6.544.6.534.6.524.6.514.6.504.6.494.6.484.6.474.6.464.6.454.6.444.6.434.6.424.6.414.6.404.6.394.6.384.6.374.6.364.6.354.6.344.6.334.6.324.6.314.6.304.6.294.6.284.6.274.6.264.6.254.6.244.6.234.6.224.6.214.6.204.6.194.6.184.6.174.6.164.6.154.6.144.6.134.6.124.6.114.6.104.6.94.6.84.6.74.6.64.6.54.6.44.6.34.6.24.6.14.6.04.6.0-rc.44.6.0-rc.34.6.0-rc.24.6.0-rc.14.6.0-rc.04.6.0-fc.94.6.0-fc.84.6.0-fc.74.6.0-fc.64.6.0-fc.54.6.0-fc.44.6.0-fc.3───4.15.0-0.nightly-2023-09-22-0232174.15.0-0.nightly-2023-09-21-1941184.15.0-0.nightly-2023-09-21-0225204.15.0-0.nightly-2023-09-20-1925124.15.0-0.nightly-2023-09-19-1904574.15.0-0.nightly-2023-09-17-0458114.15.0-0.nightly-2023-09-17-002308───4.15.0-0.ci-2023-09-21-2209534.15.0-0.ci-2023-09-21-1609534.15.0-0.ci-2023-09-21-1009534.15.0-0.ci-2023-09-21-0409534.15.0-0.ci-2023-09-20-2209534.15.0-0.ci-2023-09-20-0409534.15.0-0.ci-2023-09-10-044704───4.14.0-0.nightly-2023-09-22-0036544.14.0-0.nightly-2023-09-21-1756004.14.0-0.nightly-2023-09-21-0912364.14.0-0.nightly-2023-09-21-0025304.14.0-0.nightly-2023-09-20-1802564.14.0-0.nightly-2023-09-20-0335024.14.0-0.nightly-2023-09-19-201452───4.14.0-0.ci-2023-09-22-0046104.14.0-0.ci-2023-09-21-1846094.14.0-0.ci-2023-09-21-1246094.14.0-0.ci-2023-09-21-0634524.14.0-0.ci-2023-09-20-2300184.14.0-0.ci-2023-09-16-1923214.14.0-0.ci-2023-09-16-023348───4.13.0-0.nightly-2023-09-22-0241344.13.0-0.nightly-2023-09-21-1625354.13.0-0.nightly-2023-09-21-0631334.13.0-0.nightly-2023-09-20-1831564.13.0-0.nightly-2023-09-20-1138264.13.0-0.nightly-2023-09-12-0748034.13.0-0.nightly-2023-09-12-014803───4.13.0-0.ci-2023-09-21-2225464.13.0-0.ci-2023-09-21-1419384.13.0-0.ci-2023-09-21-0504024.13.0-0.ci-2023-09-20-2304024.13.0-0.ci-2023-09-18-2027564.13.0-0.ci-2023-09-18-074703───4.12.0-0.nightly-2023-09-21-1537504.12.0-0.nightly-2023-09-21-0502144.12.0-0.nightly-2023-09-20-1342364.12.0-0.nightly-2023-09-19-1700174.12.0-0.nightly-2023-09-18-233020───4.12.0-0.ci-2023-09-22-0003544.12.0-0.ci-2023-09-21-1455584.12.0-0.ci-2023-09-21-0628494.12.0-0.ci-2023-09-20-2223324.12.0-0.ci-2023-09-18-1439294.12.0-0.ci-2023-09-17-155746───4.11.0-0.nightly-2023-09-21-0350184.11.0-0.nightly-2023-09-20-1320254.11.0-0.nightly-2023-09-19-2319034.11.0-0.nightly-2023-09-14-2102034.11.0-0.nightly-2023-09-13-174554───4.11.0-0.ci-2023-09-20-1234524.11.0-0.ci-2023-09-20-0419454.11.0-0.ci-2023-09-18-2052574.11.0-0.ci-2023-09-16-0500244.11.0-0.ci-2023-09-15-230024───4.10.0-0.nightly-2023-09-16-1319474.10.0-0.nightly-2023-09-10-1557104.10.0-0.nightly-2023-09-09-0804354.10.0-0.nightly-2023-09-09-0204354.10.0-0.nightly-2023-09-02-021759───4.10.0-0.ci-2023-09-21-2336434.10.0-0.ci-2023-09-21-1718144.10.0-0.ci-2023-09-21-0614594.10.0-0.ci-2023-09-21-0014594.10.0-0.ci-2023-09-20-1200314.10.0-0.ci-2023-09-20-0026074.10.0-0.ci-2023-09-17-111633───4.9.0-0.nightly-2023-08-25-1035294.9.0-0.nightly-2023-08-01-1726394.9.0-0.nightly-2023-08-01-1126394.9.0-0.nightly-2023-07-31-1954554.9.0-0.nightly-2023-07-29-095441───4.9.0-0.ci-2023-09-17-0021354.9.0-0.ci-2023-09-13-1725374.9.0-0.ci-2023-09-10-1733394.9.0-0.ci-2023-09-09-0429524.9.0-0.ci-2023-08-26-090204───4.8.0-0.nightly-2023-08-31-0446344.8.0-0.nightly-2023-08-23-1312364.8.0-0.nightly-2023-08-21-0304314.8.0-0.nightly-2023-08-01-1043124.8.0-0.nightly-2023-07-31-231822───4.8.0-0.ci-2023-09-16-0434424.8.0-0.ci-2023-09-14-1936014.8.0-0.ci-2023-09-14-1603404.8.0-0.ci-2023-07-28-0029404.8.0-0.ci-2023-07-15-003738───4.7.0-0.nightly-2023-08-31-0544414.7.0-0.nightly-2023-08-22-1823064.7.0-0.nightly-2023-08-21-0305164.7.0-0.nightly-2023-08-01-1056574.7.0-0.nightly-2023-07-31-162336───4.7.0-0.ci-2023-09-17-0149564.7.0-0.ci-2023-09-13-1520064.7.0-0.ci-2023-08-23-1118494.7.0-0.ci-2023-08-22-1807414.7.0-0.ci-2023-08-01-193229───4.6.0-0.nightly-2023-08-26-0322404.6.0-0.nightly-2023-08-02-1901424.6.0-0.nightly-2023-08-01-1130314.6.0-0.nightly-2023-07-28-0756174.6.0-0.nightly-2023-07-26-212417───4.6.0-0.ci-2023-08-04-2015434.6.0-0.ci-2023-08-02-1612084.6.0-0.ci-2023-07-28-0433114.6.0-0.ci-2023-07-28-0226034.6.0-0.ci-2023-07-28-003217───4.14.0-ec.44.14.0-ec.34.14.0-ec.24.14.0-ec.14.14.0-ec.0

Source code for this page located on github