Details
-
Spike
-
Resolution: Done
-
Critical
-
None
-
None
-
False
-
None
-
False
-
MCO Sprint 233
-
0
-
0
Description
This Jira card is only created to evaluate the impact assessment of OCPBUGS-9969 . For more details please refer the bug.
Which 4.y.z to 4.y'.z' updates increase vulnerability?
This issue will occur when a cluster born on OCP 4.1 has been upgraded to OCP 4.12.0 and any further releases.
Which types of clusters?
This impacts all platforms that were supported during OCP 4.1 release.
What is the impact? Is it serious enough to warrant removing update recommendations?
OCP cluster that was originally created from OCP 4.1 and has now been upgraded to 4.12.0 or any further releases will see the issue. As a result of the issue, node scale-up will fail. This is because in 4.12, MCO [1] started using podman run -authfile option to perform in-place upgrade on nodes that are have OS content from OCP release < 4.12. This works well everywhere except on nodes that gets booted directly from 4.1 RHCOS bootimage. podman run gained -authfile option in 1.4.0 release [2] but 4.1 bootimage have 1.0.2-dev.
[2] https://github.com/containers/podman/commit/baed81029b74c8d801ea9d5cf67a78005472e6ed
How involved is remediation?
To resolve the problem cluster bootimage needs to be updated to 4.2 or later releases.
Is this a regression?
Yes, it is a regression introduced with OCP 4.12.0 release.
Attachments
Issue Links
- blocks
-
OCPBUGS-9969 4.1 born cluster fails to scale-up due to podman run missing `--authfile` flag
-
- Closed
-
- links to