OSSM 2.4.5: [DOC] Release Notes, Known Issues and Bug Fixes

openshift · Nov 6, 2023 · a30c575 · a30c575
1 parent d58f70c
commit a30c575
Show file tree

Hide file tree

Showing 3 changed files with 103 additions and 4 deletions.
diff --git a/_attributes/common-attributes.adoc b/_attributes/common-attributes.adoc
@@ -143,7 +143,7 @@ endif::[]
 :product-rosa: Red Hat OpenShift Service on AWS
 :SMProductName: Red Hat OpenShift Service Mesh
 :SMProductShortName: Service Mesh
-:SMProductVersion: 2.4.4
+:SMProductVersion: 2.4.5
 :MaistraVersion: 2.4
 //Service Mesh v1
 :SMProductVersion1x: 1.1.18.2

diff --git a/modules/ossm-rn-fixed-issues.adoc b/modules/ossm-rn-fixed-issues.adoc
@@ -14,17 +14,42 @@ Provide the following info for each issue if possible:
 *Result* - How has the behavior changed as a result? Try to avoid “It is fixed” or “The issue is resolved” or “The error no longer presents”.
 ////
 
-The following issues have been resolved in the current release:
+The following issue has been resolved in the current release:
 
-* https://issues.redhat.com/browse/OSSM-4851[OSSM-4851] Previously, an error occurred in the operator deploying new pods in a namespace scoped inside the mesh when `runAsGroup`, `runAsUser`, or `fsGroup` parameters were `nil`. Now, a yaml validation has been added to avoid the `nil` value.
+* https://issues.redhat.com/browse/OSSM-3647[OSSM-3647] Previously, in the {SMProductShortName} control plane (SMCP) v2.2 (Istio 1.12), WasmPlugins were applied only to inbound listeners. Since SMCP v2.3 (Istio 1.14), WasmPlugins have been applied to inbound and outbound listeners by default, which introduced  regression for users of 3scale WasmPlugin. Now, the environment variable `APPLY_WASM_PLUGINS_TO_INBOUND_ONLY` is added which allows safe migration from SMCP v2.2 to v2.3 and v2.4. 
++
+The following setting should be added to the SMCP config:
++
+[source, yaml]
+----
+spec:
+  runtime:
+    components:
+      pilot:
+        container:
+          env:
+            APPLY_WASM_PLUGINS_TO_INBOUND_ONLY: "true"
 
-* https://issues.redhat.com/browse/OSSM-3771[OSSM-3771] Previously, OpenShift routes could not be disabled for additional ingress gateways defined in a Service Mesh Control Plane (SMCP). Now, a `routeConfig` block can be added to each `additionalIngress` gateway so the creation of OpenShift routes can be enabled or disabled for each gateway.
+----
++
+Red Hat recommends the following:
++
+--
+. Set `APPLY_WASM_PLUGINS_TO_INBOUND_ONLY` in SMCP v2.2.
+. Upgrade to 2.4.
+. Set `spec.match[].mode: SERVER` in WasmPlugins.
+. Remove previously added environment variable.
+--
 
 The following issues have been resolved in previous releases:
 
 [id="ossm-rn-fixed-issues-ossm_{context}"]
 == {SMProductShortName} fixed issues
 
+* https://issues.redhat.com/browse/OSSM-4851[OSSM-4851] Previously, an error occurred in the operator deploying new pods in a namespace scoped inside the mesh when `runAsGroup`, `runAsUser`, or `fsGroup` parameters were `nil`. Now, a yaml validation has been added to avoid the `nil` value.
+
+* https://issues.redhat.com/browse/OSSM-3771[OSSM-3771] Previously, OpenShift routes could not be disabled for additional ingress gateways defined in a Service Mesh Control Plane (SMCP). Now, a `routeConfig` block can be added to each `additionalIngress` gateway so the creation of OpenShift routes can be enabled or disabled for each gateway.
+
 * https://issues.redhat.com/browse/OSSM-4197[OSSM-4197] Previously, if you deployed a v2.2 or v2.1 of the 'ServiceMeshControlPlane' resource, the `/etc/cni/multus/net.d/` directory was not created. As a result, the `istio-cni` pod failed to become ready, and the `istio-cni` pods log contained the following message:
 +
 [source,terminal]

diff --git a/modules/ossm-rn-new-features.adoc b/modules/ossm-rn-new-features.adoc
@@ -15,6 +15,29 @@ Module included in the following assemblies:
 
 This release adds improvements related to the following components and concepts.
 
+== New features {SMProductName} version 2.4.5
+
+This release of {SMProductName} addresses Common Vulnerabilities and Exposures (CVEs), contains bug fixes, and is supported on {product-title} 4.11 and later versions.
+
+=== Component versions included in {SMProductName} version 2.4.5
+//Component table may need to be updated for 2.4.5, 2.3.9, and 2.2.12
+|===
+|Component |Version
+
+|Istio
+|1.16.7
+
+|Envoy Proxy
+|1.24.12
+
+|Jaeger
+|1.47.0
+
+|Kiali
+|1.65.10
+|===
+//Component table may need to be updated for 2.4.5, 2.3.9, and 2.2.12
+
 == New features {SMProductName} version 2.4.4
 
 This release of {SMProductName} addresses Common Vulnerabilities and Exposures (CVEs), contains bug fixes, and is supported on {product-title} 4.11 and later versions.
@@ -255,6 +278,32 @@ spec:
 * {SMProductShortName} on ARM64 architecture is not supported.
 * OpenTelemetry API remains a Technology Preview feature.
 
+== New features {SMProductName} version 2.3.9
+//Update with 2.4.5
+
+This release of {SMProductName} addresses Common Vulnerabilities and Exposures (CVEs), contains bug fixes, and is supported on {product-title} 4.11 and later versions.
+
+=== Component versions included in {SMProductName} version 2.3.9
+//Update iwth 2.4.5
+//Component table may need to be updated
+|===
+|Component |Version
+
+|Istio
+|1.14.5
+
+|Envoy Proxy
+|1.22.11
+
+|Jaeger
+|1.47.0
+
+|Kiali
+|1.57.13
+|===
+//Update iwth 2.4.5
+//Component table may need to be updated
+
 == New features {SMProductName} version 2.3.8
 //Update with 2.4.4
 
@@ -534,6 +583,31 @@ Additionally, the SMMR must also be configured for cluster-wide deployment. This
 ----
 <1> Adds all namespaces to the mesh, including any namespaces you subsequently create. The following namespaces are not part of the mesh: kube, openshift, kube-* and openshift-*.
 
+== New features {SMProductName} version 2.2.12
+
+This release of {SMProductName} addresses Common Vulnerabilities and Exposures (CVEs), contains bug fixes, and is supported on {product-title} 4.11 and later versions.
+
+=== Component versions included in {SMProductName} version 2.2.12
+//2.2.12 being released with 2.4.5
+//Component table may need to be updated
+|===
+|Component |Version
+
+|Istio
+|1.12.9
+
+|Envoy Proxy
+|1.20.8
+
+|Jaeger
+|1.47.0
+
+|Kiali
+|1.48.10
+|===
+//2.2.12 being released with 2.4.5
+//Component table may need to be updated
+
 == New features {SMProductName} version 2.2.11
 
 This release of {SMProductName} addresses Common Vulnerabilities and Exposures (CVEs), contains bug fixes, and is supported on {product-title} 4.11 and later versions.