oVirt Bugfix und Security Release 4.3.6

Die Open-Source Virtualisierungslösung oVirt, wurde in der Version 4.3.6 freigegeben. oVirt selbst ist eine Alternative für VMWare und vSphere und ermöglicht das Managment von KVM Virtualisierung in Multi-Node-Umgebungen. oVirt beinhaltet unter anderem libvirt, Gluster, PatternFly und Ansible. Dies ist ein Minor Release das diverse Fehler behebt, Sicherheitslücken schließt und einige Neuerungen einführt.

oVirt 4.3.6 Release Notes

What’s New in 4.3.6?

oVirt Engine WildFly

• BZ 1732499 Require WildFly 17.0.1 for oVirt Engine 4.3
  oVirt engine 4.3.6 now depends on WildFly 17.0.1.FINAL

oVirt Engine

• BZ 1732499 Require WildFly 17.0.1 for oVirt Engine 4.3
  oVirt engine 4.3.6 now depends on WildFly 17.0.1.FINAL

Enhancements

oVirt Engine

• BZ 1741152 [downstream clone – 4.3.6] [RFE] – Creating an NFS storage domain the engine should let the user specify exact NFS version v4.0 and not just v4
  
• BZ 1680498 [RFE] Implement priorities for soft affinity groups
  Feature:
  Added priorities to nonenforcing affinity groups. If not all affinity groups can be satisfied, the groups with lower priority are broken first.
  
  Reason:
  Some affinities can be more important than others. Previously, it was not possible to specify it.
  
  Result:
  When a VM is started or migrated, a host is chosen, such that the broken affinity groups have the lowest priority.
  
  A new text field has been added to the affinity group dialog, to set to priority. It can contain any real number, not just integers. Priority can also be set using a new parameter in the REST API.

imgbased

• BZ 1744027 [downstream clone – 4.3.6] [RFE] Warn if SELinux is disabled when upgrading RHV-H
  

IOProcess

• BZ 1753901 ioprocess – Implement block size detection compatible with Gluster storage
  Feature:
  Provide API to probe block size of underlying filesystem.
  
  Reason:
  The API is needed by vdsm to support 4k storage on gluster.
  
  Result:
  Vdsm uses this now to support 4k gluster storage.

Bug Fixes

VDSM

• BZ 1748395 [downstream clone – 4.3.6] Can’t import guest from export domain to data domain on rhv4.3 due to error “Invalid parameter: ‘DiskType=1’”
  
• BZ 1744572 [downstream clone – 4.3.6] VDSM command Get Host Statistics failed: Internal JSON-RPC error: {‘reason’: ‘[Errno 19] vnet is not present in the system’}</b>
  
• BZ 1746718 [downstream clone – 4.3.6] Typo and exception due to non-iterable object on gluster fencing testing
  
• BZ 1660451 Executor queue can get full if vm.destroy takes some time to complete
  
• BZ 1740498 [downstream clone – 4.3.6] Remove nwfilter configuration from the vdsmd service start
  
• BZ 1691760 [SR-IOV] cannot enable VF on broadcom network card
  

oVirt image transfer daemon and proxy

• BZ 1637809 ovirt-imageio-proxy should use apache’s pki
  

oVirt Engine

• BZ 1709201 Change md5 checksum used in GlusterHooks calls
  
• BZ 1734671 [scale] updatevmdynamic broken if too many users logged in – psql ERROR: value too long for type character varying(255)
  
• BZ 1733438 [downstream clone – 4.3.6] engine-setup fails to upgrade to 4.3 with Unicode characters in CA subject
  

oVirt Engine Metrics

• BZ 1723453 Install failed on timeout during “Wait for resize”
  

Other

VDSM

• BZ 1753116 require updated kernel for CVE-2019-14835
  
• BZ 1740774 Pad memory volumes to 4096 bytes to support 4K storage
  
• BZ 1726834 ioprocess readfile(direct=True) does not use direct I/O
  

oVirt Hosted Engine HA

• BZ 1704500 auditd logs full of sudo events from vdsm
  

oVirt Hosted Engine Setup

• BZ 1713304 Fail to deploy hosted-engine with –6 on a dual-stack host
  

oVirt Ansible hosted-engine setup role

• BZ 1737353 he-invalid-engine-fqdn-err “Unable to resolve address” is missing in cockpit UI
  
• BZ 1711672 hosted-engine-setup fails if LANGUAGE set to some local language
  

oVirt Engine

• BZ 1753168 [downstream clone – 4.3.6] teardownImage attempts to deactivate in-use LV’s rendering the VM disk image/volumes in locked state.
  
• BZ 1680499 [RFE] Allowing use of labels in affinity groups
  
• BZ 1751142 [downstream clone – 4.3.6] host activation causes RHHI nodes to lose the quorum
  
• BZ 1748387 [downstream clone – 4.3.7] NPE in DestroyImage endAction during live merge leaving a task in DB for hours causing operations depending on host clean tasks to fail as Deactivate host/StopSPM/deactivate SD
  
• BZ 1745491 [downstream clone – 4.3.6] Unable to start guests in our Power9 cluster without running in headless mode.
  
• BZ 1715435 Failed to run check-update of host
  
• BZ 1741893 uploading raw image to cow disk fails on verify volume
  
• BZ 1731245 Wrong disk size of managed block device disk shown when virtual machine: Bytes instead of gigabytes
  
• BZ 1741155 [downstream clone – 4.3.6] a new size of the direct LUN not updated in Admin Portal
  
• BZ 1739134 Error creating local storage domain: Internal Engine Error.
  
• BZ 1744571 [downstream clone – 4.3.6] VMs will fail to start if the vnic profile attached is having port mirroring enabled and have name greater than 15 characters
  
• BZ 1639577 [UI] – Tasks – Synchronizing networks on cluster </b>
  
• BZ 1720994 sync all cluster networks – all sync host events are numbered ‘1/1’ in events tab\engine.log
  
• BZ 1619011 “sync all cluster networks” – do not attempt to sync hosts which are already in sync
  
• BZ 1734429 Support device block size of 4096 bytes for file based storage domains
  
• BZ 1720487 [REST] Unable to set ‘Unlimited’ QOS for vNIC profile using RESTAPI
  
• BZ 1686717 UI Dialog for moving disks between Storagedomains is less useful
  
• BZ 1720908 Remove host fails when host is in maintenance as it’s lock due to DisconnectHostFromStoragePoolServersCommand – host in maintenance should not be locked
  
• BZ 1679867 UI exception seen in RHV-M (models.vms.UnitVmModel.$validate)
  
• BZ 1533160 Webadmin-manage domain window – it’s possible to insert a number bigger than storage domain size
  
• BZ 1744510 [downstream clone – 4.3.6] Disk migration progress bar not clearly visible and unusable.
  

oVirt Engine Appliance

• BZ 1737555 pam_pkcs11 error trying to login to the graphical console of the hosted-engine VM
  When trying to log in to a Self-Hosted Engine virtual machine using a VNC or SPICE console, an error regarding smart card authorization is displayed.
  With this release, the log in process completes without errors.

oVirt Engine Data Warehouse

• BZ 1727550 Install DWH on separate machine failed – problem with execute stage ‘Misc configuration’
  

ovirt-engine-extension-aaa-misc

• BZ 1713195 ovirt-engine-extension-aaa-misc doesn’t build on Fedora 29
  

oVirt Cockpit Plugin

• BZ 1746728 Day 2 [Expand Volume]: Logical size is incorrect while providing the LV size
  
• BZ 1746452 lvcache should be the same as input from user
  
• BZ 1745565 Remove the default arbiter check for vmstore volume
  
• BZ 1745503 VDO with LVM thinpool needs correct entry in inventory file in cockpit based deployment.
  
• BZ 1745501 Deployment wizard has overlapped buttons, for the scenario of reusing existing configuration
  
• BZ 1739881 Rename lifecycle methods to support React 17.x
  
• BZ 1715959 Single node RHHI-V deployment, results in the host added twice to the cluster, one with backend and other with frontend FQDN
  
• BZ 1712714 Provide option for user to attach LVM Cache to specific thinpool
  
• BZ 1693149 [Day 2] With expand cluster, newly added nodes are not added in to the existing gluster cluster
  
• BZ 1690741 Cockpit Day 2 – RFE – Support for expanding volume/creating bricks
  
• BZ 1692793 [Day 2] While creating new volume or expanding the volume using day2, option to add brick should be removed
  
• BZ 1690801 Disk count and stripe size are missing in the deployment wizard, when changing disktype from JBOD to RAID
  
• BZ 1715461 Changing the name from FQDN to additional hosts in cockpit
  
• BZ 1738019 Update LV cache related variables in generated vars file
  
• BZ 1738502 LVM cache feature not possible with ansible-2.8
  
• BZ 1721371 Provide a way to cleanup gluster deployment from cockpit
  
• BZ 1693657 Enable LV thinpool on VDO devices
  
• BZ 1724035 Move the preflight check in to ansible pre-task for automated CLI deployment
  
• BZ 1713935 [RFE] Add Log verbosity flag to Cockpit installer
  

oVirt Engine UI Extensions

• BZ 1751144 [UI] cluster upgrade dialog big margin
  

oVirt Host Deploy

• BZ 1747787 Failed to deploy hosted engine with Failed to execute stage ‘Misc configuration’: expected string or buffer
  
• BZ 1737926 [downstream clone – 4.3.6] Setting FIPS parameter from the engine will make the host unable to reboot if /boot resides on a separate partition (as in RHV-H case)
  

No Doc Update

VDSM

• BZ 1755271 [downstream clone – 4.3.6] Make block size detection compatible with Gluster storage
  
• BZ 1719789 dynamic_ownership enabled breaks file ownership after virtual machine migration and shutdown for disk images on Gluster SD when libgfapi is enabled
  

oVirt Engine

• BZ 1718694 Fix message about removing iptables support in 4.3
  
• BZ 1746730 [downstream clone – 4.3.6] Engine deletes the leaf volume when SnapshotVDSCommand timed out without checking if the volume is still used by the VM
  
• BZ 1737612 [CodeChange][i18n] oVirt 4.3 webadmin – translation update
  
• BZ 1733089 engine-setup role fails if ovn password is not supplied in vault
  
• BZ 1743246 [downstream clone – 4.3.6] Move/Copy disk are blocked if there is less space in source SD than the size of the disk
  
• BZ 1726758 [Cinderlib] – Error connecting to ceph cluster when starting VM with Ceph MBD disk
  
• BZ 1613702 [RFE][UI] – Add out-of-sync icon indication for the cluster entity
  
• BZ 1744507 [downstream clone – 4.3.6] Snapshot creation was successful, but snapshot remains locked
  
• BZ 1734360 When vdsm spice CA file checking may fail if spice ca directory don’t exists
  
• BZ 1715478 Trying to move disk using REST-API during LSM, at RemoveSnapshot phase, leaves the disk in a status where it can’t be moved again
  

ovirt-engine-extension-aaa-ldap

• BZ 1733111 [ovirt-engine-extension-aaa-ldap-setup] dig command usage does not allow for tcp fallback
  

oVirt Engine UI Extensions

• BZ 1750669 Cluster upgrade dialogue closes unexpectedly with Minified React error #130

Quelle: https://www.ovirt.org/release/4.3.6/