Back to index
Download the installer for your operating system or run
oc adm release extract --tools quay.io/openshift-release-dev/ocp-release:4.14.0-ec.3-aarch64
Tests:
Upgrades from:
Untested upgrades:
4.13.0,
4.13.0-rc.3,
4.13.0-rc.4,
4.13.0-rc.5,
4.13.0-rc.6,
4.13.0-rc.7,
4.13.0-rc.8,
4.13.1,
4.13.2,
4.13.3,
4.13.4,
4.13.5,
4.14.0-ec.0,
4.14.0-ec.1,
4.14.0-ec.2
Loading changelog, this may take a while ...
Created: 2023-07-06 21:32:15 +0000 UTC
Image Digest: sha256:a204ba9e557087f5b8fb9960795037057a5fac2a558485cb1e1771506af9028d
Release 4.14.0-ec.3 was created from registry.ci.openshift.org/ocp-arm64/release-arm64:4.14.0-0.nightly-arm64-2023-07-05-191024
Components
New images
Rebuilt images without code change
- MGMT-14374: update day2 master docs (#5335) #5335
- MGMT-14620 Only emit succesful host creation message for pre install hosts (#5296) #5296
- MGMT-14704: Provide info on custom/vs non custom manifest in manifest endpoint. (#5278) #5278
- MGMT-15114: remove event for cluster registration failed (#5330) #5330
- MGMT-15126: Add missing incompatible features in some of the feature-support feature (#5327) #5327
- MGMT-15107: Bump version for hacking LSO catalog (#5323) #5323
- Create an override annotation for the ironic agent image (#5310) #5310
- OCPBUGS-13621: Fix singular Ingress and API cluster VIPs removal (#5216) #5216
- Don’t require key encipherment usage for approving CSRs (#5322) #5322
- MGMT-13284: Check for BMH CRD before creating controller (#5284) #5284
- MGMT-14937: Deprecate user_managed_networking attribute (#5317) #5317
- Bump OCP versions: 4.14 (#5320) #5320
- Bump OCP versions: 4.13, 4.10, 4.12 (#5316) #5316
- NO-ISSUE: parametrize template to enable switching secrets (#5313) #5313
- MGMT-14240: Specify connect-timeout on curl (#5314) #5314
- MGMT-15034: Fix patch of infrastructure CR with external platform (#5312) #5312
- MGMT-14979: add sasl/scraml auth method for kafka notifications (#5299) #5299
- MGMT-15025: Forbid register Z architecture cluster with OCI platform (#5309) #5309
- MGMT-15015 Provider IsHostSupported panic if platform is not found (#5306) #5306
- OCPBUGS-13738 enforce additional ntp sources added into chrony (#5295) #5295
- MGMT-14992: Fix Minimal ISO set as default in s390x (#5302) #5302
- MGMT-14631: Removing leftover of support for openshift 4.8 (#5301) #5301
- Bump OCP versions: 4.14, 4.11 (#5300) #5300
- MGMT-14973: Fix misleading logs showing wrong platform and user_managed_networking combination (#5298) #5298
- MGMT-14975: Update MCE operator installation to use stable-2.3 channel (#5297) #5297
- MGMT-14769: Enable upgrade agent by default (#5276) #5276
- MGMT-14165: AgentClusterInstall Webhooks improvements and fixes (#5275) #5275
- Bump OCP versions: 4.13, 4.12 (#5293) #5293
- MGMT-14730: Validate that manifest file size does not exceed 1MB (#5281) #5281
- MGMT-14883: Fix feature-support validation fail to validate openshift version (#5290) #5290
- Full changelog
- NO-ISSUE: Bump github.com/coreos/ignition/v2 from 2.15.0 to 2.16.0 (#564) #564
- AGENT-594: remove agent based installer code (#563) #563
- NO-ISSUE: Bump golang.org/x/sync from 0.2.0 to 0.3.0 (#561) #561
- MGMT-14540: Mark Appliance disk(s) with a partition name prefix ‘agent’ as eligible (#554) #554
- OCPBUGS-14848: Filter out hidden devices (#558) #558
- NO-ISSUE: Bump github.com/onsi/gomega from 1.27.7 to 1.27.8 (#555) #555
- NO-ISSUE: Bump github.com/go-openapi/swag from 0.22.3 to 0.22.4 (#556) #556
- Full changelog
- UPSTREAM: <drop>: update openshift/api,openshift/apiserver-library-go #1621
- UPSTREAM: <carry>: when only this kube-apiserver can fulfill the kube… #1616
- Update to Kubernetes 1.27.3 #1609
- UPSTREAM: <carry>: STOR-1270: Admission plugin to deny deletion of storages.operator.openshift.io #1550
- OCPBUGS-7181: UPSTREAM: <drop>: bump apiserver-library-go #1605
- Full changelog
- Set upstream labels and fix capability for the arch-aware scale from 0 in Azure #66
- CCO-346: Add support for Azure workload identity tokens #55
- MIXEDARCH-257: Handle the kubernetes.io/architecture label based on the Azure VM Size #65
- OCPBUGS-10762: Machine should be Failed if Machine has a Failed state on Azure #56
- Full changelog
- WRKLDS-700: bump(k8s) to v1.27.2 #1420
- OCPBUGS-15012: oc image extract: idms-file flag map to IDMSFile field #1464
- Correct incorrect command in observe command #1419
- Clarify the use of the filter without keep-manifest-list #1414
- OCPBUGS-10612: make registry auth prefence default to podman config locations #1376
- handle the error case of node retrieval while waiting for reboot #1482
- Fix the output of error prompt #1433
- pkg/cli/admin/upgrade: Surface Recommended=Unknown more prominently #1442
- pkg/cli/admin/upgrade: Add post-period to space to some error messages #1330
- Wait for reboot #1473
- tweak output format #1471
- OCPNODE-1580: Add –print-mirror-instructions to oc adm release mirror to allow idms instructions #1341
- add reboot-nodes #1468
- Trust check #1469
- fix directories for consistency #1467
- ocpcertificates: add ability to rotate MCS CA/cert #1450
- OCPNODE-1656: oc image extract: Introduce IDMS as alternative source #1426
- pernodepod: percent works like this #1463
- ocpcertificates: don’t make assumptions on resources not to bring pip… #1462
- allow running a command while the kubelet is off #1459
- add command to create new bootstrap kubeconfig for kubelet #1458
- ocpcertificates: fix handling resources by names explicitly + other cosmetic fixes #1460
- tweaks needed for wait #1455
- Add a command to remove older trust #1447
- create command to create new adminkubeconfig #1452
- add a command to copy content to every node #1454
- Minor updates to CLI help text #1453
- add command for regenerating OCP leaf certs #1443
- add a new command to wait for all clusteroperators to go stable #1444
- Full changelog
- CCO-366 Add ability to detect AWS STS and behave accordingly #542
- Implement ccoctl command to create infrastructure required for Azure workload identity #523
- PORTENABLE-526: operator: use a partial metadata watch for Namespaces #546
- manager: filter the cache of configmaps #544
- Bump to go 1.20 in go.mod #536
- Full changelog
- Enable feature gate for externalCertificate on Route API #326
- stomp the latencysensitive featureset for equivalent default #324
- WRKLDS-757: Sync with openshift/api to drop MatchLabelKeysInPodTopologySpread from TechPreviewNoUpgrade #322
- SPLAT-1099: bump openshift/api for vSphere static IP feature gate and platform spec #323
- remove dead flag for file #309
- Changes to move to api@2d36f53 #321
- OCPBUGS-12767: Add CustomNoUpgrade CRD versions to payload #320
- OCPCLOUD-2010: Re-vendor api to support external platform #306
- Full changelog
- OCPBUGS-15256: Sync openshift/api to reduce installerpod configmap based file permissions to 0600 #1065
- Limit etcdDatabaseHighFragmentationRatio to 100MB+ #1063
- manifests: bump loglevel of operator to normal #1060
- Remove unused cli docker image #1053
- OCPBUGS-14255: Add Controller health to CEO liveness probe #1049
- Full changelog
- OCPBUGS-13946: do not use one second timeout when asserting a webhook connection #1510
- OCPBUGS-14008: Enable “send-retry-after-while-not-ready-once” on SNO #1500
- update probes for best practices and consistency #1516
- api_performance_dashboard: show apiserver_longrunning_requests metric #1518
- allow greater timeout for etcd health check #1517
- api_performance_dashboard: show apiserver_request_total instead of apiserver_dropped_requests #1520
- OCPBUGS-8404: pkg/operator/configobserver: check that the serving certificate refer… #1482
- OCPBUGS-3986: dashboard: use recording rules for most metrics #1484
- OCPBUGS-14940: api_performance_dashboard: show apiserver_longrunning_requests metric #1511
- Full changelog
- e2e: overhaul Performance-Addon-Operator tests (#590) #590
- e2e: latency testing: increase the expected threshold (#706) #706
- e2e: perf-prof: disable truncating gomega output (#702) #702
- Configure OVS for dynamic cpu pinning (#559) #559
- OCPVE-382: fix: add default state for crio config (#700) #700
- e2e: devmgr: fine tune kubelet restart test (#701) #701
- e2e: RPS: fix expected cpu set (#703) #703
- Switch to rslave/HostToContainer volume mount propagation (#692) #692
- Do not rollback settings on TuneD exit (#699) #699
- e2e: reboot: add kubelet restart test (#697) #697
- remove conditional skip (#690) #690
- e2e: memorymanager fix: check the hugepage size condition (#693) #693
- Use RHEL9 as a base (#665) #665
- Expose TuneD socket to host. (#651) #651
- E2E: Use appropriate device path for rpsmask test (#691) #691
- chore: replace
github.com/ghodss/yaml
with sigs.k8s.io/yaml
(#628) #628
- test: perfprof: devices: fix default test image (#672) #672
- e2e: verify latency tests run with LATENCY_TEST_DELAY>120 (#662) #662
- E2E: Add memory manager sanity test case (#573) #573
- modify owners (#634) #634
- Add minLength restriction to Tuned CR (#689) #689
- OCPBUGS-14934: consistent use of ginkgo flags in Makefile (#682) #682
- OCPBUGS-14622: Do not fail creating cgroups if they exist already (#683) #683
- OCPBUGS-14193: pao e2e: Split e2e PAO update lane to more lanes (#631) #631
- OCPBUGS-4194: rps: use default rps mask kernel API (#650) #650
- OCPBUGS-14756: [test] [e2e] Check ci lanes are executing the right test suites (#679) #679
- Full changelog
- Dockerfile: bump to 1.19 and use public UBI pullspec #944
- pkg/payload: De-noise ‘excluding …’ logs #945
- bump api version to add new capability #941
- pkg/cvo/metrics: Doc from_version semantics for cluster_version{type=“completed”} #929
- Code cleanups for golangci-lint failures #942
- OTA-559: Migrate to (*Manifest).Include(…, overrides) #934
- Full changelog
- Updating ose-gcp-cloud-controller-manager images to be consistent with ART #33
- Full changelog
- HOSTEDCP-1061: Implement dedicated request serving nodes for HostedClusters #2722
- OCPBUGS-15769: Set –balance-similar-node-groups for autoscaler #2769
- Leader election config update. #2282
- OCPBUGS-15723: Let getMachinesForNodePool return machines ordered by creation Timestamp #2766
- Fix KAS HealthCheck for non DNS-Based ingress points in LB service #2765
- Bump github.com/docker/distribution from 2.8.1+incompatible to 2.8.2+incompatible #2741
- Bump github.com/docker/distribution from 2.8.1+incompatible to 2.8.2+incompatible in /hack/tools #2740
- Bump google.golang.org/protobuf from 1.29.0 to 1.29.1 in /hack/tools #2737
- OCPBUGS-12208 ensureExists pullSecret resource reconciliation strategy #2732
- Bump github.com/coreos/ignition/v2 from 2.10.1 to 2.14.0 #2739
- Bump github.com/docker/docker from 23.0.1+incompatible to 23.0.3+incompatible in /hack/tools #2738
- Remove hardcoded AWS CI References #2742
- TRT-1118: Remove DisableStrictZoneCheck from AWS CCM config #2757
- Update RHTAP references #2750
- add OWNERS for new ci-tooling area label #2743
- Add production cli (hcp) to dockerfile #2747
- feat: Enable priority class override #2661
- test/e2e: retry configmap create in etcd chaos tests #2746
- OCPBUGS-14578: Set allocate-node-cidrs to false in the cluster-kube-controller-manager #2731
- Revert “HOSTEDCP-1016: Validate publishing strategies” #2733
- HOSTEDCP-1027: Add Create kubeconfig for HCP CLI #2719
- HOSTEDCP-1016: Validate publishing strategies #2651
- KubeVirt Platform documentation for Advanced Storage Configurations and External Infrastructure #2712
- Follow up to PR comments on #2642 #2690
- HOSTEDCP-1067: Add dependabot dependency management #2708
- HOSTEDCP-1073: enforce blocked rollout of HCP #2726
- Revert “HOSTEDCP-967: [Re-revert] Disable v1alpha1 and conversion webhook by default” #2705
- Remove –service-publishing-strategy from production cli #2721
- HOSTEDCP-1024: Add Create NodePool for KubeVirt for HCP CLI #2718
- HOSTEDCP-1032: e2e: ensure default PSA policy is not privileged #2714
- HOSTEDCP-1031: Add Destroy Cluster Cmd for KubeVirt for HCP CLI #2673
- Expose annotation to allow release image overrides #2595
- HOSTEDCP-1060: add ignition-server proxy #2668
- OCPBUGS-14637: Check OwningIngressController also in Labels #2706
- HOSTEDCP-1020: Add Create Cluster for KubeVirt for HCP CLI #2672
- properly handle user CA bundle not existing #2703
- OCPBUGS-15168: fix(oauth): Do not proxy IBM Cloud IAM endpoints #2699
- OCPBUGS-14859: Skip AWS resource deletion for ‘Unknown’ OIDC state #2691
- Whitelist access from virt-launchers to NodeIP if NodePort ServicePublishingStrategy is used #2688
- OCPBUGS-13829: cpo: oauth: honor AccessTokenInactivityTimeout #2693
- Update NodePool docs to include data propagation #2687
- HOSTEDCP-1008: Add NodePoolTransitionSeconds metric #2631
- HOSTEDCP-967: [Re-revert] Disable v1alpha1 and conversion webhook by default #2685
- Make NodePool arch input immutable #2689
- Update autocaler RBAC to accomodate machinepools support added upstream #2663
- Enforce Immutability of some KubeVirt Platform Values #2654
- CNV-24818: Add fsGroup support to kubevirt-csi-driver #2563
- Let payload provider render feature gate yaml #2664
- OCPBUGS-14633: Check for OPENSHIFT_IMG_OVERRIDES before using #2660
- HOSTEDCP-965: Add impersonate feature to the CLI and document HC dump procedure #2653
- OCPBUGS-11882: Annotate HCP pods with the safe-to-evict-local-volume CA annotation #2647
- Full changelog
- OCPBUGS-13915: create Prometheus rules programmatically according the config option (#807) #807
- chore: renaming gather files (#768) #768
- Implement periodic gathering as a job in tech preview & latest fix (#799) #799
- chore: adds codecov (#778) #778
- Revert “OCPBUGS-10691: feat(clusterconfig): adds virtual machine instances gather (#742)” (#797) #742
- Revert “Implement periodic gathering as a job in tech preview (#787)” (#798) #787
- Implement periodic gathering as a job in tech preview (#787) #787
- OCPBUGS-14937: fix the config serialization & add test (#794) #794
- OCPBUGS-14771: run an extra config informer in the tech preview (#792) #792
- Full changelog
- Updating ose-kubevirt-csi-driver-rhel8 images to be consistent with ART #20
- Full changelog
- Enable mirroring of the multi release image (#657) #657
- revendor to the latest oc (#656) #656
- Replacing the hard coded path with graphDataMountPath (#585) #585
- CFE-859: Removing flag use-oci-feature starting release-4.14 (#622) #622
- CFE-783: A variety of changes needed for correct operation with multi architecture catalogs (#611) #611
- Full changelog
- OCPBUGS-15127: Dockerfile: bump to ovn 23.03.0-69 (for LB templates) and ovs 3.1.0-32 (upgrade perf) #1710
- OCPBUGS-15523: [DownstreamMerge] 6-27-23 #1726
- OCPBUGS-15227: [DownstreamMerge] 6-21-23 #1718
- OCPBUGS-15226: EgressIP: do not patch the status if the object no longer exists #1717
- 6-18-2023 #1714
- OCPBUGS-14769, SDN-3885: Downstream Merge 13th June 2023 #1707
- OCPBUGS-10592, OCPBUGS-10841, OCPBUGS-11180, OCPBUGS-12747, OCPBUGS-1715, OCPBUGS-4370, OCPBUGS-4485, SDN-3733, SDN-3838, SDN-3840: Downstream Merge 6th June 2023 #1697
- Full changelog
- Bump openshift/prometheus to v2.45.0 #166
- Bump openshift/prometheus to v2.44.0 #164
- Dockerfile.ocp: update note about UI assets after switching to embed #165
- Full changelog
- : fix mtls secret generation #473
- Revert wrong cert name change of #455 #472
- : add secret for external mtls connection #470
- MON-3230: Add TLS auth to telemeter-client #455
- jsonnet: Add config to support rhelemeter #468
- Improve debug roundtripper logs #467
- Fix integration test documentation #461
- Fix path benchmark #466
- Add RHEL POC server #465
- Full changelog
- temporarily disable oc explain tests until openapi/v3 is working properly #28022
- USHIFT-647: skip non-existing resources from security.openshift.io #27897
- trt-1117: Test for update lease errors #28020
- print out deployment for incorrectly scheduled pods #28011
- OCPBUGS-14425: Skip CCM upgradable condition on AlibabaCloud #27967
- Update “verify that nodes have no unexpected reboots” test #28016
- allow cluster-config-operator to manage featuregate upgrade block #28009
- add a networking alert for OVNKubernetesResourceRetryFailure #28008
- add debugging info for cluster not ready to upgrade #28007
- OCPVE-378: feat: remove skip, allow check on all platforms regardless #27911
- Report external binary usage #28000
- Changing the severity of “missing runbook_url annotation for critical alerts” test case from flaky to failure #27987
- disruption refinement for availability, not latency. #28003
- TRT-1097: add KubeMemoryOvercommit to specific test so that the general test doesn’t fail #28002
- OCPBUGS-11652: Enable oc adm node-logs #27992
- skip reboot test when machineconfigs not in target cluster #27999
- OCPBUGS-15291: [sig-cli] oc idle: get a dc name through labels instead of parsing oc create output #27998
- Automated - Update synthetic test data #27995
- Flake ci-cluster-network-liveness and new backend disruption failures to avoid payload rejections #27990
- verifies number of node reboots even for HA #27994
- OCPBUGS-13379: machines: add a test which verifies number of node reboots #27993
- strip operator framework from resource watch and fix bugs #27972
- Fix panic in loki upload #27991
- Replace dashes in locator keys for upload to loki, add namespace label when possible #27983
- Automated - Update synthetic test data #27982
- Update kubevirt LB connectivity tests to work with AWS ELB #27978
- Full changelog
Source code for this page located on github