Merge pull request #66747 from gwynnemonahan/OSSM-5165

bburt-rh · web-flow · commit fdf0b9cc0648 · 2023-11-15T12:25:03.000-05:00
OSSM-5165 OSSM 2.4.5: [DOC] Release Notes, Known Issues and Bug Fixes
diff --git a/_attributes/common-attributes.adoc b/_attributes/common-attributes.adoc
@@ -146,7 +146,7 @@ endif::[]
 :product-rosa: Red Hat OpenShift Service on AWS
 :SMProductName: Red Hat OpenShift Service Mesh
 :SMProductShortName: Service Mesh
-:SMProductVersion: 2.4.4
+:SMProductVersion: 2.4.5
 :MaistraVersion: 2.4
 //Service Mesh v1
 :SMProductVersion1x: 1.1.18.2
diff --git a/modules/ossm-rn-fixed-issues.adoc b/modules/ossm-rn-fixed-issues.adoc
@@ -14,17 +14,42 @@ Provide the following info for each issue if possible:
 *Result* - How has the behavior changed as a result? Try to avoid “It is fixed” or “The issue is resolved” or “The error no longer presents”.
 ////
 
-The following issues have been resolved in the current release:
+The following issue has been resolved in the current release:
 
-* https://issues.redhat.com/browse/OSSM-4851[OSSM-4851] Previously, an error occurred in the operator deploying new pods in a namespace scoped inside the mesh when `runAsGroup`, `runAsUser`, or `fsGroup` parameters were `nil`. Now, a yaml validation has been added to avoid the `nil` value.
+* https://issues.redhat.com/browse/OSSM-3647[OSSM-3647] Previously, in the {SMProductShortName} control plane (SMCP) v2.2 (Istio 1.12), WasmPlugins were applied only to inbound listeners. Since SMCP v2.3 (Istio 1.14), WasmPlugins have been applied to inbound and outbound listeners by default, which introduced regression for users of the 3scale WasmPlugin. Now, the environment variable `APPLY_WASM_PLUGINS_TO_INBOUND_ONLY` is added, which allows safe migration from SMCP v2.2 to v2.3 and v2.4. 
++
+The following setting should be added to the SMCP config:
++
+[source, yaml]
+----
+spec:
+  runtime:
+    components:
+      pilot:
+        container:
+          env:
+            APPLY_WASM_PLUGINS_TO_INBOUND_ONLY: "true"
 
-* https://issues.redhat.com/browse/OSSM-3771[OSSM-3771] Previously, OpenShift routes could not be disabled for additional ingress gateways defined in a Service Mesh Control Plane (SMCP). Now, a `routeConfig` block can be added to each `additionalIngress` gateway so the creation of OpenShift routes can be enabled or disabled for each gateway.
+----
++
+To ensure safe migration, perform the following steps:
++
+--
+. Set `APPLY_WASM_PLUGINS_TO_INBOUND_ONLY` in SMCP v2.2.
+. Upgrade to 2.4.
+. Set `spec.match[].mode: SERVER` in WasmPlugins.
+. Remove the previously-added environment variable.
+--
 
 The following issues have been resolved in previous releases:
 
 [id="ossm-rn-fixed-issues-ossm_{context}"]
 == {SMProductShortName} fixed issues
 
+* https://issues.redhat.com/browse/OSSM-4851[OSSM-4851] Previously, an error occurred in the operator deploying new pods in a namespace scoped inside the mesh when `runAsGroup`, `runAsUser`, or `fsGroup` parameters were `nil`. Now, a yaml validation has been added to avoid the `nil` value.
+
+* https://issues.redhat.com/browse/OSSM-3771[OSSM-3771] Previously, OpenShift routes could not be disabled for additional ingress gateways defined in a Service Mesh Control Plane (SMCP). Now, a `routeConfig` block can be added to each `additionalIngress` gateway so the creation of OpenShift routes can be enabled or disabled for each gateway.
+
 * https://issues.redhat.com/browse/OSSM-4197[OSSM-4197] Previously, if you deployed a v2.2 or v2.1 of the 'ServiceMeshControlPlane' resource, the `/etc/cni/multus/net.d/` directory was not created. As a result, the `istio-cni` pod failed to become ready, and the `istio-cni` pods log contained the following message:
 +
 [source,terminal]
diff --git a/modules/ossm-rn-new-features.adoc b/modules/ossm-rn-new-features.adoc
@@ -15,6 +15,33 @@ Module included in the following assemblies:
 
 This release adds improvements related to the following components and concepts.
 
+== New features {SMProductName} version 2.4.5
+
+This release of {SMProductName} addresses Common Vulnerabilities and Exposures (CVEs), contains bug fixes, and is supported on {product-title} 4.11 and later versions.
+
+=== Component versions included in {SMProductName} version 2.4.5
+//Component table updated for 2.4.5, 2.3.9, and 2.2.12
+//Kiali updated to 1.65.11 Nov 8, 2023
+//According to Distributed Tracing rel notes, Jaeger is unchanged
+//Envoy remains unchanged
+//Istio remains unchanged
+|===
+|Component |Version
+
+|Istio
+|1.16.7
+
+|Envoy Proxy
+|1.24.12
+
+|Jaeger
+|1.47.0
+
+|Kiali
+|1.65.11
+|===
+//Component table updated for 2.4.5, 2.3.9, and 2.2.12
+
 == New features {SMProductName} version 2.4.4
 
 This release of {SMProductName} addresses Common Vulnerabilities and Exposures (CVEs), contains bug fixes, and is supported on {product-title} 4.11 and later versions.
@@ -259,6 +286,31 @@ endif::openshift-rosa[]
 * {SMProductShortName} on ARM64 architecture is not supported.
 * OpenTelemetry API remains a Technology Preview feature.
 
+== New features {SMProductName} version 2.3.9
+//Update with 2.4.5
+
+This release of {SMProductName} addresses Common Vulnerabilities and Exposures (CVEs), contains bug fixes, and is supported on {product-title} 4.11 and later versions.
+
+=== Component versions included in {SMProductName} version 2.3.9
+//Updated with 2.4.5
+//Kiali updated to 1.57.14 Nov 8
+|===
+|Component |Version
+
+|Istio
+|1.14.5
+
+|Envoy Proxy
+|1.22.11
+
+|Jaeger
+|1.47.0
+
+|Kiali
+|1.57.14
+|===
+
+
 == New features {SMProductName} version 2.3.8
 //Update with 2.4.4
 
@@ -538,6 +590,31 @@ Additionally, the SMMR must also be configured for cluster-wide deployment. This
 ----
 <1> Adds all namespaces to the mesh, including any namespaces you subsequently create. The following namespaces are not part of the mesh: kube, openshift, kube-* and openshift-*.
 
+== New features {SMProductName} version 2.2.12
+
+This release of {SMProductName} addresses Common Vulnerabilities and Exposures (CVEs), contains bug fixes, and is supported on {product-title} 4.11 and later versions.
+
+=== Component versions included in {SMProductName} version 2.2.12
+//2.2.12 released with 2.4.5
+//Kiali updated to 1.48.11 Nov 8
+|===
+|Component |Version
+
+|Istio
+|1.12.9
+
+|Envoy Proxy
+|1.20.8
+
+|Jaeger
+|1.47.0
+
+|Kiali
+|1.48.11
+|===
+//2.2.12 being released with 2.4.5
+
+
 == New features {SMProductName} version 2.2.11
 
 This release of {SMProductName} addresses Common Vulnerabilities and Exposures (CVEs), contains bug fixes, and is supported on {product-title} 4.11 and later versions.
