Skip to content

[OSDOCS-18145]: HCP bug fix text 4.21 #106502

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
lahinson merged 1 commit into from
Mar 3, 2026
Merged

[OSDOCS-18145]: HCP bug fix text 4.21 #106502

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
12 changes: 10 additions & 2 deletions modules/hcp-release-notes-fixed-issues.adoc
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,14 @@

The following issues are fixed for this release:

* Before this update, deploying a hosted control plane on OpenShift Virtualization with IPv4 or IPv6 dual-stack networking failed because the Cluster Network Operator did not recognize KubeVirt as a supported platform for dual-stack. As a consequence, hosted clusters could not be deployed on OpenShift Virtualization with dual-stack networking. With this release, support is added for deploying a hosted control plane on OpenShift Virtualization with KubeVirt. The Cluster Network Operator (CNO) now recognizes KubeVirt as a supported platform for dual-stack, which enables the successful deployment of hosted control planes with IPv4/IPv6 dual-stack networking. This enhancement ensures a smoother deployment process for dual-stack networking configurations. (link:https://issues.redhat.com/browse/OCPBUGS-69941[OCPBUGS-69941])

//[id="hcp-release-note-_{context}"]
//==
* Before this update, the `GenerateNodePools()` function of the CLI incorrectly set `AzureMarketplace` to `nil` when you specified the `--image-generation` flag without additional marketplace flags, which discarded your preference. Also, the `nodepool` controller failed to set `ImageGeneration` when creating images from the release payload, which caused them to default to Gen2. As a consequence, when users attempted to create Azure hosted clusters by using `--image-generation` Gen1, the `NodePools` were incorrectly provisioned with Gen2 images, which ignored the explicit configuration. With this release, the CLI is modified to preserve your preference by creating a proper `AzureMarketplaceImage` structure, and the `nodepool` controller explicitly sets the generation field based on the release payload (mapping Gen1 for HyperVGen1 and Gen2 for HyperVGen2). As a result, the` --image-generation` flag is now fully respected, which allows you to successfully deploy `NodePool` objects with their chosen image generation without being overwritten by system defaults. (link:https://issues.redhat.com/browse/OCPBUGS-63613[OCPBUGS-63613])

* Before this update, when a hosted cluster used an external DNS and the `PublicAndPrivate` endpoint access type, the `allowedCIDRBlocks` parameter was applied to the `kube-apiserver` service instead of the external router `LoadBalancer` service. Because external traffic to the `kube-apiserver` service flows through the router when the external DNS is configured, the CIDR restrictions were not enforced and external access was unrestricted. With this update, the `LoadBalancerSourceRanges` configuration is applied to the external router `LoadBalancer` service. As a result, external `kube-apiserver` access is properly restricted to the specified `allowedCIDRBlocks` values. (link:https://issues.redhat.com/browse/OCPBUGS-61941[OCPBUGS-61941])

* Before this update, deploying hosted control planes 4.20 with user-supplied `ignition-server-serving-cert` and `ignition-server-ca-cert` secrets, along with the `disable-pki-reconciliation` annotation, caused the system to remove the user-supplied ignition secrets and the `ignition-server` pods to fail. With this release, the `ignition-server` secrets are preserved during reconciliation after removing the delete action for the `disable-pki-reconciliation` annotation, ensuring that the `ignition-server` pods start up completely. (link:https://issues.redhat.com/browse/OCPBUGS-61776[OCPBUGS-61776])

* Before this update, the hosted control plane (`hcp`) CLI and control plane operator instantiated Azure SDK clients without passing cloud configuration options, which caused all clients to default to Azure Public Cloud. As a consequence, creating or managing hosted clusters in Azure Government Cloud or Azure China Cloud failed because the SDK clients could not connect to the correct cloud endpoints. With this update, all Azure SDK client instantiations use the cloud configuration specified in the hosted cluster platform settings. As a result, the `hcp` CLI and control plane operator correctly support Azure Government Cloud and Azure China Cloud in addition to Azure Public Cloud. (link:https://issues.redhat.com/browse/OCPBUGS-33372[OCPBUGS-33372])

* Before this update, the following test failed more than expected:`TestExternalOIDCTechPreview/Main/[OCPFeatureGate:ExternalOIDCWithUIDAndExtraClaimMappings]_Test_external_OIDC_userInfo_Extra`. As a consequence, the user experience was disrupted by a test failure in the external OIDC feature. With this release, the bug fix ensures that the `ExternalOIDCWithUIDAndExtraClaimMappings` test passes in version 4.20. As a result, the test failures in the external OIDC feature are fixed, improving user authentication in 4.20 and later versions. (link:https://issues.redhat.com/browse/OCPBUGS-63622[OCPBUGS-63622])