From c3e6c7a6c5d5b70986ee1bf83e65be852b7f73c9 Mon Sep 17 00:00:00 2001
From: Andrew Taylor <antaylor@redhat.com>
Date: Fri, 29 Mar 2019 11:09:23 -0400
Subject: [PATCH] 3.11.98 Release notes and tags

made changes to release notes syntax

corrected date on release notes
---
 install/disconnected_install.adoc         |   6 +-
 install_config/aggregate_logging.adoc     |   4 +-
 release_notes/ocp_3_11_release_notes.adoc | 106 ++++++++++++++++++++++
 upgrading/automated_upgrades.adoc         |   4 +-
 4 files changed, 113 insertions(+), 7 deletions(-)

diff --git a/install/disconnected_install.adoc b/install/disconnected_install.adoc
index bfe705dc89b8..4aba650829bd 100644
--- a/install/disconnected_install.adoc
+++ b/install/disconnected_install.adoc
@@ -3,9 +3,9 @@
 {product-author}
 {product-version}
 :major-tag: v3.11
-:latest-tag: v3.11.88
-:latest-int-tag: v3.11.88
-:latest-registry-console-tag: v3.11.88
+:latest-tag: v3.11.98
+:latest-int-tag: v3.11.98
+:latest-registry-console-tag: v3.11.98
 :data-uri:
 :icons:
 :experimental:
diff --git a/install_config/aggregate_logging.adoc b/install_config/aggregate_logging.adoc
index 736dca47c83a..3bc54e74c0af 100644
--- a/install_config/aggregate_logging.adoc
+++ b/install_config/aggregate_logging.adoc
@@ -3,10 +3,10 @@
 {product-author}
 {product-version}
 ifdef::openshift-enterprise[]
-:latest-tag: v3.11.88
+:latest-tag: v3.11.98
 endif::[]
 ifdef::openshift-origin[]
-:latest-tag: v3.11.88
+:latest-tag: v3.11.98
 endif::[]
 :data-uri:
 :icons:
diff --git a/release_notes/ocp_3_11_release_notes.adoc b/release_notes/ocp_3_11_release_notes.adoc
index 25a8c4e8c5a4..8ba77c3f36b6 100644
--- a/release_notes/ocp_3_11_release_notes.adoc
+++ b/release_notes/ocp_3_11_release_notes.adoc
@@ -2198,3 +2198,109 @@ link:https://access.redhat.com/errata/RHSA-2019:0739[RHSA-2019:0739] advisory.
 To upgrade an existing {product-title} 3.10 or 3.11 cluster to this latest
 release, see xref:../upgrading/index.adoc#install-config-upgrading-index[Upgrade
 methods and strategies] for instructions.
+
+[[ocp-3-11-98]]
+=== RHBA-2019:0636 - {product-title} 3.11.98 Bug Fix and Enhancement Update
+
+Issued: 2019-04-11
+
+{product-title} release 3.11.98 is now available. The list of packages and
+bug fixes included in the update are documented in the
+link:https://access.redhat.com/errata/RHBA-2019:0636[RHBA-2019:0636] advisory.
+The container images included in the update are provided by the
+link:https://access.redhat.com/errata/RHBA-2019:0637[RHBA-2019:0637] advisory.
+
+Space precluded documenting all of the bug fixes and enhancements for this
+release in the advisory. See the following sections for notes on upgrading and
+details on the bug fixes and enhancements included in this release.
+
+[[ocp-3-11-98-bug-fixes]]
+==== Bug Fixes
+
+* Administrative users were not able to access the cluster endpoints because permissions were defined incorrectly. Now, the correct permissions have been defined, and administrative users can use the `_cat` endpoints.
+(link:https://bugzilla.redhat.com/show_bug.cgi?id=1548640[*BZ#1548640*])
+
+* Image garbage collection failed to remove an image correctly if it has only one tag but more than one repository associated with the image. This has now been resolved and garbage collection completes successfully.
+(link:https://bugzilla.redhat.com/show_bug.cgi?id=1647348[*BZ#1647348*])
+
+* The `docker` registry Health Check would fail if the bucket was empty on AWS S3 environments, returning a `PathNotFound` message. Now, `PathNotFound` is treated as a success and Health Check works as expected for empty buckets.
+(link:https://bugzilla.redhat.com/show_bug.cgi?id=1655641[*BZ#1655641*])
+
+* Playbooks ran a check to see if images existed on the disk with specific version tags, but did not ensure the version on the disk was up-to-date to the tagged image in the repo, resulting in skipping the z-stream image pulls, and z-stream upgrades would fail. Now, the on-disk check has been removed, and image pulls are efficient so that there is no need to check whether the image exists on the disk prior to downloading.
+(link:https://bugzilla.redhat.com/show_bug.cgi?id=1658387[*BZ#1658387*])
+
+* Health Check playbooks would fail at checking `Elasticsearch` because the exec call would not specify a container. The call failed because the output included incorrectly formatted JSON text. Now, the target container is included in the `exec` call and the Health Check succeeds.
+(link:https://bugzilla.redhat.com/show_bug.cgi?id=1660956[*BZ#1660956*])
+
+* An error in `glusterfs` pod mount points prevented the use of `gluster-block`. As a result, the provisioner would fail to create devices. The mount points have now been updated and the provisioning process succeeds as expected.
+(link:https://bugzilla.redhat.com/show_bug.cgi?id=1662312[*BZ#1662312*])
+
+* The `openshift-ansible` package was incorrectly checking if a value in the `etcd-servers-overrides` was a valid path. Some values were considered invalid by the `openshift-ansible-3.11.51-2.git.0.51c90a3.el7.noarch` package. Now, `etcd-servers-overrides` does not contain paths, and is ignored during path checks.
+(link:https://bugzilla.redhat.com/show_bug.cgi?id=1666491[*BZ#1666491*])
+
+* `etcd` non-master host nodes were excluded from upgrades. Now, `etcd` host nodes are able to be upgraded.
+(link:https://bugzilla.redhat.com/show_bug.cgi?id=1668317[*BZ#1668317*])
+
+* The Ansible variable `openshift_master_image_policy_allowed_registries_for_import` was incorrectly parsed, causing a corrupted `master-config.yaml` file. Now, the `openshift_master_image_policy_allowed_registries_for_import`
+variable is correctly parsed and a simple registry image policy can be set as expected.
+(link:https://bugzilla.redhat.com/show_bug.cgi?id=1670473[*BZ#1670473*])
+
+* The playbooks and manual configuration steps to redeploy router certificates were replaced with service serving certificates secret. This would overwrite or miss the router wild certificates secret, causing certificate errors due to incorrect certificates redeployed. Now, the playbooks and manual redeployment steps do not overwrite router certificates secret. The router certificates are redeployed based on the specified sub domain or customer certificates.
+(link:https://bugzilla.redhat.com/show_bug.cgi?id=1672011[*BZ#1672011*])
+
+* The `ImageStream` used in the `BuildConfig` editor did not have edit properties, causing runtime errors in the `BuildConfig` editor. Now, the editor is initializing tags and objects, even if `ImageStream` in the `BuildConfig` is missing or if the user does not have the correct permissions to use it.
+(link:https://bugzilla.redhat.com/show_bug.cgi?id=1672904[*BZ#1672904*])
+
+* Master pods did not match time zones with worker nodes, which led to errors in logging timestamps. Now, the host's timezone configuration is mounted into the control plane pods.
+(link:https://bugzilla.redhat.com/show_bug.cgi?id=1674170[*BZ#1674170*])
+
+* When a cluster was installed, the user name in the loopback kubeconfig is the same as the host name of the master. Now, the variable in the playbook is changed to a different value.
+(link:https://bugzilla.redhat.com/show_bug.cgi?id=1675133[*BZ#1675133*])
+
+* The Ansible Health Check playbook failed when checking the `curator` status. This occurred because the Health Check assumed `curator` is a `deploymentconfig` instead of a `cronjob`, resulting in a failed check. Now, Health Check properly evaluates for a `cronjob` instead of a `deploymentconfig`.
+(link:https://bugzilla.redhat.com/show_bug.cgi?id=1676720[*BZ#1676720*])
+
+* Some namespaces would be missing from `oc get projects` if more than 1,000 projects were listed. Now, all items correctly appear when looking at large resource lists.
+(link:https://bugzilla.redhat.com/show_bug.cgi?id=1677545[*BZ#1677545*])
+
+* High network latency existed between `Kibana` and `Elasticsearch` due to either network issues or under-allocated memory for `Elasticsearch`. As a result, `Kibana` would be unusable because of a gateway timeout. Now, changes are backported from `Kibana` version 6, which allows modification to the ping timeout. Administrators are not able to override the default `pingTimeout` of 3000ms by setting the `ELASTICSEARCH_REQUESTTIMEOUT` environment variable. `Kibana` is functional until the underlying network issues or under-allocated memory conditions can be resolved.
+(link:https://bugzilla.redhat.com/show_bug.cgi?id=1679159[*BZ#1679159*])
+
+* The `deafultIndex` in the `Kibana` config entry was null, causing the seeding process to fail and the user was presented with a white screen. Now, the `defaultIndex` value is evaluated and returns to the default screen if there is a null value. The `Kibana` seeding process completes successfully.
+(link:https://bugzilla.redhat.com/show_bug.cgi?id=1679613[*BZ#1679613*])
+
+* Previously, the upgrade process for `CRI-O` would attempt to stop `docker` on nodes that had been configured to only run `CRI-O`, resulting in playbook failures. Now, the playbook does not stop `docker` on nodes that are configured only for `CRI-O` operation, ensuring successful upgrades.
+(link:https://bugzilla.redhat.com/show_bug.cgi?id=1685072[*BZ#1685072*])
+
+* Using `MERGE_JSON_LOG=true` would create fields in the record that would cause syntax violations or create too many fields in `Elasticsearch`, causing severe performance problems. Now, users who experience these problems can tune `fluentd` to accommodate their log record fields without errors or `Elasticsearch` performance degradation.
+(link:https://bugzilla.redhat.com/show_bug.cgi?id=1685243[*BZ#1685243*])
+
+* The SSL and TLS service uses Diffie-Hellman groups with insufficient strength (a key size less than 2048 bytes). As a result, the keys are more vulnerable. Now, the key strength has been increased and certificates are more secure.
+(link:https://bugzilla.redhat.com/show_bug.cgi?id=1685618[*BZ#1685618*])
+
+* The `fluentd` daemonset did not include a `tolerate everything` toleration. If a node became tainted, the `fluentd` pod would get evicted. Now, a `tolerate everything` toleration has been added, and `fluentd` pods do not get evicted.
+(link:https://bugzilla.redhat.com/show_bug.cgi?id=1685970[*BZ#1685970*])
+
+* Upgrade playbooks ran several `oc` commands that used resource aliases that may not be immediately available after a restart or other reasons. Now, the `oc` suite of commands uses the fully qualified resource name to avoid potential failure.
+(link:https://bugzilla.redhat.com/show_bug.cgi?id=1686590[*BZ#1686590*])
+
+* The files that implemented log rotation functionality were not copied to the correct `fluentd` directory. As a result, logs were not being rotated. Now, the container build has been changed to inspect the `fluentd` gem to find out where to install the files. The files that implement log rotation are copied to the correct directory for `fluentd` usage.
+(link:https://bugzilla.redhat.com/show_bug.cgi?id=1686941[*BZ#1686941*])
+
+
+[[ocp-3-11-98-enhancements]]
+==== Enhancements
+
+* The command `oc label --list` is now added, and now shows the resource and name of all the labels.
+(link:https://bugzilla.redhat.com/show_bug.cgi?id=1268877[*BZ#1268877*])
+
+* This enhancement allows the AWS cloud provider to parse additional endpoint configuration and customization of both core Kubernetes and cluster autoscaler environments. AWS now allows custom and private regions, which do not follow the conventions of their public cloud endpoints. {product-title} deployments were limited to the public AWS cloud regions only, and this limited the adoption of the product in these scenarios. Additional configuration elements can be added to the `aws.conf` file and will be honored by {product-title} as well as the `cluster-autoscaler` to ensure the correct cloud endpoints are used to automatically provision EBS volumes, load balancers, and EC2 instances.
+(link:https://bugzilla.redhat.com/show_bug.cgi?id=1644084[*BZ#1644084*])
+
+
+[[ocp-3-11-98-upgrading]]
+==== Upgrading
+
+To upgrade an existing {product-title} 3.10 or 3.11 cluster to this latest
+release, see xref:../upgrading/index.adoc#install-config-upgrading-index[Upgrade
+methods and strategies] for instructions.
diff --git a/upgrading/automated_upgrades.adoc b/upgrading/automated_upgrades.adoc
index e8e788cce19f..d04343fba13f 100644
--- a/upgrading/automated_upgrades.adoc
+++ b/upgrading/automated_upgrades.adoc
@@ -2,9 +2,9 @@
 = Performing automated in-place cluster upgrades
 {product-author}
 {product-version}
-:latest-tag: v3.11.88
+:latest-tag: v3.11.98
 :latest-short-tag: v3.11
-:latest-int-tag: v3.11.88
+:latest-int-tag: v3.11.98
 ifdef::openshift-enterprise[]
 :pb-prefix: /usr/share/ansible/openshift-ansible/
 endif::[]