OnApp 6.0 Patch 6 CloudBoot Update (6.0.0-283)

2 April 2020

This documents provides information on improvements and fixes, as well as the upgrade instructions for CloudBoot.

The following packages have been released for CloudBoot:

onapp-ramdisk-centos6-kvm-6.0.0-46.noarch.rpm
onapp-ramdisk-centos6-xen-6.0.0-46.noarch.rpm
onapp-ramdisk-centos7-default-6.0.0-40.noarch.rpm
onapp-ramdisk-centos7-kvm-6.0.0-46.noarch.rpm
onapp-ramdisk-centos7-xen-6.0.0-46.noarch.rpm

Improvements & Fixes

Key	Release Notes	Affects Version/s
CLOUDBOOT-572	Updated a Xen version to 4.8.5.77.gec6c25e467-1.el6 for CentOS 6 Xen ramdisk to address the XSA-306/CVE-2019-19579 issue.
CLOUDBOOT-597	Updated the following components for CentOS 6 KVM ramdisk: A kernel version to 2.6.32-754.28.1.el6.x86_64 to address the CVE-2019-17133, CVE-2019-17055, RedHat 1778625, 1779473, 1772779, and 1795404 issues A qemu-kvm version to 0.12.1.2-2.506.el6_10.6 compiled with `--enable-io-throttling` to addres RedHat bz#1791558, bz#1749731, and bz#1734747 issues
CLOUDBOOT-598	Updated the following components for CentOS 6 Xen ramdisk: A kernel version to 4.9.215-36.el6.x86_64 A UFS filesystem driver sources version based on a kernel version 4.9.215-36.el6.x86_64 compelled with `super-ufs_fs_write.patch` patch Xen version to 4.8.5.86.g8db85532cb-1.el6 to address the XSA-307/CVE-2019-19581,CVE-2019-19582, XSA-308/CVE-2019-19583, XSA-309/CVE-2019-19578, XSA-310/CVE-2019-19580, and the XSA-311/CVE-2019-19577 issues
CLOUDBOOT-599	Updated the following components for CentOS 7 Xen ramdisk: A kernel version to 4.9.215-36.el7.x86_64 A UFS filesystem driver sources version based on a kernel version 4.9.215-36.el7.x86_64 compelled with `super-ufs_fs_write.patch` patch A wireguard sources version to 0.0.20190702 based on a kernel version 4.9.215-36.el7.x86_64 Xen version to 4.10.4.36.g6cb1cb9c63-1.el7 to address the XSA-307/CVE-2019-19581,CVE-2019-19582, XSA-308/CVE-2019-19583, XSA-309/CVE-2019-19578, XSA-310/CVE-2019-19580, and the XSA-311/CVE-2019-19577 issues
CLOUDBOOT-603	Updated OnApp Storage with the `onappstore-6.0-7586-6.0.x86_64.rpm` ramdisk images for CloudBoot 6.0 Patch 10.
CLOUDBOOT-604	Updated the following components for CentOS 7 KVM ramdisk: A CentOS version to 7.7.1908 A kernel version to 3.10.0-1062.18.1.el7.x86_64 to address the CVE-2019-11487 and the CVE-2019-19338 issues An XFS filesystem driver sources version to 3.10.0-327.36.3.el7.x86_64 based on a kernel version 3.10.0-1062.18.1.el7.x86_64 compiled with the following patches: xfs-make-xfs_bmbt_to_iomap-available-outside-of-xfs_.patch iomap-Switch-from-blkno-to-disk-offset.patch dax-give-DAX-clearing-code-correct-bdev.patch A UFS filesystem driver sources version based on a kernel version 3.10.0-1062.18.1.el7.x86_64 compelled with R/W support patch A libvirt version to 4.5.0-23.el7_7.6 to address the rhbz#1793576 issue
CLOUDBOOT-504	Updated the bnx2.ko NetXtreme II driver’s version to 2.2.6 to allow to set MTU to more than 1500.	6.0
CLOUDBOOT-516	Updated the following components for CentOS 7 default ramdisk: A CentOS version to 7.7.1908 A kernel version to 3.10.0-1062.1.2.el7.x86_64 to address the CVE-2019-14835 issue	6.0.0-238
CLOUDBOOT-523 CLOUDBOOT-525 CLOUDBOOT-526 CLOUDBOOT-527 CLOUDBOOT-528 CLOUDBOOT-529	Updated the Xen version for CentOS 6 to 4.8.5.48.gc67210f60d-1 and for CentOS 7 to 4.10.4-2.el7 to address the following XSA issues: 296, 298, 299, 301, 302, and 303.	5.5-6.2
CLOUDBOOT-535	Updated a Xen version to 4.8.5.77.gec6c25e467-1.el6 for RHEL/CentOS 6.x Xen ramdisk and to 4.10.4.28.ge4899550ff-1.el7 for RHEL/CentOS 7.x Xen ramdisk to address the XSA-306/CVE-2019-19579 issue.	6.0-6.2
CLOUDBOOT-536 CLOUDBOOT-537	Updated the Xen version for CentOS 6 to 4.8.5.75.g4c666a7e15-1.el6 and for CentOS 7 to 4.10.4.26.gfde09cb80c-1.el7 to address the XSA-304 and XSA-305 issues.	5.0 -6.1
CLOUDBOOT-556 CLOUDBOOT-557	Updated the Xen version for CentOS 6 to 4.8.5.86.g8db85532cb-1.el6 and for CentOS 7 to 4.10.4.36.g6cb1cb9c63-1.el7 to address the XSA-311 /CVE-2019-19577 and XSA-308/CVE-2019-19583 issues.	5.5-6.2
CLOUDBOOT-558 CLOUDBOOT-554 CLOUDBOOT-555	Updated the Xen version for CentOS 6 to 4.8.5.86.g8db85532cb-1.el6 and for CentOS 7 to 4.10.4.36.g6cb1cb9c63-1.el7 to address the XSA-310/CVE-2019-19580, XSA-307/CVE-2019-19581, and the CVE-2019-19582 issues.	5.5-6.2
STORAGE-2219	When you tried to create new CentOS 7 KVM compute resource of the smart type, it was impossible to retrieve and generate its unique SCSI identifier.	6.0 Patch 9

Upgrade CloudBoot Packages

Create a backup of the /tftpboot directory in case the storage packages rollback is needed.
Power off Windows virtual servers before proceeding to the following procedures.

To upgrade the OnApp Storage packages, follow the next procedure.

Upgrade the repo (run on Control Panel box):

1
# yum -y update http://rpm.repo.onapp.com/repo/onapp-repo-6.0.noarch.rpm

Update the onapp -store-install package (run on Control Panel box):
1
# yum update onapp-store-install

Update the following packages (run on Control Panel box):

1
2
3
4
5
6
# yum update onapp-ramdisk-tools 
# yum update onapp-ramdisk-centos6-xen 
# yum update onapp-ramdisk-centos6-kvm 
# yum update onapp-ramdisk-centos7-xen 
# yum update onapp-ramdisk-centos7-kvm 
# yum update onapp-ramdisk-centos7-default

After the packages installation, go to the Control Panel’s Settings menu > Configuration and click the Save Configuration button.

Run the script:
1
# /onapp/onapp-store-install/onapp-store-install.sh
Be aware that the disk-less nodes password is the root password for the CloudBoot compute resources. By default it is blank.
When run in the interactive mode, enter the required information.

To upgrade CloudBoot backup servers, refer to the Upgrade Guide. The “Simple Reboot” and “Migrate and Reboot” options are available.

If you want to update CloudBoot compute resources only to remove the accelerator issue (onapp-messaging service), you can use the liveUpdate procedure not to reboot compute resources:

1
liveUpdate updateToolstack hv_ip force

Where:

hv_ip - IP of the compute resource.