OCP docs update 2025/10/08

ocp-product-docs-plaintext/4.16/nodes/cma/nodes-cma-autoscaling-custom-install.txt

@@ -95,9 +95,16 @@ spec:
     caConfigMaps: 4
     - thanos-cert
     - kafka-cert
+    volumeMounts: 5
+    - mountPath: /<path_to_directory>
+      name: <name>
+    volumes: 6
+    - name: <volume_name>
+      emptyDir:
+        medium: Memory
   metricsServer:
-    logLevel: '0' 5
-    auditConfig: 6
+    logLevel: '0' 7
+    auditConfig: 8
       logFormat: "json"
       logOutputVolumeClaim: "persistentVolumeClaimName"
       policy:
@@ -116,6 +123,8 @@ Specifies a single namespace in which the Custom Metrics Autoscaler Operator sca
 Specifies the level of verbosity for the Custom Metrics Autoscaler Operator log messages. The allowed values are debug, info, error. The default is info.
 Specifies the logging format for the Custom Metrics Autoscaler Operator log messages. The allowed values are console or json. The default is console.
 Optional: Specifies one or more config maps with CA certificates, which the Custom Metrics Autoscaler Operator can use to connect securely to TLS-enabled metrics sources.
+Optional: Add the container mount path.
+Optional: Add a volumes block to list each projected volume source.
 Specifies the logging level for the Custom Metrics Autoscaler Metrics Server. The allowed values are 0 for info and 4 for debug. The default is 0.
 Activates audit logging for the Custom Metrics Autoscaler Operator and specifies the audit policy to use, as described in the "Configuring audit logging" section.
 5. Click Save to save the changes.

ocp-product-docs-plaintext/4.16/observability/network_observability/observing-network-traffic.txt

@@ -463,7 +463,7 @@ spec:
 
 To enable eBPF flow filtering, set spec.agent.ebpf.flowFilter.enable to true.
 To define the action for the flow filter rule, set the required action parameter. Valid values are Accept or Reject.
-To define the IP address and CIDR mask for the flow filter rule, set the required cidr parameter. This parameter supports both IPv4 and IPv6 address formats. To match any IP address, use 0.0.0.0/0 for IPv4 or `::/0 for IPv6.
+To define the IP address and CIDR mask for the flow filter rule, set the required cidr parameter. This parameter supports both IPv4 and IPv6 address formats. To match any IP address, use 0.0.0.0/0 for IPv4 or ::/0 for IPv6.
 To define the sampling rate for matched flows and override the global sampling setting spec.agent.ebpf.sampling, set the sampling parameter.
 To filter flows by Peer IP CIDR, set the peerCIDR parameter.
 

ocp-product-docs-plaintext/4.16/security/compliance_operator/co-scans/compliance-operator-supported-profiles.txt

@@ -42,7 +42,7 @@ The following tables reflect the latest available profiles in the Compliance Ope
 
 1. The  ocp4-bsi and ocp4-bsi-node profiles maintain the most up-to-date version of the BSI Basic Protection Profile as it becomes available in the Compliance Operator. If you want to adhere to a specific version, such as BSI 2022, use the ocp4-bsi-2022 and ocp4-bsi-node-2022 profiles.
 2. Node profiles must be used with the relevant Platform profile. For more information, see Compliance Operator profile types.
-3. Edition 2022 is the latest available english edition of BSI IT-Grundschutz (Basic Protection) compendium. There were no changes for Building Blocks SYS.1.6 and APP.4.4 in the latest published german compendium (edition 2023).
+3. Edition 2022 is the latest available English edition of the BSI IT-Grundschutz (Basic Protection) compendium. There were no changes for Building Blocks SYS.1.6 and APP.4.4 in the latest published German compendium (edition 2023).
 
 For more information, see BSI Quick Check.
 

ocp-product-docs-plaintext/4.16/service_mesh/v2x/servicemesh-release-notes.txt

@@ -2,9 +2,9 @@
 
 
 
-# Red Hat OpenShift Service Mesh version 2.6.10
+# Red Hat OpenShift Service Mesh version 2.6.11
 
-This release of Red Hat OpenShift Service Mesh updates the Red Hat OpenShift Service Mesh Operator version to 2.6.10, and includes the ServiceMeshControlPlane resource version updates for 2.6.10.
+This release of Red Hat OpenShift Service Mesh updates the Red Hat OpenShift Service Mesh Operator version to 2.6.11, and includes the ServiceMeshControlPlane resource version updates for 2.6.11.
 
 This release addresses Common Vulnerabilities and Exposures (CVEs) and is supported on Red Hat OpenShift Container Platform 4.14 and later.
 
@@ -16,6 +16,18 @@ You can use the most current version of the Kiali Operator provided by Red Hat w
 
 
 
+# Red Hat OpenShift Service Mesh version 2.6.10
+
+This release of Red Hat OpenShift Service Mesh updates the Red Hat OpenShift Service Mesh Operator version to 2.6.10, and includes the ServiceMeshControlPlane resource version updates for 2.6.10.
+
+This release addresses Common Vulnerabilities and Exposures (CVEs) and is supported on Red Hat OpenShift Container Platform 4.14 and later.
+
+You can use the most current version of the Kiali Operator provided by Red Hat with all supported versions of Red Hat OpenShift Service Mesh. The version of Service Mesh automatically ensures a compatible version of Kiali.
+
+## Component updates
+
+
+
 # Red Hat OpenShift Service Mesh version 2.6.9
 
 This release of Red Hat OpenShift Service Mesh updates the Red Hat OpenShift Service Mesh Operator version to 2.6.9, and includes the following ServiceMeshControlPlane resource version updates: 2.6.9 and 2.5.12.

ocp-product-docs-plaintext/4.16/storage/container_storage_interface/persistent-storage-csi-azure-file.txt

@@ -117,7 +117,7 @@ spec:
 ```
 
 Volume size.
-Access mode. Defines the read-write and mount permissions. For more information, under Additional Resources, see Access modes.
+Access mode. Defines the read-write and mount permissions. For more information, under Additional resources, see Access modes.
 Reclaim policy. Tells the cluster what to do with the volume after it is released. Accepted values are Retain, Recycle, or Delete.
 Storage class name. This name is used by the PVC to bind to this specific PV. For static provisioning, a StorageClass object does not need to exist, but the name in the PV and PVC must match.
 Modify this permission if you want to enhance the security.
@@ -152,7 +152,7 @@ PVC name.
 Namespace for the PVC.
 The name of the PV that you created in the previous step.
 Storage class name. This name is used by the PVC to bind to this specific PV. For static provisioning, a StorageClass object does not need to exist, but the name in the PV and PVC must match.
-Access mode. Defines the requested read-write access for the PVC. Claims use the same conventions as volumes when requesting storage with specific access modes. For more information, under Additional Resources, see Access modes.
+Access mode. Defines the requested read-write access for the PVC. Claims use the same conventions as volumes when requesting storage with specific access modes. For more information, under Additional resources, see Access modes.
 PVC size.
 4. Ensure that the PVC is created and in Bound status after a while by running the following command:
 

ocp-product-docs-plaintext/4.16/storage/container_storage_interface/persistent-storage-csi.txt

@@ -109,7 +109,7 @@ and which CSI features they support, such as volume snapshots and resize.
 If your CSI driver is not listed in the following table, you must follow the installation instructions provided by your CSI storage vendor to use their supported CSI features.
 ----
 
-For a list of third-party-certified CSI drivers, see the Red Hat ecosystem portal under Additional Resources.
+For a list of third-party-certified CSI drivers, see the Red Hat ecosystem portal under Additional resources.
 
 
 

ocp-product-docs-plaintext/4.17/hosted_control_planes/hcp-deploy/hcp-deploy-aws.txt

@@ -27,6 +27,24 @@ $ oc get managedclusters local-cluster
 * You have installed the aws command-line interface (CLI).
 * You have installed the hosted control plane CLI, hcp.
 
+# Accessing a hosted cluster on AWS by using the hcp CLI
+
+You can access the hosted cluster by using the hcp command-line interface (CLI) to generate the kubeconfig file.
+
+1. Generate the kubeconfig file by entering the following command:
+
+```terminal
+$ hcp create kubeconfig --namespace <hosted_cluster_namespace> \
+  --name <hosted_cluster_name> > <hosted_cluster_name>.kubeconfig
+```
+
+2. After you save the kubeconfig file, you can access the hosted cluster by entering the following command:
+
+```terminal
+$ oc --kubeconfig <hosted_cluster_name>.kubeconfig get nodes
+```
+
+
 * Configuring Ansible Automation Platform jobs to run on hosted clusters
 * Advanced configuration
 * Enabling the central infrastructure management service

ocp-product-docs-plaintext/4.17/hosted_control_planes/hcp-deploy/hcp-deploy-bm.txt

@@ -455,7 +455,7 @@ To create an InfraEnv resource by using the console, complete the following step
 
 # Creating a hosted cluster on bare metal
 
-You can create a hosted cluster or import one. When the Assisted Installer is enabled as an add-on to multicluster engine Operator and you create a hosted cluster with the Agent platform, the HyperShift Operator installs the Agent Cluster API provider in the hosted control plane namespace.
+You can create a hosted cluster on bare metal by using the command-line interface (CLI), the console, or by using a mirror registry.
 
 ## Creating a hosted cluster by using the CLI
 

ocp-product-docs-plaintext/4.17/hosted_control_planes/hcp-deploy/hcp-deploy-ibmz.txt

@@ -88,11 +88,7 @@ compute-1              IN A 1xx.2x.2xx.1yy
 ```
 
 
-# Creating a hosted cluster on bare metal
-
-You can create a hosted cluster or import one. When the Assisted Installer is enabled as an add-on to multicluster engine Operator and you create a hosted cluster with the Agent platform, the HyperShift Operator installs the Agent Cluster API provider in the hosted control plane namespace.
-
-## Creating a hosted cluster by using the CLI
+# Creating a hosted cluster by using the CLI
 
 On bare-metal infrastructure, you can create or import a hosted cluster. After you enable the Assisted Installer as an add-on to multicluster engine Operator and you create a hosted cluster with the Agent platform, the HyperShift Operator installs the Agent Cluster API provider in the hosted control plane namespace. The Agent Cluster API provider connects a management cluster that hosts the control plane and a hosted cluster that consists of only the compute nodes.
 

ocp-product-docs-plaintext/4.17/hosted_control_planes/hcp-deploy/hcp-deploy-non-bm.txt

@@ -240,9 +240,9 @@ The Hosted cluster view is displayed.
 
 * To access the web console, see Accessing the web console.
 
-## Creating a hosted cluster on bare metal by using a mirror registry
+## Creating a hosted cluster on non-bare-metal agent machines by using a mirror registry
 
-You can use a mirror registry to create a hosted cluster on bare metal by specifying the --image-content-sources flag in the hcp create cluster command.
+You can use a mirror registry to create a hosted cluster on non-bare-metal agent machines by specifying the --image-content-sources flag in the hcp create cluster command.
 
 1. Create a YAML file to define Image Content Source Policies (ICSP). See the following example:
 
@@ -282,7 +282,7 @@ The --api-server-address flag defines the IP address that is used for the Kubern
 Specify the icsp.yaml file that defines ICSP and your mirror registries.
 Specify the path to your SSH public key. The default file path is ~/.ssh/id_rsa.pub.
 Specify your hosted cluster namespace.
-Specify the supported Red Hat OpenShift Container Platform version that you want to use, for example, 4.17.0-multi. If you are using a disconnected environment, replace <ocp_release_image> with the digest image. To extract the Red Hat OpenShift Container Platform release image digest, see "Extracting the Red Hat OpenShift Container Platform release image digest".
+Specify the supported Red Hat OpenShift Container Platform version that you want to use, for example, 4.17.0-multi. If you are using a disconnected environment, replace <ocp_release_image> with the digest image. To extract the Red Hat OpenShift Container Platform release image digest, see Extracting the Red Hat OpenShift Container Platform release image digest.
 
 * To create credentials that you can reuse when you create a hosted cluster with the console, see Creating a credential for an on-premises environment.
 * To access a hosted cluster, see Accessing the hosted cluster.

ocp-product-docs-plaintext/4.17/hosted_control_planes/hcp-deploy/hcp-deploy-virt.txt

@@ -39,7 +39,7 @@ $ oc patch ingresscontroller -n openshift-ingress-operator default \
 
 * The Red Hat OpenShift Container Platform management cluster has OpenShift Virtualization, version 4.14 or later, installed on it. For more information, see "Installing OpenShift Virtualization using the web console".
 * The Red Hat OpenShift Container Platform management cluster is on-premise bare metal.
-* The Red Hat OpenShift Container Platform management cluster is configured with OVNKubernetes as the default pod network CNI.
+* The Red Hat OpenShift Container Platform management cluster must be configured with OVNKubernetes as the default pod network Container Network Interface (CNI). Live migration is supported for nodes only if the CNI is OVN-Kubernetes.
 * The Red Hat OpenShift Container Platform management cluster has a default storage class. For more information, see "Postinstallation storage configuration". The following example shows how to set a default storage class:
 
 ```terminal

ocp-product-docs-plaintext/4.17/nodes/cma/nodes-cma-autoscaling-custom-install.txt

@@ -95,9 +95,16 @@ spec:
     caConfigMaps: 4
     - thanos-cert
     - kafka-cert
+    volumeMounts: 5
+    - mountPath: /<path_to_directory>
+      name: <name>
+    volumes: 6
+    - name: <volume_name>
+      emptyDir:
+        medium: Memory
   metricsServer:
-    logLevel: '0' 5
-    auditConfig: 6
+    logLevel: '0' 7
+    auditConfig: 8
       logFormat: "json"
       logOutputVolumeClaim: "persistentVolumeClaimName"
       policy:
@@ -116,6 +123,8 @@ Specifies a single namespace in which the Custom Metrics Autoscaler Operator sca
 Specifies the level of verbosity for the Custom Metrics Autoscaler Operator log messages. The allowed values are debug, info, error. The default is info.
 Specifies the logging format for the Custom Metrics Autoscaler Operator log messages. The allowed values are console or json. The default is console.
 Optional: Specifies one or more config maps with CA certificates, which the Custom Metrics Autoscaler Operator can use to connect securely to TLS-enabled metrics sources.
+Optional: Add the container mount path.
+Optional: Add a volumes block to list each projected volume source.
 Specifies the logging level for the Custom Metrics Autoscaler Metrics Server. The allowed values are 0 for info and 4 for debug. The default is 0.
 Activates audit logging for the Custom Metrics Autoscaler Operator and specifies the audit policy to use, as described in the "Configuring audit logging" section.
 5. Click Save to save the changes.

ocp-product-docs-plaintext/4.17/observability/network_observability/observing-network-traffic.txt

@@ -531,7 +531,7 @@ spec:
 
 To enable eBPF flow filtering, set spec.agent.ebpf.flowFilter.enable to true.
 To define the action for the flow filter rule, set the required action parameter. Valid values are Accept or Reject.
-To define the IP address and CIDR mask for the flow filter rule, set the required cidr parameter. This parameter supports both IPv4 and IPv6 address formats. To match any IP address, use 0.0.0.0/0 for IPv4 or `::/0 for IPv6.
+To define the IP address and CIDR mask for the flow filter rule, set the required cidr parameter. This parameter supports both IPv4 and IPv6 address formats. To match any IP address, use 0.0.0.0/0 for IPv4 or ::/0 for IPv6.
 To define the sampling rate for matched flows and override the global sampling setting spec.agent.ebpf.sampling, set the sampling parameter.
 To filter flows by Peer IP CIDR, set the peerCIDR parameter.
 

ocp-product-docs-plaintext/4.17/security/compliance_operator/co-scans/compliance-operator-supported-profiles.txt

@@ -42,7 +42,7 @@ The following tables reflect the latest available profiles in the Compliance Ope
 
 1. The  ocp4-bsi and ocp4-bsi-node profiles maintain the most up-to-date version of the BSI Basic Protection Profile as it becomes available in the Compliance Operator. If you want to adhere to a specific version, such as BSI 2022, use the ocp4-bsi-2022 and ocp4-bsi-node-2022 profiles.
 2. Node profiles must be used with the relevant Platform profile. For more information, see Compliance Operator profile types.
-3. Edition 2022 is the latest available english edition of BSI IT-Grundschutz (Basic Protection) compendium. There were no changes for Building Blocks SYS.1.6 and APP.4.4 in the latest published german compendium (edition 2023).
+3. Edition 2022 is the latest available English edition of the BSI IT-Grundschutz (Basic Protection) compendium. There were no changes for Building Blocks SYS.1.6 and APP.4.4 in the latest published German compendium (edition 2023).
 
 For more information, see BSI Quick Check.
 

ocp-product-docs-plaintext/4.17/service_mesh/v2x/servicemesh-release-notes.txt

@@ -2,9 +2,9 @@
 
 
 
-# Red Hat OpenShift Service Mesh version 2.6.10
+# Red Hat OpenShift Service Mesh version 2.6.11
 
-This release of Red Hat OpenShift Service Mesh updates the Red Hat OpenShift Service Mesh Operator version to 2.6.10, and includes the ServiceMeshControlPlane resource version updates for 2.6.10.
+This release of Red Hat OpenShift Service Mesh updates the Red Hat OpenShift Service Mesh Operator version to 2.6.11, and includes the ServiceMeshControlPlane resource version updates for 2.6.11.
 
 This release addresses Common Vulnerabilities and Exposures (CVEs) and is supported on Red Hat OpenShift Container Platform 4.14 and later.
 
@@ -16,6 +16,18 @@ You can use the most current version of the Kiali Operator provided by Red Hat w
 
 
 
+# Red Hat OpenShift Service Mesh version 2.6.10
+
+This release of Red Hat OpenShift Service Mesh updates the Red Hat OpenShift Service Mesh Operator version to 2.6.10, and includes the ServiceMeshControlPlane resource version updates for 2.6.10.
+
+This release addresses Common Vulnerabilities and Exposures (CVEs) and is supported on Red Hat OpenShift Container Platform 4.14 and later.
+
+You can use the most current version of the Kiali Operator provided by Red Hat with all supported versions of Red Hat OpenShift Service Mesh. The version of Service Mesh automatically ensures a compatible version of Kiali.
+
+## Component updates
+
+
+
 # Red Hat OpenShift Service Mesh version 2.6.9
 
 This release of Red Hat OpenShift Service Mesh updates the Red Hat OpenShift Service Mesh Operator version to 2.6.9, and includes the following ServiceMeshControlPlane resource version updates: 2.6.9 and 2.5.12.

ocp-product-docs-plaintext/4.17/storage/container_storage_interface/persistent-storage-csi-azure-file.txt

@@ -117,7 +117,7 @@ spec:
 ```
 
 Volume size.
-Access mode. Defines the read-write and mount permissions. For more information, under Additional Resources, see Access modes.
+Access mode. Defines the read-write and mount permissions. For more information, under Additional resources, see Access modes.
 Reclaim policy. Tells the cluster what to do with the volume after it is released. Accepted values are Retain, Recycle, or Delete.
 Storage class name. This name is used by the PVC to bind to this specific PV. For static provisioning, a StorageClass object does not need to exist, but the name in the PV and PVC must match.
 Modify this permission if you want to enhance the security.
@@ -152,7 +152,7 @@ PVC name.
 Namespace for the PVC.
 The name of the PV that you created in the previous step.
 Storage class name. This name is used by the PVC to bind to this specific PV. For static provisioning, a StorageClass object does not need to exist, but the name in the PV and PVC must match.
-Access mode. Defines the requested read-write access for the PVC. Claims use the same conventions as volumes when requesting storage with specific access modes. For more information, under Additional Resources, see Access modes.
+Access mode. Defines the requested read-write access for the PVC. Claims use the same conventions as volumes when requesting storage with specific access modes. For more information, under Additional resources, see Access modes.
 PVC size.
 4. Ensure that the PVC is created and in Bound status after a while by running the following command:
 

ocp-product-docs-plaintext/4.17/storage/container_storage_interface/persistent-storage-csi.txt

@@ -109,7 +109,7 @@ and which CSI features they support, such as volume snapshots and resize.
 If your CSI driver is not listed in the following table, you must follow the installation instructions provided by your CSI storage vendor to use their supported CSI features.
 ----
 
-For a list of third-party-certified CSI drivers, see the Red Hat ecosystem portal under Additional Resources.
+For a list of third-party-certified CSI drivers, see the Red Hat ecosystem portal under Additional resources.
 
 
 

ocp-product-docs-plaintext/4.18/backup_and_restore/control_plane_backup_and_restore/disaster_recovery/scenario-2-restoring-cluster-state.txt

@@ -117,7 +117,7 @@ $ sudo -E /usr/local/bin/cluster-restore.sh /home/core/<etcd-backup-directory>
 ```
 
 6. Exit the SSH session.
-7. Once the API responds, turn off the etcd Operator quorum guard by runnning the following command:
+7. Once the API responds, turn off the etcd Operator quorum guard by running the following command:
 
 ```terminal
 $ oc patch etcd/cluster --type=merge -p '{"spec": {"unsupportedConfigOverrides": {"useUnsupportedUnsafeNonHANonProductionUnstableEtcd": true}}}'