On Fri, Jul 16, 2021 at 1:45 AM J-P Methot <jp.methot@planethoster.info> wrote:
Hi,
Hello,
We've been using Kolla to provision a production cluster and we've noticed that the ceph-client version provided in the Kolla images is severely outdated as it doesn't support the fix to CVE-2021-20288 that was added in Pacific 16.2.1 (installed version in image is 16.2.0). As a result, the installed ceph-client can't connect to ceph clusters where the patch is active.
Is there any Kolla image where more recent versions of ceph-client is installed? How would I be able to get them?
This is a known issue. We are depending on the upstream (the Ubuntu distribution in here) to provide Ceph client libraries. They are, as you noticed, quite outdated in Focal. If you know of a reliable, official source of newer Ubuntu Ceph client packages, then let us know. Otherwise, there are no Kolla Ubuntu images at the moment which have newer Ceph. -yoctozepto