revisions.serving.knative.dev: User "sounds" cannot list resource "revisions
For an overview of OpenShift Serverless functionality, see Getting started with OpenShift Serverless.
If you experience difficulty with a procedure described in this documentation, visit the Customer Portal to learn more about support for Technology Preview features.
OpenShift Serverless has been updated to use Knative Serving 0.9.0.
OpenShift Serverless has been updated to use Knative Client (kn
CLI) 0.9.0.
OpenShift Serverless on OpenShift Container Platform 4.2 now uses the Operator Lifecycle Manager (OLM) dependency resolution mechanism to install the ServiceMesh Operator automatically. The required ServiceMeshControlPlane and ServiceMeshMemberRoll are also installed and managed for the user.
Access to the KnativeServing resource is now restricted to cluster-admin
roles to prevent any user from blocking the resource. Only cluster-admin
roles can create KnativeServing CRs.
The OpenShift Serverless Operator can now be found in the OperatorHub by searching for "knative".
The OpenShift Container Platform web console now shows status conditions for the KnativeServing resource.
In version 1.2.0, the OpenShift Serverless Operator inspects network policies for namespaces.
If no network policy exists, the Operator automatically creates a wide open policy, to ensure that traffic can flow in and out of the namespace and OpenShift routes can be used.
If there is an existing network policy, OpenShift Serverless will not create a new policy. The Operator expects the user to continue managing their own network policies as needed for their applications. For example, the user must set policies that allow traffic to flow in and out of the namespace, and allow OpenShift routes to still be used after the namespace is added to a ServiceMeshMemberRoll.
In previous releases, using the same services or routes in different namespaces caused services to not work properly and caused OpenShift Container Platform routes to be overriden. This issue has been fixed.
In previous releases, different traffic split targets required a mandatory tag. A single traffic split can now be defined with untagged
traffic targets.
Existing Knative Services and routes which had been created with public visibility in OpenShift Serverless Operator version 1.1.0 were not able to be updated to cluster-local visibility. This issue is now fixed.
The Unknown Uninitialized : Waiting for VirtualService
error has been fixed.
Knative service no longer returns a 503 status code when the cluster is running for a long time.
Installing the OpenShift Serverless Operator on OpenShift Container Platform versions older than 4.2.4 using OLM may incorrectly use community versions of the required dependencies. As a workaround, on OpenShift Container Platform versions older than 4.2.4, explicitly install the Red Hat provided versions of the Elastic Search, Jaeger, Kiali and ServiceMesh Operators before installing the OpenShift Serverless Operator.
If you are upgrading the OpenShift Serverless from version 1.1.0 to version 1.2.0 and you have set up a ServiceMeshControlPlane and ServiceMeshMemberRoll to work with your Knative Serving instance, you must remove the knative-serving
namespace and any other namespaces that contain Knative Services from the ServiceMeshMemberRoll in istio-system
.
You can also delete the ServiceMeshControlPlane from the namespace entirely if it is not required for other applications.
Once the upgrade starts, existing services will continue to work as before, but new Services will never become ready. Once you unblock the release by removing the knative-serving
and any other relevant namespaces from the ServiceMeshMemberRoll, there will be a brief outage to all active Services. This will fix itself. Make sure that you remove all namespaces containing Knative Services from the original ServiceMeshMemberRoll.
gRPC and HTTP2 do not work against routes. This is a known limitation of OpenShift routes.
OpenShift Serverless has been updated to use Knative Serving 0.8.1.
Enhanced Operator metadata now includes more information regarding support state and a link to the official installation documentation.
A developer preview version of Knative Eventing is now available for use with OpenShift Serverless, however this is not included in the OpenShift Serverless Operator and is not currently supported as part of this Technology Preview. For more information, see Knative Eventing on OpenShift Container Platform.
Users who were not project administrators would previously see the following error when using OpenShift Serverless:
revisions.serving.knative.dev: User "sounds" cannot list resource "revisions
This issue has now been fixed with the addition of new RBAC rules.
A race condition was preventing Istio sidecar injection from working correctly. Istio did not consider the knative-serving
namespace to be present in the ServiceMeshMemberRoll at the time of Pod creation. Istio now waits for status information from ServiceMeshMemberRoll which fixes this issue.
Users may see the error Unknown Uninitialized : Waiting for VirtualService to be ready
while waiting for a service in a newly created namespace to be ready, which can take several minutes. If a user allows enough time between the creation of a namespace and the creation of a service in the namespace (approximately one minute), this error may be avoided.
Existing Knative Services and routes which have been created with public visibility cannot be updated to cluster-local visibility. If you require cluster-local visibility on Knative Services and routes, this must be configured at the time of creating these resources.
Knative service returns a 503 status code when the cluster is running for a
long time. The Knative Serving Pods do not show any errors. Restarting the
istio-pilot
Pod temporarily fixes the issue.
gRPC and HTTP2 do not work against routes. This is a known limitation of OpenShift routes.
This release of OpenShift Serverless introduces the OpenShift Serverless Operator, which supports Knative Serving 0.7.1 and is tested for OpenShift Service Mesh 1.0.
The following limitations exist in OpenShift Serverless at this time:
The Knative Serving Operator should wait for ServiceMeshMemberRoll to include
the knative-serving
namespace. The installation procedure recommends creating
the knative-serving
namespace and then installing the operator. Istio does not
consider the knative-serving
namespace to be in the ServiceMeshMemberRoll when
the Knative Serving Pods are being created. Consequently, the sidecars are not
injected.
Knative service returns a 503 status code when the cluster is running for a
long time. The Knative Serving Pods do not show any errors. Restarting the
istio-pilot
Pod temporarily fixes the issue.
The gRPC and HTTP2 do not work against routes. This is a known limitation of OpenShift routes.