Patch Notes for CTE for Kubernetes CSI

Container Image Digest

Verify that the Container Image Digest matches the version that you are installing.

Resolved Issues

• AGT-67242 [CS2203852] Unable to get agent registration

  Fixed the incompatibilities that occurred with specific versions of the Kubernetes CRI-O (Container Runtime Interface for OpenShift Container) in both Kubernetes and OpenShift. The newer versions intermittently reported error messages similar to:

  lstat /chroot/chroot-99c4393f-3a1b-4744-a068-de23f953eb68/rootfs/opt/vormetric/DataSecurityExpert/agent/secfs/.sec/conf/configuration: no such file or directory
  

Known Issues

• AGT-39000: CipherTrust Manager may not report all pods using the same CTE PVC on the same node

  AFFECTED VERSIONS: 1.4.0.37 — 1.6.0.49

  Work-around:

  CTE PVCs with the following access modes: ReadWriteOnce, ReadWriteMany or ReadOnlyMany, may fail to report to CipherTrust Manager all of the pods using the same volume on the same node. This anomaly is due to how Kubernetes handles a single volume used across multiple pods in the same node. This reporting anomaly in CipherTrust Manager does not mean that the CTE PVC is not attached to the pod. It is recommended that the user describe the CTE PVC (# kubectl describe pvc) to find the list of all of the pods that are using a particular CTE PVC.

• AGT-61761 [CS1580017] [Debian12+CRI-O] CTE for Kubernetes pods throwing error MountDevice failed for volume

  AFFECTED VERSIONS: 1.3.0.33 — 1.6.0.49

  The combination of Debian 12 Linux OS with Kubernetes CRI-O container runtime interface, is not supported in CTE for Kubernetes.

• AGT-62766: AgentInfo EKS ARM

  AFFECTED VERSIONS: 1.5.0.27 — 1.6.0.49

  Agentinfo is unable to get Kubernetes cluster information on ARM-based nodes.