-
Bug
-
Resolution: Done-Errata
-
Critical
-
None
-
4.14
-
Critical
-
No
-
2
-
Sprint 241 - Update&Remoting, Sprint 242 - Update&Remoting, Sprint 243 - Update&Remoting
-
3
-
Approved
-
False
-
Description of problem:
CoreOS boot fails when hosted on Azure Confidential VM (VM size: Standard_DC16ads_v5).
Version-Release number of selected component (if applicable):
Red Hat Enterprise Linux CoreOS 414.92.202308100510-0
How reproducible:
Always.
Steps to Reproduce:
1. Build the OpenShift installer binary from the master branch (any commit after https://github.com/openshift/installer/commit/a5f0921f0956c8e07232b46614f896583b610536 will do) $ git clone git@github.com:openshift/installer.git && cd installer/ # build the openshift-install binary, it's created under ./bin/openshift-install $ ./hack/build.sh 2. Create an OpenShift cluster on Azure with Azure Confidential VMs as control-plane nodes, using the rhcos-414.92.202308100510-0 OS image. $ mkdir test-cluster # create an install-config.yaml with the following controlPlane section and put it under the test-cluster/ dir controlPlane: architecture: amd64 hyperthreading: Enabled name: master platform: azure: type: Standard_DC16ads_v5 settings: securityType: ConfidentialVM confidentialVM: uefiSettings: secureBoot: Disabled virtualizedTrustedPlatformModule: Enabled osDisk: diskSizeGB: 1024 securityProfile: securityEncryptionType: VMGuestStateOnly replicas: 3 # run the openshift installer $ OPENSHIFT_INSTALL_OS_IMAGE_OVERRIDE=https://rhcos.blob.core.windows.net/imagebucket/rhcos-414.92.202308100510-0-azure.x86_64.vhd \ OPENSHIFT_INSTALL_RELEASE_IMAGE_OVERRIDE=registry.ci.openshift.org/ocp/release:4.14.0-0.ci-2023-08-20-221659 \ ./bin/openshift-install create cluster --dir ./test-cluster --log-level debug 3. Wait for the bootstrap and optionally control-plane nodes to be created. 4. Check the boot log of the bootstrap (or any control-plane node).
Actual results:
Bootstrap (or any control-plane node) boot logs:
...
------
Ignition has failed. Please ensure your config is valid. Note that only
Ignition spec v3.0.0+ configs are accepted.
A CLI validation tool to check this called ignition-validate can be
downloaded from GitHub:
https://github.com/coreos/ignition/releases
------
Displaying logs from failed units: coreos-ignition-unique-boot.service
Aug 10 15:15:01 systemd[1]: Starting CoreOS Ensure Unique Boot Filesystem...
Aug 10 15:15:03 rdcore[1246]: blkid: error: /dev/sr0: No such file or directory
Aug 10 15:15:03 rdcore[1246]: Error: "blkid" "-p" "/dev/sdb1" "/dev/sr0" "/dev/sda4" "/dev/sda2" "/dev/sda3" "/dev/sda1" failed with exit status: 2
Aug 10 15:15:03 systemd[1]: [0;1;39m[0;1;31m[0;1;39mcoreos-ignition-unique-boot.service: Main process exited, code=exited, status=1/FAILURE[0m
Aug 10 15:15:03 systemd[1]: [0;1;38;5;185m[0;1;39m[0;1;38;5;185mcoreos-ignition-unique-boot.service: Failed with result 'exit-code'.[0m
Aug 10 15:15:03 systemd[1]: [0;1;31m[0;1;39m[0;1;31mFailed to start CoreOS Ensure Unique Boot Filesystem.[0m
Aug 10 15:15:03 systemd[1]: coreos-ignition-unique-boot.service: Triggering OnFailure= dependencies.
Generating "/run/initramfs/rdsosreport.txt"
Entering emergency mode. Exit the shell to continue.
Type "journalctl" to view system logs.
You might want to save "/run/initramfs/rdsosreport.txt" to a USB stick or /boot
after mounting them and attach it to a bug report.
...
Expected results:
The bootstrap and control-plane VMs should boot without any errors.
Additional info:
- is blocked by
-
-
- Closed
-
- links to
-
RHSA-2023:5006
OpenShift Container Platform 4.14.z security update