Uploaded image for project: 'OpenShift Bugs'
  1. OpenShift Bugs
  2. OCPBUGS-18379

[CORS-2550] Fail to provision bootstrap vm when enabling ConfidentialVM + DiskWithVMGuestState

XMLWordPrintable

    • Important
    • No
    • Rejected
    • False
    • Hide

      None

      Show
      None
    • Hide
      Working on this with SMEs. PR https://github.com/openshift/openshift-docs/pull/66398

      - Jeana
      Show
      Working on this with SMEs. PR https://github.com/openshift/openshift-docs/pull/66398 - Jeana
    • Known Issue
    • In Progress

      Description of problem:

      Version-Release number of selected component (if applicable):

      How reproducible:

      Steps to Reproduce:

          1.
    2.
    3.

      Actual results:

      Expected results:

      Additional info:

            [OCPBUGS-18379] [CORS-2550] Fail to provision bootstrap vm when enabling ConfidentialVM + DiskWithVMGuestState

            Michail Resvanis added a comment - - edited

            nilal I think this: https://issues.redhat.com/browse/RHEL-16267 is the epic to watch in respect to the functionality missing from RHEL (and subsequently RHCOS), in order to have full support for Confidential VMs in Azure. I wouldn't reopen this bug, as this should not be considered a bug because there is nothing wrong with OCP (or the OCP installer), there is functionality missing in the OS side.

            Michail Resvanis added a comment - - edited nilal I think this: https://issues.redhat.com/browse/RHEL-16267 is the epic to watch in respect to the functionality missing from RHEL (and subsequently RHCOS), in order to have full support for Confidential VMs in Azure. I wouldn't reopen this bug, as this should not be considered a bug because there is nothing wrong with OCP (or the OCP installer), there is functionality missing in the OS side.

            Nitesh Narayan Lal added a comment -

            mresvani@redhat.com do we have to re-open this ticket? or is there a separate ticket to track the missing feature that Vitaly mentioned?

            Nitesh Narayan Lal added a comment - mresvani@redhat.com do we have to re-open this ticket? or is there a separate ticket to track the missing feature that Vitaly mentioned?

            OpenShift Jira Bot added a comment -

            This bug is being closed because it has not had any activity in the past 3 months. While it represents a valid problem, leaving such bugs open provides a false indication that they will be addressed. Please reopen the bug if you have additional context that would help us better understand what needs to be done.

            OpenShift Jira Bot added a comment - This bug is being closed because it has not had any activity in the past 3 months. While it represents a valid problem, leaving such bugs open provides a false indication that they will be addressed. Please reopen the bug if you have additional context that would help us better understand what needs to be done.

            Vitaly Kuznetsov added a comment -

            It seems this is not a bug but rather a missing feature. Confidential Disk Encryption requires UKI and a compatible partition layout. RHEL-looking images are being encrypted with https://gitlab.com/vkuznets/encrypt-rhel-image tool running within Azure infrastructure and it lists some image pre-requisites in the description.

            Vitaly Kuznetsov added a comment - It seems this is not a bug but rather a missing feature. Confidential Disk Encryption requires UKI and a compatible partition layout. RHEL-looking images are being encrypted with https://gitlab.com/vkuznets/encrypt-rhel-image tool running within Azure infrastructure and it lists some image pre-requisites in the description.

            Michail Resvanis added a comment -

            calfonso@redhat.com we still haven't tracked down the root cause of this issue and we are currently in contact with Azure support for its resolution. My best guess is that we won't be able to resolve it in time for this release, so we should push for its resolution after GA.

            Michail Resvanis added a comment - calfonso@redhat.com we still haven't tracked down the root cause of this issue and we are currently in contact with Azure support for its resolution. My best guess is that we won't be able to resolve it in time for this release, so we should push for its resolution after GA.

              mresvani@redhat.com Michail Resvanis
              jinyunma Jinyun Ma
              Jinyun Ma Jinyun Ma
              Jeana Routh Jeana Routh
              Votes:
              0 Vote for this issue
              Watchers:
              7 Start watching this issue

                Created:
                Updated:
                Resolved: