Loading...

XML

Word

Printable

Type: Bug
Resolution: Unresolved
Priority: Critical
Fix Version/s: None
Affects Version/s: 4.21
Component/s: RHCOS
Labels:
None

Activity Type:
None
Blocked:
False
Blocked Reason:

Hide

None

Show
None
Story Points:
None
Severity:
Critical
Regression:
None

Target Backport Versions:
None
Target Version:
None
Release Blocker:
Proposed
Sprint:
None

SFDC Cases Counter:
SFDC Cases Open:
SFDC Cases Links:

PX Impact Score:

Release Note Status:
None
Release Note Type:
None
Release Note Text:
None

Escape Reason:
None
Escape Impact:
None
Corrective Measures:
None
SDLC stage when should've been found:
None

Description of problem:

Create an OCP cluster with confidential computing on AWS, the bootstrap process is likely to time out.
Checking the journal.log, seen OSTree Prepare OS/ takes ~ 12 mins to complete:
Thu 2025-12-18 01:56:50 UTC ip-10-0-101-183 init.scope[1]: Starting OSTree Prepare OS/...
...
Thu 2025-12-18 02:08:55 UTC ip-10-0-101-183 init.scope[1]: Stopped OSTree Prepare OS/.
Thu 2025-12-18 02:08:55 UTC ip-10-0-101-183 init.scope[1]: Read-Only Sysroot Migration was skipped because of an unmet condition check (ConditionPathIsReadWrite=/sysroot).
Thu 2025-12-18 02:08:55 UTC ip-10-0-101-183 init.scope[1]: Starting Download the OpenShift Release Image...

Compared to a non-confidential computing cluster, the process is very quick (~2min):
Thu 2025-12-18 06:40:29 UTC ip-10-0-112-130 init.scope[1]: Starting OSTree Prepare OS/...
...
Thu 2025-12-18 06:42:10 UTC ip-10-0-112-130 init.scope[1]: Stopped OSTree Prepare OS/.
Thu 2025-12-18 06:42:10 UTC ip-10-0-112-130 init.scope[1]: Read-Only Sysroot Migration was skipped because of an unmet condition check (ConditionPathIsReadWrite=/sysroot).
Thu 2025-12-18 06:42:10 UTC ip-10-0-112-130 init.scope[1]: Starting Download the OpenShift Release Image...

Version-Release number of selected component (if applicable):

4.21.0-0.nightly-2025-12-15-125449

How reproducible:

About 6 out of 10 attempts fail.

Steps to Reproduce:

    1.
Create an AWS confidential computing cluster
compute:
- architecture: amd64
  hyperthreading: Enabled
  name: worker
  platform:
    aws:
      type: m6a.2xlarge
      amiID: ami-0620723a637bda50d
      cpuOptions:
        confidentialCompute: AMDEncryptedVirtualizationNestedPaging
  replicas: 3
controlPlane:
  architecture: amd64
  hyperthreading: Enabled
  name: master
  platform:
    aws:
      type: m6a.2xlarge
      amiID: ami-0620723a637bda50d
      cpuOptions:
        confidentialCompute: AMDEncryptedVirtualizationNestedPaging
  replicas: 3
platform:
  aws:
    region: us-east-2

    2.
    3.

Actual results:

   bootstrap process failed

Expected results:

   installation succeeded

Additional info:

Assignee:: Unassigned

Reporter:: Yunfei Jiang

Need Info From:: None

Contributors:: None

QA Contact:: Michael Nguyen

Doc Contact:: None

Votes:: 0 Vote for this issue

Watchers:: 6 Start watching this issue

Created:: 2025/12/18 9:18 AM

Updated:: 2025/12/18 9:34 AM

Details

Description

Attachments

Easy Agile Planning Poker

Activity

People

Dates