-
Bug
-
Resolution: Done
-
Major
-
None
-
4.21, 4.20.z, 4.21.0
-
None
-
None
-
False
-
-
None
-
None
-
Yes
-
None
-
None
-
Rejected
-
None
-
None
-
None
-
None
-
None
-
None
-
None
-
None
Description of problem:
install with FIPS on IBMCloud VPC bootstrap failed, fail to get the bootstrap.ign
Version-Release number of selected component (if applicable):
4.21.0-0.nightly-2026-02-01-092627
How reproducible:
Always
Steps to Reproduce:
1. IPI install cluster with "fips: true"
fips: true
baseDomain: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
credentialsMode: Manual
platform:
ibmcloud:
region: jp-tok
controlPlane:
name: master
platform:
ibmcloud:
type:
zones: [ jp-tok-1, jp-tok-2, jp-tok-3 ]
replicas: 3
compute:
- name: worker
platform:
ibmcloud:
type: bx2-4x16
zones: [ jp-tok-1, jp-tok-2, jp-tok-3 ]
replicas: 3
Actual results:
bootstrap vm fail to be access, checked on the vm console FIPS 140-3 requires use of Extended Master Secret
in the bootstrap VM serial console: ignition[861]: GET https://s3.direct.us-east.cloud-object-storage.appdomain.cloud/ci-op-v1z7s4kg-02cc8-pdx6h-bootstrap-ignition/bootstrap.ign: attempt #654
Expected results:
install succeed.
Additional info:
1. just failed at 4.21 (4.20 and 4.22 no problem) 4.21 last pass is 4.21.0-0.nightly-2026-01-04-010945 , 4.21.0-rc.1 2. checked the cos instance *bootstrap-ignition, contains the bootstrap.ign