Bug 1946101

Summary: Import DV with https fails
Product: Container Native Virtualization (CNV) Reporter: dalia <dafrank>
Component: StorageAssignee: Adam Litke <alitke>
Status: CLOSED DUPLICATE QA Contact: Ying Cui <ycui>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 4.8.0CC: cnv-qe-bugs, mrashish
Target Milestone: ---   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2021-04-04 16:44:09 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description dalia 2021-04-04 13:23:02 UTC 
Description of problem:
Import a DV with https end up with failure

Version-Release number of selected component (if applicable):
4.8

How reproducible:
100%

Steps to Reproduce:
1. create a DV with import https
---
apiVersion: cdi.kubevirt.io/v1beta1
kind: DataVolume
metadata:
  name: test-dv
spec:
  source:
    http:
      url: https://....
  pvc:
    accessModes:
    - ReadWriteOnce
    resources:
      requests:
        storage: 13Gi
    storageClassName: hostpath-provisioner
    volumeMode: Filesystem
  contentType: kubevirt


2. create pod/vm to consume the dv

3. Check DV status

$ oc get dv -A
NAMESPACE                    NAME       PHASE              PROGRESS   RESTARTS   AGE
default   test-dv   ImportInProgress   N/A        3          57s


Actual results:
DV in progress (after some time you can is restarted) 

Expected results:
DV success

Additional info:

$ oc logs -f importer-dv-test 
I0401 17:44:17.030969       1 importer.go:52] Starting importer
I0401 17:44:17.031142       1 importer.go:134] begin import process
I0401 17:44:17.071016       1 http-datasource.go:244] Attempting to get certs from /certs/tlsregistry.crt
I0401 17:44:17.092478       1 data-processor.go:355] Calculating available size
I0401 17:44:17.092528       1 data-processor.go:367] Checking out file system volume size.
I0401 17:44:17.092547       1 data-processor.go:375] Request image size not empty.
I0401 17:44:17.092576       1 data-processor.go:380] Target size 1Gi.
I0401 17:44:17.092724       1 data-processor.go:238] New phase: Convert
I0401 17:44:17.092751       1 data-processor.go:244] Validating image
E0401 17:44:17.127290       1 prlimit.go:174] nbdkit failed output is:
E0401 17:44:17.127333       1 prlimit.go:175]
E0401 17:44:17.127361       1 prlimit.go:176] nbdkit: curl[1]: error: problem doing HEAD request to fetch size of URL [https://internal-http.kube-system/cirros-qcow2.img]: Problem with the SSL CA cert (path? access rights?): error setting certificate verify locations:
  CAfile: /certs/tls.crt
  CApath: none
qemu-img: Could not open 'nbd:unix:/tmp/nbdkitQFNqNV/socket': Requested export not available
 
E0401 17:44:17.127421       1 data-processor.go:235] nbdkit: curl[1]: error: problem doing HEAD request to fetch size of URL [https://internal-http.kube-system/cirros-qcow2.img]: Problem with the SSL CA cert (path? access rights?): error setting certificate verify locations:
  CAfile: /certs/tls.crt
  CApath: none
qemu-img: Could not open 'nbd:unix:/tmp/nbdkitQFNqNV/socket': Requested export not available
, nbdkit execution failed: exit status 1
Unable to convert source data to target format
kubevirt.io/containerized-data-importer/pkg/importer.(*DataProcessor).ProcessDataWithPause
        /remote-source/app/pkg/importer/data-processor.go:219
kubevirt.io/containerized-data-importer/pkg/importer.(*DataProcessor).ProcessData
        /remote-source/app/pkg/importer/data-processor.go:167
main.main
        /remote-source/app/cmd/cdi-importer/importer.go:189
runtime.main
        /usr/lib/golang/src/runtime/proc.go:203
runtime.goexit
        /usr/lib/golang/src/runtime/asm_amd64.s:1373
E0401 17:44:17.127530       1 importer.go:191] nbdkit: curl[1]: error: problem doing HEAD request to fetch size of URL [https://internal-http.kube-system/cirros-qcow2.img]: Problem with the SSL CA cert (path? access rights?): error setting certificate verify locations:
  CAfile: /certs/tls.crt
  CApath: none
qemu-img: Could not open 'nbd:unix:/tmp/nbdkitQFNqNV/socket': Requested export not available
, nbdkit execution failed: exit status 1
Unable to convert source data to target format
kubevirt.io/containerized-data-importer/pkg/importer.(*DataProcessor).ProcessDataWithPause
        /remote-source/app/pkg/importer/data-processor.go:219
kubevirt.io/containerized-data-importer/pkg/importer.(*DataProcessor).ProcessData
        /remote-source/app/pkg/importer/data-processor.go:167
main.main
        /remote-source/app/cmd/cdi-importer/importer.go:189
runtime.main
        /usr/lib/golang/src/runtime/proc.go:203
runtime.goexit
        /usr/lib/golang/src/runtime/asm_amd64.s:1373
Comment 1 Maya Rashish 2021-04-04 16:44:09 UTC 

*** This bug has been marked as a duplicate of bug 1946100 ***