Description of problem: Import a DV with https end up with failure Version-Release number of selected component (if applicable): 4.8 How reproducible: 100% Steps to Reproduce: 1. create a DV with import https --- apiVersion: cdi.kubevirt.io/v1beta1 kind: DataVolume metadata: name: test-dv spec: source: http: url: https://.... pvc: accessModes: - ReadWriteOnce resources: requests: storage: 13Gi storageClassName: hostpath-provisioner volumeMode: Filesystem contentType: kubevirt 2. create pod/vm to consume the dv 3. Check DV status $ oc get dv -A NAMESPACE NAME PHASE PROGRESS RESTARTS AGE default test-dv ImportInProgress N/A 3 57s Actual results: DV in progress (after some time you can is restarted) Expected results: DV success Additional info: $ oc logs -f importer-dv-test I0401 17:44:17.030969 1 importer.go:52] Starting importer I0401 17:44:17.031142 1 importer.go:134] begin import process I0401 17:44:17.071016 1 http-datasource.go:244] Attempting to get certs from /certs/tlsregistry.crt I0401 17:44:17.092478 1 data-processor.go:355] Calculating available size I0401 17:44:17.092528 1 data-processor.go:367] Checking out file system volume size. I0401 17:44:17.092547 1 data-processor.go:375] Request image size not empty. I0401 17:44:17.092576 1 data-processor.go:380] Target size 1Gi. I0401 17:44:17.092724 1 data-processor.go:238] New phase: Convert I0401 17:44:17.092751 1 data-processor.go:244] Validating image E0401 17:44:17.127290 1 prlimit.go:174] nbdkit failed output is: E0401 17:44:17.127333 1 prlimit.go:175] E0401 17:44:17.127361 1 prlimit.go:176] nbdkit: curl[1]: error: problem doing HEAD request to fetch size of URL [https://internal-http.kube-system/cirros-qcow2.img]: Problem with the SSL CA cert (path? access rights?): error setting certificate verify locations: CAfile: /certs/tls.crt CApath: none qemu-img: Could not open 'nbd:unix:/tmp/nbdkitQFNqNV/socket': Requested export not available E0401 17:44:17.127421 1 data-processor.go:235] nbdkit: curl[1]: error: problem doing HEAD request to fetch size of URL [https://internal-http.kube-system/cirros-qcow2.img]: Problem with the SSL CA cert (path? access rights?): error setting certificate verify locations: CAfile: /certs/tls.crt CApath: none qemu-img: Could not open 'nbd:unix:/tmp/nbdkitQFNqNV/socket': Requested export not available , nbdkit execution failed: exit status 1 Unable to convert source data to target format kubevirt.io/containerized-data-importer/pkg/importer.(*DataProcessor).ProcessDataWithPause /remote-source/app/pkg/importer/data-processor.go:219 kubevirt.io/containerized-data-importer/pkg/importer.(*DataProcessor).ProcessData /remote-source/app/pkg/importer/data-processor.go:167 main.main /remote-source/app/cmd/cdi-importer/importer.go:189 runtime.main /usr/lib/golang/src/runtime/proc.go:203 runtime.goexit /usr/lib/golang/src/runtime/asm_amd64.s:1373 E0401 17:44:17.127530 1 importer.go:191] nbdkit: curl[1]: error: problem doing HEAD request to fetch size of URL [https://internal-http.kube-system/cirros-qcow2.img]: Problem with the SSL CA cert (path? access rights?): error setting certificate verify locations: CAfile: /certs/tls.crt CApath: none qemu-img: Could not open 'nbd:unix:/tmp/nbdkitQFNqNV/socket': Requested export not available , nbdkit execution failed: exit status 1 Unable to convert source data to target format kubevirt.io/containerized-data-importer/pkg/importer.(*DataProcessor).ProcessDataWithPause /remote-source/app/pkg/importer/data-processor.go:219 kubevirt.io/containerized-data-importer/pkg/importer.(*DataProcessor).ProcessData /remote-source/app/pkg/importer/data-processor.go:167 main.main /remote-source/app/cmd/cdi-importer/importer.go:189 runtime.main /usr/lib/golang/src/runtime/proc.go:203 runtime.goexit /usr/lib/golang/src/runtime/asm_amd64.s:1373
*** Bug 1946101 has been marked as a duplicate of this bug. ***
Maya, the linked PR is merged. Can we move this to MODIFIED or is there more work to be done?
verefied: CDI v1.34.0 CNV 4.8
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (Moderate: OpenShift Virtualization 4.8.0 Images), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHSA-2021:2920