2025295 – Windows VMs fail to start on air-gapped environments for non-admin users

Bug 2025295 - Windows VMs fail to start on air-gapped environments for non-admin users

Summary: Windows VMs fail to start on air-gapped environments for non-admin users

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	Container Native Virtualization (CNV)
Classification:	Red Hat
Component:	Installation
Sub Component:
Version:	4.10.0
Hardware:	Unspecified
OS:	Unspecified
Priority:	unspecified
Severity:	high
Target Milestone:	---
Target Release:	4.10.0
Assignee:	Oren Cohen
QA Contact:	Guohua Ouyang
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:	2032873 2032876
TreeView+	depends on / blocked

Reported:	2021-11-21 14:03 UTC by ssoroka
Modified:	2022-03-16 15:56 UTC (History)
CC List:	7 users (show)
Fixed In Version:	hco-bundle-registry-container-v4.10.0-465
Doc Type:	If docs needed, set a value
Doc Text:
Clone Of:
Clones:	2032873 2032876 (view as bug list)
Environment:
Last Closed:	2022-03-16 15:56:33 UTC
Target Upstream Version:
Embargoed:
Dependent Products:

Attachments	(Terms of Use)

Links
System	ID	Priority	Status	Summary	Last Updated
Github	kubevirt hyperconverged-cluster-operator pull 1647	None	open	Provide virtio-win pullspec in dedicated ConfigMap	2021-12-10 10:20:39 UTC
Github	openshift console pull 10616	None	Merged	Bug 2025295: Add new option for VIRTIOWIN ConfigMap name	2021-12-10 10:20:41 UTC
Red Hat Product Errata	RHSA-2022:0947	None	None	None	2022-03-16 15:56:49 UTC

Description ssoroka 2021-11-21 14:03:32 UTC

Description of problem:
During Windows VM creation there is a virtio-win containerDisk that is being used.
Previously we had Bug 1942839 which was fixed for 4.8 (fail to pull image with latest tag).
The solution was to reference this image with a digest instead of tag (the digest is taken from a configmap).
We experience now a similar issue but only for regular users (not cluster-admins).
 

Version-Release number of selected component (if applicable):


How reproducible:
Try to create a Windows VM (that requires the default virtio-win drivers) in a disconnected (air-gapped) environment. 

Steps to Reproduce:
1. Create a Windows VM using a regular user (not cluster-admin)
2. Wait until the VM starts 
3. Verify that is stuck on starting phase and that the virt-launcher is in imagePullBackoff

Actual results:
VM is stuck on starting, virt-launcher fails to pull the virtio-win containerDisk image

Expected results:
Windows VM is successfully created 

Additional info:
Currently we use configmaps/v2v-vmware to let us know the clusters virtio-win image, this configmap is not readable to all.

Comment 1 Yaacov Zamir 2021-11-22 10:54:08 UTC

Moving to installation (hyper converged operator)

because HCO installs the local images air gaped environment images, and can put them in a config map that should be readable by project admin (non cluster admin users)

Comment 2 Oren Cohen 2021-12-13 12:36:12 UTC

Fixed in version:
hco-bundle-registry-container-v4.10.0-465
hyperconverged-cluster-operator-container-v4.10.0-88 (https://brewweb.engineering.redhat.com/brew/buildinfo?buildID=1824536)

Comment 3 Guohua Ouyang 2021-12-15 03:34:30 UTC

Verified the bug with hco-bundle-registry-container-v4.10.0-465 and latest console, create a windows VM by non-admin user is running normally, virtio-win image is using the one in virtio-win config map and is able to pull down.

Comment 9 errata-xmlrpc 2022-03-16 15:56:33 UTC

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (Moderate: OpenShift Virtualization 4.10.0 Images security and bug fix update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2022:0947

Note You need to log in before you can comment on or make changes to this bug.