Description of problem: Scheduling an amd-sev guest fails due to UEFINotSupported. Specifically the failure happens when iteration over: [root@computeamdsev-0 firmware]# pwd /usr/share/qemu/firmware [root@computeamdsev-0 firmware]# ls 40-edk2-ovmf-sb.json 50-edk2-ovmf-amdsev.json 50-edk2-ovmf-cc.json 50-edk2-ovmf.json from [1]. The machine returned in get_loader [2] is pc-q35-rhel9.0.0, but the machines in the qemu firmware directory are either pc-q35-rhel8.5.0 or pc-q35-*. For the machines returned with the pattern pc-q35-* their features include secure_boot. Since the request to get_loaders has secure_boot as false no loaders are found and the exception is raised. [root@computeamdsev-0 firmware]# grep -r pc-q35-* * 40-edk2-ovmf-sb.json: "pc-q35-*" 50-edk2-ovmf-amdsev.json: "pc-q35-rhel8.5.0" 50-edk2-ovmf-cc.json: "pc-q35-rhel8.5.0" 50-edk2-ovmf.json: "pc-q35-*" [root@computeamdsev-0 firmware]# grep -rl secure-boot * 40-edk2-ovmf-sb.json 50-edk2-ovmf.json Version-Release number of selected component (if applicable): RHOS-17.0-RHEL-9-20220517.n.1 How reproducible: 100% Steps to Reproduce: 1. Attempt to create an amd sev guest on a supported deployment 2. 3. Actual results: Guest fails to schedule with Instance failed to spawn: nova.exception.UEFINotSupported: UEFI is not supported Expected results: Guest is scheduled without any issues Additional info: Bed can be made available upon request [1] https://github.com/openstack/nova/blob/c3ad968c875ae7fa67e7a1f8d321f1fc622897bc/nova/virt/libvirt/host.py#L1764 [2] https://github.com/openstack/nova/blob/c3ad968c875ae7fa67e7a1f8d321f1fc622897bc/nova/virt/libvirt/host.py#L1762
Quick note, image is using 'q35' (overcloud) [stack@undercloud-0 ~]$ openstack image show cirros-0.5.2-x86_64-disk.img +------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ | Field | Value | +------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ | checksum | b874c39491a2377b8490f5f1e89761a4 | | container_format | bare | | created_at | 2022-05-23T21:31:24Z | | disk_format | qcow2 | | file | /v2/images/659c0249-29f4-5ae7-9295-cacf1176422f/file | | id | 659c0249-29f4-5ae7-9295-cacf1176422f | | min_disk | 0 | | min_ram | 0 | | name | cirros-0.5.2-x86_64-disk.img | | owner | a2552c854ca74e80afa16e00aaaab68d | | properties | direct_url='swift+config://ref1/glance/659c0249-29f4-5ae7-9295-cacf1176422f', hw_firmware_type='uefi', hw_machine_type='q35', os_hash_algo='sha512', os_hash_value='6b813aa46bb90b4da216a4d19376593fa3f4fc7e617f03a92b7fe11e9a3981cbe8f0959dbebe36225e5f53dc4492341a4863cac4ed1ee0909f3fc78ef9c3e869', os_hidden='False', owner_specified.openstack.md5='', owner_specified.openstack.object='images/cirros-0.5.2-x86_64-disk.img', owner_specified.openstack.sha256='', stores='default_backend' | | protected | False | | schema | /v2/schemas/image | | size | 16300544 | | status | active | | tags | | | updated_at | 2022-05-23T21:31:35Z | | virtual_size | 117440512 | | visibility | public | +------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ Changing the image to use pc-q35-rhel8.5.0 instead of just q35 results in the below failure: (If this needs to be tracked in a separate BZ I can open one) nova/nova-compute.log:2022-05-25 20:30:47.428 2 DEBUG oslo_concurrency.lockutils [req-79627bb6-1e33-4799-9952-27a5e608efbc 09699a87ba594d518aa8d3b76f297536 a2552c854ca74e80afa16e00aaaab68d - default default] Lock "ddb52a03-8e92-4387-a7d9-5b580e03729a" released by "nova.compute.manager.ComputeManager.build_and_run_instance.<locals>._locked_do_build_and_run_instance" :: held 2.619s inner /usr/lib/python3.9/site-packages/oslo_concurrency/lockutils.py:367 [root@computeamdsev-1 containers]# grep -r nvram-template * nova/nova-compute.log:2022-05-25 20:30:46.726 2 ERROR nova.compute.manager [req-79627bb6-1e33-4799-9952-27a5e608efbc 09699a87ba594d518aa8d3b76f297536 a2552c854ca74e80afa16e00aaaab68d - default default] [instance: ddb52a03-8e92-4387-a7d9-5b580e03729a] Instance failed to spawn: KeyError: 'nvram-template' nova/nova-compute.log:2022-05-25 20:30:46.726 2 ERROR nova.compute.manager [instance: ddb52a03-8e92-4387-a7d9-5b580e03729a] loader['mapping']['nvram-template']['filename'], nova/nova-compute.log:2022-05-25 20:30:46.726 2 ERROR nova.compute.manager [instance: ddb52a03-8e92-4387-a7d9-5b580e03729a] KeyError: 'nvram-template' nova/nova-compute.log:2022-05-25 20:30:46.880 2 ERROR nova.compute.manager [req-79627bb6-1e33-4799-9952-27a5e608efbc 09699a87ba594d518aa8d3b76f297536 a2552c854ca74e80afa16e00aaaab68d - default default] [instance: ddb52a03-8e92-4387-a7d9-5b580e03729a] Failed to build and run instance: KeyError: 'nvram-template' nova/nova-compute.log:2022-05-25 20:30:46.880 2 ERROR nova.compute.manager [instance: ddb52a03-8e92-4387-a7d9-5b580e03729a] loader['mapping']['nvram-template']['filename'], nova/nova-compute.log:2022-05-25 20:30:46.880 2 ERROR nova.compute.manager [instance: ddb52a03-8e92-4387-a7d9-5b580e03729a] KeyError: 'nvram-template' nova/nova-compute.log:2022-05-25 20:30:46.881 2 DEBUG nova.compute.manager [req-79627bb6-1e33-4799-9952-27a5e608efbc 09699a87ba594d518aa8d3b76f297536 a2552c854ca74e80afa16e00aaaab68d - default default] [instance: ddb52a03-8e92-4387-a7d9-5b580e03729a] Build of instance ddb52a03-8e92-4387-a7d9-5b580e03729a was re-scheduled: 'nvram-template' _do_build_and_run_instance /usr/lib/python3.9/site-packages/nova/compute/manager.py:2254
New OSP 17 Jira doc ticket will be open to document known issue until RHEL fix is released.
Doc tracker: https://issues.redhat.com/browse/RHOSPDOC-955