Kexec_load failed: Operation not permitted

Problem:

On deploying a new host using foreman-discovery, the new host fails to perform kexec_load with error

kexec_load failed: Operation not permitted

The attempted command failed with code 255
Removed slice User Slice of root.

The fact-upload and discovery process worked as expected, but on performing kexec, the installation process fails.

Expected outcome:
Performing installation

Foreman and Proxy versions:

Discovery

Version

1.0.5

Dynflow

Version

0.2.4

HTTPBoot

Version

1.24.2

SSH

Version

0.2.1

TFTP

Version

1.24.2

TFTP server

false

Additional information: This does only happen on VMs deployed on ESXi with OS-type “CentOS8” preselected. If I am using “CentOS7” here, everything works fine.

So my question is: Is there anything I can do to make it work using preselected “CentOS8”?

Hello everybody,

I just found out that the reason for this is that ESXi configures EFI-firmware if I choose “CentOS 8” as profile.On CentOS 7-profile the firmware is set to “BIOS”.

So I guess I need to rework my templates to support EFI.

Hello, kexec on EFI does not work and there are no plans on getting that working.

Hello @lzap

thanks for your response.

So without PXE boot I cannot deploy on UEFI-hosts using discovery? Is there any alternative?

Sorry I should have been more verbose, kexec will not work in SecureBoot environment, this is the error it does when you attempt to do it. Turn SecureBoot and it will work.

Make sure to have latest and greatest image where we remove KMS drivers, most of graphic drivers are causing issues, including the VMWare one: