Learn about known issues with Confidential VM. This topic discusses problems and errors whose resolutions require more steps than can be easily described in an error message. Additional workarounds and solutions may be found through a support channel.
Instances with more than 40 persistent disks
Confidential VM instances with more than 40 persistent disks (PDs) attached are not supported. If you need to attach more than 40 PDs, you can request an exception to this limitation through a support channel. Be cautious when you attach more than 40 PDs because instances with more than 40 PDs might boot and fail silently.
Customers may notice longer boot times for Confidential VM instances with large amounts of memory. Boot time is proportional to the amount of memory assigned to an instance.
Due to a current limitation of NVME drivers, it is not possible to apply a customer-supplied device name to disks attached to a Confidential VM instance. If you need custom disk names as identifiers—for example, for automation purposes—as an example, a potential workaround is the use of the Compute Engine metadata service.
Formatting to XFS on persistent disks
Confidential VM instances do not support formatting existing persistent disks (PDs) to the XFS file system format. You can create new PDs formatted as XFS.
SWIOTLB buffer is full
For disk and network input/output operations, Confidential VM uses a
specific area in memory called the Software Input Output Translation Lookaside
Buffer (SWIOTLB), which has a default size of 64 MB. If the
Confidential VM encounters the
SWIOTLB buffer is full error, you can try increasing the SWIOTLB size.
To check whether the Confidential VM encountered the
is full error, connect to the instance and run the following command to
dmesg| grep 'swiotlb buffer is full'
I/O operation time-out
Most operating systems specify a timeout for I/O operations submitted to NVMe
devices. The default timeout is 30 seconds and can be changed using the
nvme_core.io_timeout boot parameter. For most Linux kernels earlier than
version 4.6, this parameter is
If I/O latency exceeds the value of this timeout parameter, the Linux NVMe driver fails the I/O and returns an error to the filesystem or application. Depending on the I/O operation, your filesystem or application can retry the error. In some cases, your filesystem might be remounted as read-only.
I/O intensive workloads: increasing the size of the SWIOTLB
SWIOTLB has a default size of 64 MB. If you anticipate high levels of input/output on VMs with more than 8 vCPUs, increase the size of the SWIOTLB. The SWIOTLB is part of the total available RAM on the guest. Before increasing the size, ensure that the guest has enough RAM for the SWIOTLB and the operating system.
For example, to increase the size of the SWIOTLB to 512 MB, append the
following line to
grub.cfg by running the following commands:
cp $grubcfg $grubcfg.bak
grub2-mkconfig -o $grubcfg
For more information, see AMDSEV.