OpenShift Install (4.19.10) fails when using the new AWS Regional NAT Gateway

[aneeshobjec3d]

Hello

I have tested this and verified that the OpenShift install does not succeed when using an AWS VPC with a regional NAT gateway. This is a new feature from AWS so my assumption is that OpenShift does not support it. However, I am using UPI (User Provisioned Infrastructure) with my own VPC setup, so I don't understand why the NAT gateway configuration should affect OpenShift. OpenShift should not care whether I use a regional or default zonal NAT gateway. As long as there is a route out to the internet for the subnet, why should this affect the installation?

This is the error I get when using a regional NAT gateway.

1/11/2026, 6:28:19 AM:level=info msg=Waiting up to 15m0s (until 7:43PM UTC) for network infrastructure to become ready...
1/11/2026, 6:43:15 AM:level=error msg=failed to fetch Cluster: failed to generate asset "Cluster": failed to create cluster: infrastructure was not ready within 15m0s: client rate limiter Wait returned an error: context deadline exceeded

I have noticed that the internal load balancer is not provisioned. When I switch back to the old zonal NAT gateway, this works fine.

Thank You

[tthvo]

Hi @aneeshobjec3d, as you said, OpenShift does not support regional NAT yet. If you can file an RFE for regional NAT, we will look into it.

1/11/2026, 6:28:19 AM:level=info msg=Waiting up to 15m0s (until 7:43PM UTC) for network infrastructure to become ready...
1/11/2026, 6:43:15 AM:level=error msg=failed to fetch Cluster: failed to generate asset "Cluster": failed to create cluster: infrastructure was not ready within 15m0s: client rate limiter Wait returned an error: context deadline exceeded

From the logs above, I just wanted to make sure I understand your scenario correctly. Which of the following is your scenario?

1. UPI install - you must create VPC, subnets, NATs, ignition buckets, bootstrap machines, controlplane/compute machines, etc.
2. Bring your own VPC - you pre-create VPC, subnets, etc. And you provide the information to installconfig.platform.aws.vpc.subnets or installconfig.platform.aws.subnets.

If case 2 is the one, then the error is expected due regional NAT being unsupported. If you can provide the full install logs, I am happy to help debugging 😃

[aneeshobjec3d]

Thanks for the reply @tthvo . I can confirm that the scenario is scenario 2 - Bring your own VPC. I will file an RFE as you suggested.

[tthvo]

Sounds good, thanks! We will look into it as soon as it's on our priority list.

[openshift-ci]

Issues go stale after 90d of inactivity.

Mark the issue as fresh by commenting /remove-lifecycle stale.
Stale issues rot after an additional 30d of inactivity and eventually close.
Exclude this issue from closing by commenting /lifecycle frozen.

If this issue is safe to close now please do so with /close.

/lifecycle stale