Bug 1156000
| Summary: | Resize of flavor and migrate fails due to insufficient SSH keys distribution | ||
|---|---|---|---|
| Product: | Red Hat OpenStack | Reporter: | Marian Krcmarik <mkrcmari> |
| Component: | rhosp-director | Assignee: | chris alfonso <calfonso> |
| Status: | CLOSED DUPLICATE | QA Contact: | yeylon <yeylon> |
| Severity: | urgent | Docs Contact: | Mike Burns <mburns> |
| Priority: | high | ||
| Version: | 7.0 (Kilo) | CC: | hbrock, mburns, oblaut, pasik, rhel-osp-director-maint, rhos-maint, sgordon, srevivo, yeylon |
| Target Milestone: | --- | Keywords: | ZStream |
| Target Release: | Director | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | Bug Fix | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2015-08-28 16:43:05 UTC | Type: | Bug |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | |||
| Bug Blocks: | 1156010 | ||
|
Description
Marian Krcmarik
2014-10-23 11:27:40 UTC
To clarify more: One of the other features which uses SSH is offline migration triggered by command "nova migrate instance". Staypuft does not generate any SSH keys for nodes (compute and controller) as well as It does not place such generated keys into authorized_keys on the other nodes - so There is no SSH key distribution. This cause all the feature which depend on SSH to fail - in the case of migration (nova migrate) instance ends up in ERROR state. There is a live migration triggered by command "nova live-migration" which does not use SSH and works smoothly but from user point of perspective I would say that users will find and use "nova migrate" command firstly which will place their instances into ERROR state. Packstack does generate public SSH keys for this purpose and place it into authorized_keys on the nodes but It did not work for me as well unless I allowed login shell for nova user and places the ssh public keys of the nodes into known_hosts file of nova users on the other nodes. I have separated bug #1156010 for allowing the nova user to have a login shell which may have security impact. I am raising severity since some of the features do not work out of the box. Possibly this feature "nova migrate" could be taken away since "nova live-migration" works without use of SSH (over TCP). I have tested VM resize on latest rhel-osp 6 and it fails
to reproduce :
create VM
check its flavour
resize it flavour to bigger one
[root@controller ~(keystone_admin_tenant1)]$nova resize 1781233a-75a8-478d-95f3-bc5149f5a3d2 3
[root@controller ~(keystone_admin_tenant1)]$nova show 1781233a-75a8-478d-95f3-bc5149f5a3d2
+--------------------------------------+--------------------------------------------------------------------------------------------------+
| Property | Value |
+--------------------------------------+--------------------------------------------------------------------------------------------------+
| OS-DCF:diskConfig | MANUAL |
| OS-EXT-AZ:availability_zone | nova |
| OS-EXT-STS:power_state | 1 |
| OS-EXT-STS:task_state | - |
| OS-EXT-STS:vm_state | error |
| OS-SRV-USG:launched_at | 2015-01-20T06:15:30.000000 |
| OS-SRV-USG:terminated_at | - |
| accessIPv4 | |
| accessIPv6 | |
| config_drive | |
| created | 2015-01-20T06:14:10Z |
| fault | {"message": "Unexpected error while running command. |
| | Command: ssh 10.35.186.231 mkdir -p /var/lib/nova/instances/1781233a-75a8-478d-95f3-bc5149f5a3d2 |
| | Exit code: 255 |
| | Stdout: u'' |
| | Stderr: u'Host key verification failed.\\r\ |
| | '", "code": 500, "created": "2015-01-28T08:49:48Z"} |
| flavor | m1.small (2) |
| hostId | 5d600347a8839a6ad387e64de85d88b9aa9318fab380d0e29daa7ef0 |
| id | 1781233a-75a8-478d-95f3-bc5149f5a3d2 |
| image | cirros (5b099a2c-a682-466f-82c1-73a229118342) |
| key_name | oskey1 |
| metadata | {} |
| name | C |
| net201 network | 3001::f816:3eff:fe52:d005, 21.0.0.5 |
| os-extended-volumes:volumes_attached | [] |
| security_groups | default |
| status | ERROR |
| tenant_id | caa7603588c14954b2f4f6616f87d4bc |
| updated | 2015-01-28T08:49:48Z |
| user_id | efa9b7baadc149bd8082eede59a3121c
This seems to be a Staypuft problem, changing component I am moving this bug to osp-d since the same problem occurs there as already said this was supported by packstack but it lacks of support by staypuft or osp-d so feature as resize flavor or offline migration does not work out of box on deployments deployed by osp-d. *** This bug has been marked as a duplicate of bug 1221776 *** |