Bug 1226061
Summary: | Lack of raising exception and error logging for the ssh and scp commands while copying keys and certs from broker to F5 LTM | ||
---|---|---|---|
Product: | OpenShift Container Platform | Reporter: | Miheer Salunke <misalunk> |
Component: | Node | Assignee: | Miciah Dashiel Butler Masters <mmasters> |
Status: | CLOSED ERRATA | QA Contact: | libra bugs <libra-bugs> |
Severity: | unspecified | Docs Contact: | |
Priority: | unspecified | ||
Version: | 2.2.0 | CC: | adellape, anli, jokerman, libra-onpremise-devel, mmccomas, nicholas_schuetz, pep, tiwillia |
Target Milestone: | --- | ||
Target Release: | --- | ||
Hardware: | Unspecified | ||
OS: | Unspecified | ||
Whiteboard: | |||
Fixed In Version: | rubygem-openshift-origin-routing-daemon-0.25.1.2-1.el6op | Doc Type: | Bug Fix |
Doc Text: |
The routing daemon previously did not check the exit status of `ssh` and `scp` commands for copying certificates and keys to and deleting the same from the F5 BIG-IP host. This caused some errors in copying keys to F5 BIG-IP to be ignored. This bug fix updates the routing daemon, and the F5 iControl REST API model now checks the exit status of `ssh` and `scp` commands and raises an exception if the exit status is not 0. As a result, the routing daemon now logs errors from the `ssh` and `scp` commands.
|
Story Points: | --- |
Clone Of: | Environment: | ||
Last Closed: | 2015-09-30 16:37:44 UTC | Type: | Bug |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Miheer Salunke
2015-05-28 21:26:58 UTC
PR: https://github.com/openshift/origin-server/pull/6154 I will need to perform some manual testing and get the PR merged before I can mark this report ON_QA. Commit pushed to master at https://github.com/openshift/origin-server https://github.com/openshift/origin-server/commit/ef08acd4d00f7d7c87dc57fdfe17a21206cf5cbd routing-daemon: F5: check for and log SSH errors F5IControlRestLoadBalancerModel: Add run method that runs the given command, captures stdout and stderr, and raises an exception if the command fails. F5IControlRestLoadBalancerModel#add_ssl: Use the new run method to check for, log, and handle errors from the ssh and scp commands. Modify the logging output to be neater and more consistent. This commit fixes bug 1226061. Block by the following error. waiting response in https://bugzilla.redhat.com/show_bug.cgi?id=1217572. [root@broker log]# cat /var/log/openshift-routing-daemon.output /opt/rh/ruby193/root/usr/share/gems/gems/openshift-origin-routing-daemon-0.25.1.1/lib/openshift/routing/models/f5-icontrol-rest.rb:63:in `rescue in rest_request': undefined method `wrap_exceptions' for #<Hash:0x00000002796998> (NoMethodError) Verified and pass. We can see the exception once there isn't permission. W, [2015-09-24T05:02:52.196433 #766] WARN -- : Got an exception: Command `scp -o StrictHostKeyChecking=no -o PasswordAuthentication=no -o VerifyHostKeyDNS=no -o UserKnownHostsFile=/dev/null -i "/etc/openshift/bigip.key" /tmp/bigip-ssl-cert20150924-766-xs345p ose.88.53:/var/tmp/www.appsphpalias.com.crt` returned exit code 1, output: Warning: Permanently added '10.3.88.53' (RSA) to the list of known hosts.^M Permission denied (publickey,keyboard-interactive,hostbased).^M lost connection Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://rhn.redhat.com/errata/RHSA-2015-1844.html |