Bug 1848581

Summary: All ssh_known_hosts entries using undercloud ctrl_plane_ip instead of host ip
Product: Red Hat OpenStack Reporter: Ollie Walsh <owalsh>
Component: tripleo-ansibleAssignee: Alex Schultz <aschultz>
Status: CLOSED ERRATA QA Contact: James Parker <jparker>
Severity: high Docs Contact:
Priority: high    
Version: 16.1 (Train)CC: augol, emacchi, hakhande, jparker, kecarter, owalsh, spower, stephenfin
Target Milestone: z2Keywords: Triaged, ZStream
Target Release: 16.1 (Train on RHEL 8.2)   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: tripleo-ansible-0.5.1-1.20200821174333.12e90d8.el8ost Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2020-10-28 15:38:11 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Ollie Walsh 2020-06-18 14:45:44 UTC 
Description of problem:
The undercloud ctrl_plane ip is included in the ssh_known_host entry for every host e.g:

[root@computehciovsdpdk-1 ~]# cat /etc/ssh/ssh_known_hosts
# BEGIN ANSIBLE MANAGED BLOCK
[192.0.90.19]*,[computehciovsdpdk-0.localdomain]*,[computehciovsdpdk-0]*,[10.10.130.176]*,[computehciovsdpdk-0.internalapi]*,[computehciovsdpdk-0.internalapi.localdomain]*,[10.10.131.185]*,[computehciovsdpdk-0.tenant]*,[computehciovsdpdk-0.tenant.localdomain]*,[10.10.132.154]*,[computehciovsdpdk-0.storage]*,[computehciovsdpdk-0.storage.localdomain]*,[10.10.133.171]*,[computehciovsdpdk-0.storagemgmt]*,[computehciovsdpdk-0.storagemgmt.localdomain]*, ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQClrz917Qim9jFtx0pyBgHgCMWzagRbq3j54wLlIoHfouTUbGo87ImHQpQfTujslk14HVo+xe2Wpfp3krg5+gNyJ7wl16a4jhax2RWKVD8TNLsRvDSqaOcqGoo5WZosxS19C9lt+NOrUyzBxwJ1yiDLTyFbkGr6BIlmZWPswMc4cptrFVDWXryp/9OGUg3t69rJTrObjkwdGpc/Z3K5YWFdYSUzM1YPhkit3HySq+5Jshy6aPjni9LBGP9qjYCnvyqqt1+sYcMjcW/T3+S0x+SjzzJzq7fBTmt+KymrqdvwbCZJFpdLzgZKvtfo0IVvrQ1u8Uf3WcQyg+akWSgVn5zWwQhbGqTh3hIbv4VPES2d3rT2CW6VJg4BJAv5FG4hEeYMqoYCQaXc5E82d2LCGd3ZP32TQnhYfZ5HI7fuSSLnJ8Kqyvd8wi5+NBrdU3D4Pm+q1OxPyqteQSW6HVJ3AtzlYFSFwLKExdFTLgGtFeDwSoy9GJMkJYy7i7fMwzpxshM=
[192.0.90.19]*,[computehciovsdpdk-1.localdomain]*,[computehciovsdpdk-1]*,[10.10.130.167]*,[computehciovsdpdk-1.internalapi]*,[computehciovsdpdk-1.internalapi.localdomain]*,[10.10.131.142]*,[computehciovsdpdk-1.tenant]*,[computehciovsdpdk-1.tenant.localdomain]*,[10.10.132.122]*,[computehciovsdpdk-1.storage]*,[computehciovsdpdk-1.storage.localdomain]*,[10.10.133.146]*,[computehciovsdpdk-1.storagemgmt]*,[computehciovsdpdk-1.storagemgmt.localdomain]*, ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCq2Xys18mxUBr4JHDBT2HQlfUB4KqJcysaw/79MMpCGIkaSeBwX+Q9uvo71YVfg5Z3boC/Ch7JMRF3ffAgvthQCIh2zYVVi8R2klyTBjHSFTUkufbirKfd9J01fc7PNfwkWO5mTQM9T0XTUm7X2HwcndyK8MW+ADLMUFFehIuRvLJcOXo5YQl/lISkm5sslKp1KkmVobU2A53zIHduweZEnzzxHd+rJveICI+kAhQ8X7CXBOM3HPgJSVXiiukixf+4dZzMq9pQhnc8Aj22fAlXq+sF+SocyB8pS3yRcbNO0fJclSRQSByL3myfwHQbGrrNIJ/dr3eGASiUqQHXolIL8mRHTPuTKX2CmA0VROV8rfxJQwsPDBDe6WCfFEeV/dSABY4/VcSmjDhRV2V4aQhVobO35iZs/3389OjlMOJQk5prGVF5dmn1x5KT2XlWiZrLOENg/cklKTTCmcnP81IUZfZv3z11qdkjCCoeudpK7Af2eivKhSGM83nURPWzugc=
[192.0.90.19]*,[controller-0.localdomain]*,[controller-0]*,[10.10.130.189]*,[controller-0.internalapi]*,[controller-0.internalapi.localdomain]*,[10.10.131.107]*,[controller-0.tenant]*,[controller-0.tenant.localdomain]*,[10.10.132.173]*,[controller-0.storage]*,[controller-0.storage.localdomain]*,[10.10.133.139]*,[controller-0.storagemgmt]*,[controller-0.storagemgmt.localdomain]*,[10.35.185.73]*,[controller-0.external]*,[controller-0.external.localdomain]* ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCwHHiEN5d0qpF5M/cT7UBOrHFLQ8scfhkwctG0ad1c9EFmdBZbllc5KVuw5w/bw9NpFS4+SPVlTBjPJUW+dZxgzSiyAKC9Nr0SMFbBvOBQuVeD9/0b0A3ofMlEyeBuLUbncO0ENp6OJoDqXeRZAbfIWGlzCaN6JNmsMBCi/hn0guNvoSiZ6f1hXuysOtScF8sTd/20PgHCxhHDHhjNtbBUR8iwws/yy9U4QSVxVhhyQtLc/fx2nFBtJKXMyrOFqFykXwhngo5wbZo5CQ9Ee4te43m4IxWGED7PuvzlPgSSQy8HkioNW9dBD+QYKpffSswZT4YUT3LpB4LNZVkNQwoY/F4c6MPcPJxGObIMGZ489RPsaOWzB5hQT1N4olhoGsu0oQoZW/VoflG5pMbcsrEvXwADzGAyh2Ci2156G7wlYMo/CO71V4bAMI2EPAofcyLDNpnpYKhOJlrZagOUzw3v0HP1uUrLKlCrTN6dEqLY6GNvCzk1rgeCSgviIIITIyM=
[192.0.90.19]*,[controller-1.localdomain]*,[controller-1]*,[10.10.130.108]*,[controller-1.internalapi]*,[controller-1.internalapi.localdomain]*,[10.10.131.136]*,[controller-1.tenant]*,[controller-1.tenant.localdomain]*,[10.10.132.118]*,[controller-1.storage]*,[controller-1.storage.localdomain]*,[10.10.133.129]*,[controller-1.storagemgmt]*,[controller-1.storagemgmt.localdomain]*,[10.35.185.68]*,[controller-1.external]*,[controller-1.external.localdomain]* ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQC5DQ1dlOImI0b1wu1oTvm1GCZtpSNLxY46NCMWfu1gZhFZLax+MZ0W2QfinCneRbAtawrudb/f524dLmztkxYGEOSbXToodLFcSRdAEPrQxZJ6Ftuazu0+UEAROs6D6KaBrnjl7poKD/pmyShIupK+v/KRmfA3JRhXLFc02cVEpI/vXDjvMfsWkMaKGkLimBAwNBGGuH6hN1bRPaRRsljgEc5npmNWxfT68V+MUd6QgpARzGjj2ifWYeJwBLRsU3ueblwwN4qCa0+j58rjAgEFd6amscCd5bbRa5OpbGl1uezCWokyfk9ABJ/+Z/Hx6q0mKaQklE5ZfZeX1PTeGcOF61FH78wBMsJS7L0X1z1H1tXC0S0X3utcmWMoGZdphGUQlLd2/5PPG+KHRsXNl3oIQfj01MTxdEdCpgsqb+1ruzNVMmL6T9AJeLVYQbw3D9jX/yYDpQEMlqdpkD90TpdlVB3rktQJMMxel2SbwkNNgbvqfyqUTXKpsH8RSXBfINU=
[192.0.90.19]*,[controller-2.localdomain]*,[controller-2]*,[10.10.130.119]*,[controller-2.internalapi]*,[controller-2.internalapi.localdomain]*,[10.10.131.187]*,[controller-2.tenant]*,[controller-2.tenant.localdomain]*,[10.10.132.174]*,[controller-2.storage]*,[controller-2.storage.localdomain]*,[10.10.133.174]*,[controller-2.storagemgmt]*,[controller-2.storagemgmt.localdomain]*,[10.35.185.66]*,[controller-2.external]*,[controller-2.external.localdomain]* ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDVbjyHCISy+GAysUKcgWCxoYmhpGt1dcp8eVTq8dbk+fSuwPVAa7Cg0F+o7AhxcLoPZ8N2r856Qgc36pXmC8DolVHx07iOA6qyR5zCgYDJASlAKDzTf80y8uy3OJ2yNXevhN97hRlrcKgbJy5CpnruBV7xXTCwWiaeDPs3WvMfHJ+s0ls8d6xRbkNamhu7ZviTXuzBq4Wcvhj6d5wvLqP/8QjlM6Q8bEhxLzMIGzxNSa+ArPJyCLa+93eJDlYTD2/kda8Ce2l6zZoVnhOLVo5PwKMdiO7njRzrVbGTZK/WC0BS+ALTxw4nCaXeOoW7AIejL84cOCTnlPIGPMQwCaLS3r9pqz1VwwDlm+cGz85bierkTDgyHuRmfZFkiJxwxDdZX8wELEWp2zih0RCq/gd2bWTTyiEjSqj92G9XYN67E85PPpeOR8zgBAjj9R33CeRUWCoolClq8m/o605zzYt+5rX6EsOkfBB3dkW1gindS7cdfgx//64LisyAcewY/8s=


Version-Release number of selected component (if applicable):
16.1

How reproducible:
always

Steps to Reproduce:
1. deploy overcloud
2. inspect /etc/ssh/ssh_known_hosts on any node

Actual results:
Every host entry contains the undercloud ctrl_plane ip

Expected results:
Each host entry only contains IPs/fqdns for the host in question

Additional info:
Forked from https://bugzilla.redhat.com/show_bug.cgi?id=1845957
Comment 11 errata-xmlrpc 2020-10-28 15:38:11 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (Red Hat OpenStack Platform 16.1 bug fix and enhancement advisory), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHEA-2020:4284