Bug 1968364
Summary: | [Azure] when using ssh type ed25519 bootstrap fails to come up | |||
---|---|---|---|---|
Product: | OpenShift Container Platform | Reporter: | Fatima <fshaikh> | |
Component: | Installer | Assignee: | aos-install | |
Installer sub component: | openshift-installer | QA Contact: | MayXu <maxu> | |
Status: | CLOSED ERRATA | Docs Contact: | ||
Severity: | low | |||
Priority: | low | CC: | cchandra, gpei, jialiu, mstaeble, tsze | |
Version: | 4.8 | |||
Target Milestone: | --- | |||
Target Release: | 4.10.0 | |||
Hardware: | Unspecified | |||
OS: | Unspecified | |||
Whiteboard: | ||||
Fixed In Version: | Doc Type: | Bug Fix | ||
Doc Text: |
Cause: The UPI ARM templates are attaching an ssh key to the VM instances created.
Consequence: The creation of the VMs fails when the ssh key provided by the user is the ed25519 type.
Fix: Do not attach an ssh key to the VM instances, since the ssh key is not used.
Result: The creation of the VMs succeeds regardless of the type of the ssk key provided by the user.
|
Story Points: | --- | |
Clone Of: | ||||
: | 2030937 (view as bug list) | Environment: | ||
Last Closed: | 2022-03-10 16:03:59 UTC | Type: | Bug | |
Regression: | --- | Mount Type: | --- | |
Documentation: | --- | CRM: | ||
Verified Versions: | Category: | --- | ||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | ||
Cloudforms Team: | --- | Target Upstream Version: | ||
Embargoed: | ||||
Bug Depends On: | ||||
Bug Blocks: | 2030937 |
Comment 7
To Hung Sze
2021-07-12 18:31:37 UTC
Clarifying my comment above (and clearing NEEDINFO). Azure IPI works with ed25519 but not UPI. Please see Matthew's https://bugzilla.redhat.com/show_bug.cgi?id=1968364#c2. Thanks, we'll look addressing this as Matthew stated in comment 2. Needs prioritized. Will review again for a future sprint. verified ed25519 type and RSA (2048) based on https://github.com/openshift/installer/blob/master/docs/user/azure/install_upi.md setup cluster, master and bootstrap can be connected with ssh. cluster are health. version info: ../openshift-install 4.9.0-0.nightly-2021-11-22-163611 built from commit 1c538b8949f3a0e5b993e1ae33b9cd799806fa93 azure ARM template file https://github.com/openshift/installer/pull/5407/commits (e17798925dc291fd43da904fb78b08ab9a77d5ab) verified with ed25519 type key (~/.ssh/id_rsa) jsonfiles under https://github.com/openshift/installer/tree/master/upi/azure c2f7e3c351516e73a65da15da6701f59fd81c33e $ ./openshift-install version ./openshift-install 4.10.0-0.nightly-2021-12-01-164437 built from commit 6fc5df3e0e0248910b9f4f5f4153c2a9790c9063 release image registry.ci.openshift.org/ocp/release@sha256:b8f33e8537d20a7c0407d2d9842e174265d90ce089b02a8ba51b31975c4f2306 UPI install cluster, can access bootstap with "ssh -i ~/.ssh/id_rsa core.cloudapp.azure.com" cat sshNodes.sh echo boot_host=$boot_host echo ssh_key_param=$ssh_key_param ssh $ssh_key_param -t -o StrictHostKeyChecking=no -o ProxyCommand="ssh $ssh_key_param -A -o StrictHostKeyChecking=no -o ServerAliveInterval=30 -W %h:%p core@${boot_host}" core@$1 "sudo -i" $sshNodes.sh 10.0.0.6 (master) Warning: Permanently added '20.118.1.134' (ED25519) to the list of known hosts. ... $sshNodes.sh 10.0.1.5 (worker) Warning: Permanently added '10.0.1.5' (ED25519) to the list of known hosts. ... need update the doc .../installing/installing_azure/installing-azure-user-infra.html remove "--parameters sshKeyData="${SSH_KEY}" in "az deployment group create..." Caleb, can you remove the usages of `sshKeyData` from https://github.com/openshift/installer/blob/master/docs/user/azure/install_upi.md? Caleb, based on https://bugzilla.redhat.com/show_bug.cgi?id=1964380, '--parameters privateDNSZoneName' need be removed. And suggest get the VHD_URL as the following: export VHD_URL=$(openshift-install coreos print-stream-json | jq -r '.architectures.x86_64."rhel-coreos-extensions"."azure-disk".url') (In reply to MayXu from comment #18) > Caleb, based on https://bugzilla.redhat.com/show_bug.cgi?id=1964380, > '--parameters privateDNSZoneName' need be removed. > > And suggest get the VHD_URL as the following: > export VHD_URL=$(openshift-install coreos print-stream-json | jq -r > '.architectures.x86_64."rhel-coreos-extensions"."azure-disk".url') @maxu Those are separate issues unrelated to this BZ. Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (Moderate: OpenShift Container Platform 4.10.3 security update), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHSA-2022:0056 The needinfo request[s] on this closed bug have been removed as they have been unresolved for 500 days |