Bug 2009298

Summary: Service created for VM SSH access is not owned by the VM and thus is not deleted if the VM is deleted
Product: OpenShift Container Platform Reporter: Ruth Netser <rnetser>
Component: Console Kubevirt PluginAssignee: Matan Schatzman <mschatzm>
Status: CLOSED ERRATA QA Contact: Guohua Ouyang <gouyang>
Severity: medium Docs Contact:
Priority: medium    
Version: 4.9CC: aos-bugs, gouyang, tnisan, yzamir
Target Milestone: ---   
Target Release: 4.10.0   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: No Doc Update
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2022-03-10 16:14:44 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Bug Depends On:    
Bug Blocks: 2019494    

Description Ruth Netser 2021-09-30 10:11:11 UTC
Description of problem:
Service created for VM SSH access is not owned by the VM.
If the VM is deleted, the service is not deleted, leaving leftovers in the cluster.

Version-Release number of selected component (if applicable):
OCP 4.9.0-rc.3, CNV 4.9.0

How reproducible:
100%

Steps to Reproduce:
1. Create a VM using the wizard
2. Leave "Expose SSH access to this virtual machine" checked
3. Delete the VM

Actual results:
While the VM is deleted, the associated service is not deleted.

Expected results:
Any resource, created as part of VM creation, should be deleted once the VM is deleted.

Additional info:

$ oc get vm,vmi,svc
NAME                                                AGE   STATUS         READY
virtualmachine.kubevirt.io/rhel7-legislative-fowl   7s    Provisioning   False
virtualmachine.kubevirt.io/win2k19-noble-silkworm   17m   Provisioning   False

NAME                                         TYPE           CLUSTER-IP       EXTERNAL-IP                            PORT(S)           AGE
service/kubernetes                           ClusterIP      172.30.0.1       <none>                                 443/TCP           3d13h
service/openshift                            ExternalName   <none>           kubernetes.default.svc.cluster.local   <none>            3d13h
service/rhel7-legislative-fowl-ssh-service   NodePort       172.30.176.163   <none>                                 22000:31288/TCP   7s
service/win2k19-grubby-jackal-ssh-service    NodePort       172.30.223.98    <none>                                 22000:30115/TCP   43m
service/win2k19-noble-silkworm-ssh-service   NodePort       172.30.26.241    <none>                                 22000:31691/TCP   17m
service/win2k19-upper-egret-ssh-service      NodePort       172.30.199.76    <none>                                 22000:31850/TCP   40m


## After deletion of win2k19-noble-silkworm VM:

$ oc get vm,vmi,svc
NAME                                                AGE   STATUS         READY
virtualmachine.kubevirt.io/rhel7-legislative-fowl   29s   Provisioning   False

NAME                                         TYPE           CLUSTER-IP       EXTERNAL-IP                            PORT(S)           AGE
service/kubernetes                           ClusterIP      172.30.0.1       <none>                                 443/TCP           3d13h
service/openshift                            ExternalName   <none>           kubernetes.default.svc.cluster.local   <none>            3d13h
service/rhel7-legislative-fowl-ssh-service   NodePort       172.30.176.163   <none>                                 22000:31288/TCP   28s
service/win2k19-grubby-jackal-ssh-service    NodePort       172.30.223.98    <none>                                 22000:30115/TCP   44m
service/win2k19-noble-silkworm-ssh-service   NodePort       172.30.26.241    <none>                                 22000:31691/TCP   18m
service/win2k19-upper-egret-ssh-service      NodePort       172.30.199.76    <none>                                 22000:31850/TCP   41m

## Created service

$ oc get svc win2k19-noble-silkworm-ssh-service -oyaml
apiVersion: v1
kind: Service
metadata:
  creationTimestamp: "2021-09-30T09:51:29Z"
  name: win2k19-noble-silkworm-ssh-service
  namespace: default
  resourceVersion: "4996916"
  uid: 002bea30-2ba2-42c4-b096-0d68d9d04db8
spec:
  clusterIP: 172.30.26.241
  clusterIPs:
  - 172.30.26.241
  externalTrafficPolicy: Cluster
  internalTrafficPolicy: Cluster
  ipFamilies:
  - IPv4
  ipFamilyPolicy: SingleStack
  ports:
  - nodePort: 31691
    port: 22000
    protocol: TCP
    targetPort: 22
  selector:
    flavor.template.kubevirt.io/medium: "true"
    kubevirt.io/domain: win2k19-noble-silkworm
    os.template.kubevirt.io/win2k19: "true"
    vm.kubevirt.io/name: win2k19-noble-silkworm
    workload.template.kubevirt.io/server: "true"
  sessionAffinity: None
  type: NodePort
status:
  loadBalancer: {}

Comment 2 Guohua Ouyang 2021-10-21 07:27:21 UTC
verified on master

Comment 5 errata-xmlrpc 2022-03-10 16:14:44 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (Moderate: OpenShift Container Platform 4.10.3 security update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2022:0056