Bug 2152551

Summary: SSH over NodePort does not work
Product: Container Native Virtualization (CNV) Reporter: Guohua Ouyang <gouyang>
Component: User ExperienceAssignee: Ugo Palatucci <upalatuc>
Status: CLOSED DUPLICATE QA Contact: Guohua Ouyang <gouyang>
Severity: high Docs Contact:
Priority: high    
Version: 4.12.0CC: gouyang
Target Milestone: ---Keywords: Regression
Target Release: 4.13.0   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2023-02-23 06:07:52 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Guohua Ouyang 2022-12-12 10:40:30 UTC 
Description of problem:
On 4.12 cluster, SSH over NodePort does not work and it looks a regression issue.

1. on 4.12, ssh using virtctl works
$ virtctl -n default ssh centos7-r1tv26qtediogn3y                                     fix_vm_overview 
The authenticity of host 'vmi/centos7-r1tv26qtediogn3y.default:22 (10.0.206.71:6443)' can't be established.
ECDSA key fingerprint is SHA256:jfNOw1xVDixwSHrSF8pMFlWjQE6AqURUqjXlKgrohAQ.
Are you sure you want to continue connecting (yes/no)? yes

2.  on 4.12, SSH over NodePort does not work, it timeouts after wait for enough time
$ ssh centos.uit-412-1208.cnv-qe.rhcloud.com -p 32603
ssh: connect to host console-openshift-console.apps.uit-412-1208.cnv-qe.rhcloud.com port 32603: Connection timed out
 
3. on 4.10.z, SSH over NodePort is working
$ ssh fedora.uit-410-1207.cnv-qe.rhcloud.com -p 30085  fix_vm_overview 
The authenticity of host '[console-openshift-console.apps.uit-410-1207.cnv-qe.rhcloud.com]:30085 ([10.0.155.152]:30085)' can't be established.
ED25519 key fingerprint is SHA256:xAuDrudzQ6qK/wNXOcFTcVU+FPFts5+nC8zaFG3OtZI.
This key is not known by any other names
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes

4. on 4.11, SSH over NodePort is working
ssh centos.uit-411-1212.cnv-qe.rhcloud.com -p 31370  fix_vm_overview 
The authenticity of host '[console-openshift-console.apps.uit-411-1212.cnv-qe.rhcloud.com]:31370 ([10.0.206.118]:31370)' can't be established.
ED25519 key fingerprint is SHA256:p9nj8lF/YGftKBph0i7CxjyuuCIAiPTGq4S9gtoS9cA.
This key is not known by any other names
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes



Version-Release number of selected component (if applicable):
v4.12.0

How reproducible:
100%

Steps to Reproduce:
1. create a VM and start it
2. enable the ssh service over nodeport in vm details tab
3. copy the ssh command and try it in command line

Actual results:
SSH does not work and timeouts after wait for enough time 

Expected results:
SSH is working

Additional info:
Comment 2 Ugo Palatucci 2023-02-22 15:32:20 UTC 
From 4.11 to 4.13 the service command is unchanged and also the service template used. 
Basically, we create the same service across all versions, and what change is just the NodePort that the cluster decides to use. 

Does the cluster configuration is changed between versions? 

@gouyang
Comment 3 Guohua Ouyang 2023-02-23 06:07:52 UTC 
I retested the problem on bare metal 4.12 cluster, the issue is not happening.
Close the bug for now.
Comment 4 Guohua Ouyang 2023-04-24 02:44:29 UTC 

*** This bug has been marked as a duplicate of bug 2165895 ***