Description of problem: When the key and cert transfers from the broker to the F5 LTM via ssh/scp do not work an exception is not raised. We should also be able to log, and handle errors from the ssh and scp commands. Version-Release number of selected component (if applicable): 2.2 Steps to reproduce- 1.Set up BIG LTM env 2.Set up ose all-in-one env, and install routing-daemon, configure it to use BIGIP as external LB. 3.Create a scalable app, add alias, and update ssl cert for this alias How reproducible- Always Actual results: 1.Exceptions are not raised 2.Logging and handling of error is not done Expected results: 1.Exceptions shall be raised 2.Logging and handling of error shall be done Additional info: https://github.com/calfonso/origin-server/commit/33860aaa9807b7f19f654104d6fc44fcff7c86bb here the result var can be used to log and handle errors
PR: https://github.com/openshift/origin-server/pull/6154 I will need to perform some manual testing and get the PR merged before I can mark this report ON_QA.
Commit pushed to master at https://github.com/openshift/origin-server https://github.com/openshift/origin-server/commit/ef08acd4d00f7d7c87dc57fdfe17a21206cf5cbd routing-daemon: F5: check for and log SSH errors F5IControlRestLoadBalancerModel: Add run method that runs the given command, captures stdout and stderr, and raises an exception if the command fails. F5IControlRestLoadBalancerModel#add_ssl: Use the new run method to check for, log, and handle errors from the ssh and scp commands. Modify the logging output to be neater and more consistent. This commit fixes bug 1226061.
Block by the following error. waiting response in https://bugzilla.redhat.com/show_bug.cgi?id=1217572. [root@broker log]# cat /var/log/openshift-routing-daemon.output /opt/rh/ruby193/root/usr/share/gems/gems/openshift-origin-routing-daemon-0.25.1.1/lib/openshift/routing/models/f5-icontrol-rest.rb:63:in `rescue in rest_request': undefined method `wrap_exceptions' for #<Hash:0x00000002796998> (NoMethodError)
Verified and pass. We can see the exception once there isn't permission. W, [2015-09-24T05:02:52.196433 #766] WARN -- : Got an exception: Command `scp -o StrictHostKeyChecking=no -o PasswordAuthentication=no -o VerifyHostKeyDNS=no -o UserKnownHostsFile=/dev/null -i "/etc/openshift/bigip.key" /tmp/bigip-ssl-cert20150924-766-xs345p ose.88.53:/var/tmp/www.appsphpalias.com.crt` returned exit code 1, output: Warning: Permanently added '10.3.88.53' (RSA) to the list of known hosts.^M Permission denied (publickey,keyboard-interactive,hostbased).^M lost connection
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://rhn.redhat.com/errata/RHSA-2015-1844.html