Bug 1645026 - Can't ssh to a VM which service is exposed as ClusterIP or LoadBalancer
Summary: Can't ssh to a VM which service is exposed as ClusterIP or LoadBalancer
Keywords:
Status: CLOSED NOTABUG
Alias: None
Product: Container Native Virtualization (CNV)
Classification: Red Hat
Component: Storage
Version: 1.3
Hardware: Unspecified
OS: Unspecified
unspecified
medium
Target Milestone: ---
: 1.3
Assignee: Adam Litke
QA Contact: shiyang.wang
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2018-11-01 09:16 UTC by Qixuan Wang
Modified: 2018-11-13 21:59 UTC (History)
5 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2018-11-08 10:54:53 UTC
Target Upstream Version:
Embargoed:

Attachments (Terms of Use)

Description Qixuan Wang 2018-11-01 09:16:47 UTC 
Description of problem:
Connect via ssh to a virtual machine that I have imported with the import-vm-apb, I can ssh to the VM which service is "virtctl expose" as NodePort type, but connection id refused if the type is ClusterIP or LoadBalancer.


Version-Release number of selected component (if applicable):
openshift v3.11.16, CNV 1.3, cnv13-tech-preview/import-vm-apb:1.3-1


How reproducible:
Always


Steps to Reproduce:
1. Expose different type of services for the VM 
$ virtctl expose vmi qwang-1 --port=5555 --node-port=30001 --target-port=22 --name=myvm-ssh --type=NodePort
$ virtctl expose vmi qwang-1 --name=myvm-ssh-2 --port=5556
$ virtctl expose vmi qwang-1 --port=5557 --name=myvm-ssh-3 --type=LoadBalancer
$ oc get service

2. ssh to the VM
$ ssh <user>@<ip> -p <port>


Actual results:
1. [cloud-user@cnv-executor-qwang-cnv13-master1 ~]$ oc get service
NAME                                 TYPE           CLUSTER-IP      EXTERNAL-IP                   PORT(S)          AGE
glusterfs-dynamic-vm-qwang-1-dv-01   ClusterIP      172.30.220.49   <none>                        1/TCP            7d
myvm-ssh                             NodePort       172.30.112.62   <none>                        5555:30001/TCP   3d
myvm-ssh-2                           ClusterIP      172.30.85.71    <none>                        5556/TCP         2d
myvm-ssh-3                           LoadBalancer   172.30.54.233   172.29.114.36,172.29.114.36   5557:31632/TCP   2d


2. [cloud-user@cnv-executor-qwang-cnv13-master1 ~]$ ssh cirros.112.62 -p 5555
cirros.112.62's password:
$

[cloud-user@cnv-executor-qwang-cnv13-master1 ~]$ ssh cirros.85.71 -p 5556
ssh: connect to host 172.30.85.71 port 5556: Connection refused

[cloud-user@cnv-executor-qwang-cnv13-master1 ~]$ ssh cirros.114.36 -p 5557
ssh: connect to host 172.29.114.36 port 5557: Connection refused


Expected results:
2. Should ssh VM with type: ClusterIP and LoadBalancer


Additional info:
Comment 1 Adam Litke 2018-11-06 12:18:42 UTC 
Hey Roman, is Qixuan using virtctl expose correctly with ClusterIP and LoadBalancer modes?  Thanks for your insight!
Comment 2 Roman Mohr 2018-11-06 12:38:30 UTC 
Hi,

It looks like only on the first expose commaned `--target-port 22` was specified. It would also have worked, if `--port` would have been set to `22` for `ClusterIP` and `LoadBalancer`. At least from inside the cluster.

Let me know if that resolves the issue.
Comment 3 Yan Du 2018-11-07 02:19:04 UTC 
@Qixuan

I can not reproduce the issue with the vm example in https://github.com/kubevirt/kubevirt/blob/master/cluster/examples/vmi-ephemeral.yaml, ClusterIP, NodeIP and LoadBalancer mode are all working for me. 

could you please check your cmd is correct or not? or is there something wrong with your vm?
Comment 4 Qixuan Wang 2018-11-08 10:54:53 UTC 
@Roman, yes, --target-port 22 needs to be exposed. Thanks.
Here is a bug: https://bugzilla.redhat.com/show_bug.cgi?id=1644523
So I can close it.
Note You need to log in before you can comment on or make changes to this bug.