Bug 2002870 - SSH authorized key not injected into guest when using a user defined template
Summary: SSH authorized key not injected into guest when using a user defined template
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: OpenShift Container Platform
Classification: Red Hat
Component: Console Kubevirt Plugin
Version: 4.8
Hardware: Unspecified
OS: Unspecified
medium
urgent
Target Milestone: ---
: 4.9.z
Assignee: Matan Schatzman
QA Contact: Guohua Ouyang
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2021-09-09 21:46 UTC by joherr
Modified: 2021-11-22 21:47 UTC (History)
5 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2021-11-22 21:47:05 UTC
Target Upstream Version:
Embargoed:


Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Github openshift console pull 10161 0 None open Bug 2002870: Added support for SSH keys for custom templates 2021-09-30 12:06:53 UTC
Red Hat Product Errata RHBA-2021:4712 0 None None None 2021-11-22 21:47:12 UTC

Description joherr 2021-09-09 21:46:50 UTC
Description of problem:
When using a user defined template, the Authorized Key specified after selecting the template does not populate into the cloud-users .ssh/authorized_keys file.
This happens when creating a new template from the wizard or when cloning an existing system provided template like rhel8.


Version-Release number of selected component (if applicable):
OCP 4.8.10
CNV 4.8.1

How reproducible:
always


Steps to Reproduce:
1. Create a new template or clone an existing system template
2. Create a VM from the template
3. Populate the Authorized Key field on Step 2 Review and Create.
4. Create the virtual machine with or without further customization.

Actual results:
The cloud-users .ssh/authorized_keys file is not populated with the ssh key.


Expected results:
The cloud-user .ssh/authorized_keys file to contain the ssh public key.


Additional info:
A secret is created, but the stanza to use it in the VMs yaml file is not created. VMs created from system templates have the following in them.
spec:
  template:
    spec:
      accessCredentials:
        - sshPublicKey:
            propagationMethod:
              configDrive: {}
            source:
              secret:
                secretName: authorizedsshkeys-rhel8-conservation-blackbird

Comment 4 Guohua Ouyang 2021-10-21 07:24:26 UTC
verified on master

Comment 5 Dan Kenigsberg 2021-11-15 10:36:49 UTC
This bug causes a serious regression in the user experience for new VM owners - a user cannot log into her VM despite specifying the right password and having used the right ssh keys. Please have it backported to 4.9.

Comment 8 errata-xmlrpc 2021-11-22 21:47:05 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (OpenShift Container Platform 4.9.8 bug fix update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2021:4712


Note You need to log in before you can comment on or make changes to this bug.