Bug 2009298 - Service created for VM SSH access is not owned by the VM and thus is not deleted if the VM is deleted
Summary: Service created for VM SSH access is not owned by the VM and thus is not dele...
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: OpenShift Container Platform
Classification: Red Hat
Component: Console Kubevirt Plugin
Version: 4.9
Hardware: Unspecified
OS: Unspecified
medium
medium
Target Milestone: ---
: 4.10.0
Assignee: Matan Schatzman
QA Contact: Guohua Ouyang
URL:
Whiteboard:
Depends On:
Blocks: 2019494
TreeView+ depends on / blocked
 
Reported: 2021-09-30 10:11 UTC by Ruth Netser
Modified: 2022-03-10 16:15 UTC (History)
4 users (show)

Fixed In Version:
Doc Type: No Doc Update
Doc Text:
Clone Of:
Environment:
Last Closed: 2022-03-10 16:14:44 UTC
Target Upstream Version:
Embargoed:


Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Github openshift console pull 10219 0 None open Bug 2009298: Delete ssh service when vm is deleted 2021-10-12 13:58:44 UTC
Red Hat Product Errata RHSA-2022:0056 0 None None None 2022-03-10 16:15:18 UTC

Description Ruth Netser 2021-09-30 10:11:11 UTC
Description of problem:
Service created for VM SSH access is not owned by the VM.
If the VM is deleted, the service is not deleted, leaving leftovers in the cluster.

Version-Release number of selected component (if applicable):
OCP 4.9.0-rc.3, CNV 4.9.0

How reproducible:
100%

Steps to Reproduce:
1. Create a VM using the wizard
2. Leave "Expose SSH access to this virtual machine" checked
3. Delete the VM

Actual results:
While the VM is deleted, the associated service is not deleted.

Expected results:
Any resource, created as part of VM creation, should be deleted once the VM is deleted.

Additional info:

$ oc get vm,vmi,svc
NAME                                                AGE   STATUS         READY
virtualmachine.kubevirt.io/rhel7-legislative-fowl   7s    Provisioning   False
virtualmachine.kubevirt.io/win2k19-noble-silkworm   17m   Provisioning   False

NAME                                         TYPE           CLUSTER-IP       EXTERNAL-IP                            PORT(S)           AGE
service/kubernetes                           ClusterIP      172.30.0.1       <none>                                 443/TCP           3d13h
service/openshift                            ExternalName   <none>           kubernetes.default.svc.cluster.local   <none>            3d13h
service/rhel7-legislative-fowl-ssh-service   NodePort       172.30.176.163   <none>                                 22000:31288/TCP   7s
service/win2k19-grubby-jackal-ssh-service    NodePort       172.30.223.98    <none>                                 22000:30115/TCP   43m
service/win2k19-noble-silkworm-ssh-service   NodePort       172.30.26.241    <none>                                 22000:31691/TCP   17m
service/win2k19-upper-egret-ssh-service      NodePort       172.30.199.76    <none>                                 22000:31850/TCP   40m


## After deletion of win2k19-noble-silkworm VM:

$ oc get vm,vmi,svc
NAME                                                AGE   STATUS         READY
virtualmachine.kubevirt.io/rhel7-legislative-fowl   29s   Provisioning   False

NAME                                         TYPE           CLUSTER-IP       EXTERNAL-IP                            PORT(S)           AGE
service/kubernetes                           ClusterIP      172.30.0.1       <none>                                 443/TCP           3d13h
service/openshift                            ExternalName   <none>           kubernetes.default.svc.cluster.local   <none>            3d13h
service/rhel7-legislative-fowl-ssh-service   NodePort       172.30.176.163   <none>                                 22000:31288/TCP   28s
service/win2k19-grubby-jackal-ssh-service    NodePort       172.30.223.98    <none>                                 22000:30115/TCP   44m
service/win2k19-noble-silkworm-ssh-service   NodePort       172.30.26.241    <none>                                 22000:31691/TCP   18m
service/win2k19-upper-egret-ssh-service      NodePort       172.30.199.76    <none>                                 22000:31850/TCP   41m

## Created service

$ oc get svc win2k19-noble-silkworm-ssh-service -oyaml
apiVersion: v1
kind: Service
metadata:
  creationTimestamp: "2021-09-30T09:51:29Z"
  name: win2k19-noble-silkworm-ssh-service
  namespace: default
  resourceVersion: "4996916"
  uid: 002bea30-2ba2-42c4-b096-0d68d9d04db8
spec:
  clusterIP: 172.30.26.241
  clusterIPs:
  - 172.30.26.241
  externalTrafficPolicy: Cluster
  internalTrafficPolicy: Cluster
  ipFamilies:
  - IPv4
  ipFamilyPolicy: SingleStack
  ports:
  - nodePort: 31691
    port: 22000
    protocol: TCP
    targetPort: 22
  selector:
    flavor.template.kubevirt.io/medium: "true"
    kubevirt.io/domain: win2k19-noble-silkworm
    os.template.kubevirt.io/win2k19: "true"
    vm.kubevirt.io/name: win2k19-noble-silkworm
    workload.template.kubevirt.io/server: "true"
  sessionAffinity: None
  type: NodePort
status:
  loadBalancer: {}

Comment 2 Guohua Ouyang 2021-10-21 07:27:21 UTC
verified on master

Comment 5 errata-xmlrpc 2022-03-10 16:14:44 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (Moderate: OpenShift Container Platform 4.10.3 security update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2022:0056


Note You need to log in before you can comment on or make changes to this bug.