-
Bug
-
Resolution: Unresolved
-
Normal
-
CNV v4.15.2
-
None
-
0.42
-
False
-
-
False
-
CNV v4.17.0.rhel9-764
-
---
-
---
-
-
No
Description of problem:
In OCP-Virt console during VM creation, enabling Dynamic SSH key injection after customizing cloud-init can cause clout-init to fail
Version-Release number of selected component (if applicable):
OCP-Virt 4.15.2
How reproducible:
Start VM creation in the Console from a template and then customize the cloud-init YAML. Then, switch Dynamic SSH key injection to "on". The customized cloud-init will be modified and will not run correctly.
Here is an excerpt from the correct cloud-init [1].
Here is the same excerpt after Dynamic SSH key injection is enabled [2].
The TL;DR is that this redundant runcmd is added at the end of the cloud-init: \nruncmd:\n- [ setsebool, -P, virt_qemu_ga_manage_ssh, on ]"
[1] - cloudInitNoCloud: userData: "#cloud-config\nuser: fedora\npassword: redhat\nchpasswd:\n expire: false\n\nwrite_files:\n - path: /run/scripts/configure-server.sh\n content: |\n #!/bin/bash\n\n dnf install -y mariadb-server \n mkfs.xfs -L sqldata /dev/`lsblk | tail -n 1 | awk '{print $1}'`\n mount LABEL=\"sqldata\" /var/lib/mysql\n echo \"LABEL=sqldata\t\t/var/lib/mysql\t\txfs defaults 0 0\" >> /etc/fstab\n systemctl daemon-reload\n\n chown mysql:mysql /var/lib/mysql/\n systemctl enable mariadb\n systemctl start mariadb\n\n sleep 5\n mysql -u root -e \"CREATE DATABASE mydb;\"\n permissions: '0755'\n\nruncmd:\n - [ sh, \"/run/scripts/configure-server.sh\" ]\n - [ setsebool, -P, virt_qemu_ga_manage_ssh, on ]"
[2] - cloudInitNoCloud: userData: "#cloud-config\nuser: fedora\npassword: redhat\nchpasswd:\n expire: false\n\nwrite_files:\n - path: /run/scripts/configure-server.sh\n content: |\n #!/bin/bash\n\n dnf install -y mariadb-server \n mkfs.xfs -L sqldata /dev/`lsblk | tail -n 1 | awk '{print $1}'`\n mount LABEL=\"sqldata\" /var/lib/mysql\n echo \"LABEL=sqldata\t\t/var/lib/mysql\t\txfs defaults 0 0\" >> /etc/fstab\n systemctl daemon-reload\n\n chown mysql:mysql /var/lib/mysql/\n systemctl enable mariadb\n systemctl start mariadb\n\n sleep 5\n mysql -u root -e \"CREATE DATABASE mydb;\"\n permissions: '0755'\n\nruncmd:\n - [ sh, \"/run/scripts/configure-server.sh\" ]\n - [ setsebool, -P, virt_qemu_ga_manage_ssh, on ]\nruncmd:\n- [ setsebool, -P, virt_qemu_ga_manage_ssh, on ]"
Steps to Reproduce:
1. Start creating a VM from a template in the Console 2. Modify the cloud-init and include a command in the "runcmd" portion 3. Enable Dynamic SSH key injection (or maybe other things) 4. Notice that a redundant "runcmd" has been added to the cloud-init
Actual results:
The cloud-init fails to run with an error (probably because this is the second time cloud-init is trying to call "runcmd"): Error: Cloud config schema errors: runcmd.0: ['setsebool', '-P', 'virt_qemu_ga_manage_ssh', True] is not valid under any of the given schemas
Expected results:
The runcmd should execute normally.
Additional info:
It *seems* that the problem only occurs if the user adds their own "runcmd". It seems that the Console assumes that no "runcmd" exists and adds a redundant section instead of adding to an existing section. *WORKAROUND* Enable Dynamic SSH key injection before customizing the cloud-init YAML.
