Uploaded image for project: 'OpenShift Bugs'
  1. OpenShift Bugs
  2. OCPBUGS-15981

OCP 4.14 - ssh keys not getting added in worker nodes during cluster deployment

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Duplicate
    • Icon: Normal Normal
    • None
    • 4.14.z
    • No
    • False
    • Hide

      None

      Show
      None

      ssh to worker fails during UPI cluster deployment on Power:

      "timed out waiting for ping module test: Data could not be sent to remote host \"mon01-worker-0\". Make sure this host can be reached over ssh: core@mon01-worker-0: Permission denied (publickey,gssapi-keyex,gssapi-with-mic).

      Description of problem:

      While deploying OCP 4.14 cluster, installer config having the key following SSH key:
      
      sshKey: 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCfgNETKcmOVJfqDAuMd0XoDavpZNDNAzo6JhFI/c72lqaxrbFd+Dr9HFxMEyGr0cCKg+xKtrzuaVZlgLjzIO4A17myfqFVNwbcY0/tnR43RHgFHlLjxjrj2+TFkgUngHXyg8jcJQlCwjgMYlriBV3H2WuOkOsn2w36UcW30hqaRiM3FikFKEvWVjpBo4b5tALNhplSJ3cl+2Whj+Sr63wYN1QqshVMh7QFaQeozVhTk6juyGMxdZ6cDeBAqEY6N5P+YF0OSJ8owzUJOu+kue0UJKalaa02KTh9UxQhTqRJqU3oNaPYMUeOGe2d0HF2j1/UsK8Iu2r414wXWBTYvTvR root@14b21ec5496a '
      
      In the machine config, key is getting misaligned  
      
      # oc get mc 99-worker-ssh -oyaml
      apiVersion: machineconfiguration.openshift.io/v1
      kind: MachineConfig
      metadata:
        annotations:
          kubectl.kubernetes.io/last-applied-configuration: |
            {"apiVersion":"machineconfiguration.openshift.io/v1","kind":"MachineConfig","metadata":{"annotations":{},"creationTimestamp":"2023-07-10T03:19:15Z","generation":2,"labels":{"machineconfiguration.openshift.io/role":"worker"},"name":"99-worker-ssh","resourceVersion":"103013","uid":"e8a82424-d420-4567-8590-4417464bb326"},"spec":{"config":{"ignition":{"version":"3.2.0"},"passwd":{"users":[{"name":"core","sshAuthorizedKeys":["ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCfgNETKcmOVJfqDAuMd0XoDavpZNDNAzo6JhFI/c72lqaxrbFd+Dr9HFxMEyGr0cCKg+xKtrzuaVZlgLjzIO4A17myfqFVNwbcY0/tnR43RHgFHlLjxjrj2+TFkgUngHXyg8jcJQlCwjgMYlriBV3H2WuOkOsn2w36UcW30hqaRiM3FikFKEvWVjpBo4b5tALNhplSJ3cl+2Whj+Sr63wYN1QqshVMh7QFaQeozVhTk6juyGMxdZ6cDeBAqEY6N5P+YF0OSJ8owzUJOu+kue0UJKalaa02KTh9UxQhTqRJqU3oNaPYMUeOGe2d0HF2j1/UsK8Iu2r414wXWBTYvTvR root@14b21ec5496a "]}]}},"fips":false,"kernelType":"","osImageURL":""}}
        creationTimestamp: "2023-07-10T03:19:15Z"
        generation: 9
        labels:
          machineconfiguration.openshift.io/role: worker
        name: 99-worker-ssh
        resourceVersion: "128597"
        uid: e8a82424-d420-4567-8590-4417464bb326
      spec:
        config:
          ignition:
            version: 3.2.0
          passwd:
            users:
            - name: core
              sshAuthorizedKeys:
              - 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCfgNETKcmOVJfqDAuMd0XoDavpZNDNAzo6JhFI/c72lqaxrbFd+Dr9HFxMEyGr0cCKg+xKtrzuaVZlgLjzIO4A17myfqFVNwbcY0/tnR43RHgFHlLjxjrj2+TFkgUngHXyg8jcJQlCwjgMYlriBV3H2WuOkOsn2w36UcW30hqaRiM3FikFKEvWVjpBo4b5tALNhplSJ3cl+2Whj+Sr63wYN1QqshVMh7QFaQeozVhTk6juyGMxdZ6cDeBAqEY6N5P+YF0OSJ8owzUJOu+kue0UJKalaa02KTh9UxQhTqRJqU3oNaPYMUeOGe2d0HF2j1/UsK8Iu2r414wXWBTYvTvR
                root@14b21ec5496a '
        fips: false
        kernelType: ""
        osImageURL: ""

      Results in the ignition file remaining empty on the worker node:

      /home/core/.ssh/authorized_keys.d/ignition

       

      Version-Release number of selected component (if applicable):

      OCP 4.14.0-0.nightly-ppc64le-2023-07-10-010026 on Power

      How reproducible:

      Always

      Steps to Reproduce:

      Deploy OCP cluster with 4.14 build

      Actual results:

      Cluster deployment is getting failed due following error:
      "timed out waiting for ping module test: Data could not be sent to remote host \"mon01-worker-0\". Make sure this host can be reached over ssh: core@mon01-worker-0: Permission denied (publickey,gssapi-keyex,gssapi-with-mic).

       

      Expected results:

      Successful cluster deployment

      Additional info:

      Must gather logs:

      https://drive.google.com/file/d/1cw41TK0Y9sUVjylXOkSXXoQ4C81vdwSy/view?usp=sharing

              jpoulin Jeremy Poulin
              vahirwad Varad Ahirwadkar (Inactive)
              Doug Slavens Doug Slavens
              Votes:
              0 Vote for this issue
              Watchers:
              5 Start watching this issue

                Created:
                Updated:
                Resolved: