Loading...

XML

Word

Printable

Type: Bug
Resolution: Done
Priority: Major
Fix Version/s: None
Affects Version/s: 4.11.z
Component/s: Machine Config Operator
Labels:

Severity:
Moderate
Regression:
No
Blocked:
False
Blocked Reason:

Hide

None

Show
None
Target Version:

4.11.z

SFDC Cases Counter:
SFDC Cases Open:
SFDC Cases Links:

Description of problem:

Unable to establish an SSH connection to the coreos cluster nodes.

cluster version 4.11.53:
[root@rdr-anu-411-1-bastion-0 ~]# oc get nodes
NAME       STATUS   ROLES    AGE   VERSION
master-0   Ready    master   16h   v1.24.16+c70bea0
master-1   Ready    master   16h   v1.24.16+c70bea0
master-2   Ready    master   16h   v1.24.16+c70bea0
worker-0   Ready    worker   15h   v1.24.16+c70bea0
worker-1   Ready    worker   15h   v1.24.16+c70bea0

[root@rdr-anu-411-1-bastion-0 ~]# ssh core@master-0
core@master-0: Permission denied (publickey,gssapi-keyex,gssapi-with-mic).

cluster version 4.11.51:
[root@rdr-anu-413-zst-upg-syd05-bastion-0 ~]# oc get nodes
NAME                                         STATUS   ROLES    AGE   VERSION
syd05-master-0.rdr-anu-413-zst-upg.ibm.com   Ready    master   38m   v1.24.16+6981c04
syd05-master-1.rdr-anu-413-zst-upg.ibm.com   Ready    master   38m   v1.24.16+6981c04
syd05-master-2.rdr-anu-413-zst-upg.ibm.com   Ready    master   38m   v1.24.16+6981c04
syd05-worker-0.rdr-anu-413-zst-upg.ibm.com   Ready    worker   17m   v1.24.16+6981c04
syd05-worker-1.rdr-anu-413-zst-upg.ibm.com   Ready    worker   16m   v1.24.16+6981c04

[root@rdr-anu-413-zst-upg-syd05-bastion-0 ~]# ssh core@syd05-master-0.rdr-anu-413-zst-upg.ibm.com
core@syd05-master-0.rdr-anu-413-zst-upg.ibm.com: Permission denied (publickey,gssapi-keyex,gssapi-with-mic).

Note:

Looks like the issue is with the machine config. When we reapply 99-worker-ssh or 99-master-ssh machine config with slight modification (for eg; change the hostname - oc edit mc 99-worker-ssh), it gets applied correctly and ssh starts to work as expected.

must-gather log file

Version-Release number of selected component (if applicable):

    4.11.z

How reproducible:

Its consistently reproducible with 4.11.51 and 4.11.53 builds.

Steps to Reproduce:

    1.Deploy a 4.11.z cluster on Power
    2.ssh into the Bastion node of the cluster 
    3.ssh into the nodes of the cluster

Actual results:

[root@rdr-anu-411-1-bastion-0 ~]# ssh core@master-1
core@master-1: Permission denied (publickey,gssapi-keyex,gssapi-with-mic).

Expected results:

should be able to ssh

Additional info:

    This issue is not observed on OCP versions other than 4.11.z

Assignee:: Team MCO

Reporter:: Ananya Kumari (Inactive)

QA Contact:: Sunil Choudhary

Votes:: 0 Vote for this issue

Watchers:: 5 Start watching this issue

Created:: 2023/11/23 9:23 AM

Updated:: 2023/12/12 6:54 PM

Resolved:: 2023/12/12 6:54 PM

Details

Description

Attachments

Easy Agile Planning Poker

Activity

People

Dates