Uploaded image for project: 'OpenShift Bugs'
  1. OpenShift Bugs
  2. OCPBUGS-23754

unable to establish an SSH connection to the coreos cluster nodes for version 4.11.z

    XMLWordPrintable

Details

    • Moderate
    • No
    • False
    • Hide

      None

      Show
      None

    Description

      Description of problem:

      Unable to establish an SSH connection to the coreos cluster nodes.

      cluster version 4.11.53:
[root@rdr-anu-411-1-bastion-0 ~]# oc get nodes
NAME       STATUS   ROLES    AGE   VERSION
master-0   Ready    master   16h   v1.24.16+c70bea0
master-1   Ready    master   16h   v1.24.16+c70bea0
master-2   Ready    master   16h   v1.24.16+c70bea0
worker-0   Ready    worker   15h   v1.24.16+c70bea0
worker-1   Ready    worker   15h   v1.24.16+c70bea0

[root@rdr-anu-411-1-bastion-0 ~]# ssh core@master-0
core@master-0: Permission denied (publickey,gssapi-keyex,gssapi-with-mic).
      cluster version 4.11.51:
[root@rdr-anu-413-zst-upg-syd05-bastion-0 ~]# oc get nodes
NAME                                         STATUS   ROLES    AGE   VERSION
syd05-master-0.rdr-anu-413-zst-upg.ibm.com   Ready    master   38m   v1.24.16+6981c04
syd05-master-1.rdr-anu-413-zst-upg.ibm.com   Ready    master   38m   v1.24.16+6981c04
syd05-master-2.rdr-anu-413-zst-upg.ibm.com   Ready    master   38m   v1.24.16+6981c04
syd05-worker-0.rdr-anu-413-zst-upg.ibm.com   Ready    worker   17m   v1.24.16+6981c04
syd05-worker-1.rdr-anu-413-zst-upg.ibm.com   Ready    worker   16m   v1.24.16+6981c04

[root@rdr-anu-413-zst-upg-syd05-bastion-0 ~]# ssh core@syd05-master-0.rdr-anu-413-zst-upg.ibm.com
core@syd05-master-0.rdr-anu-413-zst-upg.ibm.com: Permission denied (publickey,gssapi-keyex,gssapi-with-mic).

      Note:

      Looks like the issue is with the machine config. When we reapply 99-worker-ssh or 99-master-ssh machine config with slight modification (for eg; change the hostname - oc edit mc 99-worker-ssh), it gets applied correctly and ssh starts to work as expected.

      must-gather log file

      Version-Release number of selected component (if applicable):

          4.11.z

      How reproducible:

      Its consistently reproducible with 4.11.51 and 4.11.53 builds.

      Steps to Reproduce:

          1.Deploy a 4.11.z cluster on Power
    2.ssh into the Bastion node of the cluster 
    3.ssh into the nodes of the cluster

      Actual results:

      [root@rdr-anu-411-1-bastion-0 ~]# ssh core@master-1
core@master-1: Permission denied (publickey,gssapi-keyex,gssapi-with-mic).

      Expected results:

      should be able to ssh

      Additional info:

          This issue is not observed on OCP versions other than 4.11.z

      Attachments

        Activity

          People

            team-mco Team MCO
            ankumari Ananya Kumari
            Sunil Choudhary Sunil Choudhary
            Votes:
            0 Vote for this issue
            Watchers:
            5 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: