-
Bug
-
Resolution: Done
-
Minor
-
None
-
4.7
Description of problem:
I have a customer who raised this issue to me, and I can reproduce on my lab. They are trying to monitor any SSH access to nodes and as you can see from my results on my lab below this fails to work.
Version-Release number of selected component (if applicable):
OCP 4.7.24
How reproducible:
100%
Steps to Reproduce:
1. Check for any nodes accessed
[kni@prov-0 ~]$ oc get nodes -o 'custom-columns=Node Name:.metadata.name,Machine Name:.metadata.annotations.machine\.openshift\.io/machine,SSHAccessed:.metadata.annotations.machineconfiguration\.openshift\.io/ssh'
Node Name Machine Name SSHAccessed
master-0.ocp4-bare.andytest.lab openshift-machine-api/ocp4-bare-dbnww-master-0 <none>
master-1.ocp4-bare.andytest.lab openshift-machine-api/ocp4-bare-dbnww-master-1 <none>
master-2.ocp4-bare.andytest.lab openshift-machine-api/ocp4-bare-dbnww-master-2 <none>
worker-1.ocp4-bare.andytest.lab openshift-machine-api/ocp4-bare-dbnww-worker-0-ktcng <none>
worker-2.ocp4-bare.andytest.lab openshift-machine-api/ocp4-bare-dbnww-worker-0-fhhwn <none>
2. Access a node, and run ls just to make sure its working ok
[kni@prov-0 ~]$ ssh core@master-0.ocp4-bare.andytest.lab
Warning: the ECDSA host key for 'master-0.ocp4-bare.andytest.lab' differs from the key for the IP address '192.168.2.50'
Offending key for IP in /home/kni/.ssh/known_hosts:6
Matching host key in /home/kni/.ssh/known_hosts:8
Are you sure you want to continue connecting (yes/no)? yes
Red Hat Enterprise Linux CoreOS 47.84.202108052031-0
Part of OpenShift 4.7, RHCOS is a Kubernetes native operating system
managed by the Machine Config Operator (`clusteroperator/machine-config`).
WARNING: Direct SSH access to machines is not recommended; instead,
make configuration changes via `machineconfig` objects:
https://docs.openshift.com/container-platform/4.7/architecture/architecture-rhcos.html
—
Last login: Fri Jul 30 10:00:16 2021 from 192.168.2.250
[core@master-0 ~]$ ls -al
total 16
drwx------. 4 core core 109 Jul 30 10:01 .
drwxr-xr-x. 3 root root 18 Jul 24 10:15 ..
rw------. 1 core core 50 Jul 30 10:01 .bash_history
rw-rr-. 1 core core 18 Mar 25 16:45 .bash_logout
rw-rr-. 1 core core 141 Mar 25 16:45 .bash_profile
rw-rr-. 1 core core 376 Mar 25 16:45 .bashrc
drwxr-xr-x. 3 core core 19 Jul 30 10:00 .local
drwx------. 2 core core 29 Aug 22 09:39 .ssh
[core@master-0 ~]$ exit
logout
Connection to master-0.ocp4-bare.andytest.lab closed.
3. Check node after SSH access
[kni@prov-0 ~]$ oc get nodes -o 'custom-columns=Node Name:.metadata.name,Machine Name:.metadata.annotations.machine\.openshift\.io/machine,SSHAccessed:.metadata.annotations.machineconfiguration\.openshift\.io/ssh'
Node Name Machine Name SSHAccessed
master-0.ocp4-bare.andytest.lab openshift-machine-api/ocp4-bare-dbnww-master-0 <none>
master-1.ocp4-bare.andytest.lab openshift-machine-api/ocp4-bare-dbnww-master-1 <none>
master-2.ocp4-bare.andytest.lab openshift-machine-api/ocp4-bare-dbnww-master-2 <none>
worker-1.ocp4-bare.andytest.lab openshift-machine-api/ocp4-bare-dbnww-worker-0-ktcng <none>
worker-2.ocp4-bare.andytest.lab openshift-machine-api/ocp4-bare-dbnww-worker-0-fhhwn <none>
Actual results:
The SSHAccessed label is not set
Expected results:
I expect the SSHAccessed label to set to reflect me accessing my nodes.
Additional info:
- is blocked by
-
RHEL-5881 journalctl -f with MESSAGE_ID= before messages with that ID exist in the journal results in "buffered" output of future messages
- Closed