Prestage playbook failed due to subcloud access denied when host key changes
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
StarlingX |
Fix Released
|
Medium
|
Li Zhu |
Bug Description
Brief Description
-----------------
Prestage playbook failed due to subcloud access denied when host key changes.
Severity
--------
Major
Steps to Reproduce
--------
1 Upgrade system controller
2 Upgrade subcloud
3 prestage subcloud for reinstallation
working scenario:
1 upgrade system controller
2 prestage subcloud for upgrade
3 upgrade subcloud
4 prestage subcloud for reinstall
Expected Behavior
------------------
The prestage for reinstall should work without any previous step.
Actual Behavior
----------------
The prestage for reinstall fails to access the subcloud due to host key changes as the the subcloud was upgraded.
Reproducibility
---------------
100% reproducible.
System Configuration
-------
DC
Branch/Pull Time/Commit
-------
21.12 + patch001
Last Pass
---------
new test scenario.
Timestamp/Logs
--------------
TASK [prestage/
Tuesday 22 March 2022 13:29:26 +0000 (0:00:00.080) 0:00:00.252 *********
fatal: [subcloud1]: UNREACHABLE! => changed=false
msg: |-
Failed to connect to the host via ssh: @@@@@@@
@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that a host key has just been changed.
The fingerprint for the ECDSA key sent by the remote host is
SHA256:
Please contact your system administrator.
Add correct host key in /root/.
Offending ECDSA key in /root/.
Password authentication is disabled to avoid man-in-the-middle attacks.
Keyboard-
Release 21.12
---
W A R N I N G *** W A R N I N G *** W A R N I N G *** W A R N I N G ***
---
THIS IS A PRIVATE COMPUTER SYSTEM.
This computer system including all related equipment, network devices
(specifically including Internet access), are provided only for authorized use.
All computer systems may be monitored for all lawful purposes, including to
ensure that their use is authorized, for management of the system, to
facilitate protection against unauthorized access, and to verify security
procedures, survivability and operational security. Monitoring includes active
attacks by authorized personnel and their entities to test or verify the
security of the system. During monitoring, information may be examined,
recorded, copied and used for authorized purposes. All information including
personal information, placed on or sent over this system may be monitored. Uses
of this system, authorized or unauthorized, constitutes consent to monitoring
of this system. Unauthorized use may subject you to criminal prosecution.
Evidence of any such unauthorized use collected during monitoring may be used
for administrative, criminal or other adverse action. Use of this system
constitutes consent to monitoring for these purposes.
Permission denied (publickey,
unreachable: true
PLAY RECAP *******
subcloud1 : ok=2 changed=0 unreachable=1 failed=0
Tuesday 22 March 2022 13:32:23 +0000 (0:02:56.607) 0:02:56.860 *********
=======
prestage/
prestage/
prestage/
prestage/
Test Activity
-------------
Feature Testing
Workaround
----------
Clean up the host key
Changed in starlingx: | |
assignee: | nobody → Li Zhu (lzhu1) |
tags: | added: stx.7.0 stx.distcloud |
Changed in starlingx: | |
importance: | Undecided → Medium |
Fix proposed to branch: master /review. opendev. org/c/starlingx /distcloud/ +/836400
Review: https:/