Note: This is a beta release of Red Hat Bugzilla 5.0. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Also email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback here.
Bug 1695543 - [v2v] VMWare->RHV migration since conversion_host_enable.yml do not add the SSH key for all VMware hosts to /var/lib/vdsm/.ssh/known_hosts
Summary: [v2v] VMWare->RHV migration since conversion_host_enable.yml do not add the S...
Keywords:
Status: POST
Alias: None
Product: Red Hat CloudForms Management Engine
Classification: Red Hat
Component: V2V
Version: unspecified
Hardware: Unspecified
OS: Unspecified
high
high
Target Milestone: GA
: 5.11.0
Assignee: Avital Pinnick
QA Contact:
Avital Pinnick
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2019-04-03 10:17 UTC by Ilanit Stein
Modified: 2019-04-10 15:06 UTC (History)
5 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed:
Category: Bug
Cloudforms Team: V2V
Target Upstream Version:


Attachments (Terms of Use)

Description Ilanit Stein 2019-04-03 10:17:46 UTC
When running conversion_host_enable.yml in the RHV conversion host,
using command [1], the SSH key of ALL VMware hosts, is not added automatically to  /var/lib/vdsm/.ssh/known_hosts.

As a result of this missing part, migration of a VMware VM, that reside on the VMware host, that it's SSH key is missing to RHV, using SSH transport method will fail with SSH error:  

nbdkit --dump-config
[   0.8] Opening the source -i vmx ssh://root@<VMware host ip address>/vmfs/volumes/rhv-v2v-performance-testing/vm2/vm2.vmx
scp 'root'@'10.12.69.91':''\''/vmfs/volumes/rhv-v2v-performance-testing/vm2/vm2.vmx'\''' '/var/tmp/vmx.WqRkuV/source.vmx'
Host key verification failed.
virt-v2v: error: could not copy the VMX file from the remote server, see 
earlier error messages

SSH connection validation, from the Conversion host, to the above VMware host fail.
 
If it's key is copied from /root/.ssh/known_hosts to /var/lib/vdsm/.ssh/known_hosts.
The SSH connection validation worked, and the v2v migration from that VMware host work fine.


[1]  ansible-playbook -i hostname, -c local -b \ 1
    -e @extra_vars.yml \
    /usr/share/ovirt-ansible-v2v-conversion-host/playbooks/conversion_host_enable.yml


Version-Release number of selected component (if applicable):
ovirt-ansible-v2v-conversion-host-1.9.2-1.el7ev.noarch

Comment 2 Ilanit Stein 2019-04-04 07:40:11 UTC
This bug is about a missing step, that should have done automatically, by the conversion host enable playbook.

As mentioned, this step can be done manually, but first need to understand that when the SSH connection validation fails,
that this is the reason, because it is not mentioned anywhere in the docs/ when the SSH connection validation fail.

Having said that,
this is a bug, and not an RFE.

Also adding a Test Blocker keyword, as this step is blocking the settings of the environment for VMware->RHV SSH migration.

Comment 10 Daniel Gur 2019-04-04 15:31:44 UTC
So let us use this bug as the bug to fix the documentation, And Open a new RFE as Fabian requested,

Ilanit, Could you please open an RFE as per comments 5 and 8 :
"Collect the host keys as part of CloudForms inventory and provide it to virt-v2v."

Comment 13 Ilanit Stein 2019-04-08 10:09:21 UTC
Fabien,

When I've run from a RHV conversion host,
SSH connection validation, following steps in 
current documentation (IMS 1.1): step 3 of § 3.5.3.4, 
for each of my 2 VMware hosts,
it failed for one of the VMware hosts.

The reason for the failure was that the SSH key for this VMware host, for which it failed,
was NOT added /var/lib/vdsm/.ssh/known_hosts

However, there was no indication that this is indeed the root cause, for the SSH connection failure.
I had to guess it.

Then, when I copied manually an existing the SSH key record of this VMware host FQDN,
from /root/.ssh/known_hosts, to /var/lib/vdsm/.ssh/known_hosts,
step 3 of § 3.5.3.4 worked fine for the previously failing VMware host.

As a result of running this last step successfully,
an additional record, of the failing VMware host was added to /var/lib/vdsm/.ssh/known_hosts,
but for the host IP address, and not host FQDN (as I added manually).

Maybe this record is added by step 3 of § 3.5.3.4, only if this step succeeds, 
BUT, in order to succeed, needs this record to exist already? (egg & chicken problem).

Anyway, ATM In the docs the /var/lib/vdsm/.ssh/known_hosts is not mentioned.
It do not seem to work well,
and it is essential to have the v2v migration/SSH work.


Note You need to log in before you can comment on or make changes to this bug.