Comment 0 for bug 1628216

It has been brought to my attention that when doing live-migration between compute-nodes it fails with "Host key verification failed", event if the following has been setted :

$juju set nova-compute-kvm enable-live-migration=True
$juju set nova-compute-kvm migration-auth-type=ssh

In this case, this is a Autopilot/Landscape deployment, the compute-node-kvm has two nics eth0 (x.x.x.x/x) subnet and juju-br0 (eth4) (y.y.y.y/y) subnet.

The same problem also occurred when adding a new compute-node unit.

Live migration doesn't work :

"... ERROR nova.virt.libvirt.driver .... Live Migration failure: operation failed: Failed to connect to remote libvirt URI qemu+ssh://<HOST>/system: Cannot recv data: Host key verification failed.: Connection reset by peer"

$ juju run --unit nova-cloud-controller/0 "unit-get private-address"
<IP_OF_JUJU_BR0_SUBNET>

$ juju run --unit nova-cloud-controller/0 "unit-get public-address"
<IP_OF_JUJU_BR0_SUBNET>

$ juju run --unit nova-compute-kvm/0 "unit-get private-address"
<IP_OF_JUJU_BR0_SUBNET>

$ juju run --unit nova-compute-kvm/0 "unit-get private-address"
<IP_OF_JUJU_BR0_SUBNET>

If ssh by hand as user 'root'

$ ssh root@<IP_OF_ETH0_SUBNET>, is working
$ ssh root@<IP_OF_JUJU_BR0_SUBNET>, is not working

Workarounds :
1- Delete the offending entries in /root/.ssh/known_hosts
2- Set "StrictHostKeyChecking no"
3- As mentioned above : $ ssh-keyscan -t rsa node-b | sudo tee -a /root/.ssh/known_hosts
....

Related src code:
https://github.com/openstack/charm-nova-cloud-controller/blob/fbd0d368c3700b3ef7beaa63d0afd48126e53206/hooks/charmhelpers/contrib/network/ip.py#L433
https://github.com/openstack/charm-nova-cloud-controller/blob/master/hooks/nova_cc_utils.py#L749