cephadm: Allow users to use a custom dashboard ssl port#36716
cephadm: Allow users to use a custom dashboard ssl port#36716sebastian-philipp merged 1 commit intoceph:masterfrom
Conversation
sebastian-philipp
left a comment
There was a problem hiding this comment.
Yes, this look good! (minus some minor nits)
| if ports: | ||
| daemon_spec.ports = ports |
There was a problem hiding this comment.
Please have a look at
If you want, you can extract this into a new method of CephadmService, with a default implementation, like so and hook this into make_daemon_spec :
class CephadmService:
def get_ports(self, daemon_id: str, spec: ServiceSpec) -> List[int]:
default_port = getattr(self, 'DEFAULT_SERVICE_PORT')
return [default_port] or []And suddenly you also support the monitoring stack.
There was a problem hiding this comment.
I can't see too much advantages of this approach... (maybe I miss something).
Taking into account that now, the "ports" is now an attribute of the "CephadmDaemonSpec" class. I would prefer
to add the "ports" attribute to the "ServiceSpec" class, and then we can start to manage properly ports in an all the services.
In any case I think that this must be managed as a separate PR coming from a separate tracker issue.
wdyt?
This modification allows the user to create a new bootstrap cluster using a predefined SSl port for the dashboard.
If firewall is enabled, any new manager daemon deployed in new hosts will take care of open the required ports for all the services enabled in the manager.
Two new parameters for cephadm tool (aka binary or standalone):
Command bootstrap:
--ssl-dashboard-port SSL_DASHBOARD_PORT
Port number used to connect with dashboard using SSL
Command deploy:
--tcp-ports TCP_PORTS
List of tcp ports to open in the host firewall
Signed-off-by: Juan Miguel Olmo Martínez <jolmomar@redhat.com>
f4a9a6e to
08c4a53
Compare
This modification allows the user to create a new bootstrap cluster using a predefined SSl port for the dashboard.
If firewall is enabled, any new manager daemon deployed in new hosts will take care of open the required ports for all the services enabled in the manager.
Two new parameters for cephadm tool (aka binary or standalone):
Command bootstrap:
--ssl-dashboard-port SSL_DASHBOARD_PORT
Port number used to connect with dashboard using SSL
Command deploy:
--tcp-ports TCP_PORTS
List of tcp ports to open in the host firewall
Note:
Opening ports in new hosts when deploying new manager modules only will work when this modification will be part of the used Ceph container image.
Fixes: https://tracker.ceph.com/issues/44628
Signed-off-by: Juan Miguel Olmo Martínez jolmomar@redhat.com