Skip to content

mgr/dashboard,cephadm: automate setup of RGW credentials for dashboard#42252

Merged
liewegas merged 8 commits intoceph:masterfrom
liewegas:dashboard-rgw
Aug 11, 2021
Merged

mgr/dashboard,cephadm: automate setup of RGW credentials for dashboard#42252
liewegas merged 8 commits intoceph:masterfrom
liewegas:dashboard-rgw

Conversation

@liewegas
Copy link
Member

@liewegas liewegas commented Jul 8, 2021
edited by alfonsomthd
Loading

  • New 'ceph dashboard connect-rgw' command to set up RGW credentials
  • Trigger credential check when rgw service created or destroyed. Note that what we really want is a credential check any time an RGW realm is created or destroyed, but we don't have that visibility. We could supplement by just calling the current check every 24h or something, though. And eventually if/when we have a mgr/rgw module that pulls some of this rgw realm management into the mgr, then we can trigger it at the right time.

@alfonsomthd UPDATE:

  • Dashboard > Object Gateway: if empty credentials are detected, we trigger the credentials configuration.

Fixes: https://tracker.ceph.com/issues/44605

Related PR: #41590

TODO

  • we should trigger when the dashboard module is first enabled? or perhaps even when the dashboard loads (on every mgr startup)?
  • update docs

@liewegas liewegas requested review from a team as code owners July 8, 2021 20:10
@liewegas liewegas requested review from Waadkh7, aaryanporwal and cypherean and removed request for a team July 8, 2021 20:10
@github-actions
Copy link

github-actions bot commented Jul 8, 2021

This pull request can no longer be automatically merged: a rebase is needed and changes have to be manually resolved

@liewegas liewegas mentioned this pull request Jul 8, 2021
Closed
2 tasks
alfonsomthd
alfonsomthd reviewed Jul 9, 2021
View reviewed changes
@alfonsomthd alfonsomthd requested a review from jmolmo July 9, 2021 07:49
@liewegas liewegas force-pushed the dashboard-rgw branch 2 times, most recently from 5e34821 to 82d7d3a Compare July 13, 2021 16:53
@alfonsomthd alfonsomthd force-pushed the dashboard-rgw branch 2 times, most recently from 76e92ef to 5fa7d20 Compare July 28, 2021 14:51
@liewegas liewegas requested a review from a team July 28, 2021 14:51
@github-actions github-actions bot added the tests label Jul 28, 2021
@alfonsomthd
Copy link
Contributor

alfonsomthd commented Aug 6, 2021

jenkins test dashboard

@liewegas
Copy link
Member Author

liewegas commented Aug 9, 2021

retest this please

liewegas and others added 7 commits August 10, 2021 14:06
@liewegas @alfonsomthd
doc/mgr/dashboard: simplify dashboard+rgw config docs
599116a 
Signed-off-by: Sage Weil <sage@newdream.net>
@liewegas @alfonsomthd
mgr/dashboard: add 'dashboard connect-rgw' command
478c53b 
Signed-off-by: Sage Weil <sage@newdream.net>
@liewegas @alfonsomthd
mgr/cephadm: re-check dashboard <-> rgw creds when rgw daemons create…
91e185d 
…d/destroyed

We don't always know when a realm is created/destroyed, but we can use
service config and purge to cover most such cases.

Signed-off-by: Sage Weil <sage@newdream.net>
@alfonsomthd
mgr/dashboard: connect-rgw: adaptation and test coverage
0fcf0a7 
- Align Dashboard with cephadm: configure credentials using the same logic.
- Fix: create a 'dashboard' user per realm (before: only on 1st realm).
- Lint fixes, test coverage, method renaming to better reflect behavior and method visibility.

Fixes: https://tracker.ceph.com/issues/44605
Signed-off-by: Alfonso Martínez <almartin@redhat.com>
@alfonsomthd
mgr/dashboard: connect-rgw: rename to set-rgw-credentials; refactoring
6e20ef1 
- Rename the dashboard command to better reflect its behavior.
- Rename '_radosgw_admin' method to 'send_rgwadmin_command' for consistency with
  'send_mon_command' and move it to the mgr_module.py .
- Cleanup: remove unneeded rgw settings.
- Better error handling and test coverage.

Fixes: https://tracker.ceph.com/issues/44605
Signed-off-by: Alfonso Martínez <almartin@redhat.com>
@alfonsomthd
mgr/dashboard: rgw service creation form: add realm and zone to servi…
0575844 
…ce spec.

Align rgw service id pattern with cephadm: ceph#39877
  - Update rgw pattern to allow service id for non-multisite config.
  - Extract realm and zone from service id (when detected) and add them to the service spec.

Fixes: https://tracker.ceph.com/issues/44605
Signed-off-by: Alfonso Martínez <almartin@redhat.com>
@alfonsomthd
mgr/dashboard: run-frontend-e2e-tests.sh: remove unneeded rgw setting
8e482f3 
Fixes: https://tracker.ceph.com/issues/44605
Signed-off-by: Alfonso Martínez <almartin@redhat.com>
@alfonsomthd alfonsomthd force-pushed the dashboard-rgw branch 2 times, most recently from 84e9930 to 265d79f Compare August 10, 2021 13:52
@alfonsomthd
mgr/dashboard: set rgw credentials: fix api tests
a682b9d 
Fixes: https://tracker.ceph.com/issues/44605
Signed-off-by: Alfonso Martínez <almartin@redhat.com>
@alfonsomthd
Copy link
Contributor

alfonsomthd commented Aug 11, 2021

jenkins test make check arm64

jmolmo
jmolmo approved these changes Aug 11, 2021
View reviewed changes
Copy link
Member

@jmolmo jmolmo left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@alfonsomthd alfonsomthd self-requested a review August 11, 2021 10:50
@alfonsomthd
Copy link
Contributor

alfonsomthd commented Aug 11, 2021

jenkins test make check arm64

@liewegas liewegas merged commit 6f8bdfb into ceph:master Aug 11, 2021
@liewegas liewegas deleted the dashboard-rgw branch August 11, 2021 15:28
dsavineau added a commit to dsavineau/ceph-ansible that referenced this pull request Aug 17, 2021
@dsavineau
ceph-dashboard: fix oject gateway integration
ec718dc 
Since [1] multiple ceph dashboard commands have been removed and this is
breaking the current ceph-ansible dashboard with RGW automation.
This removes the following dashboard rgw commands:

- ceph dashboard set-rgw-api-access-key
- ceph dashboard set-rgw-api-secret-key
- ceph dashboard set-rgw-api-host
- ceph dashboard set-rgw-api-port
- ceph dashboard set-rgw-api-scheme

Which are replaced by `ceph dashboard set-rgw-credentials`

The RGW user creation task is also removed.

Finally moving the delegate_to statement from the rgw tasks at the block
level.

[1] ceph/ceph#42252

Signed-off-by: Dimitri Savineau <dsavinea@redhat.com>
@dsavineau dsavineau mentioned this pull request Aug 17, 2021
Merged
@sebastian-philipp
Copy link
Contributor

sebastian-philipp commented Aug 17, 2021 

TASK [ceph-dashboard : set the rgw user] ***************************************
task path: /home/jenkins-build/build/workspace/ceph-ansible-prs-centos-container-update/roles/ceph-dashboard/tasks/configure_dashboard.yml:274
Tuesday 17 August 2021  14:37:08 +0000 (0:00:00.100)       0:22:14.819 ******** 
fatal: [mgr0 -> mon0]: FAILED! => changed=false 
  cmd:
  - podman
  - exec
  - ceph-mon-mon0
  - ceph
  - --cluster
  - ceph
  - dashboard
  - set-rgw-api-user-id
  - ceph-dashboard
  delta: '0:00:00.537218'
  end: '2021-08-17 14:37:08.831031'
  msg: non-zero return code
  rc: 22
  start: '2021-08-17 14:37:08.293813'
  stderr: |-
    no valid command found; 10 closest matches:
    dashboard set-jwt-token-ttl <seconds:int>
    dashboard get-jwt-token-ttl
    dashboard create-self-signed-cert
    dashboard grafana dashboards update
    dashboard get-account-lockout-attempts
    dashboard set-account-lockout-attempts <value>
    dashboard reset-account-lockout-attempts
    dashboard get-alertmanager-api-host
    dashboard set-alertmanager-api-host <value>
    dashboard reset-alertmanager-api-host
    Error EINVAL: invalid command
  stderr_lines: <omitted>
  stdout: ''
  stdout_lines: <omitted>

dsavineau added a commit to ceph/ceph-ansible that referenced this pull request Aug 17, 2021
@dsavineau
ceph-dashboard: fix oject gateway integration
2ee2194 
Since [1] multiple ceph dashboard commands have been removed and this is
breaking the current ceph-ansible dashboard with RGW automation.
This removes the following dashboard rgw commands:

- ceph dashboard set-rgw-api-access-key
- ceph dashboard set-rgw-api-secret-key
- ceph dashboard set-rgw-api-host
- ceph dashboard set-rgw-api-port
- ceph dashboard set-rgw-api-scheme

Which are replaced by `ceph dashboard set-rgw-credentials`

The RGW user creation task is also removed.

Finally moving the delegate_to statement from the rgw tasks at the block
level.

[1] ceph/ceph#42252

Signed-off-by: Dimitri Savineau <dsavinea@redhat.com>
@sebastian-philipp sebastian-philipp mentioned this pull request Sep 2, 2021
Merged
mergify bot pushed a commit to ceph/ceph-ansible that referenced this pull request Sep 16, 2021
@dsavineau
ceph-dashboard: fix oject gateway integration
3641901 
Since [1] multiple ceph dashboard commands have been removed and this is
breaking the current ceph-ansible dashboard with RGW automation.
This removes the following dashboard rgw commands:

- ceph dashboard set-rgw-api-access-key
- ceph dashboard set-rgw-api-secret-key
- ceph dashboard set-rgw-api-host
- ceph dashboard set-rgw-api-port
- ceph dashboard set-rgw-api-scheme

Which are replaced by `ceph dashboard set-rgw-credentials`

The RGW user creation task is also removed.

Finally moving the delegate_to statement from the rgw tasks at the block
level.

[1] ceph/ceph#42252

Signed-off-by: Dimitri Savineau <dsavinea@redhat.com>
(cherry picked from commit 2ee2194)
dsavineau added a commit to ceph/ceph-ansible that referenced this pull request Sep 17, 2021
@dsavineau
ceph-dashboard: fix oject gateway integration
3079c2e 
Since [1] multiple ceph dashboard commands have been removed and this is
breaking the current ceph-ansible dashboard with RGW automation.
This removes the following dashboard rgw commands:

- ceph dashboard set-rgw-api-access-key
- ceph dashboard set-rgw-api-secret-key
- ceph dashboard set-rgw-api-host
- ceph dashboard set-rgw-api-port
- ceph dashboard set-rgw-api-scheme

Which are replaced by `ceph dashboard set-rgw-credentials`

The RGW user creation task is also removed.

Finally moving the delegate_to statement from the rgw tasks at the block
level.

[1] ceph/ceph#42252

Signed-off-by: Dimitri Savineau <dsavinea@redhat.com>
(cherry picked from commit 2ee2194)
guits pushed a commit to ceph/ceph-ansible that referenced this pull request Sep 18, 2021
@dsavineau @guits
ceph-dashboard: fix oject gateway integration
9424200 
Since [1] multiple ceph dashboard commands have been removed and this is
breaking the current ceph-ansible dashboard with RGW automation.
This removes the following dashboard rgw commands:

- ceph dashboard set-rgw-api-access-key
- ceph dashboard set-rgw-api-secret-key
- ceph dashboard set-rgw-api-host
- ceph dashboard set-rgw-api-port
- ceph dashboard set-rgw-api-scheme

Which are replaced by `ceph dashboard set-rgw-credentials`

The RGW user creation task is also removed.

Finally moving the delegate_to statement from the rgw tasks at the block
level.

[1] ceph/ceph#42252

Signed-off-by: Dimitri Savineau <dsavinea@redhat.com>
(cherry picked from commit 2ee2194)
@alfonsomthd alfonsomthd mentioned this pull request Sep 29, 2021
Closed
@galexrt galexrt mentioned this pull request Apr 16, 2023
Closed
stuartgrace-bbc pushed a commit to bbc/ceph-ansible that referenced this pull request Jan 30, 2024
@dsavineau @stuartgrace-bbc
ceph-dashboard: fix oject gateway integration
1bea3fe 
Since [1] multiple ceph dashboard commands have been removed and this is
breaking the current ceph-ansible dashboard with RGW automation.
This removes the following dashboard rgw commands:

- ceph dashboard set-rgw-api-access-key
- ceph dashboard set-rgw-api-secret-key
- ceph dashboard set-rgw-api-host
- ceph dashboard set-rgw-api-port
- ceph dashboard set-rgw-api-scheme

Which are replaced by `ceph dashboard set-rgw-credentials`

The RGW user creation task is also removed.

Finally moving the delegate_to statement from the rgw tasks at the block
level.

[1] ceph/ceph#42252

Signed-off-by: Dimitri Savineau <dsavinea@redhat.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@jmolmo jmolmo jmolmo approved these changes

@epuertat epuertat epuertat approved these changes

@aaryanporwal aaryanporwal Awaiting requested review from aaryanporwal

@Waadkh7 Waadkh7 Awaiting requested review from Waadkh7

@cypherean cypherean Awaiting requested review from cypherean

@nizamial09 nizamial09 Awaiting requested review from nizamial09

@aaSharma14 aaSharma14 Awaiting requested review from aaSharma14

@avanthakkar avanthakkar Awaiting requested review from avanthakkar

@alfonsomthd alfonsomthd Awaiting requested review from alfonsomthd

Assignees

No one assigned

Labels

cephadm dashboard documentation mgr needs-review pybind tests

Projects

Ceph-Dashboard
Archived in project

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

5 participants

@liewegas @epuertat @alfonsomthd @sebastian-philipp @jmolmo