Feature #44628
closedcephadm: Add initial firewall management to cephadm
0%
Description
we open both 8080 and 8443 for dashboard even when the default is
https. We should probably do one or the other, not both.
Updated by Sebastian Wagner about 6 years ago
- Tracker changed from Bug to Feature
Updated by Sage Weil about 6 years ago
I'm inclined to just open both, because the dashboard might move between ssl and not ssl. otherwise we need to make the dashboard port as a dependency so that the container is reconfiged..
also note that deploy knows how to open firewall ports, but we never close them again.
Updated by Sebastian Wagner about 6 years ago
yeah, I also don't like to create a new dependency from the dashboard to cephadm
Updated by Sebastian Wagner almost 6 years ago
- Priority changed from Normal to Low
Updated by Juan Miguel Olmo Martínez almost 6 years ago
User must be able to decide what ports to use (both http/https).
Updated by Sebastian Wagner almost 6 years ago
for this, we'll need control and information about the ports all the daemons use. Especially if they're configurable, like the dashboard.
- the monitoring services have a dedicated port
- RGW has a port
- MGR has a port
We need a general way of setting the firewall based on the ports configured by the services.
Updated by Sebastian Wagner almost 6 years ago
- Subject changed from cpehadm: firewall: dashboard: we open both 8080 and 8443 to cephadm: Add firewall management to cephadm
Updated by Juan Miguel Olmo Martínez almost 6 years ago
- Assignee set to Juan Miguel Olmo Martínez
Updated by Sebastian Wagner almost 6 years ago
- Related to Feature #44601: cephadm: Mix of hosts: with and without firewall added
Updated by Sebastian Wagner almost 6 years ago
- Related to Feature #44606: cephadm: RGW firewall + static port added
Updated by Juan Miguel Olmo Martínez almost 6 years ago
- Pull request ID set to 35594
Updated by Sebastian Wagner over 5 years ago
- Subject changed from cephadm: Add firewall management to cephadm to cephadm: Add initial firewall management to cephadm
- Status changed from New to Resolved
- Target version set to v15.2.5
Updated by Upkeep Bot 7 months ago
- Tags (freeform) set to upkeep-failed
Redmine Upkeep failure¶
The redmine-upkeep.py script failed to update this issue. I have added the tag "upkeep-failed" to avoid looking at this issue again.
Please manually fix the issue and remove "upkeep-failed" tag to allow future upkeep operations.
Transformation¶
The script was in the merged transformation.
Update Log¶
https://github.com/ceph/ceph/actions/runs/16944423591
Error¶
Issue #44628 with status Resolved references PR #35594 which is closed but not merged.
Possible resolutions:
- If the PR id is wrong, please update it.
- If the issue was fixed through other means (e.g. in the kernel or Rook), please remove the PR id.
- If the PR is already merged through other means (erroneous backport), mark the issue state as "Rejected".
- Do nothing. This script will ignore this issue while the upkeep-failed tag is applied.