Feature #48247
opencephadm: RGW rgw_ldap_secret
0%
Description
When deploying RGW via cephadm the path specified in rgw_ldap_secret should be mounted into the container.
Alternatively a mechanism to load the secret direct from the mon config database, maybe checking for a prefix of 'config:' and use the string directly as a password rather than a path on the local system or load as a pointer to a different config variable.
I suspect modifying the RGW might be the better solution, although would mean the password would be cleartext in the config database.
Without either of the above it is not possible to use the s3 ldap integration for an rgw deployed via cephadm
https://docs.ceph.com/en/latest/radosgw/ldap-auth/#configuring-the-ceph-object-gateway-to-use-ldap-authentication
Updated by Sebastian Wagner over 3 years ago
- Tracker changed from Bug to Feature
- Priority changed from Normal to High
Updated by Sebastian Wagner over 2 years ago
https://github.com/ceph/ceph/pull/44459 might provide the ability to ahve a workaround. Then this is just a documentation effort
Updated by Sebastian Wagner over 2 years ago
- Related to Feature #53562: cephadm doesn't support osd crush_location_hook added
Updated by Laura Flores over 1 year ago
- Translation missing: en.field_tag_list set to low-hanging-fruit
Updated by Laura Flores over 1 year ago
- Translation missing: en.field_tag_list deleted (
low-hanging-fruit)
Updated by Redouane Kachach Elhichou about 1 year ago
- Priority changed from High to Normal