Actions
Feature #48247
opencephadm: RGW rgw_ldap_secret
% Done:
0%
Source:
Community (user)
Tags:
low-hanging-fruit
Backport:
Reviewed:
Affected Versions:
Pull request ID:
Description
When deploying RGW via cephadm the path specified in rgw_ldap_secret should be mounted into the container.
Alternatively a mechanism to load the secret direct from the mon config database, maybe checking for a prefix of 'config:' and use the string directly as a password rather than a path on the local system or load as a pointer to a different config variable.
I suspect modifying the RGW might be the better solution, although would mean the password would be cleartext in the config database.
Without either of the above it is not possible to use the s3 ldap integration for an rgw deployed via cephadm
https://docs.ceph.com/en/latest/radosgw/ldap-auth/#configuring-the-ceph-object-gateway-to-use-ldap-authentication
Actions