Project

General

Profile

Actions
Copy link

Feature #51972

closed

cephadm/ingress: support TLS RGW backend

Added by Dimitri Savineau over 2 years ago. Updated about 1 year ago.

Status:
Resolved
Priority:
Normal
Assignee:
-
Category:
-
Target version:
-
% Done:

0%

Source:
Tags:
backport_processed
Backport:
quincy, pacific
Reviewed:
Affected Versions:
Ceph - v16.2.5, Ceph - v17.0.0
Pull request ID:
48874

Description

As per the documentation (and the code), the ingress service via haproxy doesn't support RGW backend with TLS. [1]2

There's no real reason to not support end to end TLS encryption with ingress + RGW

This is a pretty common setup nowadays.

[1] https://docs.ceph.com/en/latest/cephadm/rgw/#high-availability-service-for-rgw
[2] https://docs.ceph.com/en/latest/cephadm/rgw/#prerequisites

Related issues 2 (0 open2 closed)

Copied to Orchestrator - Backport #58176: quincy: cephadm/ingress: support TLS RGW backendResolvedAdam KingActions
Copied to Orchestrator - Backport #58177: pacific: cephadm/ingress: support TLS RGW backendResolvedAdam KingActions
Actions
Copy link
 #1

Updated by Adam King over 1 year ago

  • Pull request ID set to 48874
Actions
Copy link
 #2

Updated by Adam King over 1 year ago

  • Status changed from New to Pending Backport
  • Backport set to quincy
Actions
Copy link
 #3

Updated by Adam King over 1 year ago

  • Backport changed from quincy to quincy, pacific
Actions
Copy link
 #4

Updated by Backport Bot over 1 year ago

  • Copied to Backport #58176: quincy: cephadm/ingress: support TLS RGW backend added
Actions
Copy link
 #5

Updated by Backport Bot over 1 year ago

  • Copied to Backport #58177: pacific: cephadm/ingress: support TLS RGW backend added
Actions
Copy link
 #6

Updated by Backport Bot over 1 year ago

  • Tags set to backport_processed
Actions
Copy link
 #7

Updated by Adam King about 1 year ago

  • Status changed from Pending Backport to Resolved
Actions
Copy link

Also available in: Atom PDF