Bug #62440
openmgr/dashboard rgw section fails if ssl is used in the rgw daemon config
0%
Description
In reef, the dashboard rgw sections fails, if the rgw daemons are setup using ssl. Without ssl in the rgw config, it works.
In our case, we use "ceph orch" to manage daemons. If rgw is created with a yaml file stating "ssl: true", the corresponding config options set automatically by ceph-orch in "ceph config dump" are like this:
beast ssl_port=7480 ssl_certificate=config://rgw/cert/rgw.softgarden.de-dus3
in contrast to the ones when not using ssl:
beast port=7480
Now, when opening the dashboard, section rgw/daemons (or other pages in the rgw section), the mgr tries to find and parse the rgw config, and parses it for the port. This fails - in the rgw log you will find this:
File "/usr/share/ceph/mgr/dashboard/controllers/rgw.py", line 108, in list
'port': int(metadata['frontend_config#0'].split('port=')[1])
ValueError: invalid literal for int() with base 10: '7480 ssl_certificate=config://rgw/cert/rgw.softgarden.de-fr2'
The problematic code was introduced probably in this commit:
https://github.com/ceph/ceph/commit/c8d8018d7eb23203a39cd67909605d1187eb52bd#diff-264da03218bd7762bd7fe5577c4e6d0e3dcc8277bf68fb0679d7f6c6be1191a4R108
It simply assumes, everything behind the keyword "port" is the port(int). When using ssl, there is even more config, and this fails as it can't be parsed into a simple integer. A solution might be splitting at the whitespace?
(In quincy, it works fine, with or without ssl).
Example ceph-orch rgw-service-yaml:
service_type: rgw
service_id: softgarden.de-fr2
placement:
hosts:
- host1
- host2
spec:
rgw_realm: softgarden
rgw_zonegroup: de
rgw_zone: de-fr2
ssl: true
rgw_frontend_port: 7480
rgw_frontend_ssl_certificate: |
-----BEGIN CERTIFICATE-----
...
-----END CERTIFICATE-----
-----BEGIN RSA PRIVATE KEY-----
...
-----END RSA PRIVATE KEY-----
Updated by Stefan Schueffler 7 months ago
This is duplicated (and solved) in https://tracker.ceph.com/issues/62735