The same scenario that was possible on client_ident is also possible
for reconnect: on the accepting side we recognized the client_addrs
but the client is trying to reach someone else. Since the cookie is a
random 64-bit value it is unlikely, but still possible, that we will
match an existing session that is not for the client.
Signed-off-by: Sage Weil <sage@redhat.com>
If we get a client_ident frame, and they are trying to talk to someone
else, drop the connection.
This is an inelegant workaround to http://tracker.ceph.com/issues/38247.
A nicer fix would be to restructure the protocol so that the client knows
who they connected to before they try to open a session. That is a bigger
change that can follow...
Fixes: http://tracker.ceph.com/issues/38247
Signed-off-by: Sage Weil <sage@redhat.com>
The type fix in the remote_host to remove_host has caused a Ceph docs
build failure.
Introduced-By: 05cfa6f
Fixes: http://tracker.ceph.com/issues/38254
Signed-off-by: Ernesto Puerta <epuertat@redhat.com>
Add '*.inc.rst' to the list of excluded patterns from sphinx-build. This
allows for using '*.inc.rst' as includes, and avoids duplicates. The
benefit of keeping the trailing '.rst' extension is that most IDEs use
that to render reStructured Text files.
Fixes: http://tracker.ceph.com/issues/37530
Signed-off-by: Ernesto Puerta <epuertat@redhat.com>
* refs/pull/26327/head:
doc/dev/msgr2: bring up to date with new HELLO, different RECONNECT
msg/async/ProtocolV2: separate IDENT into {CLIENT,SERVER}_IDENT
Reviewed-by: Ricardo Dias <rdias@suse.com>
* refs/pull/26059/head:
mon/MonClient: fix keepalive with v2 auth
msg/async/ProtocolV2: reject peer_addrs of -
msg/async/ProtocolV2: clean up feature management
mon/MonClient: set up rotating_secrets, etc before msgr ready
msg/async: let client specify preferred order of modes
msg/async/ProtocolV2: include entity_name, features in reconnect
msg/async/ProtocolV2: fix write_lock usage around AckFrame
qa/suites/rados/verify/validator/valgrind: debug refs = 5
qa/standalone/ceph-helpers: fix health_ok test
auth/AuthRegistry: only complain about disabling cephx if cephx was enabled
auth/AuthRegistry: fix locking for get_supported_methods()
auth: remove AUTH_UNKNOWN weirdness, hardcoded defaults.
msg/async/ProtocolV2: remove unused get_auth_allowed_methods
osd: set up messener auth_* before setting dispatcher (and going 'ready')
mon/AuthMonitor: request max_global_id increase from peon in tick
mon: prime MgrClient only after messengers are initialized
qa/suites/rados/workloads/rados_api_tests.yaml: debug mgrc = 20 on mon
auth: document Auth{Client,Server} interfaces
auth: future-proof AUTH_MODE_* a bit in case we need to change the encoding byte
mon/MonClient: request monmap on open instead of ping
mgr/PyModuleRegistry: add details for MGR_MODULE_{DEPENDENCY,ERROR}
crimson: fix build
mon/MonClient: finsih authenticate() only after we get monmap; fix 'tell mgr'
mon: add auth_lock to protect auth_meta manipulation
ceph-mon: set up auth before binding
mon: defer initial connection auth attempts until initial quorum is formed
mon/MonClient: make MonClientPinger an AuthCleint
ceph_test_msgr: use DummyAuth
auth/DummyAuth: dummy auth server and client for test code
mon/Monitor: fix leak of auth_handler if we error out
doc/dev/cephx: re-wordwrap
doc/dev/cephx: document nautilus change to cephx
vstart.sh: fix --msgr2 option
msg/async/ProtocolV2: use shared_ptr to manage auth_meta
auth/Auth{Client,Server}: pass auth_meta in explicitly
mon/MonClient: behave if authorizer can't be built (yet)
osd: set_auth_server on client_messenger
common/ceph_context: get_moduel_type() for seastar cct
auth: make connection_secret a std::string
auth,msg/async/ProtocolV2: negotiate connection modes
auth/AuthRegistry: refactor handling of auth_*_requred options
osd,mgr,mds: remove unused authorize registries
switch monc, daemons to use new msgr2 auth frame exchange
doc/dev/msgr2: update docs to match implementation for auth frames
auth/AuthClientHandler: add build_initial_request hook
msg/Messenger: attach auth_client and/or auth_server to each Messenger
auth: introduce AuthClient and AuthServer handlers
auth: codify AUTH_MODE_AUTHORIZER
msg/Connection: track peer_id (id portion of entity_name_t) for msgr2
auth/AuthAuthorizeHandler: add get_supported_methods()
auth/AuthAuthorizeHandler: fix args for verify_authorizer()
auth: constify bufferlist arg to AuthAuthorizer::add_challenge()
auth/cephx: share all tickets and connection_secret in initial reply
msg/async,auth: add AuthConnectionMeta to Protocol
auth/AuthClientHandler: pass in session_key, connection_secret pointers
auth/AuthServiceHandler: take session_key and connection_secret as args
auth/cephx: pass more specific type into build_session_auth_info
mon/Session: separate session creation, peer ident, and registration
mon/AuthMonitor: bump max_global_id from on_active() and tick()
mon/AuthMonitor: be more careful with max_global_id
mon: only all ms_handle_authentication() if auth method says we're done
mon/AuthMonitor: fix "finished with auth" condition check
auth: clean up AuthServiceHandler::handle_request() args
auth: clean up AuthServiceHandler::start_session()
mon/AuthMonitor: drop unused op arg to assign_global_id()
msg/async: separate TAG_AUTH_REQUEST_MORE and TAG_AUTH_REPLY_MORE
msg/async: consolidate authorizer checks
msg/async: move get_auth_allowed into ProtocolV2.cc
mon/MonClient: trivial cleanup
Reviewed-by: Greg Farnum <gfarnum@redhat.com>
The modes are:
- crc: crc32c checksums to protect against bit errors. No secrecy or
authenticity guarantees, so a MITM could alter traffic in flight.
- secure: cryptographic secrecy and authenticity proection (i.e, encrypted
and signed).
We do not include a 'signed' mode that provides authenticity without
secrecy because the cryptographic protocols appear to be faster than
SHA-2.
New settings:
- ms_cluster_mode : mode(s list) for intra-cluster connections
- ms_service_mode : mode(s list) for daemons to allow
- ms_client_mode : mode(s list) for clients to allow
Also,
- ms_mon_cluster_mode : mon <-> mon connections
- ms_mon_service_mode : mon <-> daemon or client connections
The msgr2 protocol is expanded slightly to negotiate a mode. Client
shares it's allowed/preferred modes, and server picks one as auth finishes.
Negotiation is independent of the authentication, except that the
authentiction mode may precluse certain choices. Specifically, AUTH_NONE
does not support 'secure', only 'crc'.
Signed-off-by: Sage Weil <sage@redhat.com>
The backend is now capable of receiving alert notifications from
the Prometheus alertmanager and it can get all alerts with all kinds of
parameters from the API of the same.
In the frontend Prometheus alerts can be found in "Cluster > Alerts". Incoming
notifications can be seen as usual in the notifications popover.
To clarify:
Prometheus alerts are received from the alertmanager API.
Prometheus alert notification are send from the alertmanager to the
backend receiver. An alert notification can have multiple alerts, but
these alerts differ from the prometheus alerts.
To clarify that, I've added some models and services.
If one of the methods to get alerts contains changes the user will be
notified.
The documentation explains how to configure the alertmanager to use the
dashboard receiver and how to connect the use of the alertmanager API.
Further it explains where to find the alerts and what happens if they
are configured and something is happening.
Fixes: https://tracker.ceph.com/issues/36721
Signed-off-by: Stephan Müller <smueller@suse.com>
doc: Updated feature list and overview in dashboard.rst
Reviewed-by: Laura Paduano <lpaduano@suse.com>
Reviewed-by: Ricardo Marques <rimarques@suse.com>
Reviewed-by: Volker Theile <vtheile@suse.com>
doc/orchestrator: Aligned Documentation with specification
Reviewed-by: Jeff Layton <jlayton@redhat.com>
Reviewed-by: Juan Miguel Olmo Martínez <jolmomar@redhat.com>
Reviewed-by: Noah Watkins <noahwatkins@gmail.com>
