- We keep ServiceDescription around unmodified (although it will need some
cleanup later)
- We add DaemonDescription, and clean out the service-related ambiguities
- Add a new list_daemons() method for Orchestrator
- Add a new 'ceph orch ps' command
- In cephadm, drop get_services(), and implement list_daemons()
- a million changes to make this work
- Adjust health alert and option names
Signed-off-by: Sage Weil <sage@redhat.com>
this test will end with a failure like
```
2020-01-30T18:15:15.870 INFO:tasks.ceph.mgr.x.smithi042.stderr:Warning: Permanently added 'smithi042.front.sepia.ceph.com,172.21.15.42' (ECDSA) to the list of known hosts.
2020-01-30T18:15:15.925 INFO:tasks.ceph.mgr.x.smithi042.stderr:Permission denied, please try again.
2020-01-30T18:15:15.932 INFO:tasks.ceph.mgr.x.smithi042.stderr:Permission denied, please try again.
2020-01-30T18:15:15.939 INFO:tasks.ceph.mgr.x.smithi042.stderr:root@smithi042.front.sepia.ceph.com: Permission denied (publickey,gssapi-keyex,gssapi-with-mic,password).
```
because mgr is not able to establish an ssh connection to that host with "root".
please note, the teuthology worker is acting using the "ubuntu" account on the
test node, and by default, "root" does not have its pubkey. and actually
`qa/tasks/cephadm.py` does push the pubkey to all the managed hosts before
testing cephadm.
since `qa/tasks/cephadm.py` is a better test for cephadm, let's just
drop this one.
as suites/rados/cephadm already covers cephadm
Signed-off-by: Kefu Chai <kchai@redhat.com>
Give the cluster some time to recover from the unknown
PG state before checking if the OSD is safe to destroy.
Fixes: https://tracker.ceph.com/issues/43912
Signed-off-by: Tatjana Dehler <tdehler@suse.com>
* refs/pull/32788/head:
qa/tasks/mgr/dashboard: set pg_num to 32
mgr/pg_autoscaler: default to pg_num[_min] = 32
Reviewed-by: Sage Weil <sage@redhat.com>
if mgr is not active, monitor will refuse to set any option consumed by
mgr modules.
the reason the tests pass somtimes is that, we have a racing here:
1. stop all mgr daemons
2. MgrMonitor gets updated and updates its mgr_module_options
accordingly.
3. in TestDashboard.setUp(), we reset the port number for dashboard
using "ceph config set mgr mgr/dashboard/y/ssl_server_port 7789"
4. restart all mgr daemons
but the 2nd step and 3rd step could race with each other, if the 2nd
step happens after 3rd step, the test passes. otherwise it fails.
in this change, "--force" is passed to the "ceph config set" command,
so ConfigMonitor can bypass the sanity test for the option, and just
set this option.
Signed-off-by: Kefu Chai <kchai@redhat.com>
qa/tasks/mgr/dashboard: set pg_num to 16
Reviewed-by: Volker Theile <vtheile@suse.com>
Reviewed-by: Sebastian Wagner <swagner@suse.com>
Reviewed-by: Tatjana Dehler <tdehler@suse.com>
Reviewed-by: Laura Paduano <lpaduano@suse.com>
mgr/dashboard: Throw a more meaningful exception
Reviewed-by: Sebastian Wagner <swagner@suse.com>
Reviewed-by: Tatjana Dehler <tdehler@suse.com>
Reviewed-by: Tiago Melo <tmelo@suse.com>
Choose another future_date_1 date (9 days instead of 10) to
make sure the expiration date will be between future_date_1
and future_date_2. Otherwise the expiration date might be
equal to future_date_1.
Also wait for 10 seconds before the password refresh in
test_pwd_expiration_date_update to prevent date equality.
Fixes: https://tracker.ceph.com/issues/43431
Signed-off-by: Tatjana Dehler <tdehler@suse.com>
qa/tasks/mgr/test_orchestrator_cli: fix service action tests
Reviewed-by: Thomas Bechtold <tbechtold@suse.com>
Reviewed-by: Sebastian Wagner <swagner@suse.com>
in b77f0c74a5, "reload"
service[-instance] action was dropped. so replace "reload" with
"restart" in the related tests.
Signed-off-by: Kefu Chai <kchai@redhat.com>
* Remove scope and permission check from UserPasswordPolicy controller again, otherwise the Angular UI validator can't be executed for users without that privilege.
* Remobe obsolete QA test.
Signed-off-by: Volker Theile <vtheile@suse.com>
1. Fix the test cases by using the 'assertJsonBody'
method. The '_post' method doesn't return anything.
That's why we need to use the 'assertJsonBody'
method here instead of checking the fields directly.
2. Add the missing scope and permission definition of the
'validate_password' resource. Otherwise the resource
is not restricted and 'test_validate_password_invalid_permissions'
will fail.
3. Re-word error messages. Change 'cannot' to 'must not'.
Signed-off-by: Tatjana Dehler <tdehler@suse.com>
- Add 'api/user/validate_password' endpoint to check if a
password meets the password policy. A new controller has
to be added for 'api/user' which has NO security scope,
otherwise it wouldn't be possible for users without USER
privileges to call the endpoint.
- Add Angular async validator to check if the entered password
meets the policy.
Fixes: https://tracker.ceph.com/issues/43088
Signed-off-by: Volker Theile <vtheile@suse.com>
Now both CephFS quotas can be changed with a validation against the next
tree maximum in the file tree, that prevents setting the quotas in a way
that would not be usable.
Fixes: https://tracker.ceph.com/issues/38287
Signed-off-by: Stephan Müller <smueller@suse.com>
Add a 'pwd_expiration_date' field to the User object to be able
to set password expiration date per user.
There are two options to set a password expiration date for a
user:
1. Set the 'USER_PWD_EXPIRATION_SPAN' setting. If defined
the expiration date of the password will be calculated
automatically based on the given value. It will also be
updated automatically when the user changes the password.
2. Set an expiration date by setting the 'pwdExpirationDate'
field when creating a user.
Add two more settings in addition: USER_PWD_EXPIRATION_WARNING_1
and USER_PWD_EXPIRATION_WARNING_2. These two settings are
defining the amount of days to notify the user that his password
will expiration soon.
It's not possible to set the 'pwd_expiration_date' field to a
date in the past.
If the password of a user is already expired he is no longer
allowed to log into the dashboard.
Fixes: https://tracker.ceph.com/issues/40329
Signed-off-by: Tatjana Dehler <tdehler@suse.com>
There were a couple of problems found by flake8 in the qa/
directory (most of them fixed now). Enabling flake8 during the usual
check runs hopefully avoids adding new issues in the future.
Signed-off-by: Thomas Bechtold <tbechtold@suse.com>
* refs/pull/32023/head:
qa/tasks/mgr/test_orchestrator_cli: test with valid network or IP
qa/orchestrator: do not test "mon update 3 host1"
Reviewed-by: Sebastian Wagner <swagner@suse.com>
Reviewed-by: Joshua Schmid <jschmid@suse.de>
Passing 'network' will fail with
Error EINVAL: Failed to parse host list: '['host1:network', 'host2:network', 'host3:network']': u'network' does not appear to be an IPv4 or IPv6 address
Signed-off-by: Sage Weil <sage@redhat.com>
This allows setting and retrieving the current site name for
RBD mirroring. This is a global property of the cluster.
Signed-off-by: Jason Dillaman <dillaman@redhat.com>
mgr/dashboard: fix tests in order to match pg num conventions
Reviewed-by: Alfonso Martínez <almartin@redhat.com>
Reviewed-by: Laura Paduano <lpaduano@suse.com>
Update the tests test_ganesha and test_rbd_mirroring in order
to match the PG num conventions. It prevents the health warning
'POOL_PG_NUM_NOT_POWER_OF_TWO' from being shown.
Signed-off-by: Tatjana Dehler <tdehler@suse.com>
- Refactor parts of the existing password complexity code.
- Check password complexity when setting password via Dashboard CLI commands.
- Add ability to force setting a password via CLI. This is useful in vstart environments or wherever it is necessary to disable the password complexity check.
Signed-off-by: Volker Theile <vtheile@suse.com>
The problem was that, if a pool was renamed the routine to update tried
to work on the old pool name and didn't used the info that the pool got
renamed, therefore an error occurred in the UI saying that the pool
could not be found.
Fixes: https://tracker.ceph.com/issues/42776
Signed-off-by: Stephan Müller <smueller@suse.com>
To prevent the not a number of two cluster health warning, all created
pools now have a pg_num that is a power of two.
Fixes: https://tracker.ceph.com/issues/42776
Signed-off-by: Stephan Müller <smueller@suse.com>
Renamed "__create_pool" to "__yield_pool" to make it's purpose clearer
and added a description.
Split up create pool test into three different tests.
Used "__yield_pool" for creation tests, too.
Fixes: https://tracker.ceph.com/issues/42776
Signed-off-by: Stephan Müller <smueller@suse.com>
python-common, mgr/orchestrator, mgr/dashboard: Use common "Devices"
Reviewed-by: Kiefer Chang <kiefer.chang@suse.com>
Reviewed-by: Patrick Seidensal <pseidensal@suse.com>
* refs/pull/31501/head:
ceph-mon: bind to public_addrv if set (before public_addr or public_network)
common/options: add public_addrv
common/options: fix ADDRVEC parsing
ceph-daemon: support --mon-addrv for deploy subcommand
Reviewed-by: Neha Ojha <nojha@redhat.com>
Now it's possible to list directories of a CephFS in a tree view inside
the dashboard.
Currently the tree is not refreshed every 5 seconds as the listing of
directories is a heavier operation.
When a directory is clicked, the dashboard will fetch it's
subdirectories and the subdirectories of it's subdirectories in order to
show if the subdirectories have subdirectories.
The details of a directory show the full path, it's quota values and
the path they originate from and a list of all snapshots.
Fixes: https://tracker.ceph.com/issues/41575
Signed-off-by: Stephan Müller <smueller@suse.com>
Adds two tabs named 'Devices' on the host and OSD page. The host
respectively OSD needs to be selected before the tab will be shown next
to the other tabs below the table where the host or OSD has been
selected. It will display the graphical representation of `ceph device
ls`, filtered by the selected host or OSD.
Fixes: https://tracker.ceph.com/issues/39352
Signed-off-by: Patrick Seidensal <pseidensal@suse.com>
* refs/pull/30859/head:
auth: EACCES, not EPERM
mon: shunt old tell commands from cli interface to asok
mon: allow mgr to tell mon.foo smart
mon: include quorum features in quorum_status
qa/workunits/mon/caps.sh: fix test
ceph_test_rados_api_cmd: fix MonDescribe test
Merge branch 'vstart-fs-auth' of git://github.com/batrick/ceph into wip-cleanup-mon-asok
test/pybind/test_ceph_argparse: fix tests
vstart: add volume client keys to keyring
vstart: use fs authorize to create master client key
vstart: redirect some output to stderr
vstart: output command strings to stderr
qa/workunits/cephtool/test.sh: fix 'quorum enter' caller
qa: change mon_status calls to quorum_status or tell commands
mon: fix 'heap ...' command
mon: consolidate 'sync force' commands
mon: allow asok commands to return an error code
mon: move 'quorum enter|exit' and 'mon_status' to asok
mon: fix 'smart' asok command
mon: remove old 'config set' and 'injectargs'
Reviewed-by: Josh Durgin <jdurgin@redhat.com>
The consensus seems to be that PrioritizedQueue is strictly worse than
WeightedPriorityQueue.
mClockClientQueue and mClockClassQueue are superceded by
mClockScheduler.
Signed-off-by: Samuel Just <sjust@redhat.com>
After a dashboard module load we need to wait (10 secs)
for the module to be back again. Otherwise the module
might not be able to answer requests properly. It could
lead to issues in some cases, e.g.: 'Failed to establish
a new connection: [Errno 111] Connection refused'.
Signed-off-by: Tatjana Dehler <tdehler@suse.com>
After logging in with a separate testuser, especially a read-only
user, we need to reset the login to the admin user. This is important
in order to be able to continue with further tests. If not doing so
further tests might fail with the following error response:
{"status": "401 Unauthorized",
"detail": "You are not authorized to access that resource", ...}
Fixes: https://tracker.ceph.com/issues/42226,
https://tracker.ceph.com/issues/42227
Signed-off-by: Tatjana Dehler <tdehler@suse.com>
We need to check for the correct error codes.
Otherwise the integration tests are going to fail.
Fixes: https://tracker.ceph.com/issues/42222
Signed-off-by: Tatjana Dehler <tdehler@suse.com>
mgr/dashboard: Adapt test_mgr_module QA test to latest controller changes
Reviewed-by: Alfonso Martínez <almartin@redhat.com>
Reviewed-by: Laura Paduano <lpaduano@suse.com>
mgr/dashboard: fix error when linking a bucket to a tenanted user
Reviewed-by: Alfonso Martínez <almartin@redhat.com>
Reviewed-by: Volker Theile <vtheile@suse.com>
- Prefix bucket name with '/' when linking bucket to a tenanted user
- Add qa tests
Fixes: https://tracker.ceph.com/issues/41611
Signed-off-by: Kiefer Chang <kiefer.chang@suse.com>
The problem was that the CephFS details component was entirely responsible for
managing all other tabs besides it's own. Besides that many API requests
were triggered, which now has been reduced to just one request which is
fired inside the tabs component.
I added an endpoint which contains all adaptations that were done in the
frontend before. This limits the request size and increases the
performance (at least a bit).
Fixes: https://tracker.ceph.com/issues/41372
Signed-off-by: Stephan Müller <smueller@suse.com>
