Currently dashboard provides a Ceph command to specify location or
contents of SAML2 IdP XML (`idp_metadata` argument). This loose
interface is implemented by trying to:
- First, opens HTTPS connection to whatever that argument contains (it
might be a proper remote URL, a local file or XML contents).
- Then, tries to open the local file
- Finally, assumes the input argument is an XML and proceeds to parse
it.
However, as the XML can have an undefined length, when fed as a filename
it results in FreeBSD raising a OSError exception (`Max filename length
exceeded`, 1K). This essentially means that this handling results in
unexpected behaviour, as it pushes the validation & error handling to
the underlying methods.
In this fix, some preliminary validation is performed. Especifically:
- Is the input argument a potential filename?
- Is the input argument complying with URL syntax?
Only if the above checks fail, the input argument is fed into the XML
parser.
Additionally, previous syntax is deprecated, so now, `idp_metadata`
enforces 2 syntaxes:
- Raw XML contents
- URL specification (http, https, and file schemas accepted). For local
file, URL 'file://<path>' should be used instead.
Fixes: https://tracker.ceph.com/issues/41358
Signed-off-by: Ernesto Puerta <epuertat@redhat.com>
* refs/pull/29337/head:
mon: enable telemetry module by default
mgr/telemetry: force re-opt-in if the report contents change
mgr/telemetry: less noise in the log
mgr/telemetry: wake up serve on config change
mgr/telemetry: track telemetry report revisions
Reviewed-by: Neha Ojha <nojha@redhat.com>
We already have a robust set of opt-in and opt-out procedures; no need to
require the user to enable the module.
Signed-off-by: Sage Weil <sage@redhat.com>
* refs/pull/29334/head:
qa/tasks/mgr/dashboard/test_mgr_module: adjust expected schema
mgr/telemetry: separate out cluster config vs running daemons
mgr/telemetry: include any config options that are customized
Reviewed-by: Ernesto Puerta <epuertat@redhat.com>
Reviewed-by: Dan Mick <dmick@redhat.com>
Split *_stateless_service, because every orchestrator
did some method dispatching internally anyway.
Also: Added test
Signed-off-by: Sebastian Wagner <sebastian.wagner@suse.com>
python-common: Python common package
Reviewed-by: Juan Miguel Olmo Martínez <jolmomar@redhat.com>
Reviewed-by: Kefu Chai <kchai@redhat.com>
Reviewed-by: Ricardo Dias <rdias@suse.com>
Reviewed-by: Tim Serong <tserong@suse.com>
* refs/pull/28847/head:
doc/mgr/telemetry: update
mgr/telemetry: move contact info to an 'ident' channel
mgr/telemetry: accept channel list to 'telemetry show'
mgr/telemetry: always generate new report for 'telemetry show'
mgr/telemetry: add 'device' channel and call out to devicehealth module
mgr/telemetry: add telemetry channel 'device'
mgr/telemetry: add separate channels
Reviewed-by: Dan Mick <dmick@redhat.com>
* refs/pull/29034/head:
doc/mgr/crash: document missing commands, options
qa/suites/rados/singleton/all/test-crash: whitelist RECENT_CRASH
qa/suites/rados/mgr/tasks/insights: whitelist RECENT_CRASH
qa/tasks/mgr/test_insights: crash module now rejects bad crash reports
mgr/telemetry: fix remote into crash do_ls()
mgr/crash: don't make these methods static
mgr/BaseMgrModule: handle unicode health detail strings
mgr/crash: verify timestamp is valid
qa/suites/mgr: whitelist RECENT_CRASH
mgr/crash: remove unused var
mgr/crash: remove unused import 'six'
qa/workunits/rados/test_crash: health check
mgr/crash: improve validation on post
mgr/crash: automatically prune old crashes after a year
mgr/crash: raise RECENT_CRASH warning for recent (new) crashes
mgr/crash: add 'crash ls-new'
mgr/crash: add option and serve infra
mgr/crash: keep copy of crashes in memory
mgr/pg_autoscaler: adjust style to match built-in tables
mgr/crash: make 'crash ls' a nice table with a NEW column
mgr/crash: nicely format 'crash info' output
mgr/crash: add 'crash archive <id>', 'crash archive-all' commands
Reviewed-by: Neha Ojha <nojha@redhat.com>
1. Disable redirection on standby managers. A HTTP error (500) will be returned instead of a redirection.
$ ceph config set mgr mgr/dashboard/standby_behaviour "error"
2. Configure the HTTP error status code.
$ ceph config set mgr mgr/dashboard/standby_error_status_code 503
Signed-off-by: Volker Theile <vtheile@suse.com>
Introduced in 4872cc5aa3
`_ceph_set_module_option` also accepts `None`, not just strings.
Fixes: http://tracker.ceph.com/issues/40779
Signed-off-by: Sebastian Wagner <sebastian.wagner@suse.com>
Now you can silence alerts through the dashboard. You can now create,
recreate, edit and expire a silence. You can create a silence based on a
selected alert.
The silence form will help you create a silence that silences an alert.
It is provided with functionality to check if the silences, that
you are about to create, will or will not match an active alert or even
a rule.
It also provides help choosing the right values for the right chosen
matcher attribute name, through the use of type ahead values.
The dashboard will now use the Prometheus and the Alertmanager API
Fixes: https://tracker.ceph.com/issues/36722
Signed-off-by: Stephan Müller <smueller@suse.com>
* refs/pull/26547/head:
Added validation of zabbix_host to support hostnames, IPv4 and IPv6.
mgr/zabbix: Documentation added.
mgr/zabbix: Adds possibility to send data to multiple zabbix servers.
Reviewed-by: Wido den Hollander <wido@42on.com>
- Changes needed to allow Ansible Orchestrator to use the new authentication strategy used in Ansible Runner Service
- Changes to propagate Ansible playbook errors to the completion result
Addressed changes suggested by the team
- Certificate and key are stored now in the mon KV store
- Option server_url is now server_location
- Using manager Options to have a better mgmt of MODULE_OPTIONS
- Added verbosity to status command to show problems connecting with external orchestrator
- lint problems fixed
Addressed changes suggested by @sebastian-philipp
- Improved messages and documentation
Fix error in documentation
- Fix error in ansible documentation
- Added examples in orchestrator-cli documentation
Signed-off-by: Juan Miguel Olmo Martínez <jolmomar@redhat.com>
Now, progress events are part of `WriteCompletion` istead of part of the orchestrator module.
It does not yet provide a way to just show orchestrator events.
Also fixes issue in the SSH orchestrator
Signed-off-by: Sebastian Wagner <sebastian.wagner@suse.com>
Added paragraph that explains how standby dashboard instances perform
HTTP redirections to the currently active ceph-mgr node.
Added note about current limitations (see Bug#24662 for details).
Signed-off-by: Lenz Grimmer <lgrimmer@suse.com>
As discussed in BUG#39252, the dashboard currently does not
support all possible RGW configuration possibilities when trying
to obtain hostname and port number. Update the docs to better
reflect this.
Signed-off-by: Lenz Grimmer <lgrimmer@suse.com>
Added note about the requirement for the latest ceph-iscsi version
3 to the dashboard documentation. Added some doc references
and replaced some URLs in the iSCSI docs with reST labels instead.
Signed-off-by: Lenz Grimmer <lgrimmer@suse.com>
mgr/dashboard: Add separate option to config SSL port
Reviewed-by: Ernesto Puerta <epuertat@redhat.com>
Reviewed-by: Sebastian Wagner <swagner@suse.com>
Reviewed-by: Tatjana Dehler <tdehler@suse.com>
mgr/orchestrator: Add error handling to interface
Reviewed-by: Jeff Layton <jlayton@redhat.com>
Reviewed-by: Juan Miguel Olmo Martínez <jolmomar@redhat.com>
Reviewed-by: Tim Serong <tserong@suse.com>
