Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add support to make external cluster Json flags distributed #14183

Open
parth-gr opened this issue May 9, 2024 · 2 comments
Open

Add support to make external cluster Json flags distributed #14183

parth-gr opened this issue May 9, 2024 · 2 comments
Assignees
@iPraveenParihar
Labels
ceph-external Ceph in external cluster mode feature good-first-issue Simple issues that are good for getting started with Rook.

Comments

@parth-gr
Copy link
Member

parth-gr commented May 9, 2024
edited

Is this a bug report or feature request?

  • Feature Request

Currently all the secured and non-secured information is dumped at one place,

So if any nonsecured information is needed for debugging like endpoints details, which cant be made available through logs,
So segregate the secured and the non secured items in the JSON blob

Environment:
@parth-gr parth-gr added feature good-first-issue Simple issues that are good for getting started with Rook. ceph-external Ceph in external cluster mode labels May 9, 2024
@iPraveenParihar
Copy link
Contributor

Hey @parth-gr, after running the python script

[
  {
    "name": "rook-ceph-mon-endpoints",
    "kind": "ConfigMap",
    "data": {
      "data": "a=10.96.180.5:6789",
      "maxMonId": "0",
      "mapping": "{}"
    }
  },
  {
    "name": "rook-ceph-mon",
    "kind": "Secret",
    "data": {
      "admin-secret": "admin-secret",
      "fsid": "f52ee175-3f3a-4828-a6af-8d4962dbd9e0",
      "mon-secret": "mon-secret"
    }
  },
  {
    "name": "monitoring-endpoint",
    "kind": "CephCluster",
    "data": {
      "MonitoringEndpoint": "10.244.0.15",
      "MonitoringPort": "9283"
    }
  },
  ...
  {
    "name": "ceph-rbd",
    "kind": "StorageClass",
    "data": {
      "pool": "replicapool",
      "csi.storage.k8s.io/provisioner-secret-name": "rook-csi-rbd-provisioner",
      "csi.storage.k8s.io/controller-expand-secret-name": "rook-csi-rbd-provisioner",
      "csi.storage.k8s.io/node-stage-secret-name": "rook-csi-rbd-node"
    }
  },
  ...
]

so, segregate secured and non-secured flags in the JSON would be something like -

{
  "secured": [
    {
      "name": "rook-ceph-mon",
      "kind": "Secret",
      "data": {
        "admin-secret": "admin-secret",
        "fsid": "f52ee175-3f3a-4828-a6af-8d4962dbd9e0",
        "mon-secret": "mon-secret"
      }
    },
   ...
  ],
  "non-secured": [
    {
      "name": "rook-ceph-mon-endpoints",
      "kind": "ConfigMap",
      "data": {
        "data": "a=10.96.180.5:6789",
        "maxMonId": "0",
        "mapping": "{}"
      }
    },
    {
      "name": "monitoring-endpoint",
      "kind": "CephCluster",
      "data": {
        "MonitoringEndpoint": "10.244.0.15",
        "MonitoringPort": "9283"
      }
    },
    ...
  ]
}

and dump non-secured part to the logs?

@iPraveenParihar iPraveenParihar self-assigned this May 23, 2024
@parth-gr
Copy link
Member Author

IMO, Instead of deciding what all can be logged and is not-secured,

I think we can start from logging what all things are needed rn for debug and are non-secured.
So we can add debug logs first for logging them

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@iPraveenParihar iPraveenParihar

Labels
ceph-external Ceph in external cluster mode feature good-first-issue Simple issues that are good for getting started with Rook.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@iPraveenParihar @parth-gr