-
Notifications
You must be signed in to change notification settings - Fork 2.7k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
ceph mgr randomly has dashboard ssl enabled when ssl: false
in helm cephClusterSpec
#11064
Comments
Have also seen this scenario when installing the cluster and operator manifest |
There seems to be a race condition for the operator to configure the dashboard ssl setting. In a test cluster, I see the operator configured the ssl here:
In the mgr log, the following is observed. Notice the ssl is first using the default of
When the dashboard is configured, the module is first enabled, then the operator sets the properties as seen in configureDashboardModuleSettings(). If there is any change to the defaults, the dashboard then will be restarted at the end. In my test cluster I do see the dashboard was restarted a few seconds after the initial start, which then caused the dashboard to be reloaded as expected.
@jhoblitt @edwardchenchen A couple questions:
|
This issue has been automatically marked as stale because it has not had recent activity. It will be closed in a week if no further activity occurs. Thank you for your contributions. |
This issue has been automatically closed due to inactivity. Please re-open if this still requires investigation. |
Deviation from expected behavior:
I have created test ceph clusters multiple times per day, most business days, for the last couple of weeks. All cephcluster have been created with
rook-ceph-cluster
chart1.10.1
using the same chart values, which contain:The mgr pods and svc are reliably configured to expose port 7000. E.g.
However, twice now I have observed the mgr pod has been started without ssl being disabled. From the mgr pod logs:
I would guesstimate it is happening around 1 out of 10 cephcluster creations.
AND, extremely strangely, the
CephCluster
doesn't list thessl: false
key. E.g.:I have confirmed the CRD does have the
ssl
key defined on the k8s cluster. E.g.:Clearly, something is going wrong with helm either eating the key or the operator is editing the
cephCluster
to remove it. Both possibilities seem rather extraordinary.Expected behavior:
The mgr is consistently setup with ssl disabled.
How to reproduce it (minimal and precise):
Create and delete cephcluster repeatedly (probably > 10 times) and eventually it will happen.
File(s) to submit:
cluster.yaml
, if necessaryThe text was updated successfully, but these errors were encountered: