]> git-server-git.apps.pok.os.sepia.ceph.com Git - ceph.git/commit
projects / ceph.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 83a82c5) | patch
mgr/cephadm: refactor oauth2-proxy certs and cookie-secret handling
authorRedouane Kachach <rkachach@ibm.com>
Tue, 11 Mar 2025 09:15:21 +0000 (10:15 +0100)
committerRedouane Kachach <rkachach@ibm.com>
Wed, 19 Mar 2025 14:53:22 +0000 (15:53 +0100)
commit84edffdc96e93bcdf6d45047d104832f5c8cc81d
tree3cb9649416f13fd4ef73c842a43bb9aafb40b5d7tree | snapshot
parent83a82c51682caafaea5cd9ccf8e77b7250448c81commit | diff
mgr/cephadm: refactor oauth2-proxy certs and cookie-secret handling

Moved the cookie-secret calculation to the spec level, allowing
all oauth2-poxy instances to share the same secret for high
availability. This change enables effective load balancing across
instances and ensures smooth failover in case of failures. In addition
mgmt-gateway virtual_ip is now included in the allowed_domain list
to enable HA senarios.

https://tracker.ceph.com/issues/70391

Signed-off-by: Redouane Kachach <rkachach@ibm.com>
src/pybind/mgr/cephadm/services/oauth2_proxy.py diff | blob | history
src/pybind/mgr/cephadm/tests/test_services.py diff | blob | history
src/python-common/ceph/deployment/service_spec.py diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.