imgr/cephadm/nvmeof: Add "force TLS" flag to NVMeOF spec file.

author Gil Bregman <gbregman@il.ibm.com>

Thu, 17 Jul 2025 11:29:34 +0000 (14:29 +0300)

committer Adam King <adking@redhat.com>

Mon, 28 Jul 2025 17:13:01 +0000 (13:13 -0400)
author Gil Bregman <gbregman@il.ibm.com>
Thu, 17 Jul 2025 11:29:34 +0000 (14:29 +0300)
committer Adam King <adking@redhat.com>
Mon, 28 Jul 2025 17:13:01 +0000 (13:13 -0400)
diff --git a/src/pybind/mgr/cephadm/templates/services/nvmeof/ceph-nvmeof.conf.j2 b/src/pybind/mgr/cephadm/templates/services/nvmeof/ceph-nvmeof.conf.j2

index 5e2857623b9247c1b49a9d58c0c016892750b67b..b2709c8687ff0e64ce7928572c67152308ce2c1c 100644 (file)
--- a/src/pybind/mgr/cephadm/templates/services/nvmeof/ceph-nvmeof.conf.j2
+++ b/src/pybind/mgr/cephadm/templates/services/nvmeof/ceph-nvmeof.conf.j2
@@ -44,6 +44,7 @@ max_namespaces = {{ spec.max_namespaces }}
  max_namespaces_per_subsystem = {{ spec.max_namespaces_per_subsystem }}
  max_hosts_per_subsystem = {{ spec.max_hosts_per_subsystem }}
  subsystem_cache_expiration = {{ spec.subsystem_cache_expiration }}
+force_tls = {{ spec.force_tls }}
  
  [gateway-logs]
  log_level = {{ spec.log_level }}
diff --git a/src/pybind/mgr/cephadm/tests/test_services.py b/src/pybind/mgr/cephadm/tests/test_services.py

index bf1bc5d7bd2ff2dee4a1532e81264a7218e7e07c..02c7c91f3bad62c87afadf33690469bfc79d92cf 100644 (file)
--- a/src/pybind/mgr/cephadm/tests/test_services.py
+++ b/src/pybind/mgr/cephadm/tests/test_services.py
@@ -393,6 +393,7 @@ max_namespaces = 2048
  max_namespaces_per_subsystem = 256
  max_hosts_per_subsystem = 128
  subsystem_cache_expiration = 5
+force_tls = False
  
  [gateway-logs]
  log_level = INFO
diff --git a/src/python-common/ceph/deployment/service_spec.py b/src/python-common/ceph/deployment/service_spec.py

index ec401c7e8d83523256fc6a5f20a1ee5ee8bc599e..59cfbfa414cf14c83169feccaaf715fcb4dee9fa 100644 (file)
--- a/src/python-common/ceph/deployment/service_spec.py
+++ b/src/python-common/ceph/deployment/service_spec.py
@@ -1413,6 +1413,7 @@ class NvmeofServiceSpec(ServiceSpec):
                   max_namespaces_per_subsystem: Optional[int] = 256,
                   max_hosts_per_subsystem: Optional[int] = 128,
                   subsystem_cache_expiration: Optional[int] = 5,
+                 force_tls: Optional[bool] = False,
                   server_key: Optional[str] = None,
                   server_cert: Optional[str] = None,
                   client_key: Optional[str] = None,
@@ -1548,6 +1549,8 @@ class NvmeofServiceSpec(ServiceSpec):
          self.max_hosts_per_subsystem = max_hosts_per_subsystem
          #: ``subsystem_cache_expiration`` number of seconds before subsystems cache expires
          self.subsystem_cache_expiration = subsystem_cache_expiration
+        #: ``force_tls`` force using TLS when adding hosts and listeners
+        self.force_tls = force_tls
          #: ``allowed_consecutive_spdk_ping_failures`` # of ping failures before aborting gateway
          self.allowed_consecutive_spdk_ping_failures = allowed_consecutive_spdk_ping_failures
          #: ``spdk_ping_interval_in_seconds`` sleep interval in seconds between SPDK pings
@@ -1754,6 +1757,7 @@ class NvmeofServiceSpec(ServiceSpec):
          verify_positive_int(self.max_hosts_per_subsystem, "Max hosts per subsystem")
          verify_non_negative_number(self.subsystem_cache_expiration,
                                     "Subsystem cache expiration period")
+        verify_boolean(self.force_tls, "Force TLS")
          verify_non_negative_number(self.monitor_timeout, "Monitor timeout")
          verify_non_negative_int(self.port, "Port")
          verify_non_negative_int(self.discovery_port, "Discovery port")
author	Gil Bregman <gbregman@il.ibm.com>
	Thu, 17 Jul 2025 11:29:34 +0000 (14:29 +0300)
committer	Adam King <adking@redhat.com>
	Mon, 28 Jul 2025 17:13:01 +0000 (13:13 -0400)
src/pybind/mgr/cephadm/templates/services/nvmeof/ceph-nvmeof.conf.j2		patch \| blob \| history
src/pybind/mgr/cephadm/tests/test_services.py		patch \| blob \| history
src/python-common/ceph/deployment/service_spec.py		patch \| blob \| history