mgr/cephadm: mgmt-gateway bind to virtual_ip

author Malik Mann <github@dermm.io>

Mon, 4 May 2026 09:28:33 +0000 (11:28 +0200)

committer Malik Mann <github@dermm.io>

Mon, 4 May 2026 09:28:33 +0000 (11:28 +0200)
author Malik Mann <github@dermm.io>
Mon, 4 May 2026 09:28:33 +0000 (11:28 +0200)
committer Malik Mann <github@dermm.io>
Mon, 4 May 2026 09:28:33 +0000 (11:28 +0200)
diff --git a/src/pybind/mgr/cephadm/templates/services/mgmt-gateway/external_server.conf.j2 b/src/pybind/mgr/cephadm/templates/services/mgmt-gateway/external_server.conf.j2

index 3db1a1142b35d9adc10d2c00351d7ca3e298a834..5030110aac1690410da07dd93fe40cf412800b7d 100644 (file)
--- a/src/pybind/mgr/cephadm/templates/services/mgmt-gateway/external_server.conf.j2
+++ b/src/pybind/mgr/cephadm/templates/services/mgmt-gateway/external_server.conf.j2
@@ -3,8 +3,12 @@ server {
  {% if not spec.ssl %}
      listen {{ spec.port or 80 }};
  {% else %}
-    listen                    {{ spec.port or 443 }} ssl;
+    {% if spec.virtual_ip %}
+    listen                    {{ spec.virtual_ip }}:{{ spec.port or 443 }} ssl;
+    {% else %}
+    listen                    0.0.0.0:{{ spec.port or 443 }} ssl;
      listen                    [::]:{{ spec.port or 443 }} ssl;
+    {% endif %}
      ssl_certificate            /etc/nginx/ssl/nginx.crt;
      ssl_certificate_key /etc/nginx/ssl/nginx.key;
      {% if spec.ssl_protocols %}
diff --git a/src/pybind/mgr/cephadm/tests/services/test_mgmt_gateway.py b/src/pybind/mgr/cephadm/tests/services/test_mgmt_gateway.py

index 63fdef636d6794915f9bd343593c0775f9f31227..5d7b4e5b55af23adb4849c0f5241b61c0de007d1 100644 (file)
--- a/src/pybind/mgr/cephadm/tests/services/test_mgmt_gateway.py
+++ b/src/pybind/mgr/cephadm/tests/services/test_mgmt_gateway.py
@@ -148,7 +148,7 @@ class TestMgmtGateway:
                                           }"""),
                      "nginx_external_server.conf": dedent("""
                                               server {
-                                                 listen                    5555 ssl;
+                                                 listen                    0.0.0.0:5555 ssl;
                                                   listen                    [::]:5555 ssl;
                                                   ssl_certificate            /etc/nginx/ssl/nginx.crt;
                                                   ssl_certificate_key /etc/nginx/ssl/nginx.key;
@@ -401,7 +401,7 @@ class TestMgmtGateway:
                                           }"""),
                      "nginx_external_server.conf": dedent("""
                                               server {
-                                                 listen                    5555 ssl;
+                                                 listen                    0.0.0.0:5555 ssl;
                                                   listen                    [::]:5555 ssl;
                                                   ssl_certificate            /etc/nginx/ssl/nginx.crt;
                                                   ssl_certificate_key /etc/nginx/ssl/nginx.key;
author	Malik Mann <github@dermm.io>
	Mon, 4 May 2026 09:28:33 +0000 (11:28 +0200)
committer	Malik Mann <github@dermm.io>
	Mon, 4 May 2026 09:28:33 +0000 (11:28 +0200)
src/pybind/mgr/cephadm/templates/services/mgmt-gateway/external_server.conf.j2		patch \| blob \| history
src/pybind/mgr/cephadm/tests/services/test_mgmt_gateway.py		patch \| blob \| history