try:
get_cert_issuer_info(cert)
verify_tls(cert, key)
- self.mgr.remove_health_warning('GRAFANA_CERT_ERROR')
+ self.mgr.remove_health_warning('CEPHADM_CERT_ERROR')
except ServerConfigException as e:
err_msg = f"""
Detected invalid grafana certificates. Please, use the following commands:
"""
self.log.error(f'Detected invalid grafana certificate on host {d.hostname}: {e}')
- self.mgr.set_health_warning('GRAFANA_CERT_ERROR',
+ self.mgr.set_health_warning('CEPHADM_CERT_ERROR',
f'Invalid grafana certificate on host {d.hostname}: {e}',
1, [err_msg])
break
grafana_data_sources = self.mgr.template.render(
'services/grafana/ceph-dashboard.yml.j2', {'hosts': prom_services, 'loki_host': loki_host})
- cert_path = f'{daemon_spec.host}/grafana_crt'
- key_path = f'{daemon_spec.host}/grafana_key'
- cert = self.mgr.get_store(cert_path)
- pkey = self.mgr.get_store(key_path)
- if cert and pkey:
- try:
- verify_tls(cert, pkey)
- except ServerConfigException as e:
- logger.warning('Provided grafana TLS certificates invalid: %s', str(e))
- cert, pkey = None, None
- if not (cert and pkey):
- cert, pkey = create_self_signed_cert('Ceph', daemon_spec.host)
- self.mgr.set_store(cert_path, cert)
- self.mgr.set_store(key_path, pkey)
- if 'dashboard' in self.mgr.get('mgr_map')['modules']:
- self.mgr.check_mon_command({
- 'prefix': 'dashboard set-grafana-api-ssl-verify',
- 'value': 'false',
- })
-
- spec: GrafanaSpec = cast(
- GrafanaSpec, self.mgr.spec_store.active_specs[daemon_spec.service_name])
+ spec: GrafanaSpec = cast(GrafanaSpec, self.mgr.spec_store.active_specs[daemon_spec.service_name])
grafana_ini = self.mgr.template.render(
'services/grafana/grafana.ini.j2', {
'initial_admin_password': spec.initial_admin_password,
if is_valid_certificate:
# let's clear health error just in case it was set
- self.mgr.remove_health_warning('GRAFANA_CERT_ERROR')
+ self.mgr.remove_health_warning('CEPHADM_CERT_ERROR')
return cert, pkey
# certificate is not valid, to avoid overwriting user generated
'prefix': 'dashboard set-grafana-api-ssl-verify',
'value': 'false',
})
- self.mgr.remove_health_warning('GRAFANA_CERT_ERROR') # clear if any
+ self.mgr.remove_health_warning('CEPHADM_CERT_ERROR') # clear if any
else:
# the certificate was not generated by cephadm, we cannot overwrite
# it by new self-signed ones. Let's warn the user to fix the issue
> ceph orch daemon reconfig <grafana-daemon>
"""
- self.mgr.set_health_warning('GRAFANA_CERT_ERROR', 'Invalid grafana certificate: ', 1, [err_msg])
+ self.mgr.set_health_warning('CEPHADM_CERT_ERROR', 'Invalid grafana certificate: ', 1, [err_msg])
return cert, pkey
projects / ceph.git / commitdiff