Run ``reconfig`` on the service to update its configuration:
+.. prompt:: bash #
+
+ ceph orch reconfig alertmanager
+
+Turn on Certificate Validation
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+If you are using certificates for alertmanager and want to make sure
+these certs are verified, you should set the "secure" option to
+true in your alertmanager spec (this defaults to false).
+
+.. code-block:: yaml
+
+ service_type: alertmanager
+ spec:
+ secure: true
+
+If you already had alertmanager daemons running before applying the spec
+you must reconfigure them to update their configuration
+
.. prompt:: bash #
ceph orch reconfig alertmanager
default_webhook_urls: List[str] = []
spec = cast(AlertManagerSpec, self.mgr.spec_store[daemon_spec.service_name].spec)
+ try:
+ secure = spec.secure
+ except AttributeError:
+ secure = False
user_data = spec.user_data
if 'default_webhook_urls' in user_data and isinstance(
user_data['default_webhook_urls'], list):
'dashboard_urls': dashboard_urls,
'default_webhook_urls': default_webhook_urls,
'snmp_gateway_urls': snmp_gateway_urls,
+ 'secure': secure,
}
yml = self.mgr.template.render('services/alertmanager/alertmanager.yml.j2', context)
global:
resolve_timeout: 5m
+{% if not secure %}
+ http_config:
+ tls_config:
+ insecure_skip_verify: true
+{% endif %}
route:
receiver: 'default'
global:
resolve_timeout: 5m
+ http_config:
+ tls_config:
+ insecure_skip_verify: true
route:
receiver: 'default'
config: Optional[Dict[str, str]] = None,
networks: Optional[List[str]] = None,
port: Optional[int] = None,
+ secure: bool = False,
extra_container_args: Optional[List[str]] = None,
):
assert service_type == 'alertmanager'
# added to the default receivers'
# <webhook_configs> configuration.
self.user_data = user_data or {}
+ self.secure = secure
def get_port_start(self) -> List[int]:
return [self.get_port(), 9094]
projects / ceph-ci.git / commitdiff