From: Redouane Kachach Date: Fri, 21 Mar 2025 12:13:56 +0000 (+0100) Subject: mgr/cephadm: making mgmt-gateway an oauth2-proxy dependency X-Git-Tag: testing/wip-vshankar-testing-20250407.170244-debug~74^2 X-Git-Url: http://git.apps.os.sepia.ceph.com/?a=commitdiff_plain;h=29f0b8d7c0c97e8091bb9d9e51bf11fe6c044191;p=ceph-ci.git mgr/cephadm: making mgmt-gateway an oauth2-proxy dependency This change enables better automation, especially for complex setups like high-availability configurations. Previously, users had to manually deploy the mgmt-gateway before the oauth-proxy; if this sequence wasn't followed, cephadm would raise an error. https://tracker.ceph.com/issues/70603 Signed-off-by: Redouane Kachach --- diff --git a/src/pybind/mgr/cephadm/module.py b/src/pybind/mgr/cephadm/module.py index ef9a43571b8..49355de53ac 100644 --- a/src/pybind/mgr/cephadm/module.py +++ b/src/pybind/mgr/cephadm/module.py @@ -3649,11 +3649,6 @@ Then run the following: host_count = len(self.inventory.keys()) max_count = self.max_count_per_host - if spec.service_type == 'oauth2-proxy': - mgmt_gw_daemons = self.cache.get_daemons_by_service('mgmt-gateway') - if not mgmt_gw_daemons: - raise OrchestratorError("The 'oauth2-proxy' service depends on the 'mgmt-gateway' service, but it is not configured.") - if spec.service_type == 'nvmeof': nvmeof_spec = cast(NvmeofServiceSpec, spec) assert nvmeof_spec.pool is not None, "Pool cannot be None for nvmeof services" diff --git a/src/pybind/mgr/cephadm/services/oauth2_proxy.py b/src/pybind/mgr/cephadm/services/oauth2_proxy.py index bcf97968d90..fdac1b30f89 100644 --- a/src/pybind/mgr/cephadm/services/oauth2_proxy.py +++ b/src/pybind/mgr/cephadm/services/oauth2_proxy.py @@ -1,12 +1,15 @@ import logging -from typing import List, Any, Tuple, Dict, cast, Optional +from typing import List, Any, Tuple, Dict, cast, Optional, TYPE_CHECKING from copy import copy from orchestrator import DaemonDescription -from ceph.deployment.service_spec import OAuth2ProxySpec, MgmtGatewaySpec +from ceph.deployment.service_spec import OAuth2ProxySpec, MgmtGatewaySpec, ServiceSpec from cephadm.services.cephadmservice import CephadmService, CephadmDaemonDeploySpec from .service_registry import register_cephadm_service +if TYPE_CHECKING: + from ..module import CephadmOrchestrator + logger = logging.getLogger(__name__) @@ -20,11 +23,24 @@ class OAuth2ProxyService(CephadmService): daemon_spec.final_config, daemon_spec.deps = self.generate_config(daemon_spec) return daemon_spec + @classmethod + def get_dependencies(cls, mgr: "CephadmOrchestrator", + spec: Optional[ServiceSpec] = None, + daemon_type: Optional[str] = None) -> List[str]: + # adding dependency as redirect_url calculation depends on the mgmt-gateway + deps = [ + f'{d.name()}:{d.ports[0]}' if d.ports else d.name() + for service in ['mgmt-gateway'] + for d in mgr.cache.get_daemons_by_service(service) + ] + return deps + def get_service_ips_and_hosts(self, service_name: str) -> List[str]: entries = set() - mgmt_gw_spec = cast(MgmtGatewaySpec, self.mgr.spec_store['mgmt-gateway'].spec) - if mgmt_gw_spec.virtual_ip is not None: - entries.add(mgmt_gw_spec.virtual_ip) + if 'mgmt-gateway' in self.mgr.spec_store: + mgmt_gw_spec = cast(MgmtGatewaySpec, self.mgr.spec_store['mgmt-gateway'].spec) + if mgmt_gw_spec.virtual_ip is not None: + entries.add(mgmt_gw_spec.virtual_ip) for dd in self.mgr.cache.get_daemons_by_service(service_name): assert dd.hostname is not None addr = dd.ip if dd.ip else self.mgr.inventory.get_addr(dd.hostname) @@ -86,7 +102,7 @@ class OAuth2ProxyService(CephadmService): } } - return daemon_config, [] + return daemon_config, sorted(OAuth2ProxyService.get_dependencies(self.mgr)) def post_remove(self, daemon: DaemonDescription, is_failed_deploy: bool) -> None: """