[ceph-users] Re: Ceph Orchestrator error

Tue, 10 Jun 2025 05:33:50 -0700

Yes, certificate creation/generation has to be done manually (or however you request certs), and then you can specify them in your rgw spec file to deploy them to the daemons. 

Zitat von Iztok Gregori <iztok.greg...@elettra.eu>:


Thanks!

I suspected something similar, but you save me some time in  
searching trough the source code.



I assume that the "workaround" for Squid is to deploy manually the  
certifcates, right?


Cheers
Iztok


On 10/06/25 12:31, Eugen Block wrote:

I assume it's a mistake in the docs. Comparing the branches for  
20.0.0 [0] and 19.2.2 [1] reveals that the generate_cert parameter  
is not present in Squid but will be in Tentacle.



[0]  
https://github.com/ceph/ceph/blob/v20.0.0/src/python-common/ceph/deployment/service_spec.py#L1235
[1]  
https://github.com/ceph/ceph/blob/v19.2.2/src/python-common/ceph/deployment/service_spec.py



Zitat von Iztok Gregori <iztok.greg...@elettra.eu>:


Hi to all!


I'm trying to setup a RGW service on my cluster and I want that  
the SSL certificates are create automatically, so I wrote the  
following spec file:


# rgw.yaml
service_type: rgw
service_id: rgw.foo
placement:
    label: rgw
    count_per_host: 1
networks:
    - 172.16.10.0/24
spec:
    rgw_realm: 'foo'
    rgw_zone: 'fool'
    rgw_zonegroup: 'fool_group'
    ssl: true
    generate_cert: true
    rgw_frontend_port: 4443
    wildcard_enabled: true
    zonegroup_hostnames:
        - "fool.foo.com"
extra_container_args:
    - "--stop-timeout=120"
config:
    rgw_exit_timeout_secs: "120"
    rgw_graceful_stop: true

When I apply it gives me the following error:

# ceph orch apply -i rgw.yaml

Error EINVAL: ServiceSpec: __init__() got an unexpected keyword  
argument 'generate_cert'


Am I missing something obvious regarding the "generate_cert" part?

The cluster is a fresh install of Squid (19.2.2).

Any help is appreciated!

Regards
Iztok

--
Iztok Gregori
ICT Systems and Services
Elettra - Sincrotrone Trieste S.C.p.A.
Telephone: +39 040 3758948
http://www.elettra.eu
_______________________________________________
ceph-users mailing list -- ceph-users@ceph.io
To unsubscribe send an email to ceph-users-le...@ceph.io



_______________________________________________
ceph-users mailing list -- ceph-users@ceph.io
To unsubscribe send an email to ceph-users-le...@ceph.io

_______________________________________________
ceph-users mailing list -- ceph-users@ceph.io
To unsubscribe send an email to ceph-users-le...@ceph.io



_______________________________________________
ceph-users mailing list -- ceph-users@ceph.io
To unsubscribe send an email to ceph-users-le...@ceph.io






















					Reply via email to