Bug 1684283

Summary: Ceph Containers SSL support - Daemons like RGW when using rgw-multisite causing an issue in communication and sync stuck
Product: [Red Hat Storage] Red Hat Ceph Storage Reporter: Vikhyat Umrao <vumrao>
Component: Ceph-AnsibleAssignee: Dimitri Savineau <dsavinea>
Status: CLOSED ERRATA QA Contact: Vasishta <vashastr>
Severity: high Docs Contact: Bara Ancincova <bancinco>
Priority: high    
Version: 3.2CC: anharris, aschoen, ceph-eng-bugs, ceph-qe-bugs, dsavinea, evelu, gabrioux, gmeno, mbenjamin, mhackett, nthomas, sankarshan, tchandra, tserlin, vashastr, vumrao
Target Milestone: z2   
Target Release: 3.2   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: RHEL: ceph-ansible-3.2.8-1.el7cp Ubuntu: ceph-ansible_3.2.8-2redhat1 Doc Type: Bug Fix
Doc Text:
.SSL works as expected with containerized Ceph Object Gateways Previously, the SSL configuration in containerized Ceph Object Gateways did not work because the Certificate Authority (CA) certificate was only added to the TLS bundle on the hypervisor and was not propagated to the Ceph Object Gateway container due to missing container bind mounts on the `/etc/pki/ca-trusted/` directory. This bug has been fixed, and SSL works as expected with containerized Ceph Object Gateways.
 Story Points: ---
Clone Of: Environment:
Last Closed: 2019-04-30 15:57:06 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 1629656    

Description Vikhyat Umrao 2019-02-28 21:37:35 UTC 
Description of problem:
Ceph Containers SSL support - Daemons like RGW when using rgw-multisite causing an issue in communication and sync stuck

For now, need to go with without SSL with port 80.

Version-Release number of selected component (if applicable):
RHCS 3.2

How reproducible:
Always at the customer site
Comment 4 Vikhyat Umrao 2019-02-28 21:53:21 UTC 
RGW Multi-site bug https://bugzilla.redhat.com/show_bug.cgi?id=1684289 to test SSL and RGW Multi-site support.
Comment 15 Dimitri Savineau 2019-04-23 18:47:46 UTC 
looks good to me
Comment 17 errata-xmlrpc 2019-04-30 15:57:06 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2019:0911