Bug 2282092

Summary: When using rgw_dns_name config, the RGW dashboard section stops working.
Product: [Red Hat Storage] Red Hat Ceph Storage Reporter: daniel parkes <dparkes>
Component: Ceph-DashboardAssignee: Nizamudeen <nia>
Status: CLOSED ERRATA QA Contact: sohan singh <sohsingh>
Severity: medium Docs Contact: Anjana Suparna Sriram <asriram>
Priority: medium    
Version: 7.0CC: aasharma, ceph-eng-bugs, cephqe-warriors, mkasturi, tserlin
Target Milestone: ---   
Target Release: 8.1   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: ceph-19.2.1-111.el9cp Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2025-06-26 12:12:50 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description daniel parkes 2024-05-21 07:47:09 UTC 
Description of problem:

When I enable the rgw_dns_name config option, and I set for example:

client.rgw.default                             advanced  rgw_dns_name                                    s3.cephlabs.com

The RGW dashboard section times out:

Traceback (most recent call last):
  File "/usr/share/ceph/mgr/dashboard/rest_client.py", line 398, in do_request
    resp = self.send_request(method, url, request_headers, params, data)
  File "/usr/share/ceph/mgr/dashboard/rest_client.py", line 444, in send_request
    resp = self.session.get(
  File "/lib/python3.9/site-packages/requests/sessions.py", line 557, in get
    return self.request('GET', url, **kwargs)
  File "/usr/share/ceph/mgr/dashboard/rest_client.py", line 47, in request
    return super(TimeoutRequestsSession, self).request(*args, **kwargs)
  File "/lib/python3.9/site-packages/requests/sessions.py", line 544, in request
    resp = self.send(prep, **send_kwargs)
  File "/lib/python3.9/site-packages/requests/sessions.py", line 657, in send
    r = adapter.send(request, **kwargs)
  File "/lib/python3.9/site-packages/requests/adapters.py", line 504, in send
    raise ConnectTimeout(e, request=request)
requests.exceptions.ConnectTimeout: HTTPConnectionPool(host='s3.cephlabs.com', port=8000): Max retries exceeded with url: /admin/metadata/user?myself (Caused by ConnectTimeoutError(<urllib3.connection.HTTPConnection object at 0x7f99df22fe20>, 'Connection to s3.cephlabs.com timed out. (connect timeout=45)'))

It's related to the introduction of a change where rgw_dns_name if set is used as the address for the gateway:

https://github.com/ceph/ceph/blob/main/src/pybind/mgr/dashboard/services/rgw_client.py#L97


The rgw_dns_name parameter can be a list of domains to which you want the RGW to respond for virtual bucket access and does not represent the IP of an RGW; it would normally be the IP of a load balancer that may not be accessible from the Dashboard.



Version-Release number of selected component (if applicable):


How reproducible:


Steps to Reproduce:
1.
2.
3.

Actual results:


Expected results:


Additional info:
Comment 1 RHEL Program Management 2024-05-21 07:47:17 UTC 
Please specify the severity of this bug. Severity is defined here:
https://bugzilla.redhat.com/page.cgi?id=fields.html#bug_severity.
Comment 7 sohan singh 2025-05-28 05:19:56 UTC 
(venv) [root@ceph-pri-sohan-tfa-av5rsw-node5 cephuser]# vi /etc/hosts
10.0.65.161 s3.cephlabs.com

(venv) [root@ceph-pri-sohan-tfa-av5rsw-node5 cephuser]# ceph config set client.rgw.shared.pri rgw_dns_name s3.cephlabs.com


client.rgw.shared.pri                                               advanced  rgw_dns_name                                    s3.cephlabs.com  


(venv) [root@ceph-pri-sohan-tfa-av5rsw-node5 cephuser]# s3cmd --configure -config=dns.s3cfg

New settings:
  Access Key: admin
  Secret Key: admin
  Default Region: US
  S3 Endpoint: s3.cephlabs.com
  DNS-style bucket+hostname:port template for accessing a bucket: s3.cephlabs.com
  Encryption password:
  Path to GPG program: /usr/bin/gpg
  Use HTTPS protocol: False
  HTTP Proxy server name:
  HTTP Proxy server port: 0

Test access with supplied credentials? [Y/n] y
Please wait, attempting to list all buckets...
Success. Your access key and secret key worked fine :-)
     

(venv) [root@ceph-pri-sohan-tfa-av5rsw-node5 cephuser]# s3cmd ls --config=dns.s3cfg
2025-05-28 04:34  s3://testsohan
(venv) [root@ceph-pri-sohan-tfa-av5rsw-node5 cephuser]# s3cmd mb s3://testuser --config=dns.s3cfg
Bucket 's3://testuser/' created
(venv) [root@ceph-pri-sohan-tfa-av5rsw-node5 cephuser]# s3cmd ls --config=dns.s3cfg
2025-05-28 04:34  s3://testsohan
2025-05-28 04:52  s3://testuser
(venv) [root@ceph-pri-sohan-tfa-av5rsw-node5 cephuser]#       


(venv) [root@ceph-pri-sohan-tfa-av5rsw-node5 cephuser]# curl http://s3.cephlabs.com
<?xml version="1.0" encoding="UTF-8"?><ListAllMyBucketsResult xmlns="http://s3.amazonaws.com/doc/2006-03-01/"><Owner><ID>anonymous</ID></Owner><Buckets></Buckets></ListAllMyBucketsResult>


Verified on CEPH VERSION : ceph version 19.2.0-136.el9cp (a4749f068c8a247ab004e5767e7898546ff0ebf7) squid (stable)
Comment 8 errata-xmlrpc 2025-06-26 12:12:50 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (Important: Red Hat Ceph Storage 8.1 security, bug fix, and enhancement updates), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2025:9775