Description of problem: When the dashboard is deployed using cephadm, a monitoring stack (node_exporter, prometheus, alertmanager, grafana) can be applied to the cluster, resulting in multiple components deployed according the provided spec definition. However, even though we're able to push a specific json config through cephadm, we need to be able to specify the ip address on the network the component belongs to, or the daemon will bind on *::<port>, which is a problem from a security point of view, preventing them to be deployed in the OpenStack context (both in standalone and HA config). The Ceph Dashboard component already provides (via the mgr) a way to support multiple instances on different ip addresses [1], but this is not true for the other monitoring stack components. This represents a gap compared to ceph-ansible [2][3][4]. [1] https://docs.ceph.com/en/latest/mgr/dashboard/#host-name-and-port [2] https://github.com/ceph/ceph-ansible/blob/master/roles/ceph-grafana/templates/grafana.ini.j2#L24 [3] https://github.com/ceph/ceph-ansible/blob/master/roles/ceph-prometheus/templates/prometheus.yml.j2 [4] https://github.com/ceph/ceph-ansible/blob/master/roles/ceph-prometheus/templates/alertmanager.yml.j2 Version-Release number of selected component (if applicable): How reproducible: Steps to Reproduce: 1. 2. 3. Actual results: Expected results: Additional info:
*** Bug 1792902 has been marked as a duplicate of this bug. ***
5.1 as discussed with Francesco
*** Bug 1927716 has been marked as a duplicate of this bug. ***
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (Moderate: Red Hat Ceph Storage 5.1 Security, Enhancement, and Bug Fix update), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHSA-2022:1174