Description of problem: Customer needs ssl between node-exporter, mgr module and Prometheus. Version-Release number of selected component (if applicable): RHCS 5.x Additional info: As we do not have such capability, we would like to have this in future RHCS 5.x releases
Rook part: ========== I am currently working in bringing the complete monitoring stack we are using in baremetal installations to the k8s world: https://github.com/rook/rook/issues/6519 Prometheus and Alert manager: Deployed using the Prometheus operator (still in Beta) and both of them support TLS. https://github.com/prometheus-operator/prometheus-operator Node exporter Deployed as a daemonset in k8s using the Node exporter built-in TLS feature Grafana: Deployed using grafana operator but using the Grafana built-in TLS feature https://github.com/grafana-operator/grafana-operator Prometheus manager module: As Ernesto has pointed .. needed to implement the TLS support.
*** Bug 2028338 has been marked as a duplicate of this bug. ***
The following PR (Under review on Upstream) introduces several security enhancements related to monitoring: https://github.com/ceph/ceph/pull/46601