Toggle between civetweb and beast frontends in Nautilus

One thing worth noting in this version of Ceph is the support brought forward for both frontends using SSL with ceph-ansible. Because this capability is new-ish using automation, I thought it would be good to have a reference for both configurations.

In addition, if using ceph-ansible, it doesn't yet copy/provision your SSL cert so that will need to be done manually by you prior to deployment. If you are deploying in containers, you'll want to ensure that your cert has the container_file_t security context. This is also a good reason to consider proper placement of your cert like the /etc/pki/ca-trust/extracted directory which gets bind mounted into the container by default.

Civetweb configuration

[client.rgw.$(hostname -s).rgw0]
# Civetweb
rgw frontends = civetweb port=443s \
  ssl_certificate=/etc/pki/ca-trust/extracted/cephtips.pem

Beast configuration

[client.rgw.$(hostname -s).rgw0]
# Beast
rgw frontends = beast ssl_endpoint=10.10.10.216:443 \
  ssl_certificate=/etc/pki/ca-trust/extracted/cephtips.pem

Comments