I have deployed a Ceph cluster using juju deploy and then have updated the entire cluster[1] to the ceph packages found in bionic-proposed (built against libssl1.0.0).
On the rgw node, I have setup a ssl certificate, and instruct civetweb in /etc/ceph/ceph.conf to use ssl[2].
radosgw is now running just fine[3][4] and civetweb LISTEN on port 443 as it should[5].
[1] Ceph cluster:
.......
Unit Workload Agent Machine Public address Ports Message
ceph-mon/0* active idle 0 10.5.0.4 Unit is ready and clustered
ceph-osd/0* active idle 1 10.5.0.5 Unit is ready (1 OSD)
ceph-osd/1 active idle 2 10.5.0.27 Unit is ready (1 OSD)
ceph-osd/2 active idle 3 10.5.0.6 Unit is ready (1 OSD)
ceph-rgw/0* active idle 4 10.5.0.18 80/tcp Unit is ready
......
[VERIFICATION BIONIC]
I have deployed a Ceph cluster using juju deploy and then have updated the entire cluster[1] to the ceph packages found in bionic-proposed (built against libssl1.0.0).
On the rgw node, I have setup a ssl certificate, and instruct civetweb in /etc/ceph/ceph.conf to use ssl[2].
radosgw is now running just fine[3][4] and civetweb LISTEN on port 443 as it should[5].
[1] Ceph cluster:
.......
Unit Workload Agent Machine Public address Ports Message
ceph-mon/0* active idle 0 10.5.0.4 Unit is ready and clustered
ceph-osd/0* active idle 1 10.5.0.5 Unit is ready (1 OSD)
ceph-osd/1 active idle 2 10.5.0.27 Unit is ready (1 OSD)
ceph-osd/2 active idle 3 10.5.0.6 Unit is ready (1 OSD)
ceph-rgw/0* active idle 4 10.5.0.18 80/tcp Unit is ready
......
[2] /etc/ceph/ceph.conf rgw.<HOSTNAME> ] =/etc/ssl/ server. pem
[client.
......
rgw_frontends = civetweb port=443s ssl_certificate
.......
[3] sudo systemctl status ceph-radosgw@ rgw.`hostname -s` system/ ceph-radosgw@ .service; indirect; vendor preset: enabled) slice/system- ceph\<email address hidden> rgw.juju- 521d82- default- 4 --setuser ceph --setgroup
● <email address hidden> - Ceph rados gateway
Loaded: loaded (/lib/systemd/
Active: active (running) since Wed 2019-05-01 19:51:55 UTC; 10min ago
Main PID: 4225 (radosgw)
Tasks: 580
CGroup: /system.
└─4225 /usr/bin/radosgw -f --cluster ceph --name client.
May 01 19:59:59 juju-521d82- default- 4 radosgw[4225]: 2019-05-01 19:59:59.208671 7f19095f0700 2 RGWDataChangesL og::Cha default- 4 radosgw[4225]: 2019-05-01 20:00:21.208946 7f19095f0700 2 RGWDataChangesL og::Cha default- 4 radosgw[4225]: 2019-05-01 20:00:43.209214 7f19095f0700 2 RGWDataChangesL og::Cha default- 4 radosgw[4225]: 2019-05-01 20:01:05.209332 7f19095f0700 2 RGWDataChangesL og::Cha default- 4 radosgw[4225]: 2019-05-01 20:01:27.209500 7f19095f0700 2 RGWDataChangesL og::Cha default- 4 radosgw[4225]: 2019-05-01 20:01:49.209716 7f19095f0700 2 RGWDataChangesL og::Cha default- 4 radosgw[4225]: 2019-05-01 20:01:56.129879 7f1907ded700 2 object expiration: sta default- 4 radosgw[4225]: 2019-05-01 20:02:11.209902 7f19095f0700 2 RGWDataChangesL og::Cha default- 4 radosgw[4225]: 2019-05-01 20:02:12.346598 7f1907ded700 2 object expiration: sto default- 4 radosgw[4225]: 2019-05-01 20:02:33.210102 7f19095f0700 2 RGWDataChangesL og::Cha
May 01 20:00:21 juju-521d82-
May 01 20:00:43 juju-521d82-
May 01 20:01:05 juju-521d82-
May 01 20:01:27 juju-521d82-
May 01 20:01:49 juju-521d82-
May 01 20:01:56 juju-521d82-
May 01 20:02:11 juju-521d82-
May 01 20:02:12 juju-521d82-
May 01 20:02:33 juju-521d82-
[4] logs default- 4 radosgw: 2019-05-01 19:51:56.115874 7f1924299000 0 starting handler: civetweb default- 4 radosgw: 2019-05-01 19:51:56.186842 7f1924299000 1 mgrc service_ daemon_ register rgw.juju- 521d82- default- 4 metadata {arch=x86_ 64,ceph_ version= ceph version 12.2.11 (26dc3775efc7bb 286a1d6d66faee0 ba30ea23eee) luminous (stable),cpu=Intel Xeon E312xx (Sandy Bridge, IBRS update) ,distro= ubuntu, distro_ description= Ubuntu 18.04.2 LTS,distro_ version= 18.04,frontend_ config# 0=civetweb port=443s ssl_certificate =/etc/ssl/ server. pem,frontend_ type#0= civetweb, hostname= juju-521d82- default- 4,kernel_ description= #50-Ubuntu SMP Wed Mar 13 10:44:52 UTC 2019,kernel_ version= 4.15.0- 47-generic, mem_swap_ kb=0,mem_ total_kb= 2041224, num_handles= 1,os=Linux, pid=4225, zone_id= be9d4d4f- 725f-490d- acf6-c0a713e03d a4,zone_ name=default, zonegroup_ id=ab35965a- 0856-4671- 906a-fe7aedcb92 ca,zonegroup_ name=default}
May 1 19:51:56 juju-521d82-
May 1 19:51:56 juju-521d82-
[5] netstat -anputa | grep -i radosgw | grep 443
tcp 0 0 0.0.0.0:443 0.0.0.0:* LISTEN 4225/radosgw
- Eric