openstack/charm-ceph-dashboard
Code Issues Proposed changes
64062e5a9a
charm-ceph-dashboard/config.yaml
Liam Young d4c8683e68 Add support for embedded graphs and alertmanager 
This patch consits of:

* New ops interface grafana_dashboard based on the existing reactive
  interface
* New ops http interface.
* Dashboard registers grafana dashboards with grafana. These
  dashboards are taken from upstream ceph *1. Ideally the charm
  would pick these up from ceph packaging but they are currently
  not included. With the exception of host-details.json and
  hosts-overview.json the dashboards are unchanged. host-details.json
  and hosts-overview.json both needed changed to make the compatable
  with the metrics telegraf is sending.
* alertmanager-service and prometheus relations
  using the http ops interface allowing there api endpoints to be
  registered with the dashboard.

NOTE: ceph-mon has an existing relation with Prometheus (
ceph-mon:prometheus <-> prometheus:target ) but prometheus does not
publish its api endpoint on that relation. So, the dashboard adds a
prometheus:website <-> ceph-dashboard:prometheus relation. This
allows the dashboard to set set-prometheus-api-host.

*1 https://github.com/ceph/ceph/tree/master/monitoring/grafana/dashboards

Change-Id: Ic4522cc601895c9a79489df985a6e81fa70fb9e5
2021-08-27 13:49:41 +00:00

104 lines
3.3 KiB
YAML
Raw Blame History

# Copyright 2021 Canonical
# See LICENSE file for licensing details.
options:
debug:
type: boolean
default: False
description: |
Control debug mode. It is recommended that debug be disabled in
production deployments.
grafana-api-url:
type: string
default:
description: |
URL of grafana api. The url must be using https.
public-hostname:
type: string
default:
description: |
The hostname or address of the public endpoints created for the
dashboard
enable-password-policy:
type: boolean
default: True
description: Enable password policy
password-policy-check-length:
type: boolean
default: True
description: |
Reject password if it is shorter then password-policy-min-length
password-policy-check-oldpwd:
type: boolean
default: True
description: Reject password if it matches previous password.
password-policy-check-username:
type: boolean
default: True
description: Reject password if username is included in password.
password-policy-check-exclusion-list:
type: boolean
default: True
description: Reject password if it contains a word from a forbidden list.
password-policy-check-complexity:
type: boolean
default: True
description: |
Check password meets a complexity score of password-policy-min-complexity.
See https://docs.ceph.com/en/latest/mgr/dashboard/#password-policy
password-policy-check-sequential-chars:
type: boolean
default: True
description: |
Reject password if it contains a sequence of sequential characters. e.g.
a password containing '123' or 'efg' would be rejected.
password-policy-check-repetitive-chars:
type: boolean
default: True
description: |
Reject password if password contains consecutive repeating charachters.
password-policy-min-length:
type: int
default: 8
description: Set minimum password length.
password-policy-min-complexity:
type: int
default: 10
description: |
Set minimum password complexity score.
See https://docs.ceph.com/en/latest/mgr/dashboard/#password-policy
audit-api-enabled:
type: boolean
default: False
description: |
Log requests made to the dashboard REST API to the Ceph audit log.
audit-api-log-payload:
type: boolean
default: True
description: |
Include payload in Ceph audit logs. audit-api-enabled must be set to True
to enable this.,
motd:
type: string
default: ""
description: |
Message of the day settings. Should be in the format "severity|expires|message". Set to "" to disable.
ssl_cert:
type: string
default:
description: |
SSL certificate to install and use for API ports. Setting this value
and ssl_key will enable reverse proxying, point Neutron's entry in the
Keystone catalog to use https, and override any certificate and key
issued by Keystone (if it is configured to do so).
ssl_key:
type: string
default:
description: SSL key to use with certificate specified as ssl_cert.
ssl_ca:
type: string
default:
description: |
SSL CA to use with the certificate and key provided - this is only
required if you are providing a privately signed ssl_cert and ssl_key.
View Git Blame Copy Permalink