mysql/postgres support #453

deniseschannon · 2019-05-07T18:18:47Z

No description provided.

huapox · 2019-05-08T14:32:28Z

That wonderful, by the way with a suggest/question will k3s supports rqlite?

erikwilson · 2019-06-18T18:47:47Z

To test this enhancement I first created certs for etcd3 which include a SAN for 10.0.0.2 using the following instructions:
https://github.com/kelseyhightower/etcd-production-setup

etcd3

To launch an etcd3 server using those certs:

docker run --name etcd \
   -v `pwd`/etcd-ca:/etcd-ca \
   -p 127.0.0.1:2379:2379 \
   -p 127.0.0.1:2380:2380 \
   -e ALLOW_NONE_AUTHENTICATION=yes \
   -e ETCD_LISTEN_CLIENT_URLS=https://0.0.0.0:2379 \
   -e ETCD_ADVERTISE_CLIENT_URLS=https://10.0.2.2:2379 \
   -e ETCD_CERT_FILE=/etcd-ca/certs/etcd0.example.com.crt \
   -e ETCD_KEY_FILE=/etcd-ca/private/etcd0.example.com.key \
   -e ETCD_CA_FILE=/etcd-ca/certs/ca.crt \
   -d bitnami/etcd:latest

And from within a Valgrant alpine instance etcd3 tested with:

INSTALL_K3S_SKIP_DOWNLOAD=true ./install.sh \
   --storage-backend etcd3 \
   --storage-endpoint https://10.0.2.2:2379 \
   --storage-cafile `pwd`/etcd-ca/certs/ca.crt \
   --storage-certfile `pwd`/etcd-ca/certs/etcd-client.crt \
   --storage-keyfile `pwd`/etcd-ca/private/etcd-client.key

mysql

Launching a mysql service using the same etcd certs:

docker run --name mysql \
   -v `pwd`/etcd-ca/:/etcd-ca \
   -p 127.0.0.1:3306:3306 \
   -e MYSQL_ROOT_PASSWORD=secret \
   -d mysql:latest \
       --require-secure-transport=ON \
       --ssl-ca /etcd-ca/certs/ca.crt \
       --ssl-cert /etcd-ca/certs/etcd0.example.com.crt \
       --ssl-key /etcd-ca/private/etcd0.example.com.key

And from within a Valgrant alpine instance mysql tested with:

INSTALL_K3S_SKIP_DOWNLOAD=true ./install.sh \
   --storage-endpoint='mysql://root:secret@tcp(10.0.2.2:3306)/testdb' \
   --storage-cafile `pwd`/etcd-ca/certs/ca.crt \
   --storage-certfile `pwd`/etcd-ca/certs/etcd-client.crt \
   --storage-keyfile `pwd`/etcd-ca/private/etcd-client.key

postgres

Launching a postgres service using the same etcd certs:

docker run --name postgres \
   -v `pwd`/etcd-ca/:/etcd-ca \
   -p 127.0.0.1:5432:5432 \
   -e POSTGRES_USER=root \
   -e POSTGRES_PASSWORD=secret \
   -d postgres:latest \
      -c ssl=on \
      -c ssl_ca_file=/etcd-ca/certs/ca.crt \
      -c ssl_cert_file=/etcd-ca/certs/etcd0.example.com.crt \
      -c ssl_key_file=/etcd-ca/private/etcd0.example.com.key

And from within a Valgrant alpine instance postgres tested with:

INSTALL_K3S_SKIP_DOWNLOAD=true ./install.sh \
   --storage-endpoint='postgres://root:secret@10.0.2.2:5432/testdb' \
   --storage-cafile `pwd`/etcd-ca/certs/ca.crt \
   --storage-certfile `pwd`/etcd-ca/certs/etcd-client.crt \
   --storage-keyfile `pwd`/etcd-ca/private/etcd-client.key

deniseschannon added the kind/enhancement An improvement to existing functionality label May 7, 2019

deniseschannon added this to the v0.6.0 milestone May 7, 2019

deniseschannon assigned galal-hussein May 7, 2019

This was referenced May 10, 2019

Add MySQL and Postgress driver ibuildthecloud/kvsql#1

Merged

Add MySQL and Postgress support #479

Merged

galal-hussein added the status/ready-for-review label May 14, 2019

erikwilson added the status/to-test label Jun 4, 2019

deniseschannon assigned tfiduccia Jun 4, 2019

erikwilson closed this as completed Jun 18, 2019

erikwilson assigned erikwilson and unassigned tfiduccia Jun 18, 2019

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

mysql/postgres support #453

mysql/postgres support #453

deniseschannon commented May 7, 2019

huapox commented May 8, 2019

erikwilson commented Jun 18, 2019

mysql/postgres support #453

mysql/postgres support #453

Comments

deniseschannon commented May 7, 2019

huapox commented May 8, 2019

erikwilson commented Jun 18, 2019

etcd3

mysql

postgres