We use cookies and other similar technology to collect data to improve your experience on our site, as described in our Privacy Policy.

AppsCode
  • KubeDB

    Run Production-Grade Databases on Kubernetes

    arrow_forward
    Stash

    Backup and Recovery Solution for Kubernetes

    arrow_forward
    KubeVault

    Run Production-Grade Vault on Kubernetes

    arrow_forward
    Voyager

    Secure HAProxy Ingress Controller for Kubernetes

    arrow_forward
    ConfigSyncer

    Kubernetes Configuration Syncer

    arrow_forward
    Guard

    Kubernetes Authentication WebHook Server

    arrow_forward
    KubeDB

    KubeDB simplifies Provision, Upgrade, Scaling, Volume Expansion, Monitor, Backup, Restore for various Databases in Kubernetes on any Public & Private Cloud

    • task_altLower administrative burden
    • task_altNative Kubernetes Support
    • task_altPerformance
    • task_altAvailability and durability
    • task_altManageability
    • task_altCost-effectiveness
    • task_altSecurity
    Stash

    A complete Kubernetes native disaster recovery solution for backup and restore your volumes and databases in Kubernetes on any public and private clouds.

    • task_altDeclarative API
    • task_altBackup Kubernetes Volumes
    • task_altBackup Database
    • task_altMultiple Storage Support
    • task_altDeduplication
    • task_altData Encryption
    • task_altVolume Snapshot
    • task_altPolicy Based Backup
    KubeVault

    KubeVault is a Git-Ops ready, production-grade solution for deploying and configuring Hashicorp's Vault on Kubernetes.

    • task_altVault Kubernetes Deployment
    • task_altAuto Initialization & Unsealing
    • task_altVault Backup & Restore
    • task_altConsume KubeVault Secrets with CSI
    • task_altManage DB Users Privileges
    • task_altStorage Backend
    • task_altAuthentication Method
    • task_altDatabase Secret Engine
    Voyager

    Secure HAProxy Ingress Controller for Kubernetes

    • task_altHTTP & TCP
    • task_altSSL
    • task_altPlatform support
    • task_altHAProxy
    • task_altPrometheus
    • task_altLet's Encrypt
    configsyncer

    Kubernetes Configuration Syncer

    • task_altConfiguration Syncer
    Guard

    Kubernetes Authentication WebHook Server

    • task_altIdentity Providers
    • task_altCLI
    • task_altRBAC
  • RESOURCES
  • Webinar New
CONTACT SALES
KubeDB KubeDB
github-icon twitterx-icon
TRY NOW FREE
You are looking at the documentation of a prior release. To read the documentation of the latest release, please visit here.

New to KubeDB? Please start here.

Reconfiguring TLS of MariaDB Database

This guide will give an overview on how KubeDB Enterprise operator reconfigures TLS configuration i.e. add TLS, remove TLS, update issuer/cluster issuer or Certificates and rotate the certificates of a MariaDB database.

Before You Begin

How Reconfiguring MariaDB TLS Configuration Process Works

The following diagram shows how KubeDB Enterprise operator reconfigures TLS of a MariaDB database. Open the image in a new tab to see the enlarged version.

  Reconfiguring TLS process of MariaDB
Fig: Reconfiguring TLS process of MariaDB

The Reconfiguring MariaDB TLS process consists of the following steps:

  1. At first, a user creates a MariaDB Custom Resource Object (CRO).

  2. KubeDB Community operator watches the MariaDB CRO.

  3. When the operator finds a MariaDB CR, it creates required number of StatefulSets and related necessary stuff like secrets, services, etc.

  4. Then, in order to reconfigure the TLS configuration of the MariaDB database the user creates a MariaDBOpsRequest CR with desired information.

  5. KubeDB Enterprise operator watches the MariaDBOpsRequest CR.

  6. When it finds a MariaDBOpsRequest CR, it pauses the MariaDB object which is referred from the MariaDBOpsRequest. So, the KubeDB Community operator doesn’t perform any operations on the MariaDB object during the reconfiguring TLS process.

  7. Then the KubeDB Enterprise operator will add, remove, update or rotate TLS configuration based on the Ops Request yaml.

  8. Then the KubeDB Enterprise operator will restart all the Pods of the database so that they restart with the new TLS configuration defined in the MariaDBOpsRequest CR.

  9. After the successful reconfiguring of the MariaDB TLS, the KubeDB Enterprise operator resumes the MariaDB object so that the KubeDB Community operator resumes its usual operations.

In the next docs, we are going to show a step by step guide on reconfiguring TLS configuration of a MariaDB database using MariaDBOpsRequest CRD.

What's on this Page

Search
Improve This Page