Charmed MySQL
- By Canonical Data Platform
- Cloud
Channel | Revision | Published | Runs on |
---|---|---|---|
8.0/stable | 151 | 20 Apr 2023 | |
8.0/candidate | 151 | 20 Apr 2023 | |
8.0/beta | 151 | 20 Apr 2023 | |
8.0/edge | 161 | 26 May 2023 |
juju deploy mysql --channel 8.0/stable
You will need Juju 2.9 to be able to run this command. Learn how to upgrade to Juju 2.9.
Deploy universal operators easily with Juju, the Universal Operator Lifecycle Manager.
Platform:
How to enable encryption
Note: The TLS settings here are for self-signed-certificates which are not recommended for production clusters, the tls-certificates-operator
charm offers a variety of configurations, read more on the TLS charm here
Enable TLS
# deploy the TLS charm
juju deploy tls-certificates-operator
# add the necessary configurations for TLS
juju config tls-certificates-operator generate-self-signed-certificates="true" ca-common-name="Test CA"
# to enable TLS relate the two applications
juju relate tls-certificates-operator mysql
Manage keys
Updates to private keys for certificate signing requests (CSR) can be made via the set-tls-private-key
action. Note: passing the key should only be done with base64 -w0
not cat
. With three units this schema should be followed:
- Generate a shared internal (private) key
openssl genrsa -out internal-key.pem 3072
- apply newly generated internal key on each juju unit:
juju run-action mysql/0 set-tls-private-key "internal-key=$(base64 -w0 internal-key.pem)" --wait
juju run-action mysql/1 set-tls-private-key "internal-key=$(base64 -w0 internal-key.pem)" --wait
juju run-action mysql/2 set-tls-private-key "internal-key=$(base64 -w0 internal-key.pem)" --wait
- updates can also be done with auto-generated keys with
juju run-action mysql/0 set-tls-private-key --wait
juju run-action mysql/1 set-tls-private-key --wait
juju run-action mysql/2 set-tls-private-key --wait
Disable TLS remove the relation
juju remove-relation tls-certificates-operator mysql
Help us improve this documentation
Most of this documentation can be collaboratively discussed and changed on the respective topic in the doc category of the Charmhub forum. See the documentation guidelines if you’d like to contribute.