Charmed MySQL

  • By Canonical Data Platform
  • Cloud
Channel Revision Published Runs on
8.0/stable 151 20 Apr 2023
Ubuntu 22.04
8.0/candidate 151 20 Apr 2023
Ubuntu 22.04
8.0/beta 151 20 Apr 2023
Ubuntu 22.04
8.0/edge 161 26 May 2023
Ubuntu 22.04
juju deploy mysql --channel 8.0/stable
Show information



How to enable encryption

Note: The TLS settings here are for self-signed-certificates which are not recommended for production clusters, the tls-certificates-operator charm offers a variety of configurations, read more on the TLS charm here

Enable TLS

# deploy the TLS charm
juju deploy tls-certificates-operator

# add the necessary configurations for TLS
juju config tls-certificates-operator generate-self-signed-certificates="true" ca-common-name="Test CA"

# to enable TLS relate the two applications
juju relate tls-certificates-operator mysql

Manage keys

Updates to private keys for certificate signing requests (CSR) can be made via the set-tls-private-key action. Note: passing the key should only be done with base64 -w0 not cat. With three units this schema should be followed:

  • Generate a shared internal (private) key
openssl genrsa -out internal-key.pem 3072
  • apply newly generated internal key on each juju unit:
juju run-action mysql/0 set-tls-private-key "internal-key=$(base64 -w0 internal-key.pem)" --wait
juju run-action mysql/1 set-tls-private-key "internal-key=$(base64 -w0 internal-key.pem)" --wait
juju run-action mysql/2 set-tls-private-key "internal-key=$(base64 -w0 internal-key.pem)" --wait
  • updates can also be done with auto-generated keys with
juju run-action mysql/0 set-tls-private-key --wait
juju run-action mysql/1 set-tls-private-key --wait
juju run-action mysql/2 set-tls-private-key --wait

Disable TLS remove the relation

juju remove-relation tls-certificates-operator mysql

Help us improve this documentation

Most of this documentation can be collaboratively discussed and changed on the respective topic in the doc category of the Charmhub forum. See the documentation guidelines if you’d like to contribute.

Last updated a month ago. Help improve this document in the forum.