Hi,
I am trying to add the tls secret by following the steps mentioned in Configure TLS/SSL/WebSocket · SingleStore Documentation and after I created the secret and passed it to the cluster.yml, I am not seeing the secret mounted inside the master pod.
My serviceSpec and secureConnectionSpec portion in my sdb-cluster.yaml looks like the below section:
serviceSpec:
objectMetaOverrides:
labels:
custom: label
annotations:
custom: annotations
secureConnectionSpec:
sslSecretName: ssl-secret
clientServerConnection: enable
enableWebSockets: true
Can anyone let me know if I am doing something wrong here.
Can you send the complete sdb-cluser.yaml file masking the values . Also the output of kubectl get secrets here.
Hi @pgaddigopula,
I could not upload the yaml file, so here is a snap of the yaml file.
The tls secret is created exactly by using the command :
kubectl create secret generic ssl-secret
–from-file=tls.crt=<path_to_server-cert.pem>
–from-file=tls.key=<path_to_server-key.pem>
as provided in Configure TLS/SSL/WebSocket · SingleStore Documentation.
If you require the actual files, we cannot share it over public forum and we will open a support request ticket and share it over there.
Please let me know if anything else is required from our end.
Hi Harish,
Can you keep all the files in one directory assume test_ssl and try to add these using the command?
kubectl create secret generic test-secret --from-file=test_ssl/
Once done just describe the kubectl get secret test-secret and see.
You should find something like this under the Data: Section
Data
ca-cert.pem: 1318 bytes
server-cert.pem: 1176 bytes
server-key.pem: 1704 bytes
If you still have the issue and your organization has SingleStore support subscription feel free to raise a ticket. We will help you there.
