-
Type:
New Feature
-
Status: Closed (View Workflow)
-
Priority:
Major
-
Resolution: Fixed
-
Affects Version/s: 2.3.4
-
Fix Version/s: 2.3.6
-
Component/s: mariadbmon
-
Labels:None
-
Environment:VM and container linux 7.6-centos
-
Sprint:MXS-SPRINT-79, MXS-SPRINT-80
Need MaxScale to support encryption of replication traffic between database nodes of the local cluster being monitored as well as between the local master and the master of a remote data center.
We have been able to provide most of the SSL configuration (certificates, keys, etc) by configuring a /etc/my.cnf.d/client.cnf file on each local node. This way I believe MaxScale needs only support the MASTER_SSL=1 option on the CHANGE MASTER TO command during failover.
Nokia has a mandatory security requirement that states that all replication traffic must be encrypted.