Uploaded image for project: 'MariaDB MaxScale'
  1. MariaDB MaxScale
  2. MXS-2344

Support MASTER_SSL in mariadbmon for encrypting replication traffic

    XMLWordPrintable

Details

    • New Feature
    • Status: Closed (View Workflow)
    • Major
    • Resolution: Fixed
    • 2.3.4
    • 2.3.6
    • mariadbmon
    • None
    • VM and container linux 7.6-centos
    • MXS-SPRINT-79, MXS-SPRINT-80

    Description

      Need MaxScale to support encryption of replication traffic between database nodes of the local cluster being monitored as well as between the local master and the master of a remote data center.

      We have been able to provide most of the SSL configuration (certificates, keys, etc) by configuring a /etc/my.cnf.d/client.cnf file on each local node. This way I believe MaxScale needs only support the MASTER_SSL=1 option on the CHANGE MASTER TO command during failover.

      Nokia has a mandatory security requirement that states that all replication traffic must be encrypted.

      Attachments

        Issue Links

          relates to

          Bug - A problem which impairs or prevents the functions of the product. MXS-4889 auto_rejoin with SSL replication fails setting the right parameters

          • Major - Major loss of function.
          • Closed

          Activity

            People

              esa.korhonen Esa Korhonen
              rvlane Richard Lane
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Git Integration

                  Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.