Our Operator comes with integration with Percona Monitoring and Management (PMM).
Right now the only possible way to authenticate with PMM server is with user and password. At the same time recommended way is to authenticate with API key.
This Improvement adds support for API key authentication in the Operator. The implementation should be similar to what we have is PXC Operator.
Token authorization is a recommended way. For our new Operator for MYSQL it makes sense to keep only Token auth and get rid of password authentication completely. We can do it now as the Operator is in tech preview stage.
We will follow the similar pattern as in PXC Operator and add pmmserverkey into the secret with users.
- If the user does not specify pmmserverkey in the secret
- the pmmserverkey will not be automatically added or generated (not to confuse the user)
- the pmm container will not be able to connect to pmm server and it will be visible in the logs
- pmmserverkey will be present by default in deploy/secrets.yaml file