[K8SPSMDB-473] Allow to skip TLS verification for backup storage - Percona JIRA

XML

Word

Printable

Details

Type: Improvement
Status: Done
Priority: Medium
Resolution: Fixed
Affects Version/s: None
Fix Version/s: 1.12.0
Component/s: None
Labels:
- operators-public-roadmap
- public-roadmap

Epic Link:
Operators - skip TLS for backups
Needs QA:
Yes
Needs Doc:
Yes

Description

Sometimes users run private S3-compatible storage with self-issued TLS certificate.

In that case Operators should be able to store backups there by either skipping TLS verification or by accepting self-issued CAs.

pgbackrest (used in PG Operator) has this functionality:

2.4.26 Repository Storage Certificate Verify Option (--repo-storage-verify-tls)
Repository storage certificate verify.

This option provides the ability to enable/disable verification of the storage (e.g. S3, Azure) server TLS certificate. Disabling should only be used for testing or other scenarios where a certificate has been self-signed.

and there is a corresponding flag in PG Operator:

spec.backup.verifyTLS

We need to add the same functionality to MySQL and MongoDB Operators.

This improvement adds the new flag into storages configuration in MongoDB Operator.

Attachments

Issue Links

clones

K8SPXC-758 Allow to skip TLS verification for backup storage

Done

is blocked by

PBM-680 Skip TLS verification for object storage

Done

relates to

K8SPSMDB-474 Document - new feature - skip TLS verification for backups

Done

mentioned in: Page Loading...

Activity

People

Assignee:: Unassigned

Reporter:: Sergey Pronin

Votes:: 1 Vote for this issue

Watchers:: 3 Start watching this issue

Dates

Created:: 26/May/21 12:35 PM

Updated:: 08/Aug/22 7:55 AM

Resolved:: 21/Apr/22 3:22 PM