[PMM-7937] [API, CLI] Enabling PMM UI to connect to Postgres using client certificates (for Remote Add) - Percona JIRA

XML

Word

Printable

Details

Type: Technical task
Status: Done
Priority: Medium
Resolution: Fixed
Affects Version/s: None
Fix Version/s: 2.21.0
Component/s: None
Labels:
- prep/FrontEnd

Needs Review:
Yes
Needs QA:
Yes
Platform Team:
[obsolete] C/S Core

Description

User story:
As a PMM use, I want to be able to pass custom SSL keys to be able to connect to my remote PostgreSQL server, so that PMM can monitor it

UI/UX:

>pmm-admin add postgresql .. --ssl...

Acceptance criteria

user able to pass PG related SSL keys:
- sslcert
- sslkey
- sslrootcert
Documentation:
- updated documentation for UI of adding remote Pg
- BD

Out of scope:

Suggested implementation:
TBD

How to test:
TBD

Original report:

Can we include certificate based login for postgres monitoring? In UI can we add option to select sslmode and path to certificates and keys? we have requirement where all postgres will be ssl enabled and key and certificates will be used for authenetication

Sample connection string:

DATA_SOURCE_NAME=“postgresql://postgres_exporter:[email protected]:5432/postgres?sslmode=verify-ca&sslrootcert=/etc/ssl/certs/server-ca.pem&sslcert=/etc/ssl/certs/client-cert.pem&sslkey=/etc/ssl/certs/client-key.pem”

Sample connection setting from grafana where you can see the certificate related entries

Attachments

Issue Links

clones

PMM-7903 [UI] Enabling PMM UI to connect to Postgres using client certificates (for Remote Add)

Done

is blocked by

PMM-7888 Custom TLS certificates now allow SSL connections to PostgreSQL instances

Done

Activity

People

Assignee:: Andrii Skomorokhov (Inactive)

Reporter:: Roma Novikov

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 16/Apr/21 3:28 PM

Updated:: 30/Aug/21 1:57 PM

Resolved:: 27/Jul/21 7:32 AM