You are looking at the documentation of a prior release. To read the documentation of the latest release, please
visit here.
New to KubeDB? Please start here.
Reconfiguring TLS of Memcached Database
This guide will give an overview on how KubeDB Ops-manager operator reconfigures TLS configuration i.e. add TLS, remove TLS, update issuer/cluster issuer or Certificates and rotate the certificates of a Memcached
database.
Before You Begin
- You should be familiar with the following
KubeDB
concepts:
How Reconfiguring Memcached TLS Configuration Process Works
The following diagram shows how KubeDB Ops-manager operator reconfigures TLS of a Memcached
database. Open the image in a new tab to see the enlarged version.
The Reconfiguring Memcached TLS process consists of the following steps:
At first, a user creates a
Memcached
Custom Resource (CR).KubeDB
Community operator watches theMemcached
CR.When the operator finds a
Memcached
CR, it creates required number ofPetSets
and related necessary stuff like appbinding, services, etc.Then, in order to reconfigure the TLS configuration of the
Memcached
database the user creates aMemcachedOpsRequest
CR with the desired version.KubeDB
Enterprise operator watches theMemcachedOpsRequest
CR.When it finds a
MemcachedOpsRequest
CR, it halts theMemcached
object which is referred from theMemcachedOpsRequest
. So, theKubeDB
Community operator doesn’t perform any operations on theMemcached
object during the reconfiguring process.By looking at the target version from
MemcachedOpsRequest
CR,KubeDB
Enterprise operator will add, remove, update or rotate TLS configuration based on the Ops Request yaml.After successfully reconfiguring
Memcached
object, theKubeDB
Enterprise operator resumes theMemcached
object so that theKubeDB
Community operator can resume its usual operations.
In the next doc, we are going to show a step-by-step guide on updating of a Memcached database using update operation.