Skip to content

Commit

Permalink
Add TLS and Reconfigure TLS
Browse files Browse the repository at this point in the history
Signed-off-by: Muhammad Raisul Islam Evan <[email protected]>
  • Loading branch information
Evanraisul committed Nov 15, 2024
1 parent 13849a0 commit 3637454
Show file tree
Hide file tree
Showing 5 changed files with 831 additions and 2 deletions.
10 changes: 10 additions & 0 deletions docs/guides/memcached/reconfigure-tls/_index.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,10 @@
---
title: Reconfigure Memcached TLS/SSL
menu:
docs_{{ .version }}:
identifier: mc-reconfigure-tls
name: Reconfigure TLS/SSL
parent: mc-memcached-guides
weight: 46
menu_name: docs_{{ .version }}
---
51 changes: 51 additions & 0 deletions docs/guides/memcached/reconfigure-tls/overview.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,51 @@
---
title: Reconfiguring TLS of Memcached
menu:
docs_{{ .version }}:
identifier: mc-reconfigure-tls-overview
name: Overview
parent: mc-reconfigure-tls
weight: 10
menu_name: docs_{{ .version }}
section_menu_id: guides
---

> New to KubeDB? Please start [here](/docs/README.md).
# Reconfiguring TLS of Memcached Database

This guide will give an overview on how KubeDB Ops-manager operator reconfigures TLS configuration i.e. add TLS, remove TLS, update issuer/cluster issuer or Certificates and rotate the certificates of a `Memcached` database.

## Before You Begin
- You should be familiar with the following `KubeDB` concepts:
- [Memcached](/docs/guides/memcached/concepts/memcached.md)
- [MemcachedOpsRequest](/docs/guides/memcached/concepts/memcached-opsrequest.md)

## How Reconfiguring Memcached TLS Configuration Process Works

The following diagram shows how KubeDB Ops-manager operator reconfigures TLS of a `Memcached` database. Open the image in a new tab to see the enlarged version.

<figure align="center">
  <img alt="Reconfiguring TLS process of Memcached" src="/docs/images/memcached/memcached-reconfigure-tls.png">
<figcaption align="center">Fig: Reconfiguring TLS process of Memcached</figcaption>
</figure>

The Reconfiguring Memcached TLS process consists of the following steps:

1. At first, a user creates a `Memcached` Custom Resource (CR).

2. `KubeDB` Community operator watches the `Memcached` CR.

3. When the operator finds a `Memcached` CR, it creates required number of `PetSets` and related necessary stuff like appbinding, services, etc.

4. Then, in order to reconfigure the TLS configuration of the `Memcached` database the user creates a `MemcachedOpsRequest` CR with the desired version.

5. `KubeDB` Enterprise operator watches the `MemcachedOpsRequest` CR.

6. When it finds a `MemcachedOpsRequest` CR, it halts the `Memcached` object which is referred from the `MemcachedOpsRequest`. So, the `KubeDB` Community operator doesn't perform any operations on the `Memcached` object during the reconfiguring process.

7. By looking at the target version from `MemcachedOpsRequest` CR, `KubeDB` Enterprise operator will add, remove, update or rotate TLS configuration based on the Ops Request yaml.

8. After successfully reconfiguring `Memcached` object, the `KubeDB` Enterprise operator resumes the `Memcached` object so that the `KubeDB` Community operator can resume its usual operations.

In the next doc, we are going to show a step-by-step guide on updating of a Memcached database using update operation.
Loading

0 comments on commit 3637454

Please sign in to comment.