support TLS for components and downstream db #931
Merged
Commits on Mar 15, 2020
-
support TLS for components (#904)
truely support TLS for components. before this pr if enable TLS for components - `tidb` will fail to connect to `pump` - no TLS between drainer and pump - no enable TLS for tikv client in `drainer` - `binlogctl` can't work actually ... [relate docs](https://pingcap.com/docs/stable/how-to/secure/enable-tls-between-components/) ([Chinese version](https://pingcap.com/docs-cn/stable/how-to/secure/enable-tls-between-components/)) This Commit: - properly handle things about TLS when enabling TLS - enable TLS in the integration tests - log pump config at startup time
-
-
Reload cert/key for every new conn (#927)
* Reload cert/key for every new conn support reload cluster/downstream TLS cert/key. CA still can not be hot-reload now * expand the loop
Commits on Mar 16, 2020
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.