dolphinscheduler icon indicating copy to clipboard operation
dolphinscheduler copied to clipboard
verified publisher icon apache

[DB TLS Connection][Helm Chart] Request for the feature for connecting to external DB with TLS connection

Open paddyabc opened this issue 4 months ago • 0 comments

Search before asking

  • [x] I had searched in the issues and found no similar feature requirement.

Description

In the normal production deployment, we will have a database which enable the TLS connection using a self signed certificate. The client initiate the connection using an internal domain to the DB and verifying the self-signed CA certificate of this TLS connection. Suggest to add the support of this common practice in the Helm Chart by

  1. adding the configuration of the DB SSL connection with the CA certificate Configuration. It would be great if it can refer to a Kubernetes Secret
  2. Add hostAliases in the helm chart (https://kubernetes.io/docs/tasks/network/customize-hosts-file-for-pods/) so that the pod can go to the DB using an internal FQDN. The internal FQDN is also used in the TLS certificate, so we need to use it to connect to DB so that the server can use the correct server certificate

Use case

No response

Related issues

No response

Are you willing to submit a PR?

  • [ ] Yes I am willing to submit a PR!

Code of Conduct

paddyabc avatar Sep 29 '25 09:09 paddyabc