VladPolskiy/mariadb-operator
1
0
Fork 0
mirror of https://github.com/mariadb-operator/mariadb-operator.git synced 2025-07-25 01:28:31 +00:00
Code Issues Packages Projects Releases Wiki Activity

Improved comment

Browse Source
This commit is contained in:
mmontes11
2025-01-10 22:01:57 +01:00
committed by Martin Montes
parent aeae426275
commit 2946d55f05
1 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
pkg/builder/container_builder.go
View File

@ -432,8 +432,8 @@ func mariadbEnv(mariadb *mariadbv1alpha1.MariaDB) []corev1.EnvVar {
}, },
}...) }...)
// By default, wsrep_sst_mariabackup.sh validates the client certificate commonName against the container IP. // By default, wsrep_sst_mariabackup.sh validates the client certificate commonName against the Pod IP.
// This doesn't work with Kubernetes, we cannot issue a certificate for a specific IP, as Pod IPs are ephemeral. // This doesn't work with Kubernetes, we cannot issue a certificate for a specific IP, as Pod IPs are ephemeral and unpredictable.
// Instead, we could configure wsrep_sst_mariabackup.sh to validate the certificate against the expected commonName: // Instead, we could configure wsrep_sst_mariabackup.sh to validate the certificate against the expected commonName:
// See: // See:
// https://github.com/codership/mariadb-server/blob/16394f1aa1b4097f897b8ab01ea2064726cca059/scripts/wsrep_sst_common.sh#L1064 // https://github.com/codership/mariadb-server/blob/16394f1aa1b4097f897b8ab01ea2064726cca059/scripts/wsrep_sst_common.sh#L1064