Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

config: reload tikv/tidb cluster tls for every new established conn #14833

Merged
merged 2 commits into from
Feb 19, 2020
Merged

config: reload tikv/tidb cluster tls for every new established conn #14833

merged 2 commits into from
Feb 19, 2020

Conversation

lysu
Copy link
Contributor

@lysu lysu commented Feb 18, 2020
edited
Loading

What problem does this PR solve?

support reload cluster TLS cert/key file used by TiKV or TiDB-self(CA still can not be hot-reload now)

pd's cert/key will be handled by new pdclient

What is changed and how it works?

reload TLS for every new connection(include grpc auto retry in resetTransport) like etcd

Check List

Tests

  • Unit test
  • Integration test
  • Manual test

Code changes

  • change conf way

Side effects

  • n/a

Related changes

  • n/a

Release note

  • reload tikv/tidb cluster tls for every new established conn

This change is Reviewable

@lysu lysu added type/enhancement The issue or PR belongs to an enhancement. component/tikv labels Feb 18, 2020
@lysu lysu requested review from tiancaiamao and jackysp February 18, 2020 09:26
@lysu
Copy link
Contributor Author

lysu commented Feb 18, 2020

/run-all-tests

@lysu lysu added this to the v4.0.0-beta.1 milestone Feb 18, 2020
jackysp
jackysp reviewed Feb 18, 2020
View reviewed changes
Copy link
Member

@jackysp jackysp left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@lysu lysu added status/LGT1 Indicates that a PR has LGTM 1. security Everything related with security labels Feb 19, 2020
@tiancaiamao
Copy link
Contributor

LGTM

@tiancaiamao tiancaiamao added status/LGT2 Indicates that a PR has LGTM 2. and removed status/LGT1 Indicates that a PR has LGTM 1. labels Feb 19, 2020
@tiancaiamao
Copy link
Contributor

/merge

@sre-bot sre-bot added the status/can-merge Indicates a PR has been approved by a committer. label Feb 19, 2020
@sre-bot
Copy link
Contributor

sre-bot commented Feb 19, 2020

/run-all-tests

@sre-bot sre-bot merged commit 0ee50c2 into pingcap:master Feb 19, 2020
@lysu lysu deleted the dev-reload-kv-cert branch February 19, 2020 13:05
@lysu
Copy link
Contributor Author

lysu commented Feb 24, 2020

ref #14666

@lysu
Copy link
Contributor Author

lysu commented Mar 5, 2020

/run-cherry-picker

@sre-bot sre-bot mentioned this pull request Mar 5, 2020
Merged
@sre-bot
Copy link
Contributor

sre-bot commented Mar 5, 2020

cherry pick to release-3.0 in PR #15162

sre-bot pushed a commit to sre-bot/tidb that referenced this pull request Mar 5, 2020
@lysu @sre-bot
config: reload tikv/tidb cluster tls for every new established conn (p…
44ca8e4 
…ingcap#14833)
@sre-bot sre-bot mentioned this pull request Mar 5, 2020
Merged
@sre-bot
Copy link
Contributor

sre-bot commented Mar 5, 2020

cherry pick to release-3.1 in PR #15163

@lysu lysu mentioned this pull request Mar 9, 2020
Merged
4 tasks
sre-bot added a commit that referenced this pull request Mar 10, 2020
@sre-bot
config: reload tikv/tidb cluster tls for every new established conn (#…
a517f34 
…14833) (#15163)
lysu added a commit to sre-bot/tidb that referenced this pull request Mar 17, 2020
@lysu
config: reload tikv/tidb cluster tls for every new established conn (p…
b87f4b1 
…ingcap#14833)
sre-bot added a commit that referenced this pull request Mar 17, 2020
@sre-bot
config: reload tikv/tidb cluster tls for every new established conn (#…
c668b94 
…14833) (#15162)
@lysu lysu modified the milestones: v4.0.0-beta.1, v3.1.0-rc Mar 18, 2020
@sre-bot sre-bot mentioned this pull request Apr 15, 2020
Merged
4 tasks
@sre-bot sre-bot mentioned this pull request May 8, 2020
Merged
4 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jackysp jackysp jackysp left review comments

@tiancaiamao tiancaiamao tiancaiamao approved these changes

Assignees
No one assigned
Labels
component/tikv security Everything related with security status/can-merge Indicates a PR has been approved by a committer. status/LGT2 Indicates that a PR has LGTM 2. type/enhancement The issue or PR belongs to an enhancement.
Projects
None yet
Milestone
v3.1.0-rc
Development

Successfully merging this pull request may close these issues.
4 participants
@lysu @tiancaiamao @sre-bot @jackysp