Certificate Rotation In Live CRDB Environment On Kubernetes
Rotating certificates in a live CRDB environment on Kubernetes is non-disruptive with CockroachDB. Follow 5 steps to automate the process using NodeJS and GitHub repo.
certificate rotation in a live CRDB environment On Kubernetes we have a CockroachDB deployment and associated secret resources that are mapped as volumes in the CRDB pods. These secrets represent the certificates that are required by the database to operate, and include CA certs, Node certs, and User certs. CockroachDB allows you to rotate these certificates in a non-disruptive way that keeps existing client/SQL connections alive, and no rolling restarts are required. Because we’re working in a containerized environment, there is a specific sequence of tasks required to accomplish this proce...