We are migrating form a Zalando based Kubernetes Postgres to a Helm based TimescaleDb deployment in our clusters.
We use Teleport to manage all of our cluster and database access. Teleport requires that we use a custom, teleport generated ssl tls cert, which we have done, but we are getting ssl connection failures as clients cannot verify the cert, meaning we need to add the root ca to postgreSQL.
Zalando had a neat way to do this in the CRDs, one simply added ca.crt as an additional field on the cert secret, and it happened automatically.
Before I go down the rabbit hole of a custom volume mount and figuring out how to get postgreSQL to use it, has anyone done this before? am I missing something in the helm chart?
Many thanks in advance
Mark Cupitt
Head of Global Operations
Billrush NZ
1 post - 1 participant
