Skip to content

Commit 0b8bff0

Browse files
anandsyncsanandsyncs
committed
tracer
1 parent 843fd3b commit 0b8bff0

File tree

6 files changed

+160
-495
lines changed

6 files changed

+160
-495
lines changed

docs/search/01-search-community-deploy/code_snippets/01_0306_create_mongodb_tls_secrets.sh

Lines changed: 13 additions & 15 deletions
Original file line numberDiff line numberDiff line change
@@ -22,6 +22,10 @@ mongodb_dns_entries() {
2222
service="$(mongodb_service_fqdn)"
2323
wildcard="$(mongodb_wildcard_fqdn)"
2424

25+
for ((member = 0; member < members; member++)); do
26+
printf '%s-%s\n' "${MDB_RESOURCE_NAME}" "${member}"
27+
done
28+
2529
for ((member = 0; member < members; member++)); do
2630
printf '%s-%s.%s\n' "${MDB_RESOURCE_NAME}" "${member}" "${service}"
2731
done
@@ -33,20 +37,14 @@ mongot_service_fqdn() {
3337
printf '%s-search-svc.%s.svc.cluster.local' "${MDB_RESOURCE_NAME}" "${MDB_NS}"
3438
}
3539

36-
mongot_wildcard_fqdn() {
37-
printf '*.%s-search.%s.svc.cluster.local' "${MDB_RESOURCE_NAME}" "${MDB_NS}"
38-
}
39-
4040
mongot_dns_entries() {
41-
mongot_service_fqdn
42-
printf '\n'
43-
mongot_wildcard_fqdn
44-
printf '\n'
45-
# Add individual search pod hostname for proper TLS validation
46-
printf '%s-search-0.%s-search-svc.%s.svc.cluster.local\n' "${MDB_RESOURCE_NAME}" "${MDB_RESOURCE_NAME}" "${MDB_NS}"
47-
# Add localhost and IP for local connections
48-
printf 'localhost\n'
49-
printf '127.0.0.1\n'
41+
local search_service
42+
43+
search_service="$(mongot_service_fqdn)"
44+
45+
printf '%s-search-0\n' "${MDB_RESOURCE_NAME}"
46+
printf '%s-search-0.%s\n' "${MDB_RESOURCE_NAME}" "${search_service}"
47+
printf '%s\n' "${search_service}"
5048
}
5149

5250
tls_ca_common_name() {
@@ -93,7 +91,7 @@ openssl_exec() {
9391

9492
# Create CA certificate
9593
echo "Generating CA certificate..."
96-
openssl_exec openssl ecparam -name prime256v1 -genkey -noout -out "${tmpdir}/ca.key"
94+
openssl_exec openssl genrsa -out "${tmpdir}/ca.key" 2048
9795
openssl_exec openssl req -x509 -new -key "${tmpdir}/ca.key" \
9896
-out "${tmpdir}/ca.crt" \
9997
-days 365 \
@@ -112,7 +110,7 @@ sign_cert() {
112110
echo "Generating certificate for ${name}..."
113111

114112
# Generate private key
115-
openssl_exec openssl ecparam -name prime256v1 -genkey -noout -out "${tmpdir}/${name}.key"
113+
openssl_exec openssl genrsa -out "${tmpdir}/${name}.key" 2048
116114

117115
# Create CSR
118116
openssl_exec openssl req -new \

0 commit comments

Comments
 (0)