diff --git a/docs/user-guide/deployments-administration/manage-metadata/configuration.md b/docs/user-guide/deployments-administration/manage-metadata/configuration.md index 2ba24f183..f355803d5 100644 --- a/docs/user-guide/deployments-administration/manage-metadata/configuration.md +++ b/docs/user-guide/deployments-administration/manage-metadata/configuration.md @@ -83,7 +83,27 @@ store_addrs = ["mysql://user:password@ip:port/dbname"] # Default: greptime_metakv meta_table_name = "greptime_metakv" -# TLS is not supported for MySQL currently. +[backend_tls] +# - "disable" - No TLS +# - "prefer" (default) - Try TLS, fallback to plain +# - "require" - Require TLS +# - "verify_ca" - Require TLS and verify CA +# - "verify_full" - Require TLS and verify hostname +mode = "prefer" + +# Path to client certificate file (for client authentication) +# Like "/path/to/client.crt" +cert_path = "" + +# Path to client private key file (for client authentication) +# Like "/path/to/client.key" +key_path = "" + +# Path to CA certificate file (for server certificate verification) +# Required when using custom CAs or self-signed certificates +# Leave empty to use system root certificates only +# Like "/path/to/ca.crt" +ca_cert_path = "" ``` When sharing a MySQL instance between multiple GreptimeDB clusters, you must set a unique `meta_table_name` for each GreptimeDB cluster to avoid metadata conflicts. diff --git a/i18n/zh/docusaurus-plugin-content-docs/current/user-guide/deployments-administration/manage-metadata/configuration.md b/i18n/zh/docusaurus-plugin-content-docs/current/user-guide/deployments-administration/manage-metadata/configuration.md index 9c8e807cd..b29a4435b 100644 --- a/i18n/zh/docusaurus-plugin-content-docs/current/user-guide/deployments-administration/manage-metadata/configuration.md +++ b/i18n/zh/docusaurus-plugin-content-docs/current/user-guide/deployments-administration/manage-metadata/configuration.md @@ -83,7 +83,27 @@ store_addrs = ["mysql://user:password@ip:port/dbname"] # 默认值: greptime_metakv meta_table_name = "greptime_metakv" -# MySQL 暂不支持 TLS。 +[backend_tls] +# - "disable" - 不使用 TLS +# - "prefer" (默认) - 尝试 TLS,失败时回退到明文连接 +# - "require" - 要求 TLS +# - "verify_ca" - 要求 TLS 并验证 CA +# - "verify_full" - 要求 TLS 并验证主机名 +mode = "prefer" + +# 客户端证书文件路径(用于客户端身份验证) +# 例如 "/path/to/client.crt" +cert_path = "" + +# 客户端私钥文件路径(用于客户端身份验证) +# 例如 "/path/to/client.key" +key_path = "" + +# CA 证书文件路径(用于服务器证书验证) +# 使用自定义 CA 或自签名证书时必需 +# 留空则仅使用系统根证书 +# 例如 "/path/to/ca.crt" +ca_cert_path = "" ``` 当多个 GreptimeDB 集群共享同一个 MySQL 实例时,必须为每个 GreptimeDB 集群设置一个唯一的 `meta_table_name` 以避免元数据冲突。