Select Git revision
11.6
-
-
- Open in your IDE
- Download source code
- Download this directory
Daniel Black authored
require-secure-transport on the server mandates that tls or unix socket be used. The healthcheck user doesn't have explict tls credentials, so would have failed. 11.4+ would have tls negiotated, except in #594 it was disabled for people that didn't configure ssl-ca correctly. To resolve this _process_sql adds an explict --protocol socket to get around the default configuration of 'protocol=tcp' in .my-healthcheck.sh. The protocol=tcp was there to catch people who put `healthcheck.sh --innodb_initialized` to discover it checked that in the starting phase of the container, without a tcp connection being available, it still returned true. We work around this my making a connection test always occur in the healthcheck. Remove the protocol=tcp from the generation of .my-healthcheck.cnf files. --connect, as a method that requires to test the connection, we add a mechanims that examines @@skip_networking and considers that if false, the connection is viable. We made a unix socket connection to do the test, which is active the same time as tcp sockets are. This alternate --connect method would have only worked the credentials of the healthcheck user where valid. If it isn't fall back to looking for "Can't connect". Closes: #596
| Name | Last commit | Last update |
|---|---|---|
| .. | ||
| Dockerfile | ||
| docker-entrypoint.sh | ||
| healthcheck.sh | ||