Add ms-configuration-using-podtemplate

Signed-off-by: Neaj Morshad <[email protected]>
kubedb · Oct 17, 2024 · bb301c9 · bb301c9
1 parent d02b50e
commit bb301c9
Show file tree

Hide file tree

Showing 3 changed files with 241 additions and 105 deletions.
diff --git a/docs/examples/mssqlserver/configuration/custom-config-podtemplate.yaml b/docs/examples/mssqlserver/configuration/custom-config-podtemplate.yaml
@@ -0,0 +1,41 @@
+apiVersion: kubedb.com/v1alpha2
+kind: MSSQLServer
+metadata:
+  name: custom-config-podtemplate
+  namespace: demo
+spec:
+  version: "2022-cu12"
+  replicas: 1
+  tls:
+    issuerRef:
+      name: mssqlserver-ca-issuer
+      kind: Issuer
+      apiGroup: "cert-manager.io"
+    clientTLS: false
+  storageType: Durable
+  podTemplate:
+    spec:
+      containers:
+        - name: mssql
+          env:
+            - name: MSSQL_PID
+              value: "Evaluation"
+            - name: MSSQL_MEMORY_LIMIT_MB
+              value: "2560"
+            - name: MSSQL_LCID
+              value: "1036"
+          resources:
+            requests:
+              cpu: "500m"
+              memory: "1.5Gi"
+            limits:
+              cpu: "3"
+              memory: "6Gi"
+  storage:
+    storageClassName: "standard"
+    accessModes:
+      - ReadWriteOnce
+    resources:
+      requests:
+        storage: 1Gi
+  deletionPolicy: WipeOut
diff --git a/docs/guides/mssqlserver/configuration/using-config-file.md b/docs/guides/mssqlserver/configuration/using-config-file.md
@@ -2,7 +2,7 @@
 title: Run MSSQLServer with Custom Configuration
 menu:
   docs_{{ .version }}:
-    identifier: ms-configuration--config-file
+    identifier: ms-configuration-config-file
     name: Config File
     parent: ms-configuration
     weight: 10
@@ -18,9 +18,11 @@ KubeDB supports providing custom configuration for MSSQLServer. This tutorial wi
 
 ## Before You Begin
 
-- At first, you need to have a Kubernetes cluster, and the kubectl command-line tool must be configured to communicate with your cluster. If you do not already have a cluster, you can create one by using [kind](https://kind.sigs.k8s.io/docs/user/quick-start/).
+- You need to have a Kubernetes cluster, and the kubectl command-line tool must be configured to communicate with your cluster. If you do not already have a cluster, you can create one by using [kind](https://kind.sigs.k8s.io/docs/user/quick-start/).
 
-- Now, install KubeDB cli on your workstation and KubeDB operator in your cluster following the steps [here](/docs/setup/README.md).
+- Now, install KubeDB cli on your workstation and KubeDB operator in your cluster following the steps [here](/docs/setup/README.md). Make sure install with helm command including `--set global.featureGates.MSSQLServer=true` to ensure MSSQLServer CRD installation.
+
+- To configure TLS/SSL in `MSSQLServer`, `KubeDB` uses `cert-manager` to issue certificates. So first you have to make sure that the cluster has `cert-manager` installed. To install `cert-manager` in your cluster following steps [here](https://cert-manager.io/docs/installation/kubernetes/).
 
 - To keep things isolated, this tutorial uses a separate namespace called `demo` throughout this tutorial. Run the following command to prepare your cluster for this tutorial:
 
@@ -93,6 +95,45 @@ metadata:
 type: Opaque
 ```
 
+
+
+Now, we need to create an Issuer/ClusterIssuer which will be used to generate the certificate used for TLS configurations.
+
+### Create Issuer/ClusterIssuer
+
+Now, we are going to create an example `Issuer` that will be used throughout the duration of this tutorial. Alternatively, you can follow this [cert-manager tutorial](https://cert-manager.io/docs/configuration/ca/) to create your own `Issuer`. By following the below steps, we are going to create our desired issuer,
+
+- Start off by generating our ca-certificates using openssl,
+```bash
+openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout ./ca.key -out ./ca.crt -subj "/CN=MSSQLServer/O=kubedb"
+```
+-
+- Create a secret using the certificate files we have just generated,
+```bash
+$ kubectl create secret tls mssqlserver-ca --cert=ca.crt  --key=ca.key --namespace=demo 
+secret/mssqlserver-ca created
+```
+Now, we are going to create an `Issuer` using the `mssqlserver-ca` secret that contains the ca-certificate we have just created. Below is the YAML of the `Issuer` CR that we are going to create,
+
+```yaml
+apiVersion: cert-manager.io/v1
+kind: Issuer
+metadata:
+ name: mssqlserver-ca-issuer
+ namespace: demo
+spec:
+ ca:
+   secretName: mssqlserver-ca
+```
+
+Let’s create the `Issuer` CR we have shown above,
+```bash
+$ kubectl create -f https://github.com/kubedb/docs/raw/{{< param "info.version" >}}/docs/examples/mssqlserver/standalone/mssqlserver-ca-issuer.yaml
+issuer.cert-manager.io/mssqlserver-ca-issuer created
+```
+
+
+
 Now, create MSSQLServer CR specifying `spec.configSecret` field.
 
 ```yaml