not to expose these end points to anyone outside Kubernetes at all. Another option is to create Ingress controllers. Topology The helm chart specifies a single unsharded keyspace: commerce. Unsharded and will therefore redirect all queries to the only one present. Vertical Split Due to a massive ingress of free-trade, single-origin yerba mate merchants to your website, hipsters are swarming to buy stuff -mysql_server_ssl_key. Client certificates can also be mandated by setting -mysql_server_ssl_ca. If there is no CA specified then TLS is optional. 52 Session Scope Vitess uses a connection pool to fan-in

-- clickhouse-client Connect from outside Kubernetes using Ingress or Nodeport # Kops deployment on AWS configures external ingress. clickhouse-client --host $AWS_ELB_HOST_NAME Replication requires

-- clickhouse-client Connect from outside Kubernetes using Ingress or Nodeport # Kops deployment on AWS configures external ingress. clickhouse-client --host $AWS_ELB_HOST_NAME Replication requires

db_port charSet: # db_charset flags: 0 # db_flags flavor: # db_flavor sslCa: # db_ssl_ca sslCaPath: # db_ssl_ca_path sslCert: # db_ssl_cert sslKey: # db_ssl_key serverName: # db_server_name conne -mysql_server_ssl_key. Client certificates can also be mandated by setting -mysql_server_ssl_ca. If there is no CA specified then TLS is optional. X Dev API Vitess does not support X Dev API. Temporary Tables grpc_key: server cert and key to use. – grpc_ca (optional): client cert chains to trust. If specified, the client must then use a certificate signed by one of the CA certs in the provided file. • A Vitess

grpc_key: server cert and key to use. – grpc_ca (optional): client cert chains to trust. If specified, the client must use a certificate signed by one ca in the provided file. • A Vitess go client can can be configured with symmetrical parameters to enable TLS: – ..._grpc_ca: list of server cert signers to trust. – ..._grpc_server_name: name of the server cert to trust, instead of the hostname used -mysql_server_ssl_cert and -mysql_server_ssl_key. To require client certificates set -mysql_server_ssl_ca. If there is no CA specified then TLS is optional. Two-Phase Commit {{< warning >}} Transaction commit is much

grpc_key: server cert and key to use. – grpc_ca (optional): client cert chains to trust. If specified, the client must then use a certificate signed by one of the CA certs in the provided file. • A Vitess Vitess go client can be configured with symmetrical parameters to enable TLS: 83 – xxxx_grpc_ca: list of server cert signers to trust. I.E. the client will only connect to servers presenting a cert signed is already secured between VMs. Options for vtctld Name Type Definition -tablet_grpc_ca string the server ca to use to validate servers when connecting -tablet_grpc_cert string the cert to use to connect

This is used for au- thentication of client to the server. $cfg['Servers'][$i]['ssl_ca'] and $cfg['Servers'][$i]['ssl_ca_path'] The certificate authorities you trust for server certificates. This is used $cfg['Servers'][$i]['ssl_key'], $cfg['Servers'][$i]['ssl_cert'], $cfg['Servers'][$i]['ssl_ca'], $cfg['Servers'][$i]['ssl_ca_path'], $cfg['Servers'][$i]['ssl_ciphers'], $cfg['Servers'][$i]['ssl_verify'] 3.14 $cfg['Servers'][$i]['ssl_key'], $cfg['Servers'][$i]['ssl_cert'], $cfg['Servers'][$i]['ssl_ca'], $cfg['Servers'][$i]['ssl_ca_path'], $cfg['Servers'][$i]['ssl_ciphers'], $cfg['Servers'][$i]['ssl_verify'] $cf

This is used for au- thentication of client to the server. $cfg['Servers'][$i]['ssl_ca'] and $cfg['Servers'][$i]['ssl_ca_path'] The certificate authorities you trust for server certificates. This is used $cfg['Servers'][$i]['ssl_key'], $cfg['Servers'][$i]['ssl_cert'], $cfg['Servers'][$i]['ssl_ca'], $cfg['Servers'][$i]['ssl_ca_path'], $cfg['Servers'][$i]['ssl_ciphers'], $cfg['Servers'][$i]['ssl_verify'] 3.14 $cfg['Servers'][$i]['ssl_key'], $cfg['Servers'][$i]['ssl_cert'], $cfg['Servers'][$i]['ssl_ca'], $cfg['Servers'][$i]['ssl_ca_path'], $cfg['Servers'][$i]['ssl_ciphers'], $cfg['Servers'][$i]['ssl_verify'] $cf

This is used for au- thentication of client to the server. $cfg['Servers'][$i]['ssl_ca'] and $cfg['Servers'][$i]['ssl_ca_path'] The certificate authorities you trust for server certificates. This is used $cfg['Servers'][$i]['ssl_key'], $cfg['Servers'][$i]['ssl_cert'], $cfg['Servers'][$i]['ssl_ca'], $cfg['Servers'][$i]['ssl_ca_path'], $cfg['Servers'][$i]['ssl_ciphers'], $cfg['Servers'][$i]['ssl_verify'] 3.14 $cfg['Servers'][$i]['ssl_key'], $cfg['Servers'][$i]['ssl_cert'], $cfg['Servers'][$i]['ssl_ca'], $cfg['Servers'][$i]['ssl_ca_path'], $cfg['Servers'][$i]['ssl_ciphers'], $cfg['Servers'][$i]['ssl_verify'] $cf

This is used for au- thentication of client to the server. $cfg['Servers'][$i]['ssl_ca'] and $cfg['Servers'][$i]['ssl_ca_path'] The certificate authorities you trust for server certificates. This is used $cfg['Servers'][$i]['ssl_key'], $cfg['Servers'][$i]['ssl_cert'], $cfg['Servers'][$i]['ssl_ca'], $cfg['Servers'][$i]['ssl_ca_path'], $cfg['Servers'][$i]['ssl_ciphers'], $cfg['Servers'][$i]['ssl_verify'] 3.13 $cfg['Servers'][$i]['ssl_key'], $cfg['Servers'][$i]['ssl_cert'], $cfg['Servers'][$i]['ssl_ca'], $cfg['Servers'][$i]['ssl_ca_path'], $cfg['Servers'][$i]['ssl_ciphers'], $cfg['Servers'][$i]['ssl_verify'] $cf