If pxc-operator enables TLS, does the HAProxy pod need to be configured with a certificate? How is the HAProxy certificate configured?
Percona operator for PXC supports TLS for the following 2 different communications.
- Internal - communication between Percona XtraDB Cluster instances,
- External - communication between the client application and ProxySQL.
For HaProxy as a load balancer, only SSL-Internal TLS is applicable.
Okay, thank you. If my database uses HAProxy as a proxy, which SSL certificate should be used when the business accesses it?