You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Prevent index modification on REGIONAL BY ROW
tables and locality to/from REGIONAL BY ROW changes during a ADD/DROP
REGION.
It is now possible to enable TLS for the
web UI console of cockroach demo with the new flag --secure-http. This makes it possible to expose the HTTP interface
to a shared network.
Note however that this configuration still uses an ephemeral
self-signed CA generated by demo itself, and is thus insufficient
for use by end users web browsers directly: it should still be
combined with a HTTP proxy that exposes the service using a public CA.
This feature is not enabled by default.
The network address bound by cockroach demo simulated nodes is now configurable via the new command-line
flags --http-addr (for the HTTP interface) and --sql-addr (for the
TCP interface for SQL clients).
The default for these flags results in the same configuration as
in previous versions, that is, the demo nodes only listen
on 127.0.0.1.
Note that --http-addr cannot be used without passing --secure-http
explicitly (either via --secure-http=true or --secure-http=false), so as to clearly signal intent.
The CommonName (CN) field of the TLS server
certificate generated for the HTTP port in cockroach demo (when --secure-http is used) is now configurable via the new flag --http-advertise-addr. This is also the address displayed in the web
UI URLs printed to the user via the \demo ls client-side command.
The default for this value is the same as --http-addr.
The text was updated successfully, but these errors were encountered:
PR: cockroachdb/cockroach#8
From release notes:
It is now possible to enable TLS for the
web UI console of
cockroach demowith the new flag--secure-http. This makes it possible to expose the HTTP interfaceto a shared network.
Note however that this configuration still uses an ephemeral
self-signed CA generated by
demoitself, and is thus insufficientfor use by end users web browsers directly: it should still be
combined with a HTTP proxy that exposes the service using a public CA.
This feature is not enabled by default.
The network address bound by
cockroach demosimulated nodes is now configurable via the new command-lineflags
--http-addr(for the HTTP interface) and--sql-addr(for theTCP interface for SQL clients).
The default for these flags results in the same configuration as
in previous versions, that is, the
demonodes only listenon 127.0.0.1.
Note that
--http-addrcannot be used without passing--secure-httpexplicitly (either via
--secure-http=trueor--secure-http=false), so as to clearly signal intent.The CommonName (CN) field of the TLS server
certificate generated for the HTTP port in
cockroach demo(when--secure-httpis used) is now configurable via the new flag--http-advertise-addr. This is also the address displayed in the webUI URLs printed to the user via the
\demo lsclient-side command.The default for this value is the same as
--http-addr.The text was updated successfully, but these errors were encountered: