Unable to get a working custom temporal server

Hi,

As a poc i tried in a k8s the helm standalone script.
Works great, we managed to convice the stakeholders we should use it.

Now i want to deploy it in our regular way. can’t get it to work.
Situation:
All deploy’s are done by terraform and we are stuck with helm provider that supports helm v2 (not v3)
So im trying to get a normal docker config.
On T environment im trying with the auto-setup=true

What we want (minimal setup):

• Temporal server
• Temporal web
• Temporal admin tools

• DB = mysql with tls
• kafka = false
• es = false
• grafana = false
• prom = false

really the bare minimum to get it working.

When i try to spin up the docker-compose the following keeps haunting me:
+ temporal-sql-tool --ep test.mysql.database.azure.com -u myUsername create --db temporal
2021/04/13 10:20:10 Eerror creating database:Error 9002: SSL connection is required. Please specify SSL options and retry.

How to pass those SSL settings?
I’ve the feeling im doing the config with development.yaml incorrectly.

current docker-compose.yaml

version: "3.5"
services:
  temporal:
    container_name: temporal
    environment:
      - DB=mysql
      - MYSQL_USER=MyUser
      - MYSQL_PWD=***************
      - MYSQL_SEEDS=my.test.mysql.database.azure.com
      - DYNAMIC_CONFIG_FILE_PATH=config/dynamicconfig/development.yaml
    image: temporalio/auto-setup:1.8.1
    networks:
      - temporal-network
    ports:
      - 7233:7233
    volumes:
      - ./dynamicconfig:/etc/temporal/config/dynamicconfig
      - ./key:/etc/temporal/cert
  temporal-admin-tools:
    container_name: temporal-admin-tools
    depends_on:
      - temporal
    environment:
      - TEMPORAL_CLI_ADDRESS=temporal:7233
    image: temporalio/admin-tools:1.8.1
    networks:
      - temporal-network
    stdin_open: true
    tty: true
  temporal-web:
    container_name: temporal-web
    depends_on:
      - temporal
    environment:
      - TEMPORAL_GRPC_ENDPOINT=temporal:7233
      - TEMPORAL_PERMIT_WRITE_API=true
    image: temporalio/web:1.8.1
    networks:
      - temporal-network
    ports:
      - 8088:8088
networks:
  temporal-network:
    driver: bridge
    name: temporal-network

./dynamicconfig/development.yaml

 persistence:
   defaultStore: mysql-default
   visibilityStore: mysql-visibility
   numHistoryShards: 4
   datastores:
     mysql-default:
       sql:
         pluginName: "mysql"
         connectAddr: "my.test.mysql.database.azure.com:3306"
         databaseName: "temporal"
         connectProtocol: "tcp"
         user: "MyUser"
         password: "***********"
         tls:
             enabled:true
             certFile:cert/cert_file
             enableHostVerification:false
     mysql-visibility:
       sql:
         pluginName: "mysql"
         connectAddr: "my.test.mysql.database.azure.com"
         keyspace: "temporal"
         user: "MyUser"
         connectProtocol: "tcp"
         password: "******"
         tls:
             enabled:true
             certFile:cert/cert_file
             enableHostVerification:false
 global:
   membership:
     maxJoinDuration: 30s
     broadcastAddress: "127.0.0.1"
   pprof:
     port: 7936
   metrics:
     prometheus:
       timerType: "histogram"
       listenAddress: "127.0.0.1:8000"

I’ve tried to read and understand Temporal Cluster configuration reference | Temporal Documentation
But for some reason i guess im missing something obvious.

If any more info is needed to solve this riddle, please let me know so i can add it.

While still trying solutions for the SSL.
I’ve started with setting up the DB + schema.
That is also cumbersome…

What i do:

go into admin-tools container:

• temporal-sql-tool --ep [host] -p 3306 create --plugin mysql --db temporal_visibility

ERROR:

Incorrect Usage: flag provided but not defined: -plugin

NAME:
temporal-sql-tool create-database - creates a database

USAGE:
temporal-sql-tool create-database [command options] [arguments…]

OPTIONS:
–database value, --db value name of the database

No matter what i tried made it work… so well i went ahead and tried next command:
bash-5.0# temporal-sql-tool --ep [host] -p 3306 --plugin mysql --db temporal_visibility setup-schema -v 0.0
2021/04/14 06:48:52 Error 9999: An internal error has occurred. Please retry or report your issues.

Before and after i manually made the table, same result.

disclaimer
[host] is a valid azure location but this editor complains i cant post too much links in a post… great editor

I think the ‘mysql’ plugin is the default for temporal-sql-tool… maybe it’ll work without it. Seems like that flag should work tho. This is what I’m using in my db job (from temporal tag ‘1.7.0’):

temporal-sql-tool -u $DB_USER -pw $DB_PASS --ep $DB_HOST -p $DB_PORT --pl postgres --db $DBNAME setup -v 0.0

Seems to be working, cheers:

temporal-sql-tool -u root -pw root --ep <host_ip> -p 3306 --db temporal setup -v 0.0
(works locally)

Is this tool also able to do SSL connections ? our Production environment requires this for connection

Hi,

Does this tool support SSL connections?

Yes, got it working. On holiday for another week so cant provide an example. If needed by next week, let me know

Yes please that would be helpful

For some reason, when creating the db, the sql tool is using the user as the host instead of the actual host & fails stating no such host found

Anyone else faced this issue?

bit late… did miss it somehow >_<

in the admin-tools (docker startup)

environment:
- SQL_TLS=true
- SQL_TLS_CA_FILE= [PATH-to-cert.pem]