Unable to get a working custom temporal server

Hi,

As a poc i tried in a k8s the helm standalone script.
Works great, we managed to convice the stakeholders we should use it.

Now i want to deploy it in our regular way. can’t get it to work.
Situation:
All deploy’s are done by terraform and we are stuck with helm provider that supports helm v2 (not v3)
So im trying to get a normal docker config.
On T environment im trying with the auto-setup=true

What we want (minimal setup):

  • Temporal server
  • Temporal web
  • Temporal admin tools
  • DB = mysql with tls
  • kafka = false
  • es = false
  • grafana = false
  • prom = false

really the bare minimum to get it working.

When i try to spin up the docker-compose the following keeps haunting me:
+ temporal-sql-tool --ep test.mysql.database.azure.com -u myUsername create --db temporal
2021/04/13 10:20:10 Eerror creating database:Error 9002: SSL connection is required. Please specify SSL options and retry.

How to pass those SSL settings?
I’ve the feeling im doing the config with development.yaml incorrectly.

current docker-compose.yaml

version: "3.5"
services:
  temporal:
    container_name: temporal
    environment:
      - DB=mysql
      - MYSQL_USER=MyUser
      - MYSQL_PWD=***************
      - MYSQL_SEEDS=my.test.mysql.database.azure.com
      - DYNAMIC_CONFIG_FILE_PATH=config/dynamicconfig/development.yaml
    image: temporalio/auto-setup:1.8.1
    networks:
      - temporal-network
    ports:
      - 7233:7233
    volumes:
      - ./dynamicconfig:/etc/temporal/config/dynamicconfig
      - ./key:/etc/temporal/cert
  temporal-admin-tools:
    container_name: temporal-admin-tools
    depends_on:
      - temporal
    environment:
      - TEMPORAL_CLI_ADDRESS=temporal:7233
    image: temporalio/admin-tools:1.8.1
    networks:
      - temporal-network
    stdin_open: true
    tty: true
  temporal-web:
    container_name: temporal-web
    depends_on:
      - temporal
    environment:
      - TEMPORAL_GRPC_ENDPOINT=temporal:7233
      - TEMPORAL_PERMIT_WRITE_API=true
    image: temporalio/web:1.8.1
    networks:
      - temporal-network
    ports:
      - 8088:8088
networks:
  temporal-network:
    driver: bridge
    name: temporal-network

./dynamicconfig/development.yaml

 persistence:
   defaultStore: mysql-default
   visibilityStore: mysql-visibility
   numHistoryShards: 4
   datastores:
     mysql-default:
       sql:
         pluginName: "mysql"
         connectAddr: "my.test.mysql.database.azure.com:3306"
         databaseName: "temporal"
         connectProtocol: "tcp"
         user: "MyUser"
         password: "***********"
         tls:
             enabled:true
             certFile:cert/cert_file
             enableHostVerification:false
     mysql-visibility:
       sql:
         pluginName: "mysql"
         connectAddr: "my.test.mysql.database.azure.com"
         keyspace: "temporal"
         user: "MyUser"
         connectProtocol: "tcp"
         password: "******"
         tls:
             enabled:true
             certFile:cert/cert_file
             enableHostVerification:false
 global:
   membership:
     maxJoinDuration: 30s
     broadcastAddress: "127.0.0.1"
   pprof:
     port: 7936
   metrics:
     prometheus:
       timerType: "histogram"
       listenAddress: "127.0.0.1:8000"

I’ve tried to read and understand https://docs.temporal.io/docs/server-configuration#persistence
But for some reason i guess im missing something obvious.

If any more info is needed to solve this riddle, please let me know so i can add it.

While still trying solutions for the SSL.
I’ve started with setting up the DB + schema.
That is also cumbersome…

What i do:

go into admin-tools container:

  • temporal-sql-tool --ep [host] -p 3306 create --plugin mysql --db temporal_visibility

ERROR:

Incorrect Usage: flag provided but not defined: -plugin

NAME:
temporal-sql-tool create-database - creates a database

USAGE:
temporal-sql-tool create-database [command options] [arguments…]

OPTIONS:
–database value, --db value name of the database

No matter what i tried made it work… so well i went ahead and tried next command:
bash-5.0# temporal-sql-tool --ep [host] -p 3306 --plugin mysql --db temporal_visibility setup-schema -v 0.0
2021/04/14 06:48:52 Error 9999: An internal error has occurred. Please retry or report your issues.

Before and after i manually made the table, same result.

disclaimer
[host] is a valid azure location but this editor complains i cant post too much links in a post… great editor

I think the ‘mysql’ plugin is the default for temporal-sql-tool… maybe it’ll work without it. Seems like that flag should work tho. This is what I’m using in my db job (from temporal tag ‘1.7.0’):

temporal-sql-tool -u $DB_USER -pw $DB_PASS --ep $DB_HOST -p $DB_PORT --pl postgres --db $DBNAME setup -v 0.0

Seems to be working, cheers:

temporal-sql-tool -u root -pw root --ep <host_ip> -p 3306 --db temporal setup -v 0.0
(works locally)

Is this tool also able to do SSL connections ? our Production environment requires this for connection