ssl access feature

[imacks]

can we implement ssl feature? I see mariadb supports ssl-ca/cert/key in its .cnf file.

with ssl i feel it is safe to expose the load balancer to the internet. it would be even possible to have multiple load balancers (i.e. multiple clusters) running behind a traffic manager. Inside the vnet we can use a dns server to resolve clients to the load balancer's internal ip address.

[ItalyPaleAle]

I will need to investigate this and how much work it's required to implement it. I feel that it might be quite some work, however, and the use cases are limited... Although Galera clusters can span multiple geographies and operate over a WAN, this is currently a more advanced scenario and not in the scope for this project. Chances are that if you need something like WAN replication, you are running a "more serious" deployment and you might want to administer it more manually anyways (and maybe hire a professional DBA?). This project is more meant for those needing something quick to get up and running and that don't have the resources to administer the cluster.

If you need to expose the cluster outside of the VNet, have you considered using some sort of tunneling/VPN?