Problem attaching grafana docker image to mysql with ssl

I’m using the standard grafana docker image, and want to run a HA cluster. To do this, i’ve set up a mysql db in azure, which requires ssl.
However, it appears that there are no ca-certificates bundled in the docker image, because I get the following error on starting the container:
“Server shutdown” logger=server reason="Service init failed: Fail to connect to database: Could not read DB CA Cert path: "
Setting GF_DATABASE_CA_CERT_PATH=/etc/ssl/certs fails, so these do not appear to be present in the image. What now?

Okay, I figured it out, for those coming after me.

First, bind map /etc/ssl/certs to /etc/ssl/certs as read only:

- /etc/ssl/certs:/etc/ssl/certs:ro

second, add:
- GF_DATABASE_SSL_MODE=skip-verify
- GF_DATABASE_CA_CERT_PATH=/etc/ssl/certs/ca-certificates.crt
to your environment for the service.

I have found another solution. I have had the same problem but, in my case, I set up Grafana in AH on Azure Kubernetes Service and Azure Database for MySQL.

I hope this may help you :slight_smile:

I used these values in my yaml file:

According to the documentation

      - name: GF_DATABASE_SSL_MODE               
        value: "true"

It is necessary to download the cert and enable the Enforce SSL connection setting

        value: "/etc/ssl/certs/BaltimoreCyberTrustRoot.crt.pem"

In the end, to put your database name

        value: "[YOURSERVERNAME]"