How to Deploy a Secure CockroachDB Cluster on Ubuntu 22.04
CockroachDB is a distributed SQL database that’s designed for scalability and high availability. Deploying it on Ubuntu 22.04 can be a powerful addition to your infrastructure. In this guide, we’ll walk you through the steps to deploy a secure CockroachDB cluster on Ubuntu 22.04.
- Three Ubuntu 20.04 servers. These will be your CockroachDB nodes.
- SSH access to all three servers with sudo privileges.
- Basic understanding of Linux server administration.
Step 1: Update Your System
Before you begin, ensure your system is up to date:
sudo apt update sudo apt upgrade
Step 2: Install CockroachDB
CockroachDB provides a convenient script for installation. Run the following commands on each of your servers:
wget https://binaries.cockroachdb.com/cockroach-latest.linux-amd64.tgz tar -xzf cockroach-latest.linux-amd64.tgz sudo cp cockroach-latest.linux-amd64/cockroach /usr/local/bin/
Step 3: Configure CockroachDB Nodes
On each server, create a directory to store the CockroachDB data and a configuration file:
sudo mkdir -p /var/lib/cockroach sudo touch /etc/cockroachdb/cockroach.yml
Edit the configuration file using your preferred text editor. Here’s a basic configuration:
# /etc/cockroachdb/cockroach.yml # Common settings server: http_addr: <node-IP>:8080 addr: <node-IP>:26257 # Encryption settings (generate certs before using) tls: cert_file: /etc/cockroachdb/certs/cockroach.crt key_file: /etc/cockroachdb/certs/cockroach.key ca_file: /etc/cockroachdb/certs/ca.crt # Secure the node insecure: false
Make sure to replace
<node-IP> with the actual IP address of each server. The example above includes TLS encryption; you should generate appropriate certificates for your cluster.
Step 4: Initialize the First Node
On one of your servers, initialize the CockroachDB cluster:
cockroach init --insecure --host=<node-IP>:26257
Step 5: Start CockroachDB Nodes
On all three servers, start the CockroachDB service:
sudo cockroach start --background
Step 6: Access the Admin UI
You can access the CockroachDB Admin UI by visiting
http://<node-IP>:8080 in your web browser. This interface provides insights into your cluster’s performance and status.
Step 7: Secure the Cluster
For a production environment, you should secure your CockroachDB cluster by setting up proper authentication and encryption. Refer to the official CockroachDB documentation for detailed instructions on securing your cluster.
You’ve successfully deployed a secure CockroachDB cluster on Ubuntu 22.04. CockroachDB’s distributed architecture and scalability make it a powerful choice for high-availability database solutions. Remember to follow best practices for securing your cluster, especially in a production environment.