Skip to main content

Providing the Feature-Key File

The feature-key file is a cryptographically-signed list of enabled server features. Starting with Aerospike Database Enterprise Edition (EE) 4.6, the server requires a feature-key file to start. Users of Aerospike Database Community Edition (CE) can skip this section.

As of 6.1, a simple feature-key file is included. This feature-key file only allows deployment of a single-node cluster.

Defining the location of the feature key file

If the server cannot find the feature key file, it exits early in its start-up sequence and issues the following log message:

Apr 09 2021 06:35:12 GMT: CRITICAL (config): (features_ee.c:142) failed to get feature key /etc/aerospike/features.conf

As you can see, the default path to the feature-key file is /etc/aerospike/features.conf. The simplest way to satisfy this requirement is to copy yours to this location.

For Enterprise Edition only, you can add the feature-key-file configuration parameter to the service stanza.

service {
feature-key-file /opt/aerospike/evaluation-features.conf
}
  • In EE version 5.4, support was added for
    • a vault:secret_in_vault to fetch the contents of the feature key from HashiCorp Vault. See Optional security with Vault integration.
    • reading the feature key from an environment variable such as env-b64:FEATURES.
  • In EE version 5.5, support was added for combining multiple feature key files. The path can now indicate a directory, where all the files it contains are feature-key files. The server will check each for validity, expiration, and merge valid ones into its feature set. This supports limited-time trials of new features.
    • If any of the feature key files have the feature key asdb-cluster-nodes-limit, the highest non-zero value is chosen to restrict the cluster size.

Base64-encoding the feature key file in an environment variable

Instead of placing the feature key in a filesystem path, you can pass it as a secret in an environment variable.

export FOO=$(base64 ~/evaluation-features.conf)

Then in the configuration file:

service {
feature-key-file env-b64:FOO
}

When database features are loaded at start-up, the base64-encoded feature key are read from the named environment variable and decoded into binary form. You can then clear the environment variable until the next time you start the database.