Skip to main content

Aerospike destination configuration for the Aerospike XDR Proxy

Aerospike destination configuration

The Aerospike section configures the connection properties to the Aerospike cluster.

OptionRequiredDescription
seedsyesThe list of Aerospike seed nodes to connect. See seeds.
credentialsnoThe credentials to connect to the Aerospike server. See credentials.
servicesnoThe service configuration. See services.
cluster-namenoThe aerospike cluster name if configured.
performancenoThe performance tuning parameters. See performance.
rack-idnoThe rack where the connector instance resides.
tlsnoThe tls config. See TLS.

Seeds Config

A map of Aerospike seed to its configuration.

OptionRequiredDefaultDescription
portno3000The Aerospike server port.
tls-namenoThe tls name of the Aerospike server.

Credentials Config

The credentials to connect to the Aerospike server.

OptionRequiredDefaultDescription
usernameyesThe username.
password-fileyesA file from which the password is read. Everything after the first newline is ignored. Trailing spaces in the first line are not ignored.
auth-modenointernalThe authentication mode. Valid values are internal, external, external-insecure. See auth-mode.

Password File

A file from which the password is read. Everything after the first newline is ignored. Trailing spaces in the first line are not ignored.

Services Config

The service configuration.

OptionRequiredDefaultDescription
ip-mapnono translationThe IP translation table. See ip map.
use-services-alternatenofalseShould use "services-alternate" instead of "services" in info request during cluster tending.

IP Map Config

An IP translation table is a map of IP address to IP address, used in cases where different clients use different server IP addresses. The key is the IP address returned from friend info requests to other servers. The value is the real IP address used to connect to the server.

Performance Config

The performance tuning parameters.

OptionRequiredDefaultDescription
max-connections-per-nodeno300The maximum number of connections allowed per Aerospike server node
event-loop-sizeno# of processorsNumber of event loops.

TLS Config

The TLS config of the client.

OptionRequiredDefaultDescription
key-storeyesThe key store containing the Aerospike client certificate for mutual authentication. See TLS Store Config.
trust-storenoDefault java trust store.The trust store containing trusted CA certificate for Aerospike server certificate. See TLS Store Config.
ciphersnodefault ciphers allowed by the JVMAllowed list of TLS ciphers that clients can use for secure connections.
revoke-certificatesnoList of certificate serial numbers to reject.

Sample TLS section with default trust store

  tls:
trust-store: default

TLS Store Config

A TLS key/trust store.

OptionRequiredDefaultDescription
store-fileyesThe store file
store-password-fileyesRead store password from this file.
key-password-filenoRead key password from this file.
store-typenoJKSThe keystore type. Valid values are JKS, JCEKS, PKCS12, PKCS11, DKS, Windows_MY, BKS

Example

aerospike:
seeds:
- 192.168.50.1:
port: 3000
tls-name: red
- 192.168.50.2
credentials:
username: admin
password-file: /path/to/password/file.txt
auth-mode: internal
services:
ip-map:
192.168.50.1: 192.168.60.1
192.168.50.2: 192.168.60.2
use-services-alternate: false
cluster-name: east
performance:
max-connections-per-node: 300
event-loop-size: 4
rack-id: 1
tls:
key-store:
store-file: /path/to/store/file
store-password-file: /path/to/store/password/file
key-password-file: /path/to/key/password/file
store-type: JKS
trust-store:
store-file: /path/to/store/file
store-password-file: /path/to/store/password/file
key-password-file: /path/to/key/password/file
store-type: JKS
ciphers:
- TLS_RSA_WITH_3DES_EDE_CBC_SHA
revoke-certificates:
- 12345678