Aerospike destination configuration for the Aerospike XDR Proxy
Aerospike destination configuration
The Aerospike section configures the connection properties to the Aerospike cluster.
Option | Required | Description |
---|---|---|
seeds | yes | The list of Aerospike seed nodes to connect. See seeds. |
credentials | no | The credentials to connect to the Aerospike server. See credentials. |
services | no | The service configuration. See services. |
cluster-name | no | The aerospike cluster name if configured. |
performance | no | The performance tuning parameters. See performance. |
rack-id | no | The rack where the connector instance resides. |
tls | no | The tls config. See TLS. |
Seeds Config
A map of Aerospike seed to its configuration.
Option | Required | Default | Description |
---|---|---|---|
port | no | 3000 | The Aerospike server port. |
tls-name | no | The tls name of the Aerospike server. |
Credentials Config
The credentials to connect to the Aerospike server.
Option | Required | Default | Description |
---|---|---|---|
username | yes | The username. | |
password-file | yes | A file from which the password is read. Everything after the first newline is ignored. Trailing spaces in the first line are not ignored. | |
auth-mode | no | internal | The authentication mode. Valid values are internal , external , external-insecure , pki . See auth-mode. |
Password File
A file from which the password is read. Everything after the first newline is ignored. Trailing spaces in the first line are not ignored.
Services Config
The service configuration.
Option | Required | Default | Description |
---|---|---|---|
ip-map | no | no translation | The IP translation table. See ip map. |
use-services-alternate | no | false | Should use "services-alternate" instead of "services" in info request during cluster tending. |
IP Map Config
An IP translation table is a map of IP address to IP address, used in cases where different clients use different server IP addresses. The key is the IP address returned from friend info requests to other servers. The value is the real IP address used to connect to the server.
Performance Config
The performance tuning parameters.
Option | Required | Default | Description |
---|---|---|---|
max-connections-per-node | no | 300 | The maximum number of connections allowed per Aerospike server node |
event-loop-size | no | # of processors | Number of event loops. |
TLS Config
The TLS config of the client.
Option | Required | Default | Description |
---|---|---|---|
key-store | yes | The key store containing the Aerospike client certificate for mutual authentication. See TLS Store Config. | |
trust-store | no | Default java trust store. | The trust store containing trusted CA certificate for Aerospike server certificate. See TLS Store Config. |
ciphers | no | default ciphers allowed by the JVM | Allowed list of TLS ciphers that clients can use for secure connections. |
revoke-certificates | no | List of certificate serial numbers to reject. |
Sample TLS section with default trust store
tls:
trust-store: default
TLS Store Config
A TLS key/trust store.
Option | Required | Default | Description |
---|---|---|---|
store-file | yes | The store file | |
store-password-file | yes | Read store password from this file. | |
key-password-file | no | Read key password from this file. | |
store-type | no | JKS | The keystore type. Valid values are JKS, JCEKS, PKCS12, PKCS11, DKS, Windows_MY, BKS |
Example
aerospike:
seeds:
- 192.168.50.1:
port: 3000
tls-name: red
- 192.168.50.2
credentials:
username: admin
password-file: /path/to/password/file.txt
auth-mode: internal
services:
ip-map:
192.168.50.1: 192.168.60.1
192.168.50.2: 192.168.60.2
use-services-alternate: false
cluster-name: east
performance:
max-connections-per-node: 300
event-loop-size: 4
rack-id: 1
tls:
key-store:
store-file: /path/to/store/file
store-password-file: /path/to/store/password/file
key-password-file: /path/to/key/password/file
store-type: JKS
trust-store:
store-file: /path/to/store/file
store-password-file: /path/to/store/password/file
key-password-file: /path/to/key/password/file
store-type: JKS
ciphers:
- TLS_RSA_WITH_3DES_EDE_CBC_SHA
revoke-certificates:
- 12345678
Specify rack ID
If the XDR proxy nodes are located on racks, specify the ID of the rack where the this XDR proxy instance is located.
Example
Here is an example with the rack-id
property. Also included is the example from the previous step:
aerospike:
seeds:
- 192.168.50.1:
port: 3000
tls-name: red
- 192.168.50.2
cluster-name: east
rack-id: 1
Timeouts
Specify timeouts applied to the Aerospike transactions.
Property | Required | Default | Description |
---|---|---|---|
socket-timeout | no | 30000 (30 seconds) | Socket idle timeout in milliseconds when processing a database command. |
total-timeout | no | 1000 (1 second) | Total transaction timeout in milliseconds. |
Example
Here is an example of the specifying socket-timeout
and total-timeout
.
aerospike:
seeds:
- 192.168.50.1:
port: 3000
tls-name: red
- 192.168.50.2
socket-timeout: 30000
total-timeout: 1000
Boolean particle type
Specify particle types of boolean bins.
- If
true
, boolean is stored on the Aerospike server with a boolean particle type (introduced in Aerospike server 5.6). - If
false
, boolean is stored on the Aerospike server with an integer particle type (1 or 0). Must be false for server versions earlier than 5.6 which do not support boolean bins.
Property | Required | Default | Description |
---|---|---|---|
use-bool-bin | no | false | Set this property to true if you would like boolean bins stored with boolean particle type in the Aerospike server. |
Example
Here is an example specifying use-bool-bin
.
aerospike:
seeds:
- 192.168.50.1:
port: 3000
tls-name: red
- 192.168.50.2
use-bool-bin: false