Configuring the Properties of Connections from the Connector to an Aerospike Database
Use the aerospike
section of the /etc/aerospike-jms-inbound/aerospike-jms-inbound.yml
file to configure the connection properties that the connector must use when connecting to the Aerospike database.
Procedureโ
Carry out these steps in the aerospike
section of the /etc/aerospike-jms-inbound/aerospike-jms-inbound.yml
file:
List the seed nodes of your Aerospike databaseโ
Use the required seeds
stanza to list the nodes in the Aerospike database cluster that you want the connector to connect to. By connecting to a seed node, the connector can discover all of the nodes in the cluster. The connector iterates through the list of nodes until it successfully connects to one of them, then it discovers the other nodes in the cluster. The connector is an Aerospike Smart Client, and stores in memory the partition maps of each node in the cluster, so that it can send updates directly to the appropriate nodes. For more information about Aerospike Smart Clients, see Smart Client.
Property | Required | Default | Description |
---|---|---|---|
port | no | 3000 | The port to use when making connections to the Aerospike database. |
tls-name | no | The TLS name of the Aerospike database. |
Exampleโ
Here is an example with the seeds
stanza at the top of the file:
aerospike:
seeds:
- 192.168.50.1:
port: 3000
tls-name: red
- 192.168.50.2
If the database cluster is configured with a name, specify the nameโ
Use the optional cluster-name
property to specify the name of the Aerospike database that you are streaming data to. The connector can run for a long time, during which nodes of the cluster can be removed from the cluster permanently or for maintenance. The IP addresses of those nodes could be reassigned to nodes that are in other Aerospike clusters or in non-Aerospike clusters. By specifying the name of the Aerospike cluster that you are streaming data to, you ensure that the connector always communicates only with nodes that are part of that cluster.
The value must match the value that is set by the configuration property cluster-name
in the configuration file for the Aerospike database. For information about setting this property, see cluster-name
in "Configuration parameter reference"
Exampleโ
Here is an example with the cluster-name
property appearing after the seeds
stanza:
aerospike:
seeds:
- 192.168.50.1:
port: 3000
tls-name: red
- 192.168.50.2
cluster-name: east
(Optional) Configure Transport Layer Security (TLS) propertiesโ
You can use the tls
stanza to secure connections from the connector to your Aerospike database with TLS.
This stanza is more complex than the seeds
stanza in the first step, so here is an example up front.
aerospike:
seeds:
- 192.168.50.1:
port: 3000
tls-name: red
- 192.168.50.2
cluster-name: east
tls:
key-store:
store-file: /path/to/store/file
store-password-file: /path/to/store/password/file
key-password-file: /path/to/key/password/file
store-type: JKS
trust-store:
store-file: /path/to/store/file
store-password-file: /path/to/store/password/file
key-password-file: /path/to/key/password/file
store-type: JKS
ciphers:
- TLS_RSA_WITH_3DES_EDE_CBC_SHA
revoke-certificates:
- 12345678
Here are descriptions of the main properties in the tls
stanza:
Property | Required | Default | Description |
---|---|---|---|
key-store | yes | Key store containing the Aerospike client certificate for mutual authentication. See "Configuring key-store and trust-store ". | |
trust-store | no | Default Java trust store. | Trust store containing trusted CA certificate for Aerospike database certificate. See "Configuring key-store and trust-store ". |
ciphers | no | Default ciphers allowed by the JVM | Allowed list of TLS ciphers that clients can use for secure connections. |
revoke-certificates | no | List of certificate serial numbers to reject. |
Configuring key-store
and trust-store
โ
key-store
takes these properties. trust-store
can either take these properties or its default value.
Property | Required | Default | Description |
---|---|---|---|
store-file | yes | The store file | |
store-password-file | yes | File that contains the password to the store. | |
key-password-file | no | File that contains the password for the key. | |
store-type | no | JKS | Keystore type. Valid values are JKS , JCEKS , PKCS12 , PKCS11 , DKS , Windows_MY , and BKS . |
Example of a tls
stanza with the default value for trust-store
โ
tls:
key-store:
store-file: /path/to/store/file
store-password-file: /path/to/store/password/file
key-password-file: /path/to/key/password/file
store-type: JKS
trust-store: default
(Optional) Specify authorization credentials for connecting to your Aerospike databaseโ
Use the optional credentials
stanza to provide the authentication credentials that you want the connector to use to connect to nodes in the Aerospike database cluster.
Property | Required | Default | Description |
---|---|---|---|
username | yes | Username. | |
password-file | yes | File from which the password is read. Everything after the first newline is ignored. Trailing spaces in the first line are not ignored. | |
auth-mode | no | internal | Authentication mode. Valid values are internal , external , external-insecure and pki .
|
Exampleโ
Here is an example with the credentials
stanza. Also included is the example from previous step.
aerospike:
seeds:
- 192.168.50.1:
port: 3000
tls-name: red
- 192.168.50.2
cluster-name: east
tls:
key-store:
store-file: /path/to/store/file
store-password-file: /path/to/store/password/file
key-password-file: /path/to/key/password/file
store-type: JKS
trust-store:
store-file: /path/to/store/file
store-password-file: /path/to/store/password/file
key-password-file: /path/to/key/password/file
store-type: JKS
ciphers:
- TLS_RSA_WITH_3DES_EDE_CBC_SHA
revoke-certificates:
- 12345678
credentials:
username: admin
password-file: /path/to/password/file.txt
auth-mode: internal
(Optional) Configure optional settings for communicating with your Aerospike databaseโ
Use the optional services
stanza to configure optional settings for the connector to use when communicating with nodes of your Aerospike database.
Property | Required | Default | Description |
---|---|---|---|
ip-map | no | No translation | If the connector is outside of the network in which your Aerospike database is running, you can use this property to map node IP addresses visible to the connector to destination IP addresses within your network. |
use-services-alternate | no | false | Use if alternate-access-address is set in the configuration file for your Aerospike database. See the reference for alternate-access-address for more information about this property. |
Exampleโ
Here is an example of the services
stanza mapping two node IP addresses as exposed outside of an Aerospike database's network to IP addresses for those nodes within the network. Also included is the example from previous step.
aerospike:
seeds:
- 192.168.50.1:
port: 3000
tls-name: red
- 192.168.50.2
cluster-name: east
tls:
key-store:
store-file: /path/to/store/file
store-password-file: /path/to/store/password/file
key-password-file: /path/to/key/password/file
store-type: JKS
trust-store:
store-file: /path/to/store/file
store-password-file: /path/to/store/password/file
key-password-file: /path/to/key/password/file
store-type: JKS
ciphers:
- TLS_RSA_WITH_3DES_EDE_CBC_SHA
revoke-certificates:
- 12345678
credentials:
username: admin
password-file: /path/to/password/file.txt
auth-mode: internal
services:
ip-map:
192.168.50.1: 192.168.60.1
192.168.50.2: 192.168.60.2
(Optional) Throttle the number of connections from the connectorโ
Use the optional performance
stanza to throttle the number of connections the connector can open per node in your Aerospike database. You can also throttle the number of threads that the connector runs on nodes that it connects to.
Property | Required | Default | Description |
---|---|---|---|
max-connections-per-node | no | 300 | The maximum number of connections allowed per Aerospike database node |
event-loop-size | no | The number of processors on a node. | Number of threads that the client launches on a node. |
Exampleโ
Here is an example of the performance
stanza setting a maximum of 310 connections per node and specifying to launch four threads per node. Also included is the example from previous step.
aerospike:
seeds:
- 192.168.50.1:
port: 3000
tls-name: red
- 192.168.50.2
cluster-name: east
tls:
key-store:
store-file: /path/to/store/file
store-password-file: /path/to/store/password/file
key-password-file: /path/to/key/password/file
store-type: JKS
trust-store:
store-file: /path/to/store/file
store-password-file: /path/to/store/password/file
key-password-file: /path/to/key/password/file
store-type: JKS
ciphers:
- TLS_RSA_WITH_3DES_EDE_CBC_SHA
revoke-certificates:
- 12345678
credentials:
username: admin
password-file: /path/to/password/file.txt
auth-mode: internal
services:
ip-map:
192.168.50.1: 192.168.60.1
192.168.50.2: 192.168.60.2
performance:
max-connections-per-node: 310
event-loop-size: 4
(Optional) Specify rack id where this Aerospike client instance residesโ
Rack id where this client instance resides.
Property | Required | Default | Description |
---|---|---|---|
rack-id | no | null | An integer specifying the rack id where this client resides. |
Exampleโ
Here is an example specifying rack-id
.
aerospike:
seeds:
- 192.168.50.1:
port: 3000
tls-name: red
- 192.168.50.2
rack-id: 1
(Optional) Configure timeouts for communicating with your Aerospike databaseโ
Specify timeouts applied to the Aerospike transactions.
Property | Required | Default | Description |
---|---|---|---|
socket-timeout | no | 30000 (30 seconds) | Socket idle timeout in milliseconds when processing a database command. |
total-timeout | no | 1000 (1 second) | Total transaction timeout in milliseconds. |
Exampleโ
Here is an example of the specifying socket-timeout
and total-timeout
.
aerospike:
seeds:
- 192.168.50.1:
port: 3000
tls-name: red
- 192.168.50.2
cluster-name: east
socket-timeout: 30000
total-timeout: 1000
(Optional) Specify boolean particle typeโ
Specify particle types of boolean bins.
- If
true
, boolean is stored on the Aerospike server with a boolean particle type (introduced in Database 5.6). - If
false
, boolean is stored on the Aerospike server with an integer particle type (1 or 0). Must be false for versions prior to Database 5.6 which do not support boolean bins.
Property | Required | Default | Description |
---|---|---|---|
use-bool-bin | no | false | Set this property to true for boolean bins to be stored with boolean particle type in the Aerospike server. |
Exampleโ
Here is an example specifying use-bool-bin
.
aerospike:
seeds:
- 192.168.50.1:
port: 3000
tls-name: red
- 192.168.50.2
use-bool-bin: false