--- title: "Configure properties of connections from the connector to Aerospike Database" description: "Configure connection properties in aerospike-pulsar-inbound.yml for the Aerospike Pulsar inbound connector." --- # Configure properties of connections from the connector to Aerospike Database > For the complete documentation index see: [llms.txt](https://aerospike.com/docs/llms.txt) > > All documentation pages available in markdown. The `aerospike` section of the `aerospike-pulsar-inbound.yml` file configures the connection properties that the connector must use when connecting to your Aerospike database. ## Procedure Carry out these steps in the `aerospike` section of the `aerospike-pulsar-inbound.yml` file: ### List the seed nodes of your Aerospike database. Use the required `seeds` stanza to list the nodes in the Aerospike database cluster that you want the connector to connect to. By connecting to a seed node, the connector can discover all of the nodes in the cluster. The connector iterates through the list of nodes until it successfully connects to one of them, then it discovers the other nodes in the cluster. The connector is an Aerospike Smart Client, and stores in memory the partition maps of each node in the cluster, so that it can send updates directly to the appropriate nodes. For more information about Aerospike Smart Clients, see [Client Architecture](https://aerospike.com/products/features/smart-client/). | Property | Required | Default | Description | | --- | --- | --- | --- | | `port` | no | 3000 | The port to use when making connections to the Aerospike database. | | `tls-name` | no | | The TLS name of the Aerospike database. | #### Example Here is an example with the `seeds` stanza at the top of the file: ```plaintext aerospike: seeds: - 192.168.50.1: port: 3000 tls-name: red - 192.168.50.2 ``` ### If the database cluster is configured with a name, specify the name Use the optional `cluster-name` property to specify the name of the Aerospike database that you are streaming data to. The connector can run for a long time, during which nodes of the cluster can be removed from the cluster permanently or for maintenance. The IP addresses of those nodes could be reassigned to nodes that are in other Aerospike clusters or in non-Aerospike clusters. By specifying the name of the Aerospike cluster that you are streaming data to, you ensure that the connector always communicates only with nodes that are part of that cluster. The value must match the value that is set by the configuration property `cluster-name` in the configuration file for the Aerospike database. For information about setting this property, see `cluster-name` in [Configuration reference](https://aerospike.com/docs/database/reference/config#service__cluster-name). #### Example Here is an example with the `cluster-name` property appearing after the `seeds` stanza: ```yaml aerospike: seeds: - 192.168.50.1: port: 3000 tls-name: red - 192.168.50.2 cluster-name: east ``` ### (Optional) Configure Transport Layer Security (TLS) properties You can use the `tls` stanza to secure connections from the connector to your Aerospike database with TLS. This stanza is more complex than the `seeds` stanza in the first step, so here is an example up front. ```yaml aerospike: seeds: - 192.168.50.1: port: 3000 tls-name: red - 192.168.50.2 cluster-name: east tls: key-store: store-file: /path/to/store/file store-password-file: /path/to/store/password/file key-password-file: /path/to/key/password/file store-type: JKS trust-store: store-file: /path/to/store/file store-password-file: /path/to/store/password/file key-password-file: /path/to/key/password/file store-type: JKS ciphers: - TLS_RSA_WITH_3DES_EDE_CBC_SHA revoke-certificates: - 12345678 cert-refresh-interval-ms: 3000 ``` Here are descriptions of the main properties in the `tls` stanza: | Property | Required | Default | Description | | --- | --- | --- | --- | | `key-store` | yes | | Key store containing the Aerospike client certificate for mutual authentication. See [Configuring `key-store` and `trust-store`](#configuring-key-store-and-trust-store). | | `trust-store` | no | Default Java trust store. | Trust store containing trusted CA certificate for Aerospike database certificate. See [Configuring `key-store` and `trust-store`](#configuring-key-store-and-trust-store). | | `ciphers` | no | Default ciphers allowed by the JVM | Allowed list of TLS ciphers that clients can use for secure connections. | | `revoke-certificates` | no | | List of certificate serial numbers to reject. | | `cert-refresh-interval-ms` | no | | Specifies interval in milliseconds to check for updates in configured tls files. If empty, certificate refresh will not be applied. | #### Configuring `key-store` and `trust-store` `key-store` takes these properties. `trust-store` can either take these properties or its default value. | Property | Required | Default | Description | | --- | --- | --- | --- | | `store-file` | yes | | The store file | | `store-password-file` | yes | | File that contains the password to the store. | | `key-password-file` | no | | File that contains the password for the key. | | `store-type` | no | `JKS` | Keystore type. Valid values are `JKS`, `JCEKS`, `PKCS12`, `PKCS11`, `DKS`, `Windows_MY`, and `BKS`. | ##### Example of a `tls` stanza with the default value for `trust-store` ```yaml tls: key-store: store-file: /path/to/store/file store-password-file: /path/to/store/password/file key-password-file: /path/to/key/password/file store-type: JKS trust-store: default ``` ### (Optional) Specify authorization credentials for connecting to your Aerospike database Use the optional `credentials` stanza to provide the authentication credentials that you want the connector to use to connect to nodes in the Aerospike database cluster. | Property | Required | Default | Description | | --- | --- | --- | --- | | `username` | yes | | Username. | | `password-file` | yes | | File from which the password is read. Everything after the first newline is ignored. Trailing spaces in the first line are not ignored. | | `auth-mode` | no | `internal` | Authentication mode. Valid values are `internal`, `external`, `external-insecure`, and `pki`. - `internal` - user credentials are validated internally by the Aerospike cluster, using a hashed password. - `external` - user credentials are validated externally, using LDAP or other methods, by the Aerospike cluster. TLS is required between the clusters for this mode, as the user password is sent in clear text. - `external-insecure` - user credentials are validated externally, using LDAP or other methods, by the Aerospike cluster. TLS is not required for this mode, but since the user password is sent in clear text, this mode is not recommended for production systems. - `pki` - user credentials are validated from the client TLS certificate. No user name or password needs to be configured. This mode requires that the server be configured with TLS mutual auth and that the client have a valid TLS certificate. Requires Database 5.7 or later. | #### Example Here is an example with the `credentials` stanza. Also included is the example from previous step. ```yaml aerospike: seeds: - 192.168.50.1: port: 3000 tls-name: red - 192.168.50.2 cluster-name: east tls: key-store: store-file: /path/to/store/file store-password-file: /path/to/store/password/file key-password-file: /path/to/key/password/file store-type: JKS trust-store: store-file: /path/to/store/file store-password-file: /path/to/store/password/file key-password-file: /path/to/key/password/file store-type: JKS ciphers: - TLS_RSA_WITH_3DES_EDE_CBC_SHA revoke-certificates: - 12345678 credentials: username: admin password-file: /path/to/password/file.txt auth-mode: internal ``` ### (Optional) Configure optional settings for communicating with your Aerospike database Use the optional `services` stanza to configure optional settings for the connector to use when communicating with nodes of your Aerospike database. | Property | Required | Default | Description | | --- | --- | --- | --- | | `ip-map` | no | No translation | If the connector is outside of the network in which your Aerospike database is running, you can use this property to map node IP addresses visible to the connector to destination IP addresses within your network. | | `use-services-alternate` | no | `false` | Use if `alternate-access-address` is set in the configuration file for your Aerospike database. See the [Configuration reference](https://aerospike.com/docs/database/reference/config#network__alternate-access-address) for `alternate-access-address` for more information about this property. | #### Example Here is an example of the `services` stanza mapping two node IP addresses as exposed outside of an Aerospike database’s network to IP addresses for those nodes within the network. Also included is the example from previous step. ```yaml aerospike: seeds: - 192.168.50.1: port: 3000 tls-name: red - 192.168.50.2 cluster-name: east tls: key-store: store-file: /path/to/store/file store-password-file: /path/to/store/password/file key-password-file: /path/to/key/password/file store-type: JKS trust-store: store-file: /path/to/store/file store-password-file: /path/to/store/password/file key-password-file: /path/to/key/password/file store-type: JKS ciphers: - TLS_RSA_WITH_3DES_EDE_CBC_SHA revoke-certificates: - 12345678 credentials: username: admin password-file: /path/to/password/file.txt auth-mode: internal services: ip-map: 192.168.50.1: 192.168.60.1 192.168.50.2: 192.168.60.2 ``` ### (Optional) Throttle the number of connections from the connector Use the optional `performance` stanza to throttle the number of connections the connector can open per node in your Aerospike database. You can also throttle the number of threads that the connector runs on nodes that it connects to. If not specified, default settings apply. | Property | Required | Default | Description | | --- | --- | --- | --- | | `max-connections-per-node` | no | maximum(available-processors, 100) | The maximum number of connections allowed per Aerospike database node. Must be at least 1. | | `min-connections-per-node` | no | minimum(max-connections-per-node, 4) | Minimum connections to maintain per node. Must be between 0 and `max-connections-per-node` inclusive. For best results, set server `proto-fd-idle-ms` and client `maxSocketIdle` to zero. | | `connection-pools-per-node` | no | 1 | Number of connection pools per node. Must be at least 1. | | `event-loop-size` | no | available-processors | Number of threads that the client launches on a node. Must be at least 1 and cannot exceed `max-connections-per-node`. | #### Example Here is an example of the `performance` stanza setting a maximum of 310 connections per node and specifying to launch four threads per node. Also included is the example from previous step. ```yaml aerospike: seeds: - 192.168.50.1: port: 3000 tls-name: red - 192.168.50.2 cluster-name: east tls: key-store: store-file: /path/to/store/file store-password-file: /path/to/store/password/file key-password-file: /path/to/key/password/file store-type: JKS trust-store: store-file: /path/to/store/file store-password-file: /path/to/store/password/file key-password-file: /path/to/key/password/file store-type: JKS ciphers: - TLS_RSA_WITH_3DES_EDE_CBC_SHA revoke-certificates: - 12345678 credentials: username: admin password-file: /path/to/password/file.txt auth-mode: internal services: ip-map: 192.168.50.1: 192.168.60.1 192.168.50.2: 192.168.60.2 performance: max-connections-per-node: 310 event-loop-size: 4 ``` ### (Optional) Specify rack id where this Aerospike client instance resides Rack id where this client instance resides. | Property | Required | Default | Description | | --- | --- | --- | --- | | `rack-id` | no | `null` | An integer specifying the rack id where this client resides. | #### Example Here is an example specifying `rack-id`. ```yaml aerospike: seeds: - 192.168.50.1: port: 3000 tls-name: red - 192.168.50.2 rack-id: 1 ``` ### (Optional) Configure timeouts for communicating with your Aerospike database Specify timeouts applied to the Aerospike transactions. | Property | Required | Default | Description | | --- | --- | --- | --- | | `socket-timeout` | no | 30000 (30 seconds) | Socket idle timeout in milliseconds when processing a database command. | | `total-timeout` | no | 1000 (1 second) | Total transaction timeout in milliseconds. | #### Example Here is an example of the specifying `socket-timeout` and `total-timeout`. ```yaml aerospike: seeds: - 192.168.50.1: port: 3000 tls-name: red - 192.168.50.2 cluster-name: east socket-timeout: 30000 total-timeout: 1000 ``` ### (Optional) Specify boolean particle type Specify particle types of boolean bins. - If `true`, boolean is stored on the Aerospike server with a boolean particle type (introduced in Database 5.6). - If `false`, boolean is stored on the Aerospike server with an integer particle type (1 or 0). Must be false for versions prior to Database 5.6 which do not support boolean bins. | Property | Required | Default | Description | | --- | --- | --- | --- | | `use-bool-bin` | no | false | Set this property to `true` for boolean bins to be stored with boolean particle type in the Aerospike server. | #### Example Here is an example specifying `use-bool-bin`. ```yaml aerospike: seeds: - 192.168.50.1: port: 3000 tls-name: red - 192.168.50.2 use-bool-bin: false ```