# ABS Configuration Reference Aerospike Backup Service (ABS) reads the configuration file `aerospike-backup-service.yml` to create connections to Aerospike Database namespaces and storage destinations, as well as backup policies, routines, and schedules. For the parameter list in OpenAPI format, see the [Schemas section](https://aerospike.github.io/aerospike-backup-service/) in the REST API specification. ## Configuration options Search here for individual configuration options. Expand the cards to see more details and/or usage examples. ## Options #### `aerospike-clusters.CLUSTER_NAME.conn-timeout` `integer` Description: Connection timeout in milliseconds. Introduced: 1.0 Default: 30000 Example: conn-timeout ```bash 5000 ``` --- #### `aerospike-clusters.CLUSTER_NAME.credentials.auth-mode` `string` Description: The authentication mode used by the cluster. Introduced: 1.0 Default: INTERNAL Values: INTERNAL, EXTERNAL, PKI --- #### `aerospike-clusters.CLUSTER_NAME.credentials.password-path` `string` Description: File path with the password string. Mutually exclusive with `password` field. Introduced: 1.0 Example: ```bash aerospike-clusters: cluster1: credentials: user: "admin" password-path: "/path/to/pass.txt" ``` --- #### `aerospike-clusters.CLUSTER_NAME.credentials.password` `string` Description: Plaintext password for cluster authentication. If it starts with `secrets`, path to password stored in Aerospike Secret Agent. Only use this plaintext authentication method for testing, never in production. Introduced: 1.0 Example: ```bash aerospike-clusters: cluster1: credentials: user: "admin" password: "admin" ``` --- #### `aerospike-clusters.CLUSTER_NAME.credentials.secret-agent-name` `string` Description: Name of secret agent to use to fetch password. Use a previously configured secret agent in the `secret-agents` configuration stanza. Introduced: 3.0 Example: ```bash aerospike-clusters: cluster1: credentials: secret-agent-name: "demoSa" ``` --- #### `aerospike-clusters.CLUSTER_NAME.credentials.secret-agent` `object` Description: Configuration for one or more secret agents to use to fetch the password. Introduced: 3.0 Example: ```bash aerospike-clusters: cluster1: credentials: secret-agent: ... ... ``` --- #### `aerospike-clusters.CLUSTER_NAME.credentials.user` `string` Description: Plaintext username for cluster authentication. Introduced: 1.0 Example: ```bash aerospike-clusters: cluster1: credentials: user: "admin" password: "admin" ``` --- #### `aerospike-clusters.CLUSTER_NAME.credentials` `object` Description: Authentication details for the Aerospike cluster. You can pass a reference to a secret in the Secret Agent, a path to a plaintext file, or the plaintext credentials. Only use plaintext credentials for testing, never production. Introduced: 1.0 Example: Secret Agent path ```bash aerospike-clusters: prod-cluster: seed-nodes: - host-name: aerocluster.aerospike.svc.cluster.local port: 3000 credentials: user: backup-user password: secrets:asbackup:db_password # fetched with Secret Agent secret-agent-name: primary-sa # choose one of the configured agents secret-agents: primary-sa: address: secret-agent.svc.cluster.local port: 3005 connection-type: tcp ``` --- Plaintext credentials ```bash aerospike-clusters: cluster1: credentials: user: "admin" password: "admin" ``` --- #### `aerospike-clusters.CLUSTER_NAME.label` `string` Description: A user-selected name for the cluster. It is used only in logs and error messages. Introduced: 1.0 --- #### `aerospike-clusters.CLUSTER_NAME.max-parallel-scans` `integer` Description: Maximum number of simultaneous allowed data reads, or scans, from the cluster during backup. This is a cluster-scope limit for all backup policies to prevent cluster overload. Introduced: 2.0 Default: No limit if parameter is not provided. Example: ```bash aerospike-clusters: absDefaultCluster: seed-nodes: - host-name: "localhost" port: 3000 credentials: user: "tester" password: "psw" max-parallel-scans: 8 ``` Values: Any non-negative integer --- #### `aerospike-clusters.CLUSTER_NAME.prefer-racks` `array` Description: The list of acceptable racks in order of preference. Nodes in the first element of the list (`prefer-racks[0]`) are chosen first. If a node is not found in `prefer-racks[0]`, then nodes in prefer-racks\[1\] are searched, and so on. Mutually exclusive with a routine’s `rack-list`, `node-list` and `partition-list` properties. This parameter was moved from `backup-routines` to `aerospike-clusters` in ABS 3.4. Introduced: 1.0 Default: \[\] Example: ```bash [0] ``` --- #### `aerospike-clusters.CLUSTER_NAME.seed-nodes.host-name` `string` `required` Description: Host name to connect to the seed node for communication with the Aerospike Database cluster. Introduced: 1.0 Example: ```bash aerospike-clusters: absCluster1: seed-nodes: - host-name: "aerospike-cluster" port: 3000 credentials: user: admin password: admin ``` --- #### `aerospike-clusters.CLUSTER_NAME.seed-nodes.port` `integer` `required` Description: Port to connect to the seed node for communication with the Aerospike Database cluster. Introduced: 1.0 Example: ```bash aerospike-clusters: absCluster1: seed-nodes: - host-name: "aerospike-cluster" port: 3000 credentials: user: admin password: admin ``` --- #### `aerospike-clusters.CLUSTER_NAME.seed-nodes.tls-name` `string` Description: Optional TLS certificate name used for secure connections. Introduced: 1.0 --- #### `aerospike-clusters.CLUSTER_NAME.seed-nodes` `array` `required` Description: A stanza with connection details of the seed nodes, or the nodes that Aerospike Backup Service uses to communicate with the cluster. On a multi-node cluster, you can supply connection information for a single node and the rest of the nodes will automatically be discovered. Introduced: 1.0 Example: ```bash aerospike-clusters: absCluster1: seed-nodes: - host-name: "aerospike-cluster" port: 3000 ``` --- #### `aerospike-clusters.CLUSTER_NAME.tls.ca-file` `string` Description: Path to a trusted CA certificate file. Introduced: 1.0 --- #### `aerospike-clusters.CLUSTER_NAME.tls.ca-path` `string` Description: Path to a directory of trusted CA certificates. Introduced: 1.0 --- #### `aerospike-clusters.CLUSTER_NAME.tls.cert-file` `string` Description: Path to the chain file for mutual authentication if the Aerospike cluster supports it. Introduced: 1.0 --- #### `aerospike-clusters.CLUSTER_NAME.tls.cipher-suite` `string` Description: TLS cipher selection criteria. The format is the same as OpenSSL’s Cipher List Format. Introduced: 1.0 --- #### `aerospike-clusters.CLUSTER_NAME.tls.key-file-password` `string` Description: Password to load protected TLS-keyfile (env:VAR, file:PATH, PASSWORD). Introduced: 1.0 --- #### `aerospike-clusters.CLUSTER_NAME.tls.key-file` `string` Description: Path to the key for mutual authentication if the Aerospike cluster supports it. Introduced: 1.0 --- #### `aerospike-clusters.CLUSTER_NAME.tls.name` `string` Description: Default TLS name used to authenticate each TLS socket connection. Introduced: 1.0 --- #### `aerospike-clusters.CLUSTER_NAME.tls.protocols` `string` Description: TLS protocol selection criteria. This format is the same as Apache’s SSL Protocol. Introduced: 1.0 Default: TLSv1.2 --- #### `aerospike-clusters.CLUSTER_NAME.tls` `object` Description: A sub-stanza of a particular cluster with details about the cluster TLS configuration. Introduced: 1.0 --- #### `aerospike-clusters.CLUSTER_NAME.use-services-alternate` `boolean` Description: Whether to use “services-alternate” instead of “services” in info request during cluster tending. Introduced: 1.0 --- #### `aerospike-clusters` `Aerospike Cluster section` `required` Description: Configuration section with parameters that control connections to an Aerospike cluster. The next level under this section must be an Aerospike cluster definition. Introduced: 1.0 Default: \- Example: ```bash aerospike-clusters: cluster1: (...) ``` --- #### `backup-policies.POLICY_NAME.bandwidth` `integer` Description: Throttles backup write operations to the backup file(s) to not exceed the given bandwidth in MiB/s. A value of 0 (the default) means no limit is applied. Introduced: 1.0 Example: ```bash bandwidth: 10000 ``` --- #### `backup-policies.POLICY_NAME.compression.level` `integer` Description: Compression level to use. Higher values trade more CPU time for smaller backup files. This setting only applies when `compression.mode` is `ZSTD`. ABS uses a Go implementation of zstd that maps the numeric level to one of four compression presets: | Level | Preset | Behavior | |-----------|---------|-----------------------------------| | -1, 0–2 | Fastest | Least CPU, largest files (default) | | 3–5 | Default | Balanced speed and compression | | 6–9 | Better | More CPU, smaller files | | 10–22 | Best | Most CPU, smallest files | Values within the same preset produce identical results. For distinct compression behavior, use 1, 3, 6, or 10. Introduced: 1.0 Values: \-1 to 22 --- #### `backup-policies.POLICY_NAME.compression.mode` `string` Description: Compression algorithm to use. Set to `ZSTD` to enable compression or `NONE` to disable it. When set to `NONE`, the `level` setting is ignored. Introduced: 1.0 Default: NONE Example: ```bash `NONE` ``` Values: `NONE`, `ZSTD` --- #### `backup-policies.POLICY_NAME.compression` `object` Description: Compression settings for backup files. When enabled, ABS compresses backup data, reducing storage and network usage at the cost of additional CPU during backup. Compression is not applied during restore; the service detects compression and decompresses automatically. Introduced: 1.0 --- #### `backup-policies.POLICY_NAME.concurrent-incremental` `boolean` Description: Enables incremental backups to start while a full or incremental backup is ongoing. Introduced: 3.1 Example: --- #### `backup-policies.POLICY_NAME.encryption.key-env` `base64 PEM string` Description: Name of the environment variable containing the encryption key. The private key must be in PEM format, be base64-encoded, and include the BEGIN header and END footer. Introduced: 1.0 Example: Example key ```bash -----BEGIN RSA PRIVATE KEY----- MIICWg0BAAKBgQCKHXHc6Zw4tdLRCAEIgmr4SbRpS5fk5XOKFoMXh3u+jWmWoFVH EcxTNRVBzTQn6diGpNVV1gsWNb+6BqjtLsU2JYvKxDBN4OlIp0iTReGM00x4WI3K I3q6vxRjzloeSouYWyM9HfEMzlljtVOeYSArWGS8bCe2M4tKgYeNjgvc9QIDAQAB AoGAaM4NMC0pXjNDJVGgjxeAGqa7W0d8nLos4bVRhtJNaXyfiihibcqotN93ISGZ GUyO/SUpqbgBs7nXok8ZctoR1WjNQnwUO0sz0MfN77d2YOOoxe9ISPPw8XItCznB VJ1TACChctdiRTb3MXK9jKvgdwuDF6CjD+jx9eUMzhuKvqUCQQD/xacOMs5754ID B+kTYFnCkutGBnbXheCZhjhNDSoeLpf/iFd7i+zwZXREy7ZF3fz/lDODcFJX8SbI tntj8MgzAkEAijzzs6ZEna7SKMwBTf1zwPIq4TuwaDPPxLGdag+gniEbC54CSYuU b3H5d7ZBH5T2JlCjvX93xOF/a3GZHVm+NwJAIbgtDfIkxrD+sueYErXhH4W+/rxb bo53zcWkJoRVy3TbZRTUc7U+x3KYoXk5znw1nnwrTmjAcleYhV2JZuOXgQ4/Co4D AOsJo274hb0GWSbrCOUL8+kCzeii42zoByMCh32rThowDLI4KS5o0oq3yG0b929j cDIGwgw3bcxRXqGXakAqCJNsRUY4K/yrzRgV1lw5Dj3g8cQ3Sneon4mO6Yp73ovV bbgTxvcLBgwjIjpt1rT2uipRJKGatsIZ3NVuFfP1 -----END RSA PRIVATE KEY----- ``` --- Export example to environment variable ```bash export COMPRESSION_PASS_KEY=MIICWg0BAAKBgQCKHXHc6Zw4tdLRCAEIgmr4SbRpS5fk5XOKFoMXh3u+jWmWoFVH EcxTNRVBzTQn6diGpNVV1gsWNb+6BqjtLsU2JYvKxDBN4OlIp0iTReGM00x4WI3K I3q6vxRjzloeSouYWyM9HfEMzlljtVOeYSArWGS8bCe2M4tKgYeNjgvc9QIDAQAB AoGAaM4NMC0pXjNDJVGgjxeAGqa7W0d8nLos4bVRhtJNaXyfiihibcqotN93ISGZ GUyO/SUpqbgBs7nXok8ZctoR1WjNQnwUO0sz0MfN77d2YOOoxe9ISPPw8XItCznB VJ1TACChctdiRTb3MXK9jKvgdwuDF6CjD+jx9eUMzhuKvqUCQQD/xacOMs5754ID B+kTYFnCkutGBnbXheCZhjhNDSoeLpf/iFd7i+zwZXREy7ZF3fz/lDODcFJX8SbI tntj8MgzAkEAijzzs6ZEna7SKMwBTf1zwPIq4TuwaDPPxLGdag+gniEbC54CSYuU b3H5d7ZBH5T2JlCjvX93xOF/a3GZHVm+NwJAIbgtDfIkxrD+sueYErXhH4W+/rxb bo53zcWkJoRVy3TbZRTUc7U+x3KYoXk5znw1nnwrTmjAcleYhV2JZuOXgQ4/Co4D AOsJo274hb0GWSbrCOUL8+kCzeii42zoByMCh32rThowDLI4KS5o0oq3yG0b929j cDIGwgw3bcxRXqGXakAqCJNsRUY4K/yrzRgV1lw5Dj3g8cQ3Sneon4mO6Yp73ovV bbgTxvcLBgwjIjpt1rT2uipRJKGatsIZ3NVuFfP1 ``` --- #### `backup-policies.POLICY_NAME.encryption.key-file` `string` Description: Path to the file containing the encryption key. The encryption key must be a valid PEM file, be base64-encoded, and include the BEGIN header and END footer. Introduced: 1.0 Example: ```bash encryption: mode: "AES256" key-file: "/data/aerospike-backup-service/etc/aerospike-backup-service/keyfile1.dat" ``` --- #### `backup-policies.POLICY_NAME.encryption.key-secret` `string` Description: Secret keyword in Aerospike Secret Agent containing the encryption key. Introduced: 1.0 --- #### `backup-policies.POLICY_NAME.encryption.mode` `string` Description: Encryption mode to use. Options are `NONE`, `AES128`, or `AES256`. Introduced: 1.0 Default: NONE Example: ```bash `NONE` ``` Values: `NONE`, `AES128`, `AES256` --- #### `backup-policies.POLICY_NAME.encryption` `object` Description: Controls backup encryption information like the location of an encryption key or the keyword for Aerospike Secret Agent. Introduced: 1.0 --- #### `backup-policies.POLICY_NAME.file-limit` `integer` Description: File size limit in MB for the backup file. If an .asb backup file crosses this size threshold, a new backup file is created. Introduced: 1.0 Default: 250 Example: ```bash file-limit: 1024 ``` --- #### `backup-policies.POLICY_NAME.max-concurrent-nodes` `integer` Description: Maximum number of concurrent requests to Aerospike Database nodes during a backup. By default, requests are issued to all nodes in parallel. Set a lower value to reduce load on the cluster at the cost of slower backups. Introduced: 3.4 --- #### `backup-policies.POLICY_NAME.max-records` `integer` Description: Approximate limit for the number of records to process. Available in Database 4.9 and later. Introduced: 1.0 Removed: 2.0 Example: ```bash max-records: 10000 ``` --- #### `backup-policies.POLICY_NAME.max-retries` `integer` Description: Maximum number of retries before aborting the current transaction. Removed in 3.0 and replaced with the `retry-policy` substanza. Introduced: 1.0 Removed: 3.0 Example: ```bash "parallel":1, "max-retries": 3 ``` --- #### `backup-policies.POLICY_NAME.no-bins` `boolean` Description: Only back up record metadata; digest, TTL, generation count, key. Introduced: 1.0 Removed: 2.0 --- #### `backup-policies.POLICY_NAME.no-indexes` `boolean` Description: Whether to back up secondary index definitions. Introduced: 1.0 --- #### `backup-policies.POLICY_NAME.no-records` `boolean` Description: Whether to back up record data, metadata or bin data. Introduced: 1.0 --- #### `backup-policies.POLICY_NAME.no-udfs` `boolean` Description: Whether to back up UDF modules. Introduced: 1.0 --- #### `backup-policies.POLICY_NAME.parallel-write` `integer` Description: Maximum number of threads to use for writing backup files. If not specified, defaults to the value of `parallel`. Introduced: 3.2.0 Example: ```bash 1 ``` --- #### `backup-policies.POLICY_NAME.parallel` `integer` Description: Maximum number of parallel read operations to run against the cluster. Each operation processes a subset of the total data partitions. This value should be equal to or less than `aerospike-clusters.CLUSTER_NAME.max-parallel-scans`. Introduced: 1.0 Default: 8 Example: ```bash 1 ``` --- #### `backup-policies.POLICY_NAME.records-per-second` `integer` Description: Limit total returned records per second (RPS). If RPS is zero (the default), the `records-per-second` limit is not applied. Introduced: 1.0 Example: ```bash 1000 ``` --- #### `backup-policies.POLICY_NAME.remove-artifacts` `boolean` Description: Clear directory or remove output file. Introduced: 1.0 Removed: 2.0 --- #### `backup-policies.POLICY_NAME.retention.full` `integer` Description: The total number of full backups to retain. The minimum is `1`, meaning each new full backup deletes the previous one. If not specified, all full backups are kept. Introduced: 3.0 Example: ```bash full: 5 ``` Values: Any integer equal to or greater than 1 --- #### `backup-policies.POLICY_NAME.retention.incremental` `integer` Description: The number of most recent full backups for which incremental backups are retained. Cannot exceed the value of `full`. If omitted, all incremental backups are kept. A value of `0` means that all previous incremental backups will be deleted after each full backup is made. Introduced: 3.0 Example: ```bash incremental: 3 ``` Values: Integer values equal to or less than 0 and equal to or less than `full`. --- #### `backup-policies.POLICY_NAME.retention` `integer` Description: A stanza that optionally specifies retention rules for a given backup policy. Introduced: 3.0 Example: ```bash removeFilesPolicy: retention: full: 5 incremental: 3 ``` --- #### `backup-policies.POLICY_NAME.retry-delay` `integer` Description: Delay in milliseconds to wait before retrying a failed operation. Introduced: 1.0 Removed: 3.0 Example: ```bash 500 ``` --- #### `backup-policies.POLICY_NAME.retry-policy.base-timeout` `integer` Description: Initial delay between retry attempts, in milliseconds. Introduced: 3.0 Default: 1000 Example: --- #### `backup-policies.POLICY_NAME.retry-policy.max-retries` `integer` Description: Maximum number of retry attempts that will be made. If set to 0, no retries will be performed. Introduced: 3.0 Default: 5 Example: --- #### `backup-policies.POLICY_NAME.retry-policy.multiplier` `integer` Description: Increases the delay between subsequent retry attempts. The actual delay is calculated as: BaseTimeout \* (Multiplier ^ attemptNumber) Introduced: 3.0 Default: 1 Example: --- #### `backup-policies.POLICY_NAME.retry-policy` Description: Define a policy in this section for the initial waiting time before a retry, number of retries, and a multiplier that extends the wait interval. A retry policy can also be sent as part of a JSON restore request. Introduced: 3.0 Example: ```bash backup-policies: example-backup-policy: ... # additional stanzas retry-policy: base-timeout: 1000 # 1000 milliseconds max-retries: 4 multiplier: 2 ... # additional stanzas ``` --- #### `backup-policies.POLICY_NAME.sealed` `boolean` Description: Whether backup should include keys updated during the backup process. When `true`, the backup contains only records that were last modified before backup started. When `false`, records updated during backup may be included in the backup. Introduced: 1.0 --- #### `backup-policies.POLICY_NAME.socket-timeout` `integer` Description: Socket timeout in milliseconds. Default is 10 minutes. If this value is 0, it is set to total-timeout. If both `socket-timeout` and `total-timeout` are 0, there is no socket idle time limit. Introduced: 1.0 Default: 600000 Example: ```bash 1000 ``` --- #### `backup-policies.POLICY_NAME.total-timeout` `integer` Description: Total socket timeout in milliseconds. Introduced: 1.0 Example: ```bash 2000 ``` --- #### `backup-policies.POLICY_NAME.use-scan-compression` `boolean` Description: Enables built-in compression on the wire between Aerospike Database and ABS when reading records. This reduces network transfer size but increases CPU usage on both the server and the client. This is separate from backup file compression (see `compression`). Requires Aerospike Database Enterprise Edition. Introduced: 3.4 --- #### `backup-policies` `policy definition` Description: Top-level section that defines the attributes of your backup policies. The next level under this section must be a backup policy name. Introduced: 1.0 Example: ```bash backup-policies: policy1: parallel: (...) retention: (...) compression: (...) ``` --- #### `backup-routines.ROUTINE_NAME.backup-policy` `string` Description: Name of the corresponding backup policy. Introduced: 1.0 Example: Example backup routine containing a policy called \`keepFilesPolicy\` ```bash backup-routines: minioRoutine: interval-cron: "@daily" incr-interval-cron: "@hourly" source-cluster: absCluster1 storage: minioStorage namespaces: ["test"] backup-policy: keepFilesPolicy ``` --- #### `backup-routines.ROUTINE_NAME.bin-list` `array` Description: List of bin names to back up. An empty list backs up all bins. Introduced: 1.0 Default: \[\] Example: ```bash ["dataBin"] ``` --- #### `backup-routines.ROUTINE_NAME.incr-interval-cron` `string` Description: Interval for incremental backup as a cron expression string. Intervals are extended [cron](https://github.com/reugn/go-quartz?tab=readme-ov-file#cron-expression-format) (7 symbols: year, month, week, day, hour, minute, second). All times are in UTC time zone. Supported reserved words: @yearly, @monthly, @weekly, @daily, @hourly Introduced: 1.0 Example: ```bash */10 * * * * * ``` --- #### `backup-routines.ROUTINE_NAME.interval-cron` `string` `required` Description: Interval for full backup as a cron expression string. Intervals are extended [cron](https://github.com/reugn/go-quartz?tab=readme-ov-file#cron-expression-format) (7 symbols: year, month, week, day, hour, minute, second). All times are in UTC time zone. Supported reserved words: @yearly, @monthly, @weekly, @daily, @hourly Introduced: 1.0 Example: ```bash 0 0 * * * * ``` --- #### `backup-routines.ROUTINE_NAME.namespaces` `array` `required` Description: List of namespaces to back up. Empty list implies backup of whole cluster. Introduced: 1.0 Default: \[\] Example: ```bash ["source-ns1"] ``` --- #### `backup-routines.ROUTINE_NAME.node-list` `array` Description: List of nodes to back up. Formatted as a list of IP addresses and/or host names followed by port numbers. Empty list implies backup of whole cluster. Mutually exclusive with `partition-list`. Introduced: 1.0 Default: \[\] Example: ```bash IP_ADDRESS:PORT(,IP_ADDRESS:PORT,...) ``` --- #### `backup-routines.ROUTINE_NAME.partition-list` `string` Description: Filter that specifies individual partitions or a range of partitions to back up. Partition filters can be ranges, individual partitions, or records after a specific digest within a single partition. - A range is specified as ”\-”: “100-50” backs up 50 partitions starting from 100. - A single partition is specified as a number: “0” backs up the first partition at position 0. - Multiple entries can be comma-separated: “0,100,200,300,400,500” backs up only the partitions in the list. By default, all partitions are backed up. This field is mutually exclusive with `node-list`. Introduced: 1.0 Example: Back up partitions 100, 200, and a range of 400 partitions starting at 300. ```bash 100,200,300-400 ``` --- #### `backup-routines.ROUTINE_NAME.rack-list` `array` Description: Specifies the Aerospike Database rack IDs to read during backup. If provided, only nodes belonging to these specified racks are scanned. If the list is empty or omitted, no rack filtering is applied. Mutually exclusive with `partition-list` and `node-list` in this routine. Also mutually exclusive with the cluster’s `prefer-racks` setting. Introduced: 3.4.0 Default: \[\] --- #### `backup-routines.ROUTINE_NAME.secret-agent` `string` Description: Name of a Secret Agent to read secrets from (optional). Introduced: 1.0 Example: ```bash secret-agent: my-secret-agent ``` --- #### `backup-routines.ROUTINE_NAME.set-list` `array` Description: List of set names to back up. An empty list backs up all sets. Introduced: 1.0 Default: \[\] Example: ```bash ["set1"] ``` --- #### `backup-routines.ROUTINE_NAME.source-cluster` `string` `required` Description: Name of the corresponding source cluster. Introduced: 1.0 Example: ```bash testCluster ``` --- #### `backup-routines.ROUTINE_NAME.storage` `string` `required` Description: Name of the corresponding storage provider configuration. Introduced: 1.0 Example: Example using minIO storage ```bash storage: minioStorage ``` --- #### `backup-routines` `string` `required` Description: A top-level stanza specifying the details of one or more backup routines. Introduced: 1.0 Example: Example routine called \`routine1\` ```bash backup-routines: routine1: interval-cron: "1/30 * * * * *" incr-interval-cron: "1/5 * * * * *" backup-policy: "policy1" source-cluster: "cluster1" storage: "local1" namespaces: ["test"] ``` --- #### `cluster` `required` Description: A top-level stanza containing cluster objects for each of the Aerospike clusters that ABS is connected to. Introduced: 1.0 Example: ```bash aerospike-clusters: cluster1: use-services-alternate: false seed-nodes: - host-name: "127.0.0.1" port: 3000 credentials: user: "admin" password: "admin" ``` --- #### `restore-request.backup-data-path` `string` `required` Description: Path to the backup data within the source storage (object key or prefix). You can obtain this value by browsing the storage UI or reading the `key` field in the response from GET `v1/backups/full/{routine}`. Introduced: 3.0 Example: Example backup data path ```bash backup-data-path: "daily/2025-01-15/full" ``` --- #### `restore-request.destination-name` `string` Description: Name of a preconfigured cluster in `aerospike-clusters`. Either `destination-name` or `destination` is required. Introduced: 3.0 --- #### `restore-request.destination` `object` Description: Inline destination cluster configuration (same shape as `aerospike-clusters`). Either `destination` or `destination-name` is required. Introduced: 3.0 --- #### `restore-request.policy.bandwidth` `integer` Description: Throttles read operations from the backup file(s) to not exceed the given I/O bandwidth in MiB/s. Introduced: 3.0 Default: No limit --- #### `restore-request.policy.batch-size` `integer` Description: Maximum records per async batch write call. Only applies when batch writes are enabled. Introduced: 3.0 Default: 128 --- #### `restore-request.policy.bin-list` `array` Description: Bins to restore. An empty list implies restoring all bins. Duplicate names are rejected. Introduced: 3.0 --- #### `restore-request.policy.compression.mode` `string` Description: Compression mode used by the backup. Use ZSTD only when backups are compressed. Introduced: 3.0 Default: NONE Example: Example compression mode ```bash mode: ZSTD ``` Values: NONE, ZSTD --- #### `restore-request.policy.compression` `object` Description: Compression settings for decompressing backup files. Set when backups are compressed. Introduced: 3.0 Example: Decompress ZSTD backups ```bash restore-request: policy: compression: mode: ZSTD ``` --- #### `restore-request.policy.disable-batch-writes` `boolean` Description: Disable batch writes and force single-record writes, even when the cluster supports batch writes. Introduced: 3.0 --- #### `restore-request.policy.encryption.key-env` `string` Description: Environment variable name that holds the encryption key. Use when the key is provided via env var. Introduced: 3.0 Example: Example key env var ```bash key-env: ABS_RESTORE_KEY ``` --- #### `restore-request.policy.encryption.key-file` `string` Description: File path for the encryption key. Use when the key is stored locally. Introduced: 3.0 Example: Example key file ```bash key-file: /etc/aerospike/restore.key ``` --- #### `restore-request.policy.encryption.key-secret` `string` Description: Secret Agent keyword containing the encryption key. Use when the key is stored in Secret Agent. Introduced: 3.0 Example: Example key secret ```bash key-secret: restore_key ``` --- #### `restore-request.policy.encryption.mode` `string` Description: Encryption mode used by the backup. Use NONE for unencrypted backups; for AES modes, provide one key source. Introduced: 3.0 Default: NONE Example: Example encryption mode ```bash mode: AES256 ``` Values: NONE, AES128, AES256 --- #### `restore-request.policy.encryption` `object` Description: Encryption settings for decrypting backup files. Set when backups are encrypted. Introduced: 3.0 Example: Decrypt AES backup with key from env ```bash restore-request: policy: encryption: mode: AES256 key-env: ABS_RESTORE_KEY ``` --- #### `restore-request.policy.extra-ttl` `integer` Description: Extra time-to-live to add to records with expirable void-times, in seconds. Use 0 to keep original TTL. Introduced: 3.0 --- #### `restore-request.policy.max-async-batches` `integer` Description: Maximum number of outstanding async batch write calls. Only applies when batch writes are enabled. Introduced: 3.0 Default: 128 --- #### `restore-request.policy.namespace.destination` `string` `required` Description: Destination namespace name to restore data into. Required when using namespace remapping. Introduced: 3.0 --- #### `restore-request.policy.namespace.source` `string` `required` Description: Original namespace name. Required when using namespace remapping. Introduced: 3.0 --- #### `restore-request.policy.namespace` `object` Description: Specifies an alternative namespace name for the restore operation. Introduced: 3.0 Example: Remap a namespace during restore ```bash restore-request: policy: namespace: source: "test" destination: "test_restore" ``` --- #### `restore-request.policy.no-generation` `boolean` Description: Records from backups take precedence. Disables generation checks so backup records overwrite existing records. Mutually exclusive with `unique`. Introduced: 3.0 --- #### `restore-request.policy.no-indexes` `boolean` Description: Do not restore any secondary index definitions. Introduced: 3.0 --- #### `restore-request.policy.no-records` `boolean` Description: Do not restore any record data (metadata or bin data). Index and UDF restores are controlled by `no-indexes` and `no-udfs`. Introduced: 3.0 --- #### `restore-request.policy.no-udfs` `boolean` Description: Do not restore any UDF modules. Introduced: 3.0 --- #### `restore-request.policy.parallel` `integer` Description: Number of concurrent record readers from backup files. Controls read parallelism and must be greater than 0. Introduced: 3.0 Default: 8 --- #### `restore-request.policy.replace` `boolean` Description: Replace records from the backup. By default, only bins in the backup are replaced; other bins remain untouched. Mutually exclusive with `unique`. Introduced: 3.0 --- #### `restore-request.policy.retry-policy.base-timeout` `integer` Description: Initial delay between retry attempts, in milliseconds. Must be greater than 0. Introduced: 3.0 Default: 1000 Example: Example base timeout ```bash base-timeout: 2000 ``` --- #### `restore-request.policy.retry-policy.max-retries` `integer` Description: The maximum number of retry attempts. If set to 0, no retries are performed. Introduced: 3.0 Default: 5 Example: Example max retries ```bash max-retries: 10 ``` --- #### `restore-request.policy.retry-policy.multiplier` `number` Description: Backoff multiplier (>= 1) used to increase delays between retry attempts. Accepts integer or decimal values. Introduced: 3.0 Default: 1 Example: Example multiplier ```bash multiplier: 1.5 ``` --- #### `restore-request.policy.retry-policy` `object` Description: Retry settings for writes to the destination cluster. Use to override the default policy. Introduced: 3.0 Example: Customize retry policy ```bash restore-request: policy: retry-policy: base-timeout: 2000 multiplier: 2 max-retries: 10 ``` --- #### `restore-request.policy.set-list` `array` Description: Sets to restore. An empty list implies restoring all sets. Duplicate names are rejected. Introduced: 3.0 --- #### `restore-request.policy.socket-timeout` `integer` Description: Socket timeout in milliseconds for Aerospike commands to write records, create indexes, and create UDFs. If this value is 0, it is set to total-timeout. If both are 0, there is no socket idle time limit. Introduced: 3.0 Default: 60000 --- #### `restore-request.policy.total-timeout` `integer` Description: Total socket timeout in milliseconds. Default is 0, meaning no timeout. Introduced: 3.0 --- #### `restore-request.policy.tps` `integer` Description: Throttles read operations from the backup file(s) to not exceed the given transactions per second. Must be greater than 0. Introduced: 3.0 Default: No limit --- #### `restore-request.policy.unique` `boolean` Description: Existing records take precedence. Only records that do not exist in the namespace are restored. Mutually exclusive with `replace` and `no-generation`. Introduced: 3.0 --- #### `restore-request.policy` `object` Description: Restore policy for the operation. If omitted, defaults are used. Controls filtering and record handling options. Introduced: 3.0 --- #### `restore-request.secret-agent-name` `string` Description: Name of a preconfigured secret agent in `secret-agents`. Mutually exclusive with `secret-agent`. Introduced: 3.0 --- #### `restore-request.secret-agent` `object` Description: Inline secret agent configuration (same shape as `secret-agents`) for resolving secrets. Mutually exclusive with `secret-agent-name`. Introduced: 3.0 --- #### `restore-request.source-name` `string` Description: Name of a preconfigured storage in `storage`. Either `source-name` or `source` is required. Introduced: 3.0 --- #### `restore-request.source` `object` Description: Inline storage configuration for the backup source (same shape as `storage`). Either `source` or `source-name` is required. Introduced: 3.0 --- #### `restore-request` `object` Description: Use when you have a backup data path in storage and want to restore from that path. Requires `backup-data-path` and either `source` or `source-name`. Introduced: 3.0 --- #### `restore-timestamp-request.destination-name` `string` Description: Name of a preconfigured cluster in `aerospike-clusters`. Mutually exclusive with `destination`. If not specified, the routine’s cluster is used. Introduced: 3.0 --- #### `restore-timestamp-request.destination` `object` Description: Inline destination cluster configuration (same shape as `aerospike-clusters`). Mutually exclusive with `destination-name`. If not specified, the routine’s cluster is used. Introduced: 3.0 --- #### `restore-timestamp-request.disable-reordering` `boolean` Description: Disable reverse-order incremental restore optimization. When true, incremental backups are applied in chronological order. Introduced: 3.0 --- #### `restore-timestamp-request.policy.bandwidth` `integer` Description: Throttles read operations from the backup file(s) to not exceed the given I/O bandwidth in MiB/s. Introduced: 3.0 Default: No limit --- #### `restore-timestamp-request.policy.batch-size` `integer` Description: Maximum records per async batch write call. Only applies when batch writes are enabled. Introduced: 3.0 Default: 128 --- #### `restore-timestamp-request.policy.bin-list` `array` Description: Bins to restore. An empty list implies restoring all bins. Duplicate names are rejected. Introduced: 3.0 --- #### `restore-timestamp-request.policy.disable-batch-writes` `boolean` Description: Disable batch writes and force single-record writes, even when the cluster supports batch writes. Introduced: 3.0 --- #### `restore-timestamp-request.policy.encryption.key-env` `string` Description: Environment variable name that holds the encryption key. Use when the key is provided via env var. Introduced: 3.0 Example: Example key env var ```bash key-env: ABS_RESTORE_KEY ``` --- #### `restore-timestamp-request.policy.encryption.key-file` `string` Description: File path for the encryption key. Use when the key is stored locally. Introduced: 3.0 Example: Example key file ```bash key-file: /etc/aerospike/restore.key ``` --- #### `restore-timestamp-request.policy.encryption.key-secret` `string` Description: Secret Agent keyword containing the encryption key. Use when the key is stored in Secret Agent. Introduced: 3.0 Example: Example key secret ```bash key-secret: restore_key ``` --- #### `restore-timestamp-request.policy.encryption.mode` `string` Description: Encryption mode used by the backup. Use NONE for unencrypted backups; for AES modes, provide one key source. Introduced: 3.0 Default: NONE Example: Example encryption mode ```bash mode: AES256 ``` Values: NONE, AES128, AES256 --- #### `restore-timestamp-request.policy.encryption` `object` Description: Encryption settings for decrypting backup files. Set when backups are encrypted. Introduced: 3.0 Example: Decrypt AES backup with key from env ```bash restore-timestamp-request: policy: encryption: mode: AES256 key-env: ABS_RESTORE_KEY ``` --- #### `restore-timestamp-request.policy.extra-ttl` `integer` Description: Extra time-to-live to add to records with expirable void-times, in seconds. Use 0 to keep original TTL. Introduced: 3.0 --- #### `restore-timestamp-request.policy.max-async-batches` `integer` Description: Maximum number of outstanding async batch write calls. Only applies when batch writes are enabled. Introduced: 3.0 Default: 128 --- #### `restore-timestamp-request.policy.namespace.destination` `string` `required` Description: Destination namespace name to restore data into. Required when using namespace remapping. Introduced: 3.0 --- #### `restore-timestamp-request.policy.namespace.source` `string` `required` Description: Original namespace name. Required when using namespace remapping. Introduced: 3.0 --- #### `restore-timestamp-request.policy.namespace` `object` Description: Specifies an alternative namespace name for the restore operation. Introduced: 3.0 Example: Remap a namespace during restore ```bash restore-timestamp-request: policy: namespace: source: "test" destination: "test_restore" ``` --- #### `restore-timestamp-request.policy.no-generation` `boolean` Description: Records from backups take precedence. Disables generation checks so backup records overwrite existing records. Mutually exclusive with `unique`. Introduced: 3.0 --- #### `restore-timestamp-request.policy.no-indexes` `boolean` Description: Do not restore any secondary index definitions. Introduced: 3.0 --- #### `restore-timestamp-request.policy.no-records` `boolean` Description: Do not restore any record data (metadata or bin data). Index and UDF restores are controlled by `no-indexes` and `no-udfs`. Introduced: 3.0 --- #### `restore-timestamp-request.policy.no-udfs` `boolean` Description: Do not restore any UDF modules. Introduced: 3.0 --- #### `restore-timestamp-request.policy.parallel` `integer` Description: Number of concurrent record readers from backup files. Controls read parallelism and must be greater than 0. Introduced: 3.0 Default: 8 --- #### `restore-timestamp-request.policy.replace` `boolean` Description: Replace records from the backup. By default, only bins in the backup are replaced; other bins remain untouched. Mutually exclusive with `unique`. Introduced: 3.0 --- #### `restore-timestamp-request.policy.retry-policy.base-timeout` `integer` Description: Initial delay between retry attempts, in milliseconds. Must be greater than 0. Introduced: 3.0 Default: 1000 Example: Example base timeout ```bash base-timeout: 2000 ``` --- #### `restore-timestamp-request.policy.retry-policy.max-retries` `integer` Description: The maximum number of retry attempts. If set to 0, no retries are performed. Introduced: 3.0 Default: 5 Example: Example max retries ```bash max-retries: 10 ``` --- #### `restore-timestamp-request.policy.retry-policy.multiplier` `number` Description: Backoff multiplier (>= 1) used to increase delays between retry attempts. Accepts integer or decimal values. Introduced: 3.0 Default: 1 Example: Example multiplier ```bash multiplier: 1.5 ``` --- #### `restore-timestamp-request.policy.retry-policy` `object` Description: Retry settings for writes to the destination cluster. Use to override the default policy. Introduced: 3.0 Example: Customize retry policy ```bash restore-timestamp-request: policy: retry-policy: base-timeout: 2000 multiplier: 2 max-retries: 10 ``` --- #### `restore-timestamp-request.policy.set-list` `array` Description: Sets to restore. An empty list implies restoring all sets. Duplicate names are rejected. Introduced: 3.0 --- #### `restore-timestamp-request.policy.socket-timeout` `integer` Description: Socket timeout in milliseconds for Aerospike commands to write records, create indexes, and create UDFs. If this value is 0, it is set to total-timeout. If both are 0, there is no socket idle time limit. Introduced: 3.0 Default: 60000 --- #### `restore-timestamp-request.policy.total-timeout` `integer` Description: Total socket timeout in milliseconds. Default is 0, meaning no timeout. Introduced: 3.0 --- #### `restore-timestamp-request.policy.tps` `integer` Description: Throttles read operations from the backup file(s) to not exceed the given transactions per second. Must be greater than 0. Introduced: 3.0 Default: No limit --- #### `restore-timestamp-request.policy.unique` `boolean` Description: Existing records take precedence. Only records that do not exist in the namespace are restored. Mutually exclusive with `replace` and `no-generation`. Introduced: 3.0 --- #### `restore-timestamp-request.policy` `object` Description: Restore policy for the operation. If omitted, defaults are used. Controls filtering and record handling options. Introduced: 3.0 --- #### `restore-timestamp-request.routine` `string` `required` Description: Backup routine name from `backup-routines`. Identifies which routine’s backups to restore. Introduced: 3.0 --- #### `restore-timestamp-request.secret-agent-name` `string` Description: Name of a preconfigured secret agent in `secret-agents`. If not specified, the routine’s secret agent is used. Mutually exclusive with `secret-agent`. Introduced: 3.0 --- #### `restore-timestamp-request.secret-agent` `object` Description: Inline secret agent configuration (same shape as `secret-agents`) for resolving secrets. If not specified, the routine’s secret agent is used. Mutually exclusive with `secret-agent-name`. Introduced: 3.0 --- #### `restore-timestamp-request.time` `integer` `required` Description: Epoch time in milliseconds for recovery (13-digit epoch). The closest backup before the timestamp is applied. Introduced: 3.0 Example: Example restore timestamp in milliseconds ```bash 1739538000000 ``` --- #### `restore-timestamp-request` `object` Description: Use for point-in-time restores based on a backup routine. Requires `routine` and `time` and restores the closest backup before the timestamp. Introduced: 3.0 --- #### `secret-agents.AGENT_NAME.address` `string` `required` Description: The hostname or IP address of the Secret Agent. Introduced: 1.0 Example: ```bash secret-agents: my-agent: address: secret-agent.example.com port: 3005 connection-type: tcp ``` --- #### `secret-agents.AGENT_NAME.ca-file` `string` Description: Path to a trusted CA certificate file in PEM format. Used to verify the Secret Agent’s server certificate when connecting over TLS. Introduced: 3.5 Example: ```bash secret-agents: secure-agent: address: secret-agent.example.com port: 3005 connection-type: tcp ca-file: /etc/ssl/certs/ca.pem ``` --- #### `secret-agents.AGENT_NAME.cert-file` `string` Description: Path to a client certificate file in PEM format for mutual TLS authentication with the Secret Agent. Requires both key-file and name to be specified. Introduced: 3.5 Example: ```bash secret-agents: secure-agent: address: secret-agent.example.com port: 3005 connection-type: tcp ca-file: /etc/ssl/certs/ca.pem cert-file: /etc/ssl/certs/client-cert.pem key-file: /etc/ssl/private/client-key.pem ``` --- #### `secret-agents.AGENT_NAME.connection-type` `string` `required` Description: The type of connection to use when communicating with the Secret Agent. Introduced: 1.0 Example: TCP connection ```bash secret-agents: my-agent: address: localhost port: 3005 connection-type: tcp ``` --- Unix domain socket connection ```bash secret-agents: my-agent: address: /var/run/secret-agent.sock connection-type: unix ``` Values: tcp, unix --- #### `secret-agents.AGENT_NAME.is-base64` `boolean` Description: Flag indicating whether the Secret Agent responses are base64-encoded. When true, ABS will decode the responses before using them. Introduced: 1.0 Default: false Example: ```bash secret-agents: my-agent: address: localhost port: 3005 connection-type: tcp is-base64: true ``` Values: true, false --- #### `secret-agents.AGENT_NAME.key-file` `string` Description: Path to a client private key file in PEM format for mutual TLS authentication with the Secret Agent. Requires both cert-file and name to be specified. Introduced: 3.5 Example: ```bash secret-agents: secure-agent: address: secret-agent.example.com port: 3005 connection-type: tcp ca-file: /etc/ssl/certs/ca.pem cert-file: /etc/ssl/certs/client-cert.pem key-file: /etc/ssl/private/client-key.pem ``` --- #### `secret-agents.AGENT_NAME.name` `string` Description: TLS server name used for certificate verification (Server Name Indication). Required when using mutual TLS authentication (cert-file and key-file). Use this when the Secret Agent’s certificate common name or SAN does not match the address you are connecting to. Introduced: 3.5 Example: ```bash secret-agents: secure-agent: address: 10.0.0.50 port: 3005 connection-type: tcp ca-file: /etc/ssl/certs/ca.pem cert-file: /etc/ssl/certs/client-cert.pem key-file: /etc/ssl/private/client-key.pem name: secret-agent.example.com ``` --- #### `secret-agents.AGENT_NAME.port` `integer` Description: The port number the Secret Agent is listening on. Introduced: 1.0 Example: ```bash secret-agents: my-agent: address: localhost port: 3005 connection-type: tcp ``` --- #### `secret-agents.AGENT_NAME.timeout` `integer` Description: Timeout in milliseconds for connections and requests to the Secret Agent. Introduced: 1.0 Default: 1000 Example: ```bash secret-agents: my-agent: address: localhost port: 3005 connection-type: tcp timeout: 5000 ``` --- #### `secret-agents.AGENT_NAME` `object` Description: Configuration for a single Aerospike Secret Agent connection. The AGENT\_NAME is a user-defined identifier that can be referenced elsewhere in the configuration. Introduced: 1.0 Example: ```bash secret-agents: my-secret-agent: address: localhost port: 3005 connection-type: tcp ``` --- #### `secret-agents` Description: A top-level stanza defining one or more Aerospike Secret Agent connections. Secret agents are used by backup routines (for encryption keys), clusters (for credentials), and storage (for authentication). Define a custom name for each agent you create, then use further parameters to define each agent’s connection details. Introduced: 1.0 Example: Basic TCP connection ```bash secret-agents: my-agent: address: localhost port: 3005 connection-type: tcp ``` --- TLS connection with mutual authentication ```bash secret-agents: secure-agent: address: secret-agent.example.com port: 3005 connection-type: tcp ca-file: /path/to/ca.pem cert-file: /path/to/client-cert.pem key-file: /path/to/client-key.pem name: secret-agent.example.com # Required for mutual TLS ``` --- #### `service.backup.timestamp-format` Description: Encoding for backup date in human-readable format in backup file paths. Introduced: 3.4 Example: Example service stanza with \`http\`, \`logger\`, and \`backup\` substanzas ```bash service: http: port: 9000 logger: level: INFO file-writer: filename: /var/log/aerospike-backup-service.log backup: timestamp-format: ISO ``` Values: ISO, EU, US --- #### `service.backup` Description: Common configuration for backup settings at the service level, applying to all policies and routines. Introduced: 3.4 Example: Example service stanza with \`http\`, \`logger\`, and \`backup\` substanzas ```bash service: http: port: 9000 logger: level: INFO file-writer: filename: /var/log/aerospike-backup-service.log backup: timestamp-format: ISO ``` --- #### `service.http.address` `string` Description: The HTTP listen address. Introduced: 1.0 Default: 0.0.0.0 Example: Example service stanza with \`http\` and \`logger\` substanzas ```bash service: http: address: 10.0.0.1 port: 8080 ``` --- #### `service.http.context-path` `string` Description: Specifies a custom path for the ABS API endpoints. Introduced: 1.0 Default: / Example: Example service stanza with \`http\` and \`logger\` substanzas ```bash service: http: address: 10.0.0.1 port: 8080 ``` --- #### `service.http.port` `integer` Description: The HTTP listen port for the monitoring endpoints. See [ABS Monitoring](https://aerospike.com/docs/database/tools/backup-and-restore/backup-service/monitoring/) for more information. Introduced: 1.0 Default: 8080 Example: Example service stanza with \`http\` stanza and port of \`8080\` ```bash service: http: address: 10.0.0.1 port: 8080 ``` --- #### `service.http.rate.size` `integer` Description: Rate limiter token bucket size, also known as the burst threshold. Introduced: 1.0 Default: 1024 Example: Example service stanza with all \`service.http.rate\` substanzas listed ```bash service: http: address: 10.0.0.1 port: 8080 rate: size: tps: white-list: ``` --- #### `service.http.rate.tps` `integer` Description: Rate limiter tokens per second threshold. Introduced: 1.0 Default: 1024 Example: Example service stanza with all \`service.http.rate\` substanzas listed ```bash service: http: address: 10.0.0.1 port: 8080 rate: size: tps: white-list: ``` --- #### `service.http.rate.white-list` `list of strings` Description: List of IP addresses allowed during rate limiting. All addresses are allowed by default. Introduced: 1.0 Example: Example service stanza with all \`service.http.rate\` substanzas listed ```bash service: http: address: 10.0.0.1 port: 8080 rate: size: tps: white-list: ``` --- #### `service.http.rate` Description: HTTP rate limiter configuration. Introduced: 1.0 Example: Example service stanza with all \`service.http.rate\` substanzas listed ```bash service: http: address: 10.0.0.1 port: 8080 rate: size: tps: white-list: ``` --- #### `service.http.timeout` `integer` Description: Timeout for HTTP server operations in milliseconds. Introduced: 1.0 Default: 5000 Example: Example service stanza with a 10-second timeout ```bash service: http: address: 10.0.0.1 port: 8080 timeout: 10000 ``` --- #### `service.http` `required` Description: Configures the HTTP server for ABS. Introduced: 1.0 Example: Example service stanza with \`http\` and \`logger\` substanzas ```bash service: http: port: 9000 logger: level: INFO file-writer: filename: /var/log/aerospike-backup-service.log ``` --- #### `service.logger.file-writer.compress` `boolean` Description: Determines if the rotated log files should be compressed using `gzip`. The default is to not compress. Introduced: 1.0 Example: Example file-writer substanza enabling file compression with gzip ```bash service: logger: level: INFO file-writer: filename: /var/log/aerospike-backup-service.log compress: true ``` --- #### `service.logger.file-writer.filename` `string` `required` Description: Log destination. Introduced: 1.0 Example: Example service stanza with \`logger\` substanza ```bash service: logger: level: INFO file-writer: filename: /var/log/aerospike-backup-service.log ``` --- #### `service.logger.file-writer.maxage` `int` Description: Maximum number of days to retain log files based on the timestamp in the filename. Default is to not remove log files based on age. Introduced: 1.0 Example: Example logger stanza set to remove backups after 30 days ```bash service: logger: maxage: 30 file-writer: filename: /var/log/aerospike-backup-service.log ``` --- #### `service.logger.file-writer.maxbackups` `integer` Description: Maximum number of log files to retain. The default is to retain all log files. Introduced: 1.0 Example: Example logger config keeping 10 old log files ```bash service: logger: maxbackups: 10 file-writer: filename: /var/log/aerospike-backup-service.log ``` --- #### `service.logger.file-writer.maxsize` `integer` Description: Maximum size in megabytes of the log file before it gets rotated. Introduced: 1.0 Example: Example service stanza with \`logger\` substanza ```bash service: logger: level: INFO file-writer: filename: /var/log/aerospike-backup-service.log ``` --- #### `service.logger.file-writer` Description: Substanza that configures the file writing protocol, such as the destination directory. Introduced: 1.0 Example: Example logger stanza with the filename specified ```bash service: logger: level: INFO file-writer: filename: /var/log/aerospike-backup-service.log ``` --- #### `service.logger.format` `string` Description: Format is the logger format (PLAIN, JSON). Introduced: 1.0 Default: PLAIN Example: Example stanza setting the format to JSON ```bash service: logger: level: INFO format: JSON file-writer: filename: /var/log/aerospike-backup-service.log ``` Values: PLAIN, JSON --- #### `service.logger.level` `string` Description: Log level. Introduced: 1.0 Default: DEBUG Example: Example logger stanza setting the level to INFO ```bash service: logger: level: INFO format: PLAIN file-writer: filename: /var/log/aerospike-backup-service.log ``` Values: TRACE, DEBUG, INFO, WARN, WARNING, ERROR --- #### `service.logger.stdout-writer` `boolean` Description: Whether to enable logging to the standard output. Introduced: 1.0 Default: true Example: Example service stanza with \`logger\` substanza ```bash service: logger: level: INFO stdout-writer: false file-writer: filename: /var/log/aerospike-backup-service.log ``` --- #### `service.logger` `required` Description: Configures the ABS logger, such as enabling the logs, setting the log level, and setting the log format. Introduced: 1.0 Example: Example service stanza with \`logger\` substanza ```bash service: logger: level: INFO file-writer: filename: /var/log/aerospike-backup-service.log ``` --- #### `service` `required` Description: Top-level stanza that configures the operation of the Aerospike Backup Service, including logging and HTTP endpoint. Introduced: 1.0 Example: Example service stanza with \`http\` and \`logger\` substanzas ```bash service: http: port: 9000 logger: level: INFO file-writer: filename: /var/log/aerospike-backup-service.log ``` --- #### `storage.STORAGE_NAME.azure-storage.account-key` Description: Azure storage account key for Shared Key authentication. This is sensitive information. Can be a path in secret agent or an actual value. Introduced: 3.0 Example: Values: string --- #### `storage.STORAGE_NAME.azure-storage.account-name` Description: Azure storage account name for Shared Key authentication. Introduced: 3.0 Example: Values: string --- #### `storage.STORAGE_NAME.azure-storage.client-id` Description: Azure Active Directory client ID for AAD authentication. Introduced: 3.0 Example: Values: string --- #### `storage.STORAGE_NAME.azure-storage.client-secret` Description: Azure Active Directory client secret for AAD authentication. This is sensitive information. Can be a path in secret agent or an actual value. Introduced: 3.0 Example: Values: string --- #### `storage.STORAGE_NAME.azure-storage.container-name` `required` Description: Name of the Azure Blob container. Introduced: 3.0 Example: Values: string --- #### `storage.STORAGE_NAME.azure-storage.endpoint` `required` Description: Azure Blob service endpoint URL. Introduced: 3.0 Example: Values: string --- #### `storage.STORAGE_NAME.azure-storage.min-part-size` Description: The minimum size in bytes of individual chunks uploaded during a multipart upload. Introduced: 3.2 Default: 5242880 Example: Values: integer --- #### `storage.STORAGE_NAME.azure-storage.path` Description: Root path for the backup repository within the container. If not specified, backups will be saved in the container’s root. Introduced: 3.0 Example: ```bash path: backups ``` Values: string --- #### `storage.STORAGE_NAME.azure-storage.secret-agent-name` Description: Secret Agent configuration (optional). Link to a preconfigured agent. Mutually exclusive with secret-agent. Introduced: 3.0 Example: Values: string --- #### `storage.STORAGE_NAME.azure-storage.secret-agent` Description: Secret Agent object definition. Mutually exclusive with `secret-agent-name`. Introduced: 3.0 Example: --- #### `storage.STORAGE_NAME.azure-storage.tenant-id` Description: Azure Active Directory tenant ID for AAD authentication. Introduced: 3.0 Example: Values: string --- #### `storage.STORAGE_NAME.azure-storage` Description: Stanza defining Azure storage options. Mutually exclusive with other storage objects. Can also take a secret-agent substanza. Introduced: 3.0 Example: ```bash storage: azure-blob-storage-example: azure-storage: endpoint: http://127.0.0.1:6000/devstoreaccount1 container-name: testcontainer path: backups account-name: devstoreaccount1 ``` --- #### `storage.STORAGE_NAME.gcp-storage.bucket-name` `required` Description: GCP storage bucket name. Introduced: 3.0 Example: Values: string --- #### `storage.STORAGE_NAME.gcp-storage.endpoint` Description: Alternative URL. It is not recommended to use an alternate URL in a production environment. Introduced: 3.0 Example: Values: string --- #### `storage.STORAGE_NAME.gcp-storage.key-file-path` Description: Path to the file containing the service account key in JSON format. Introduced: 3.0 Example: Values: string --- #### `storage.STORAGE_NAME.gcp-storage.key` Description: Service account key in JSON format. This is sensitive information. Can be a path in secret agent or an actual value. Introduced: 3.0 Example: Values: string --- #### `storage.STORAGE_NAME.gcp-storage.min-part-size` Description: The minimum size in bytes of individual chunks uploaded during a multipart upload. Introduced: 3.2 Default: 5242880 Example: Values: integer --- #### `storage.STORAGE_NAME.gcp-storage.path` Description: Root path for the backup repository. If not specified, backups will be saved in the bucket’s root. Introduced: 3.0 Example: ```bash path: backups ``` Values: string --- #### `storage.STORAGE_NAME.gcp-storage.secret-agent-name` Description: Secret Agent configuration (optional). Link to one of preconfigured agents. Mutually exclusive with secret-agent. Introduced: 3.0 Example: Values: string --- #### `storage.STORAGE_NAME.gcp-storage.secret-agent` Description: Secret Agent object definition. Mutually exclusive with secret-agent-name. Introduced: 3.0 Example: Values: object --- #### `storage.STORAGE_NAME.gcp-storage` Description: Stanza defining GCP storage options. Mutually exclusive with other storage objects. Can also take a secret-agent substanza. Introduced: 3.0 Example: ```bash storage: gcp-storage-example: gcp-storage: key-file-path: key-file.json bucket-name: gcp-backup-bucket path: backups endpoint: http://127.0.0.1:9020 ``` --- #### `storage.STORAGE_NAME.local-storage.min-part-size` Description: The minimum size in bytes of individual storage chunks when writing backup files to local storage. Introduced: 3.5 Example: ```bash storage: local-backup: local-storage: path: /backups min-part-size: 5242880 ``` Values: integer --- #### `storage.STORAGE_NAME.local-storage.path` `required` Description: Root path for the backup directory when backing up locally. Introduced: 3.0 Example: ```bash storage: example-local-storage-object: local-storage: path: backups ``` --- #### `storage.STORAGE_NAME.local-storage` Description: Stanza defining local storage options. Mutually exclusive with other storage objects. Introduced: 3.0 Example: ```bash storage: example-local-storage-object: local-storage: path: backups ``` --- #### `storage.STORAGE_NAME.path` Description: Root path for the backup directory. Introduced: 1.0 Removed: 3.0 Example: ```bash path: backups ``` --- #### `storage.STORAGE_NAME.s3-endpoint-override` `string` Description: Alternative endpoint for the S3 SDK to communicate (AWS S3 optional). Introduced: 1.0 Removed: 3.0 Example: ```bash s3-endpoint-override: http://host.docker.internal:9000 ``` --- #### `storage.STORAGE_NAME.s3-log-level` `string` Description: Log level of the AWS S3 SDK (AWS S3 optional). Introduced: 1.0 Removed: 3.0 Example: ```bash s3-log-level: FATAL ``` --- #### `storage.STORAGE_NAME.s3-profile` `string` Description: The S3 profile name (AWS S3 optional). Introduced: 1.0 Removed: 3.0 Example: ```bash s3-profile: default ``` --- #### `storage.STORAGE_NAME.s3-region` `string` Description: S3 region string (AWS S3 optional). Introduced: 1.0 Removed: 3.0 Example: ```bash s3-region: eu-central-1 ``` --- #### `storage.STORAGE_NAME.s3-storage.access-key-id` Description: Access Key ID for authentication with S3 StaticCredentialsProvider. This is sensitive information. Can be a path in secret agent or an actual value. Introduced: 3.0 Example: Values: string --- #### `storage.STORAGE_NAME.s3-storage.bucket` `required` Description: The S3 bucket name. Introduced: 3.0 Example: Values: string --- #### `storage.STORAGE_NAME.s3-storage.max-async-connections` Description: The maximum number of simultaneous requests allowed from S3. This parameter was named `max_async_connections` until 3.1 Introduced: 3.0 Example: Values: integer --- #### `storage.STORAGE_NAME.s3-storage.min-part-size` Description: The minimum size in bytes of individual chunks uploaded during a multipart upload. This parameter was named `min_part_size` until version 3.1. Introduced: 3.0 Default: 5242880 Example: Values: integer --- #### `storage.STORAGE_NAME.s3-storage.path` Description: The root path for the backup repository within the bucket. If not specified, backups will be saved in the bucket’s root. Introduced: 3.0 Example: ```bash path: backups ``` Values: string --- #### `storage.STORAGE_NAME.s3-storage.s3-endpoint-override` Description: An alternative endpoint for the S3 SDK to communicate (AWS S3 optional). Introduced: 3.0 Example: ```bash s3-endpoint-override: http://host.docker.internal:9000 ``` Values: string --- #### `storage.STORAGE_NAME.s3-storage.s3-log-level` Description: The log level of the AWS S3 SDK (AWS S3 optional). Introduced: 3.0 Default: FATAL Example: Values: string --- #### `storage.STORAGE_NAME.s3-storage.s3-profile` Description: The S3 profile name (AWS S3 optional). Introduced: 3.0 Example: Values: string --- #### `storage.STORAGE_NAME.s3-storage.s3-region` `required` Description: The S3 region string. Introduced: 3.0 Example: ```bash region: eu-central-1 ``` Values: string --- #### `storage.STORAGE_NAME.s3-storage.secret-access-key` Description: Secret Access Key for authentication with S3 StaticCredentialsProvider. This is sensitive information. Can be a path in Aerospike Secret Agent or an actual value. Introduced: 3.0 Example: Values: string --- #### `storage.STORAGE_NAME.s3-storage.secret-agent-name` Description: Secret Agent configuration (optional). Link to one of preconfigured agents. Mutually exclusive with `secret-agent`. Introduced: 3.0 Example: Values: string --- #### `storage.STORAGE_NAME.s3-storage.secret-agent` Description: Secret Agent object definition. Mutually exclusive with `secret-agent-name`. Introduced: 3.0 Example: --- #### `storage.STORAGE_NAME.s3-storage` Description: Stanza defining AWS S3 storage options. Mutually exclusive with other storage objects. Can also take a secret-agent substanza. Introduced: 3.0 Example: ```bash storage: aws-s3-example-object: s3-storage: bucket: as-backup-bucket path: backups s3-region: eu-central-1 ``` --- #### `storage.STORAGE_NAME.type` `string` Description: Type of the storage provider. Introduced: 1.0 Removed: 3.0 Example: ```bash type: local ``` --- #### `storage` `required` Description: A top-level stanza with options for configuring local or remote storage. Define a custom name for each storage object you create, then use further parameters to define each object’s details. Introduced: 1.0 Example: ```bash storage: # Example 1: Local Storage storage1: local-storage: path: /local/backups # Example 2: S3 Storage storage2: s3-storage: bucket: my-backup-bucket path: backups s3-profile: default s3-region: eu-central-1 ``` ---