Configuration for the Aerospike XDR Proxy
Aerospike destination configurationโ
The Aerospike section configures the connection properties to the Aerospike cluster.
| Option | Required | Description |
|---|---|---|
| seeds | yes | List of Aerospike seed nodes to connect. See seeds. |
| credentials | no | Credentials to connect to the Aerospike Database. See credentials. |
| services | no | Service configuration. See services. |
| cluster-name | no | Aerospike cluster name if configured. |
| performance | no | Performance tuning parameters. See performance. |
| rack-id | no | Rack where the connector instance resides. |
| tls | no | Tls configuration. See TLS. |
Seeds Configโ
A map of Aerospike seed to its configuration.
| Option | Required | Default | Description |
|---|---|---|---|
| port | no | 3000 | Aerospike server port. |
| tls-name | no | TLS name of the Aerospike Database. |
Credentials Configโ
The credentials to connect to the Aerospike Database.
| Option | Required | Default | Description |
|---|---|---|---|
| username | yes | The username. | |
| password-file | yes | A file from which the password is read. Everything after the first newline is ignored. Trailing spaces in the first line are not ignored. | |
| auth-mode | no | internal | The authentication mode. Valid values are internal, external, external-insecure, pki. See auth-mode. |
Password Fileโ
A file from which the password is read. Everything after the first newline is ignored. Trailing spaces in the first line are not ignored.
Services Configโ
The service configuration.
| Option | Required | Default | Description |
|---|---|---|---|
| ip-map | no | no translation | The IP translation table. See ip map. |
| use-services-alternate | no | false | Use "services-alternate" instead of "services" in info request during cluster tending. |
IP Map Configโ
An IP translation table is a map of IP address to IP address, used in cases where different clients use different Database IP addresses. The key is the IP address returned from friend info requests to other servers. The value is the real IP address used to connect to the Database.
Performance Configโ
The performance tuning parameters.
| Option | Required | Default | Description |
|---|---|---|---|
| max-connections-per-node | no | 300 | Maximum number of connections allowed per Aerospike Database node |
| event-loop-size | no | # of processors | Number of event loops. |
TLS Configโ
The TLS config of the client.
| Option | Required | Default | Description |
|---|---|---|---|
| key-store | yes | Key store containing the Aerospike client certificate for mutual authentication. See TLS Store Config. | |
| trust-store | no | Default java trust store. | Trust store containing trusted CA certificate for Aerospike Database certificate. See TLS Store Config. |
| ciphers | no | default ciphers allowed by the JVM | Allowed list of TLS ciphers that clients can use for secure connections. |
| revoke-certificates | no | List of certificate serial numbers to reject. |
Sample TLS section with default trust storeโ
tls:
trust-store: default
TLS Store Configโ
A TLS key/trust store.
| Option | Required | Default | Description |
|---|---|---|---|
| store-file | yes | Store file | |
| store-password-file | yes | Read store password from this file. | |
| key-password-file | no | Read key password from this file. | |
| store-type | no | JKS | Keystore type. Valid values are JKS, JCEKS, PKCS12, PKCS11, DKS, Windows_MY, BKS |
Exampleโ
aerospike:
seeds:
- 192.168.50.1:
port: 3000
tls-name: red
- 192.168.50.2
credentials:
username: admin
password-file: /path/to/password/file.txt
auth-mode: internal
services:
ip-map:
192.168.50.1: 192.168.60.1
192.168.50.2: 192.168.60.2
use-services-alternate: false
cluster-name: east
performance:
max-connections-per-node: 300
event-loop-size: 4
rack-id: 1
tls:
key-store:
store-file: /path/to/store/file
store-password-file: /path/to/store/password/file
key-password-file: /path/to/key/password/file
store-type: JKS
trust-store:
store-file: /path/to/store/file
store-password-file: /path/to/store/password/file
key-password-file: /path/to/key/password/file
store-type: JKS
ciphers:
- TLS_RSA_WITH_3DES_EDE_CBC_SHA
revoke-certificates:
- 12345678
Specify rack IDโ
If the XDR proxy nodes are located on racks, specify the ID of the rack where this XDR proxy instance is located.
Exampleโ
Here is an example with the rack-id property. Also included is the example from the previous step:
aerospike:
seeds:
- 192.168.50.1:
port: 3000
tls-name: red
- 192.168.50.2
cluster-name: east
rack-id: 1
Timeoutsโ
Specify timeouts applied to the Aerospike transactions.
| Property | Required | Default | Description |
|---|---|---|---|
socket-timeout | no | 30000 (30 seconds) | Socket idle timeout in milliseconds when processing a database command. |
total-timeout | no | 1000 (1 second) | Total transaction timeout in milliseconds. |
Exampleโ
Here is an example of the specifying socket-timeout and total-timeout.
aerospike:
seeds:
- 192.168.50.1:
port: 3000
tls-name: red
- 192.168.50.2
socket-timeout: 30000
total-timeout: 1000
Boolean particle typeโ
Specify particle types of boolean bins.
- If
true, boolean is stored on the Aerospike server with a boolean particle type (introduced in Aerospike Database 5.6). - If
false, boolean is stored on the Aerospike server with an integer particle type (1 or 0). Must be false for Database versions prior to 5.6 which do not support boolean bins.
| Property | Required | Default | Description |
|---|---|---|---|
use-bool-bin | no | false | Set this property to true if you would like boolean bins stored with boolean particle type in the Aerospike server. |
Exampleโ
Here is an example specifying use-bool-bin.
aerospike:
seeds:
- 192.168.50.1:
port: 3000
tls-name: red
- 192.168.50.2
use-bool-bin: false