- The Rest Gateway requires Java 8.
- The Rest Gateway requires an Aerospike Server to be installed and reachable. See Configuration for details on specifying the location of this server.
- Build
make build
- Run Locally during development:
make runjava -jar build/libs/aerospike-rest-gateway-<VERSION>.jar
The fully executable jar contains an extra script at the front of the file, which allows you to just symlink your Spring
Boot jar to init.d or use a systemd script.
More information at the following links:
java -server -Dcom.sun.management.jmxremote -Dcom.sun.management.jmxremote.port=8082 -Dcom.sun.management.jmxremote.rmi.port=8082 -Dcom.sun.management.jmxremote.local.only=false -Dcom.sun.management.jmxremote.authenticate=false -Dcom.sun.management.jmxremote.ssl=false -XX:+UseG1GC -Xms2048m -Xmx2048m -jar ./aerospike-rest-gateway-X.X.X.jar --aerospike.restclient.hostname=localhost --aerospike.restclient.clientpolicy.user=*** --aerospike.restclient.clientpolicy.password=*** --logging.file.name=/var/log/restclient/asproxy.log
For more JVM command-line options, see the documentation.
- Build the docker image
docker build -t aerospike-rest-gateway .
- Run the REST Gateway using docker
docker run -itd --rm -p 8080:8080 --name as-rest -e aerospike_restclient_hostname=172.17.0.3 aerospike-rest-gateway- Use the official Helm chart to deploy the Aerospike REST Gateway to Kubernetes.
Note: The following steps assume REST Gateway's base path is http://localhost:8080/ if this is not the case, the
provided URLs will need to be modified accordingly.
To test that the REST Gateway is up and running, and connected to the Aerospike database you can run:
curl http://localhost:8080/v1/cluster
This will return basic information about the cluster.
Interactive API documentation may be found at http://localhost:8080/swagger-ui.html . This will allow you to test out various commands in your browser.
The Swagger specification, in JSON format, can be found at http://localhost:8080/v3/api-docs .
Read more about Spring Boot Externalized Configuration .
server.portChange the port the REST Gateway is listening on (default: 8080)aerospike.restclient.hostnameThe IP address or Hostname of a seed node in the cluster (default:localhost) Note: If TLS is being utilized,aerospike.restclient.hostlistshould be used instead of this variable.aerospike.restclient.portThe port to communicate with the Aerospike cluster over. (default:3000)aerospike.restclient.hostlistA comma separated list of cluster hostnames, (optional TLS names) and ports. If this is specified, it overrides the previous two environment variables. The format is described below:
The string format is : hostname1[:tlsname1][:port1],...
* Hostname may also be an IP address in the following formats.
*
* IPv4: xxx.xxx.xxx.xxx
* IPv6: [xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx]
* IPv6: [xxxx::xxxx]
*
* IPv6 addresses must be enclosed by brackets.
* tlsname and port are optional.
*/
Example:
java -jar as-rest-gateway-*.jar --aerospike.restclient.hostname=172.17.0.3 --server.port=9876
The REST Gateway also allows authentication to an Aerospike Enterprise edition server with security enabled. The following environment variables are used to find authentication information.
aerospike.restclient.clientpolicy.userThis is the name of a user registered with the Aerospike database. This variable is only needed when the Aerospike cluster is running with security enabled.aerospike.restclient.clientpolicy.passwordThis is the password for the previously specified user. This variable is only needed when the Aerospike cluster is running with security enabled.aerospike.restclient.clientpolicy.authModeThis is the authentication mode. Use it when user/password is defined. Supported modes are INTERNAL, EXTERNAL and EXTERNAL_INSECURE. Default is INTERNAL.aerospike.restclient.clientpolicy.clusterNameThis is the expected cluster name. Default is empty and does not validate target cluster name.
To utilize the multi-tenancy capability within the REST Gateway, send Aerospike login credentials using
the Basic access authentication.
Set custom multi-user authentication configuration variables if needed:
aerospike.restclient.requireAuthenticationSet this boolean flag to true to require the Basic Authentication on each request.aerospike.restclient.pool.sizeRepresents the max size of the authenticated clients LRU cache (default value: 16). Please note that an oversized client cache will consume a lot of resources and affect the performance.
Beginning with version 1.1.0 the Aerospike REST Gateway supports TLS communication between the client and the
Aerospike
Server. (This feature requires an Enterprise Edition Aerospike Server).
If utilizing TLS, the aerospike.restclient.hostlist variable should be set to include appropriate TLS Names for each
of the Aerospike Nodes. For example: localhost:cluster-tls-name:4333 The following environment variables allow
configuration of this connection:
aerospike.restclient.ssl.enabledboolean, set totrueto enable a TLS connection with the Aerospike Server. If no other SSL environment variables are provided, the REST gateway will attempt to establish a secure connection utilizing the default Java SSL trust and keystore settings. Default:falseaerospike.restclient.ssl.keystorepathThe path to a Java KeyStore to be used to interact with the Aerospike Server. If omitted the default Java KeyStore location and password will be used.aerospike.restclient.ssl.keystorepasswordThe password to the keystore. If a keystore path is specified, this must be specified as well.aerospike.restclient.ssl.keypasswordThe password for the key to be used when communicating with Aerospike. If omitted, andaerospike.restclient.ssl.keystorepasswordis provided, the value ofaerospike.restclient.ssl.keystorepasswordwill be used as the key password.aerospike.restclient.ssl.truststorepathThe path to a Java TrustStore to be used to interact with the Aerospike Server. If omitted the default Java TrustStore location and password will be used.aerospike.restclient.ssl.truststorepasswordThe password for the truststore. May be omitted if the TrustStore is not password protected.aerospike.restclient.ssl.forloginonlyBoolean indicating that SSL should only be used for the initial login connection to Aerospike. Default:falseaerospike.restclient.ssl.allowedciphersAn optional comma separated list of ciphers that are permitted to be used in communication with Aerospike. Available cipher names can be obtained bySSLSocket.getSupportedCipherSuites().aerospike.restclient.ssl.allowedprotocolsAn optional comma separated list of protocols that are permitted to be used in communication with Aerospike. Available values can be aquired usingSSLSocket.getSupportedProtocols(). By Default onlyTLSv1.2is allowed.
The REST Gateway allows modification of the internal Aerospike client policies using the following environment variables. Please refer to the ClientPolicy page on the Aerospike Java client API for more details about each policy settings.
aerospike.restclient.clientpolicy.connPoolsPerNodeaerospike.restclient.clientpolicy.minConnsPerNodeaerospike.restclient.clientpolicy.maxConnsPerNodeaerospike.restclient.clientpolicy.maxSocketIdleaerospike.restclient.clientpolicy.tendIntervalaerospike.restclient.clientpolicy.timeoutaerospike.restclient.clientpolicy.failIfNotConnectedaerospike.restclient.clientpolicy.sharedThreadPoolaerospike.restclient.clientpolicy.useServicesAlternateaerospike.restclient.clientpolicy.requestProleReplicas
- For information about the data formats available to use with the REST Gateway see Data Formats.