Session Cache Configuration
Session Cache Configuration
The storage configuration includes session cache configuration.
There are three types of session cache supported
in-memory
db
redis
-
Session cache properties for
in-memory
type:Session Cache Properties Description Default life_time Specifies the session entry duration in seconds. 600
max_entries Specifies the maximum number of session entries. 60000
runtime_db: mypq # Configuration of runtime database. Points to the database server connection. session_cache: type: in-memory life_time: 600 max_entries: 60000
-
For
db
type, the runtime_db configuration is used for session storage as well. -
For
redis
configuration, update thedeployment, hosts, credential and ssl_settings
in the following storage configuration example.
runtime_db: mypq # Configuration of runtime database. Points to the database server connection.
session_cache:
type: redis # Specifies the type of session cache, in-memory, redis, or db.
cfg: redis-standalone # Specifies the configuration of the `redis` cache, for `redis` type only. Points to `redis` server connection
server_connections: # Server connections
- name: mypq # Connection name
...
- name: ldap_staging # Connection name
...
- name: redis-standalone # Connection name
type: redis # Connection type
deployment: # Redis deployment information. for `redis` type only
model: standalone # Deployment model. standalone or sentinel
# master: master # Master node information. For `sentinel` model only
hosts: # List of host information (IP and port)
- hostname: redis # Server's hostname
hostport: 6390 # Server's host port
credential: # Credential information to connect to the host.
username: isva # Specifies the username to access the server
password: 'OBF:oUqHV/2VlAeWb1D7uAdfQysti3vh44p5/rpCDR35gn4=' #
# Specifies the password for the redis server connection. It is recommended to obfuscate this.
ssl:
certificate: # The SSL connection certificate array.
- ks:redis_keys # The SSL keystore to be used for SSL connections. ks: indicates keystore.
mutual_auth:
key: ks:rt_profile_keys/redis # When mutual TLS is needed, specify the keystore and label that contains the client's private key.
certificate: ks:rt_profile_keys/redis # When mutual TLS is needed, specify the keystore and label of the client's leaf certificate.
ca: # The mutual_auth connection certificate array.
- ks:rt_profile_keys/ca # When mutual TLS is needed, specify the keystore and label of the client's CA certificate.
disable_hostname_verification: false # The SSL connection validates the hostname.
1. Server connections
Name | Description | Valid Value | Mandatory | Default |
---|---|---|---|---|
name | Connection name | string | Yes | |
type | Connection type | redis | Yes | |
hosts | List of host information (IP and port) | HostInfo | Yes | |
credential | Credential information to connect to the server | Credential | ||
ssl | SSL settings. | SSLSettings | ||
conn_settings | Connection pool settings. | ConnectionSettings | ||
deployment | Redis deployment information. | RedisDeployment | Yes |
1.1. Host information
Name | Description | Valid Value | Mandatory | Default |
---|---|---|---|---|
hostname | Redis Server's hostname | string | Yes | |
hostport | Redis Server's host port | integer | Yes | |
credential | Credential information to connect to the Redis Server. | Credential | ||
ssl | SSL settings for the server. It can be specified at the top level if the settings are common across hosts. | SSLSettings | ||
conn_settings | Connection pool settings for the session cache server. It can be specified at the top level if the settings are common across hosts. | ConnectionSettings |
Note: For Redis Server, specify credential, ssl_settings and conn_settings at the top level only.
1.2. Credential
Name | Description | Valid Value | Mandatory | Default |
---|---|---|---|---|
username | Specifies the username to access the server. This can be omitted if the server type is redis , and does not use a username | string | No | |
password | Specifies the password to access the server. Use obfuscation. | string | Yes |
1.3. SSL settings
Name | Description | Valid Value | Mandatory | Default |
---|---|---|---|---|
certificate | The array of SSL certificates to be used for SSL connection to the session cache. | string | No | |
mutual_auth | ||||
key | When mutual TLS is needed, specify the keystore and label that contains the client's private key. | string | No | |
certificate | When mutual TLS is needed, specify the keystore of the client's leaf certificate. | string | No | |
ca | When mutual TLS is needed, specify an array of CA certificates needed for the connection. | string | No | |
disable_hostname_verification | The flag to enable or disable hostname verification for SSL connections. | Boolean | No |
1.4. Connection settings
Name | Description | Valid Value | Mandatory | Default |
---|---|---|---|---|
max_pool_size | Maximum connection pool size. | integer | No | 50 |
min_idle_size | Minimum connection idle size. | integer | No | 3 |
aged_timeout | Age timeout, in seconds. | integer | No | 10 |
connect_timeout | Connect timeout, in seconds. | integer | No | 5 |
idle_timeout | Idle timeout, in seconds. | integer | No | 10 |
io_timeout | Input/Output timeout, in seconds. | integer | No | 10 |
1.5. Redis deployment
Name | Description | Valid Value |
---|---|---|
model | Deployment model. | standalone or sentinel |
master | Master node information. For sentinel model only | string |
Updated about 2 years ago