Session Cache Configuration
Session Cache Configuration
The storage configuration includes session cache configuration.
There are three types of session cache supported
in-memorydbredis
-
Session cache properties for
in-memorytype:Session Cache Properties Description Default life_time Specifies the session entry duration in seconds. 600max_entries Specifies the maximum number of session entries. 60000runtime_db: mypq # Configuration of runtime database. Points to the database server connection. session_cache: type: in-memory life_time: 600 max_entries: 60000 -
For
dbtype, the runtime_db configuration is used for session storage as well. -
For
redisconfiguration, update thedeployment, hosts, credential and ssl_settingsin the following storage configuration example.
runtime_db: mypq # Configuration of runtime database. Points to the database server connection.
session_cache:
type: redis # Specifies the type of session cache, in-memory, redis, or db.
cfg: redis-standalone # Specifies the configuration of the `redis` cache, for `redis` type only. Points to `redis` server connection
server_connections: # Server connections
- name: mypq # Connection name
...
- name: ldap_staging # Connection name
...
- name: redis-standalone # Connection name
type: redis # Connection type
deployment: # Redis deployment information. for `redis` type only
model: standalone # Deployment model. standalone or sentinel
# master: master # Master node information. For `sentinel` model only
hosts: # List of host information (IP and port)
- hostname: redis # Server's hostname
hostport: 6390 # Server's host port
credential: # Credential information to connect to the host.
username: isva # Specifies the username to access the server
password: 'OBF:oUqHV/2VlAeWb1D7uAdfQysti3vh44p5/rpCDR35gn4=' #
# Specifies the password for the redis server connection. It is recommended to obfuscate this.
ssl:
certificate: # The SSL connection certificate array.
- ks:redis_keys # The SSL keystore to be used for SSL connections. ks: indicates keystore.
mutual_auth:
key: ks:rt_profile_keys/redis # When mutual TLS is needed, specify the keystore and label that contains the client's private key.
certificate: ks:rt_profile_keys/redis # When mutual TLS is needed, specify the keystore and label of the client's leaf certificate.
ca: # The mutual_auth connection certificate array.
- ks:rt_profile_keys/ca # When mutual TLS is needed, specify the keystore and label of the client's CA certificate.
disable_hostname_verification: false # The SSL connection validates the hostname.
1. Server connections
| Name | Description | Valid Value | Mandatory | Default |
|---|---|---|---|---|
| name | Connection name | string | Yes | |
| type | Connection type | redis | Yes | |
| hosts | List of host information (IP and port) | HostInfo | Yes | |
| credential | Credential information to connect to the server | Credential | ||
| ssl | SSL settings. | SSLSettings | ||
| conn_settings | Connection pool settings. | ConnectionSettings | ||
| deployment | Redis deployment information. | RedisDeployment | Yes |
1.1. Host information
| Name | Description | Valid Value | Mandatory | Default |
|---|---|---|---|---|
| hostname | Redis Server's hostname | string | Yes | |
| hostport | Redis Server's host port | integer | Yes | |
| credential | Credential information to connect to the Redis Server. | Credential | ||
| ssl | SSL settings for the server. It can be specified at the top level if the settings are common across hosts. | SSLSettings | ||
| conn_settings | Connection pool settings for the session cache server. It can be specified at the top level if the settings are common across hosts. | ConnectionSettings |
Note: For Redis Server, specify credential, ssl_settings and conn_settings at the top level only.
1.2. Credential
| Name | Description | Valid Value | Mandatory | Default |
|---|---|---|---|---|
| username | Specifies the username to access the server. This can be omitted if the server type is redis, and does not use a username | string | No | |
| password | Specifies the password to access the server. Use obfuscation. | string | Yes |
1.3. SSL settings
| Name | Description | Valid Value | Mandatory | Default |
|---|---|---|---|---|
| certificate | The array of SSL certificates to be used for SSL connection to the session cache. | string | No | |
| mutual_auth | ||||
| key | When mutual TLS is needed, specify the keystore and label that contains the client's private key. | string | No | |
| certificate | When mutual TLS is needed, specify the keystore of the client's leaf certificate. | string | No | |
| ca | When mutual TLS is needed, specify an array of CA certificates needed for the connection. | string | No | |
| disable_hostname_verification | The flag to enable or disable hostname verification for SSL connections. | Boolean | No |
1.4. Connection settings
| Name | Description | Valid Value | Mandatory | Default |
|---|---|---|---|---|
| max_pool_size | Maximum connection pool size. | integer | No | 50 |
| min_idle_size | Minimum connection idle size. | integer | No | 3 |
| aged_timeout | Age timeout, in seconds. | integer | No | 10 |
| connect_timeout | Connect timeout, in seconds. | integer | No | 5 |
| idle_timeout | Idle timeout, in seconds. | integer | No | 10 |
| io_timeout | Input/Output timeout, in seconds. | integer | No | 10 |
1.5. Redis deployment
| Name | Description | Valid Value |
|---|---|---|
| model | Deployment model. | standalone or sentinel |
| master | Master node information. For sentinel model only | string |
Updated almost 2 years ago