Skip to content

Latest commit

 

History

History
46 lines (40 loc) · 15.2 KB

File metadata and controls

46 lines (40 loc) · 15.2 KB

Clustering Configuration

The cluster configuration map has the following configuration options:

Property Description
host Interface where the gateway will listen for incoming route connections.
port Port where the gateway will listen for incoming route connections.
name Name of the cluster (recommended for NATS +v2.2)
listen Combines host and port as <host>:<port>.
tls A tls configuration map for securing the clustering connection. verify is always enabled and cert_file is used for client and server. See for certificate pitfalls.
advertise or cluster_advertise Hostport <host>:<port> to advertise how this server can be contacted by other cluster members. This is useful in setups with NAT. When using TLS this is important to set to control the hostname that clients will use when discovering the route since by default this will be an IP, otherwise TLS hostname verification may fail with an IP SANs error.
no_advertise When set to 'true', the server will not gossip its server URLs to clients .
routes A list of other servers (URLs) to cluster with. Self-routes are ignored. Should authentication via token or username/password be required, specify them as part of the URL.
connect_retries After how many failed connect attempts to give up establishing a connection to a discovered route. Default is 0, do not retry. When enabled, attempts will be made once a second. This, does not apply to explicitly configured routes.
authorization Authorization map for configuring cluster routes. When a single username/password is used, it defines the authentication mechanism this server expects, and how this server will authenticate itself when establishing a connection to a discovered route. This will not be used for routes explicitly listed in routes and therefore have to be provided as part of the URL. With this authentication mode, either use the same credentials throughout the system or list every route explicitly on every server. If the tls configuration map specifies verify_and_map only provide the expected username. Here different certificates can be used, but they have to map to the same username. The authorization map also allows for timeout which is honored but users and token configuration are not supported and will prevent the server from starting. The permissions block is ignored.
pool_size The size of the connection pool used to distribute load across non-pinned accounts. Default is 3. Refer to v2 Routes for details.
accounts An optional list of accounts that will have a pinned route connection. Refer to v2 Routes for details.
compression The compression mode the server will use when connecting with peer servers. Default is accept. Refer to v2 Routes for details.
cluster {
  name: example

  # host/port for inbound route connections from other server
  listen: localhost:4244

  # Authorization for route connections
  # Other server can connect if they supply the credentials listed here
  # This server will connect to discovered routes using this user
  authorization {
    user: route_user
    password: pwd
    timeout: 0.5
  }

  # This server establishes routes with these server.
  # This server solicits new routes and Routes are actively solicited and connected to from this server.
  # Other servers can connect to us if they supply the correct credentials
  # in their routes definitions from above.
  routes = [
    nats://route_user:[email protected]:4245
    nats://route_user:[email protected]:4246
  ]
}