remote.yaml configuration file
The DataStax Enterprise configuration file for DSE Graph Gremlin console connection to the Gremlin Server.
remote.yaml
The location of the remote.yaml file depends on the type of installation:Package installations | /etc/dse/graph/gremlin-console/conf/remote.yaml |
Tarball installations | installation_location/resources/graph/gremlin-console/conf/remote.yaml |
cassandra.yaml
The location of the cassandra.yaml file depends on the type of installation:Package installations | /etc/dse/cassandra/cassandra.yaml |
Tarball installations | installation_location/resources/cassandra/conf/cassandra.yaml |
dse.yaml
The location of the dse.yaml file depends on the type of installation:Package installations | /etc/dse/dse.yaml |
Tarball installations | installation_location/resources/dse/conf/dse.yaml |
The remote.yaml file is the primary configuration file for DSE Graph Gremlin console connection to the Gremlin Server.
The dse.yaml file is the primary configuration file for the DataStax Enterprise Graph configuration, and includes the setting for the Gremlin Server options.
Synopsis
node_health_options
entry, and at least two spaces before the child
settings: node_health_options: refresh_rate_ms: 60000 uptime_ramp_up_period_seconds: 10800 dropped_mutation_window_minutes: 30
DSE Graph Gremlin basic options
An Apache TinkerPop YAML file, remote.yaml, is configured with Gremlin Server information: The Gremlin Server is configured using Apache TinkerPop specifications.
hosts: [localhost] port: 8182 serializer: { className: org.apache.tinkerpop.gremlin.driver.ser.GryoMessageSerializerV3d0, config: { ioRegistries: [org.apache.tinkerpop.gremlin.tinkergraph.structure.TinkerIoRegistryV3d0] }}
- hosts
- Identifies a host or hosts running a DSE node that is running Gremlin Server.
You may need to use the native_transport_address value
set in cassandra.yaml.
Default: [localhost]
Note: You can also connect to the Spark Master node for the datacenter by either running the console from the Spark Master or specifying the Spark Master in thehosts
field in the remote.yaml file. - port
- Identifies a port on a DSE node running Gremlin Server. The port value needs to match
the port value specified for
gremlin_server: in the dse.yaml
file.
Default: 8182
- serializer
- Specifies the class and configuration for the serializer used to pass information
between the Gremlin console and the Gremlin Server.
Default: { className: org.apache.tinkerpop.gremlin.driver.ser.GryoMessageSerializerV3d0,
config: { ioRegistries: [org.apache.tinkerpop.gremlin.tinkergraph.structure.TinkerIoRegistryV3d0]
DSE Graph Gremlin connectionPool options
The connectionPool
settings specify a number of options that will be
passed between the Gremlin console and the Gremlin Server.
connectionPool: { enableSsl: false, maxContentLength: 65536000, maxInProcessPerConnection: 4, maxSimultaneousUsagePerConnection: 16, maxSize: 8, maxWaitForConnection: 3000, maxWaitForSessionClose: 3000, minInProcessPerConnection: 1, minSimultaneousUsagePerConnection: 8, minSize: 2, reconnectInterval: 1000, resultIterationBatchSize: 64, # trustCertChainFile: /etc/dse/graph/gremlin-console/conf/mycert.pem # Note: trustCertChainFile deprecated as of TinkerPop 3.2.10; instead use trustStore. trustStore: /full/path/to/jsse/truststore/file }
- enableSsl
- Determines if SSL should be enabled. If enabled on the server, SSL must be enabled on
the client. To configure the Gremlin console to use SSL, when SSL is enabled on the
Gremlin Server, edit the
connectionPool
section of remote.yaml:- Set
enableSsl
totrue
. - Specify the path to the:
- Java Secure Socket Extension (JSSE) truststore file via the
trustStore
parameter - Or the PEM-based
trustCertChainFile
Attention:trustCertChainFile
is deprecated as of TinkerPop 3.2.10 If SSL is enabled, when you can, switch to specifying the JSSE truststore file via thetrustStore
parameter in remote.yaml.
- Java Secure Socket Extension (JSSE) truststore file via the
hosts: [localhost] username: Cassandra_username password: Cassandra_password port: 8182 ... connectionPool: { enableSsl: true, trustStore: /full/path/to/JSSE/truststore/file, ... ...
Tip: For related information, refer to the TinkerPop security documentation.Default: false
- Set
- maxContentLength
- The maximum length in bytes that a message can be sent to the server. This number can
be no greater than the setting of the same name in the server
configuration.
Default: 65536000
- maxInProcessPerConnection
- The maximum number of in-flight requests that can occur on a
connection.
Default: 4
- maxSimultaneousUsagePerConnection
- The maximum number of times that a connection can be borrowed from the pool
simultaneously.
Default: 16
- maxSize
- The maximum size of a connection pool for a host.
Default: 8
- maxWaitForConnection
- The amount of time in milliseconds to wait for a new connection before timing
out.
Default: 3000
- maxWaitForSessionClose
- The amount of time in milliseconds to wait for a session to close before timing out
(does not apply to sessionless connections).
Default: 3000
- minInProcessPerConnection
- The minimum number of in-flight requests that can occur on a
connection.
Default: 1
- minSimultaneousUsagePerConnection
- The maximum number of times that a connection can be borrowed from the pool
simultaneously.
Default: 8
- minSize
- The minimum size of a connection pool for a host.
Default: 2
- reconnectInterval
- The amount of time in milliseconds to wait before trying to reconnect to a dead
host.
Default: 1000
- resultIterationBatchSize
- The override value for the size of the result batches to be returned from the
server.
Default: 64
- trustCertChainFile
- The location of the public certificate from the DSE truststore file, in PEM format.
Also set
enableSsl: true
.If you are using the deprecatedIn this example, thetrustCertChainFile
in your version of remote.yaml, here are the details. Depending on how you created the DSE truststore file, you may already have the PEM format certificate file from the root Certificate Authority. If so, specify the PEM file with thistrustCertChainFile
option. If not, export the public certificate from the DSE truststore (CER format) and convert it to PEM format. Then specify the PEM file with this option. Example:pwd
/etc/dse/graph/gremlin-console/conf
keytool -export -keystore /etc/dse/keystores/client.truststore -alias clusterca -file mycert.cer
openssl x509 -inform der -in mycert.cer -out mycert.pem
connectionPool
section of remote.yaml should then include the following options (assuming you are aware thattrustCertChainFile
is deprecated, as noted above).connectionPool: { enableSsl: true, trustCertChainFile: /etc/dse/graph/gremlin-console/conf/mycert.pem, ... }
Default: Unspecified
- trustStore
- The location of the Java Secure Socket Extension (JSSE) truststore file. Trusted
certificates for verifying the remote client's certificate. Similar to setting the JSSE property
javax.net.ssl.trustStore
. If this value is not provided in remote.yaml and if SSL is enabled (viaenableSSL: true
), the default TrustManager is used.Default: Unspecified
DSE Graph Gremlin AuthProperties options
Security considerations for authentication between the Gremlin console and the Gremlin server require additional options in the remote.yaml file.
# jaasEntry: # protocol: # username: xxx # password: xxx
- jaasEntry
- Sets the AuthProperties.Property.JAAS_ENTRY properties for authentication to Gremlin
Server.
Default: commented out (no value)
- protocol
- Sets the AuthProperties.Property.PROTOCOL properties for authentication to Gremlin
Server.
Default: commented out (no value)
- username
- The username to submit on requests that require
authentication.
Default: commented out (
xxx
) - password
- The password to submit on requests that require
authentication.
Default: commented out (
xxx
)