Security Configuration Parameters in Distributed Mode¶
In the distributed mode, Controllers and Segment Stores are configured via separate sets of parameters.
These parameters may be specified via configuration files or Java system properties. Alternatively, you may use environment variables to configure them.
The following sub-sections describe
their Transport Layer Security (TLS) and auth (short for authentication and authorization) parameters.
Path of the PEM-encoded file that contains a TLS certificate to use for securing the server's gRPC interface. The TLS certificate contains the public key of the server.
Path of the PEM-encoded file that contains the private key associated with the server's public key bound in its TLS certificate. This file must be kept private and secured to avoid compromise of TLS security.
Type:
string
Default:
None
Sample value:
/path/to/server/server1-privateKey.key
Old name:
controller.auth.tlsKeyFile (deprecated)
controller.security.tls.server.keyStore.location
Property
Value
Description:
Path of the .jks file that contains the TLS material used for securing the Controller's REST interface. It contains the server's public key certificate and the associated pivate key, as well as the CA's certificate.
Path of the PEM-encoded file that contains the certificates that the server should trust, when connecting to other services like Segment Store and instances. Typically, it contains the public key certificate of the CA that has signed the services' certificates. It may alternatively contain the service's certificates directly.
Type:
string
Default:
None
Sample value:
/path/to/client/truststore.crt
Old name:
controller.auth.tlsTrustStore (deprecated)
controller.segmentstore.connect.channel.tls
Property
Value
Description:
Whether to enable TLS for communications with Segment Store, even if TLS is disabled for the Controller. This is useful in cases where the Controller has TLS disabled, but the Segment Store has it enabled.
Path of the file containing a listing of user accounts and their permissions. This file is used by the Password Auth Handler (the built-in Auth Handler implementation).
Path of the PEM-encoded file that contains a TLS certificate to use for securing the server's interface. The TLS certificate contains the public key of the server.
Path of the PEM-encoded file that contains the private key associated with the server's public key bound in its TLS certificate. This file must be kept private and secured to avoid compromise of TLS security.
Type:
string
Default:
None
Sample value:
/path/to/server/server-privateKey.key
Old name:
pravegaservice.keyFile (deprecated)
autoScale.controller.connect.security.tls.enable
Property
Value
Description:
Whether to enable TLS for internal communication with the Controllers.
Path of the PEM-encoded file that contains the certificates that the server should trust, when connecting to other services like Controller and other instances. Typically, it contains the public key certificate of the CA that has signed the services' certificates. It may alternatively contain the service's certificates directly.
Path of the truststore file in .jks format for TLS connections with Apache Bookkeeper instances.
Type:
string
Default:
None
Sample value:
/path/to/client/zookeeper.truststore.crt
Old name:
bookkeeper.tlsTrustStorePath (deprecated)
Segment Store Authentication and Authorization Configuration Parameters¶
autoScale.controller.connect.security.auth.enable
Property
Value
Description:
Whether to enable authentication and authorization (Auth) for internal communications with the Controllers.
Type:
boolean
Default:
false
Valid values:
{true, false}
Old name:
autoScale.authEnabled (deprecated)
autoScale.security.auth.token.signingKey.basis
Property
Value
Description:
A string used to generate the key used for signing delegation tokens. This value must be the same that set in controller.security.auth.token.signingKey.basis for Controllers.
Type:
string
Default:
secret
Sample value:
super-secret-key
Old name:
autoScale.tokenSigningKey (deprecated)
pravega.client.auth.loadDynamic
Property
Value
Description:
Whether to load a credentials object dynamically from a class available in Classpath, for the Auto Scale Processor's authentication to the Controller.
The auth method to use by the Auto Scale Processor when communicating with Controller.
Type:
string
Default:
None
Sample value:
Basic
Alternative method:
pravega_client_auth_token (environment variable)
pravega.client.auth.token
Property
Value
Description:
The token to used by the Auto Scale Processor for its authentication to the Controller. The format of the token depends on the pravega.client.auth.method. For Basic authentication method, the value is a Base 64 encoded string of the input string <username>:<password>.
Type:
string
Default:
None
Sample value:
YXV0b1NjYWxlclVzZXIxOnN1cGVyLXNlY3JldC1wYXNzd29yZA== (Base 64 encoded value of credentials in Basic format 'autoScalerUser1:super-secret-password')
For ease of use, Pravega standalone mode abstracts away some of the configuration parameters of distributed mode. As a result, it has
fewer security configuration parameters to configure.
Parameter
Details
Default
Feature
singlenode.security.tls.enable
Whether to enable TLS for client-server communications.
false
TLS
singlenode.security.tls.certificate.location
Path of the X.509 PEM-encoded server certificate file for the server.
None
TLS
singlenode.security.tls.privateKey.location
Path of the PEM-encoded private key file for the service.
None
TLS
singlenode.security.tls.keyStore.location
Path of the keystore file in .jks for the REST interface.
None
TLS
singlenode.security.tls.keyStore.pwd.location
Path of the file containing the keystore password for the REST interface.
None
TLS
singlenode.security.tls.trustStore.location
Path of the truststore file for internal TLS connections.
None
TLS
singlenode.security.auth.enable
Whether to enable authentication and authorization for clients.
false
Auth
singlenode.security.auth.credentials.username
The default username used for internal communication between Segment Store and Controller.
None
Auth
singlenode.security.auth.credentials.pwd
The default password used for internal communication between Segment Store and Controller.