Store Variables

GATEWAY_STORE_BACKEND

Sets the backend type for persistent data storage.

Itential Automation Gateway (IAG) uses stores as key-value databases to persistently save objects. IAG supports three types of store backends:

• local: Stores data on disk in a single file. The default file name for the local backend is GATEWAY_APPLICATION_WORKING_DIR/gateway.db.
• memory: Stores data in memory using a hashmap. Data is not persistent between restarts.
• etcd: Connects to and stores data in an distributed etcd key-value store. For more information, see etcd database configuration.
• dynamodb: Connects to and stores data in an Amazon DynamoDB table. For more information, see Amazon DynamoDB table configuration.

Environment Variable

GATEWAY_STORE_BACKEND

File

Section: store
Key: backend

Default

local

Values

["local", "memory", "etcd", "dynamodb"]

etcd configuration variables

GATEWAY_STORE_ETCD_CA_CERTIFICATE_FILE

The certificate authority certificate file that the gateway uses when it connects to the etcd store backend.

Environment Variable

GATEWAY_STORE_ETCD_CA_CERTIFICATE_FILE

File

Section: store
Key: etcd_ca_certificate_file

Default

No default value provided

GATEWAY_STORE_ETCD_CERTIFICATE_FILE

The public certificate file that the gateway uses when it connects to the etcd store backend.

Environment Variable

GATEWAY_STORE_ETCD_CERTIFICATE_FILE

File

Section: store
Key: etcd_certificate_file

Default

No default value provided

GATEWAY_STORE_ETCD_CLIENT_CERT_AUTH

Determines the TLS authentication method used when connecting to an etcd store backend and GATEWAY_STORE_ETCD_USE_TLS is set to true.

When you set this to false, the gateway connects to the etcd store backend using client-to-server transport security. The gateway only requires thje certificate from GATEWAY_STORE_ETCD_CA_CERTIFICATE_FILE. This is similar to the Client-to-server transport security with HTTPS example in the etcd security documentation.

When you set this to true, the gateway connects to the etcd store backend using client-to-server authentication with mutual TLS authentication between the gateway instance and the etcd server. You must set these variables:

• GATEWAY_STORE_ETCD_CA_CERTIFICATE_FILE
• GATEWAY_STORE_ETCD_CERTIFICATE_FILE
• GATEWAY_STORE_ETCD_PRIVATE_KEY_FILE
  This is similar to the Client-to-server authentication with HTTPS client certificates example in the etcd security documentation.

Environment Variable

GATEWAY_STORE_ETCD_CLIENT_CERT_AUTH

File

Section: store
Key: etcd_client_cert_auth

Default

false

GATEWAY_STORE_ETCD_HOSTS

Sets the etcd hosts that the gateway connects to for backend storage.

A host entry consists of an address and port: hostname:port.

If there are multiple etcd hosts, enter them as a space separated list: hostname1:port hostname2:port.

Environment Variable

GATEWAY_STORE_ETCD_HOSTS

File

Section: store
Key: etcd_hosts

Default

localhost:2379

GATEWAY_STORE_ETCD_PRIVATE_KEY_FILE

The private key file that the gateway uses when it connects to the etcd store backend.

Environment Variable

GATEWAY_STORE_ETCD_PRIVATE_KEY_FILE

File

Section: store
Key: etcd_private_key_file

Default

No default value provided

GATEWAY_STORE_ETCD_USE_TLS

Determines whether the gateway uses TLS authentication when it conencts to the etcd store backend.

For more information on configuring TLS on an etcd cluster, see etcd database configuration.

For more information, see Notes on TLS Authentication in the etcd security documentation.

Environment Variable

GATEWAY_STORE_ETCD_USE_TLS

File

Section: store
Key: etcd_use_tls

Default

true

GATEWAY_STORE_DYNAMODB_TABLE_NAME

Sets the Amazon DynamoDB table name that the gateway connects to for backend storage.

If you do not specify a table name, IAG uses the default value itential.gateway5.store. To use this default value, enter itential.gateway5.store for the table name when you create your DynamoDB table.

Environment Variable

GATEWAY_STORE_DYNAMODB_TABLE_NAME

File

Section: store
Key: dynamodb_table_name

Default

itential.gateway5.store