Write-behind 配置指南

配置数据库的 write-behind

本指南介绍如何配置后写式目标连接。

概述

Write-behind 目标连接是在 write-behind 场景中在 Write-behind 实例和目标数据库之间建立的连接。 Write-behind 用于将在启用了 Write-behind 的 Redis Enterprise 数据库中捕获的更改复制到目标数据库。 必须在config.yaml,并且必须遵循下面显示的格式之一。可以在connections部分。

对于关系数据存储

connections:
    my-sql-datastore:
        type: <db-type>     # mysql | oracle | postgresql | sqlserver
        host: <db-host>     # IP address or FQDN of a database host and instance
        port: <db-port>     # database port
        database: <db-name> # name of the database
        user: <db-user>         # database user
        password: <db-password> # database password
        # connect_args:     # optional connection parameters passed to the driver - these are driver specific
        # query_args:       # optional parameters for SQL query execution - typically not required for Write-behind operation

For non-relational datastores

connections:
    my-nosql-datastore:
        type: <db-type>     # cassandra
        hosts: <db-hosts>   # array of IP addresses or host names of a datastore nodes
        port: <db-port>     # database port
        database: <db-name> # name of the database
        user: <db-user>         # database user
        password: <db-password> # database password

Microsoft SQL Server

Microsoft SQL Server supports different authentication mechanisms (SQL Server Authentication and Integrated Windows Authentication) and protocols (NTLM and Kerberos). Write-behind can use all of them. However, systems that use Kerberos may require some additional configuration.

Account permissions

To enable Write-behind to work with a SQL Server database, check that the account you specify was assigned at least the db_datawriter role.

SQL Server authentication

To use SQL Server authentication mode, create a user with login credentials and then assign the necessary permissions for the target database to that user.

connections:
    mssql2019-sqlauth:
        type: sqlserver
        host: ip-10-0-0-5.internal
        port: 1433
        database: rdi_wb_database
        user: rdi_user
        password: secret

Windows authentication

To use Windows authentication mode, you need to create a Windows or Active Directory account that has the necessary permissions to access the target database, and is able to log into SQL Server. The Linux machine hosting Write-behind can be configured to support the NTLM authentication protocol.

For NTLM:

connections:
    mssql2019-ntlm:
        type: sqlserver
        host: ip-10-0-0-5.internal
        port: 1433
        database: rdi_wb_database
        user: MYDOMAIN\rdi_service_account  # company-domain\service-account
        password: secret                    # NTLM requires to provide a password

Note: User must be specified with the domain name for Windows Authentication to work correctly.

After you configure the Write-behind connection and deploy the write-behind job, run the following SQL query to have the operator check if Write-behind is using the expected authentication mechanism and protocol. Note: this operation may require the sysadmin role.

SELECT session_id, auth_scheme FROM sys.dm_exec_connections;

The results indicate which auth_scheme is used by each session and may take values SQL, NTLM, and Kerberos.