Chapter 1. Installing and configuring Hot Rod JS clients

Ensure your system meets requirements before installing the Hot Rod JS client. You can then configure Hot Rod JS clients to connect to Data Grid Server, use different media types for keys and values, and customize logging.

1.1. Installing Hot Rod JS clients

Data Grid provides a distribution of the Hot Rod JS client that you can install via the NPM package manager.

Prerequisites

  • Node.js version 12 or 14.
  • Data Grid Server 8.4.

Procedure

  1. Add the Red Hat repository to your NPM configuration.

    You can use the npm config command or add the following to an .npmrc file in your project:

    @redhat:registry=https://npm.registry.redhat.com
    registry=https://registry.npmjs.org/
  2. Install the Hot Rod JS client as follows:

    npm install @redhat/infinispan

1.2. Configuring Data Grid connections

Configure Hot Rod JS clients to connect to Data Grid Server.

If you add multiple server addresses to the configuration, the Hot Rod JS client loops through them until it finds a node to which it can connect.

However, you only need to add one Data Grid Server address for the client to receive the entire cluster topology. If the Hot Rod JS client connects to a single server instance that is a member of a cluster, the client gets the address information for all nodes.

Because Hot Rod JS clients are topology aware, if a connection to one Data Grid Server breaks, the client retries any incomplete operations on other nodes in the cluster. Likewise, if client listener that is registered on one Data Grid Server fails or leaves the cluster, the client transparently migrates the listener registration to another node in the cluster so that it can continue receiving events.

Prerequisites

  • Install the Hot Rod JS client.
  • Have at least one running Data Grid Server instance.

Procedure

  • Specify hostnames and ports for Data Grid Server in the client configuration.

    var infinispan = require('infinispan');
    
    var connected = infinispan.client(
      [{port: 11322, host: '127.0.0.1'}, {port: 11222, host: '127.0.0.1'}]
      {
        // Configure client connections with authentication and encryption here.
      }
    );
    
    connected.then(function (client) {
    
      var members = client.getTopologyInfo().getMembers();
    
      // Displays all members of the Data Grid cluster.
      console.log('Connected to: ' + JSON.stringify(members));
    
      return client.disconnect();
    
    }).catch(function(error) {
    
      console.log("Got error: " + error.message);
    
    });

1.2.1. Defining Data Grid clusters in client configuration

When you set up Data Grid clusters in separate data centers to perform cross-site replication, you can add connection details for the different sites to the client configuration.

Prerequisites

  • Install the Hot Rod JS client.
  • Configure Data Grid for cross-site replication.

Procedure

  1. Add a clusters definition to your configuration.
  2. Add name and servers definitions for each Data Grid cluster.

    var connected = infinispan.client({port: 11222, host: '127.0.0.1'},
      {
        clusters: [
          {
            name: 'LON',
            servers: [{port: 11222, host: 'LON-host'}]
          },
          {
            name: 'NYC',
            servers: [{port: 11222, host: 'NYC-host1'}, {port: 11322, host: 'NYC-host2'}]
          }
        ]
      });

1.2.2. Manually switching Data Grid clusters

Change the Data Grid cluster to which the Hot Rod JS client is connectioned.

Prerequisites

  • Define Data Grid clusters in the Hot Rod JS client configuration.

Procedure

  1. Call the switchToCluster(clusterName) method to force the client to switch to a Data Grid cluster that is defined in the client configuration.
  2. Call the switchToDefaultCluster() method to start using the initial Data Grid cluster.

    var connected = infinispan.client({port: 11222, host: '127.0.0.1'},
      {
        clusters: [
          {
            name: 'LON',
            servers: [{port: 11222, host: 'LON-host'}]
          },
          {
            name: 'NYC',
            servers: [{port: 11222, host: 'NYC-host1'}, {port: 11322, host: 'NYC-host2'}]
          }
        ]
      });
    
    connected.then(function (client) {
    
      var switchToB = client.getTopologyInfo().switchToCluster('NYC');
    
      switchToB.then(function(switchSucceed) {
    
        if (switchSucceed) {
          ...
        }
    
        ...
    
        var switchToDefault = client.getTopologyInfo().switchToDefaultCluster();
    
        switchToDefault.then(function(switchSucceed) {
    
          if (switchSucceed) {
            ...
          }
    
        })
    
      })
    
    });

1.3. Configuring authentication

Data Grid Server uses different SASL mechanisms to authenticate Hot Rod JS client connections.

Prerequisites

  • Create Data Grid users.
  • Add the SASL authentication mechanism to the Hot Rod connector in your Data Grid Server configuration.

Procedure

  1. Open the Hot Rod JS client configuration for editing.
  2. Add an authentication method that sets the enabled: true flag.
  3. Specify a value for the saslMechanism parameter that matches the SASL authentication mechanism for the Hot Rod connector.
  4. Configure any parameters specific to the SASL authentication mechanism as appropriate.

1.3.1. SASL authentication mechanisms

Hot Rod JS clients can use the following SASL authentication mechanisms to connect to Data Grid Server.

PLAIN

Sends credentials in plain text (unencrypted) over the wire in a way that is similar to HTTP BASIC authentication.

Important

To secure Data Grid credentials, you should use PLAIN authentication only in combination with TLS encryption.

var connected = infinispan.client(
  {port: 11222, host: '127.0.0.1'},
  {
    authentication: {
      enabled: true,
      saslMechanism: 'PLAIN',
      userName: 'username',
      password: 'changeme'
    }
  }
);
DIGEST-MD5

Uses the MD5 hashing algorithm in addition to nonces to encrypt credentials.

var connected = infinispan.client(
  {port: 11222, host: '127.0.0.1'},
  {
    authentication: {
      enabled: true,
      saslMechanism: 'DIGEST-MD5',
      userName: 'username',
      password: 'changeme',
      serverName: 'infinispan'
    }
  }
);
SCRAM

Uses salt values in addition to hashing algorithms and nonce values to encrypt credentials. Hot Rod endpoints support SCRAM-SHA-1, SCRAM-SHA-256, SCRAM-SHA-384, SCRAM-SHA-512 hashing algorithms, in order of strength.

var connected = infinispan.client(
  {port: 11222, host: '127.0.0.1'},
  {
    authentication: {
      enabled: true,
      saslMechanism: 'SCRAM-SHA-1',
      userName: 'username',
      password: 'changeme'
    }
  }
);

1.4. Configuring encryption

Data Grid Server can enforce different types of SSL/TLS encryption to secure Hot Rod JS client connections.

Prerequisites

  • Create a trust store that Hot Rod JS clients can use to verify Data Grid Server identities.
  • If you configure Data Grid Server to validate or authenticate client certificates, create a keystore as appropriate.

Procedure

  1. Open the Hot Rod JS client configuration for editing.
  2. Add an ssl method that sets the enabled: true flag.
  3. Provide any other configuration specific to the type of encryption you use.

1.4.1. Encryption types

Hot Rod JS clients can use different types of encryption to negotiate secure connections with Data Grid Server.

Data Grid Server identities

For basic encryption, you can add the signing certificate, or CA bundle, for Data Grid Server certificates to your configuration as follows:

Note

To verify certificates issued to Data Grid Server, Hot Rod JS clients require either the full certificate chain or a partial chain that starts with the Root CA.

var connected = infinispan.client({port: 11222, host: '127.0.0.1'},
  {
    ssl: {
      enabled: true,
      trustCerts: ['my-root-ca.crt.pem']
    }
  }
);
Trust stores

You can add trust stores in PKCS12 or PFX format as follows:

var connected = infinispan.client({port: 11222, host: '127.0.0.1'},
  {
    ssl: {
      enabled: true,
      cryptoStore: {
        path: 'my-truststore.p12',
        passphrase: 'secret'
      }
    }
  }
);
Client certificate authentication

If you enable client certificate authentication in Data Grid Server configuration, add a keystore as in the following example:

Note

You must configure the Hot Rod JS client with the EXTERNAL authentication mechanism when using client certificate authentication.

var connected = infinispan.client({port: 11222, host: '127.0.0.1'},
  {
    ssl: {
      enabled: true,
      trustCerts: ['my-root-ca.crt.pem'],
      clientAuth: {
        key: 'privkey.pem',
        passphrase: 'secret',
        cert:ssl 'cert.pem'
      }
    }
  }
);
Server Name Indication (SNI)

If you use SNI to allow Hot Rod JS clients to request Data Grid Server hostnames, set a value for the sniHostName parameter that matches a hostname in the Data Grid Server configuration.

Note

The sniHostName parameter defaults to localhost.

var connected = infinispan.client({port: 11222, host: '127.0.0.1'},
  {
    ssl: {
      enabled: true,
      trustCerts: ['my-root-ca.crt.pem']
      sniHostName: 'example.com'
    }
  }
);
Tip

Hot Rod JS clients do not allow self-signed certificates by default, which can cause issues in development or test environments where no public certificate authority (CA) key is available.

Check out the Data Grid code tutorials for an example on creating signed certificates with the Java keytool.

1.5. Configuring data formats

Hot Rod JS clients can handle keys and values as native JavaScript Object Notation (JSON) objects or as String objects. By default, clients handle entries as String objects. If you want to transmit data to Data Grid Server in JSON format, then you must configure the Hot Rod JS client.

Note

Script operations support String key/value pairs and String parameters only.

Procedure

  1. Add a dataFormat configuration to your client.
  2. Set the data format for keys and values as appropriate with the keyType and valueType parameters.

Keys and values can have different media types. For JSON objects, specify application/json. For String objects, specify text/plain or omit the parameter to use the default.

var infinispan = require('infinispan');

var connected = infinispan.client(
    {port: 11222, host: '127.0.0.1'},
    {
        dataFormat : {
            keyType: 'application/json',
            valueType: 'application/json'
        }
    }
);

connected.then(function (client) {

  var clientPut = client.put({k: 'key'}, {v: 'value'});

  var clientGet = clientPut.then(
      function() { return client.get({k: 'key'}); });

  var showGet = clientGet.then(
      function(value) { console.log("get({k: 'key'})=" + JSON.stringify(value)); });

  return showGet.finally(
      function() { return client.disconnect(); });

}).catch(function(error) {

  console.log("Got error: " + error.message);

});

1.6. Configuring logging

Hot Rod JS clients use log4js, which you can modify by providing configuration in JSON format.

Procedure

  1. Create a logging configuration in JSON format.

    For example, the following JSON configures an appender that writes TRACE level log events to file:

    {
      "appenders": {
        "test": {
          "type": "fileSync",
          "filename": "my-log-file.log"
        }
      },
      "categories": {
        "default": {
          "appenders": ["test"],
          "level": "trace"
        }
      }
    }
  2. Add the var log4js = require('log4js') statement to the Hot Rod JS client configuration.
  3. Specify the path to your JSON logging configuration with the log4js.configure() method, as in the following example:

    var log4js = require('log4js');
    log4js.configure('path/to/my-log4js.json');

Additional resources