Custom Parameters
a9s KeyValue Custom Parameters
As mentioned in Using an a9s Data Service - Custom Parameters as an end user, an Application Developer has the opportunity to customize their Service Instance by using custom parameters.
Change RDB Persistence Settings
a9s KeyValue supports RDB persistence with point in time snapshots. This setting can be changed by the user.
By default, the persistency is disabled for a9s KeyValue Service Instances.
When persistency is disabled, the a9s KeyValue ensures state consistency, which means no RDB should exist. Therefore, manually creating an RDB via the API must be avoided, as it could lead to inconsistent behavior, such as recovering undesired data in some cases.
Please note that in a non-persistent scenario, if the Service Instance is a single plan and the Valkey process is restarted, data will be cleaned up. However, if the Service Instance is a replica plan, the replica will recover the data even if one of the nodes of the Service Instance has restarted the Valkey process.
RDB can be configured according to the needs of the application by providing custom parameters as settings. This setting
must follow the original Valkey configuration for RDB -c "{\"snapshot\": \"['save 900 1','save 300 10']\"}.
cf update-service my-keyvalue-service -c "{\"snapshot\": \"['save 900 1','save 300 10']\"}"
In this example, it configures to snapshot the Valkey database according to the following rules:
| Setting | Effect |
|---|---|
save 900 1 | Create a snapshot after 900 seconds if 1 write operations occurred. |
save 300 10 | Create a snapshot after 300 seconds if 10 write operations occurred. |
Cache Only
Snapshots can be disabled in order to use Valkey as cache only, by creating the service with the following custom parameter:
-c "{\"snapshot\": \"[]\"}".
The command is:
cf update-service my-keyvalue-service -c "{\"snapshot\": \"[]\"}"
For more information, see the snapshot settings in the documentation of Valkey Persistence.
Change Maxmemory Policy
With the maxmemory_policy, a9s KeyValue can be configured to remove certain keys when maxmemory is reached. There
are several configurable behaviors.
| Setting | Effect |
|---|---|
volatile-lru | Remove the key with an expire set using an LRU algorithm This is the default value. |
allkeys-lru | Remove any key according to the LRU algorithm |
volatile-random | Remove a random key with an expire set |
allkeys-random | Remove a random key |
volatile-ttl | Remove the key with the nearest expire time (minor TTL) |
noeviction | Don't expire at all, just return an error on write operations |
The custom parameter -c {"maxmemory-policy": "volatile-ttl"} can be used to update the maxmemory-policy.
cf update-service my-keyvalue-service -c {"maxmemory-policy": "volatile-ttl"}
For more information, see the maxmemory_policy settings in the self documented valkey.conf.
lazyfree-lazy-eviction
The default value is no. The allowed values are yes and no.
lazyfree-lazy-expire
The default value is no. The allowed values are yes and no.
lua-time-limit
The default value is 5000. The value must be an integer.
maxclients
The default value is 10000. The value must be an integer > 0.
maxmemory-samples
The default value is 5. The value must be an integer >= 0.
notify-keyspace-events
This parameter allows to configure the Valkey Keyspace Notifications.
The default value is '' which means by default keyspace events are disabled.
failover-timeout
It is a Valkey sentinel property that specifies the failover timeout in milliseconds. The default is 30 seconds.
The default value is 30000. The value must be an integer >= 0.
down-after-milliseconds
It is a Valkey sentinel property that specifies the milliseconds a node is unreacheable in order to consider it subjectively down. The default is 10 seconds.
The default value is 10000. The value must be an integer >= 0.
tls-protocols
The supported TLS versions can b explicitly specified . Allowed values are "TLSv1.2" and "TLSv1.3" or any combination.
- Improper changes to this value can easily break existing instances.
- When using TLSv1.3 only, Valkey specific metrics will not be provided.
The default value is null. In this case Valkey uses TLSv1.2 and TLSv1.3.
tls-ciphers
Configure allowed ciphers. See the ciphers(1ssl) manpage for more information about the syntax of this string.
There is no validation enabled for the user provided values and therefore existing instances can break when applying this parameter.
The default value is null which comments out the Valkey config tls-ciphers in the Valkey and Sentinel configuration
files.
tls-ciphersuites
Configure allowed ciphersuites. See the ciphers(1ssl) manpage for more information about the syntax of this string, and specifically for TLSv1.3 ciphersuites.
There is no validation enabled for the user provided values and therefore existing instances can break when applying this parameter.
The default value is null which comments out the Valkey config tls-ciphersuites in the Valkey and Sentinel
configuration files.
hostname-resolution
- This feature specifically applies to a9s KeyValue Cluster instances.
- When enabling or disabling the feature in an existing a9s Service Instance, there might be an increased downtime during the first cluster update due to a temporary divergence in Sentinel's settings when switching between IP address and hostname.
- When enabled, unexpected delays in address resolution may have a negative impact on Sentinel. For more information, refer to the Valkey documentation.
The feature provides the option to enable and disable DNS/hostname support in Valkey and Sentinel. When enabled, it will utilize the hostname for internal cluster communication and announce Valkey and Sentinel node information using the hostname instead of the typical IP address.
Using this feature is useful when Valkey clients use TLS to connect to Service Instances and require a hostname rather than an IP address in order to perform certificate ASN matching.
Using it
To enable or disable hostname-resolution, it is important to follow a series of steps to ensure safety and prevent
significant downtime or data loss. Depending on its current state, the process may require adjusting a custom parameter
in two steps. See the cases below:
- To enable it in an existing Service Instance, follow these steps:
disabled → resolve-only → enabled. - To disable it in an existing Service Instance, follow these steps:
enabled → resolve-only → disabled. - When creating a new Service Instance, any value can be set directly. We suggest using either
enabledordisabled.
Please note that transitioning directly from disabled to enabled, and vice versa, is not possible in an existing
Service Instance.
| States/Values | Description |
|---|---|
disabled | Hostname resolution and announcement are fully disabled. |
resolve-only | Hostname resolution is enabled but announcement is disabled. |
enabled | Hostname resolution and announcement are fully enabled. |
The default value is disabled.