Hybrid Data Pipeline requires the specification of a key location during the deployment process. The key location serves as a location for shared files used in the operation of the server. When deploying Hybrid Data Pipeline, you have the option of either using the default key location or specifying an external key location.

Default key location

The default key location is only available for a limited single-node deployment scenario. First, the single node must be installed on a single node where the server receives queries directly, in contrast to deploying the server behind a load balancer. Second, the single node must be installed on a Linux host using the installation program. In addition, the default key location is not available if you want to run the service from a Docker container. If you use the default key location, the installation program writes the shared files to the local keystore directory (install_dir/ddcloud/keystore).

External key location

An external key location is required for any deployment using a load balancer. It is also required if you are deploying the server as a Docker container. In addition, best practices recommend the use of an external key location for maintenance and recovery purposes. If you specify an external key location, the shared files are written to the specified directory in most cases. 1 For security reasons, the key location should be secured on a machine separate from the system database and any machine hosting the Hybrid Data Pipeline service. The external key location must be accessible to the node or nodes running the Hybrid Data Pipeline service. In addition, the user deploying and running Hybrid Data Pipeline must have read and write access to the key location.

Backing up shared files

All shared files should be backed up as a matter of best practices. In the case of system failure, these backups can be used to restore the service. Shared files may reside in different locations depending on whether you are deploying Hybrid Data Pipeline with a load balancer. See the following topics for details.

1 The exception is that if you specify an external key location in a non-load balancer deployment, the shared files are written to two separate locations. The files necessary for connecting to the system database are stored in the specified location, while files tied to the Hybrid Data Pipeline server are stored in the local keystore directory (install_dir/ddcloud/keystore).