Module ngx_stream_keyval_module

Example Configuration
Directives
     keyval
     keyval_zone

The ngx_stream_keyval_module module (1.13.7) creates variables with values taken from key-value pairs managed by the API.

This module is available as part of our commercial subscription.

Example Configuration

http {

    server {
        ...
        location /api {
            api write=on;
        }
    }
}

stream {

    keyval_zone zone=one:32k state=one.keyval;
    keyval      $ssl_server_name $name zone=one;

    server {
        listen              12345 ssl;
        proxy_pass          $name;
        ssl_certificate     /usr/local/nginx/conf/cert.pem;
        ssl_certificate_key /usr/local/nginx/conf/cert.key;
    }
}

Directives

Syntax: keyval key $variable zone=name;
Default:
Context: stream

Creates a new $variable whose value is looked up by the key in the key-value database. Strings are matched ignoring the case. The database is stored in a shared memory zone specified by the zone parameter.

Syntax: keyval_zone zone=name:size [state=file] [timeout=time] [type=string|ip] [sync];
Default:
Context: stream

Sets the name and size of the shared memory zone that keeps the key-value database. Key-value pairs are managed by the API.

The optional state parameter specifies a file that keeps the current state of the key-value database in the JSON format and makes it persistent across nginx restarts.

The optional timeout parameter (1.15.0) sets the time after which key-value pairs are removed from the zone.

The optional type parameter (1.17.1) specifies the type of the key: a string (default) or ip. For the ip type, the key must be the textual representation of an IP address specified in CIDR notation. In this case, an additional index optimized for matching IP addresses and networks is used in evaluating a variable.

The optional sync parameter (1.15.0) enables synchronization of the shared memory zone. The synchronization requires the timeout parameter to be set.

If the synchronization is enabled, removal of key-value pairs (no matter one or all) will be performed only on a target cluster node. The same key-value pairs on other cluster nodes will be removed upon timeout.