About Domains

A NuoDB domain is a collection of NuoDB hosts that have been provisioned to work together to support NuoDB processes. Each host runs a NuoDB broker or a NuoDB agent. Note however, that in this release, the use of agents is not supported. Use brokers instead.

A domain is a secure environment for deploying and managing NuoDB distributed Databases. A domain can contain one or more databases and each database can run on one or more hosts. Each physical machine (host) in the domain runs one broker process or one agent process that manages the databases on that host.

As a minimum, a domain comprises one host that is running one broker. When expanding a domain to include additional machines, the broker on each host peers into the domain using secure access. In a domain, all brokers are connected to each other.

A NuoDB domain is quite different from a SQL DOMAIN type. A SQL DOMAIN is a standard user-defined field type in SQL. For example, if you define a SQL DOMAIN named MONEY as NUMERIC(15,2), you can then define fields as being of type MONEY:

create table EMPLOYEE (ID integer, NAME string, SALARY MONEY);

Domain Names and Domain Users

The brokers use a default built-in user "domain" for Secure Remote Password,(SRP). SRP is a secure password-based authentication and key-exchange protocol. It solves the problem of authenticating clients to servers securely.This is not the same as the name of the domain.

See default.properties:

# The name used to identify the domain that this agent is a part of domain = domain
# The default administrative password, and the secret used by agents to
# setup and maintain the domain securely
#domainPassword =

If you change the name of the domain, then the default administrative user name is still "domain".

The RestSvc itself it a management client application that authenticates with the Broker, so it needs to use the domain admin user account, not the domain name.

Note this in the .yml:

# NuoDB domain user name. If blank, then Rest Svc will use the default
# domain user, "domain".
username:
# NuoDB domain user password. If blank, then Rest Svc will load the NuoDB
# home ./etc/default.properties and use the "domainPassword" property value.
password:

You should definitely create a separate user in the broker domain so that users logging into the UI or Rest API can use their own credentials.

For example:

  • 1.Using Mgr CLI, create 2 admin users:
  • > create domain administrator user joe password secret
    > create domain administrator user restclient password restpwd
    

    2.change yml to use a different user, restclient, and restart the Rest Svc:

    # NuoDB domain user name. If blank, then Rest Svc will use the default
    # domain user, "domain".
    username: restclient
    # NuoDB domain user password. If blank, then Rest Svc will load the NuoDB
    # home ./etc/default.properties and use the "domainPassword" property value.
    password: restpwd
    

    3. Perform a Rest API call with user "userx":

    $ curl -X GET -H "Content-type: application/json" -u userx:secret http://localhost:8888/api/2/regions

    4. Logon using user "userx".

    See the following topics: