diff --git a/doc/tooling/tt_cli/connect.rst b/doc/tooling/tt_cli/connect.rst index 58783b79d..443a362ad 100644 --- a/doc/tooling/tt_cli/connect.rst +++ b/doc/tooling/tt_cli/connect.rst @@ -104,9 +104,9 @@ If no credentials are provided for a remote connection, the user is automaticall Encrypted connection ~~~~~~~~~~~~~~~~~~~~ -To connect to instances that use SSL encryption, provide the SSL certificate and -SSL key files in the ``--sslcertfile`` and ``--sslkeyfile`` options. If necessary, -add other SSL parameters -- ``--sslcafile`` and ``--sslciphers``. +To connect to instances that use :ref:`SSL encryption `, +provide the SSL certificate and SSL key files in the ``--sslcertfile`` and ``--sslkeyfile`` options. +If necessary, add other SSL parameters -- ``--sslcafile`` and ``--sslciphers``. Script evaluation ~~~~~~~~~~~~~~~~~ diff --git a/doc/tooling/tt_cli/export.rst b/doc/tooling/tt_cli/export.rst index 3b708f1a6..69197f340 100644 --- a/doc/tooling/tt_cli/export.rst +++ b/doc/tooling/tt_cli/export.rst @@ -130,7 +130,15 @@ the ``customers.jsonl`` file: $ tt tdg2 export localhost:3301 customers:customers.jsonl -If the ``customers`` type has four fields (``id``, ``firstname``, ``lastname``, and ``age``), the file with exported data might look like this: +If token authentication is enabled in TDG2, pass the application token in the ``--token`` option: + +.. code-block:: console + + $ tt tdg2 export localhost:3301 customers:customers.jsonl \ + --token=2fc136cf-8cae-4655-a431-7c318967263d + +If the ``customers`` type has four fields (``id``, ``firstname``, ``lastname``, and ``age``), +the file with exported data might look like this: .. code-block:: json @@ -138,7 +146,7 @@ If the ``customers`` type has four fields (``id``, ``firstname``, ``lastname``, {"age":41,"first_name":"Fay","id":2,"second_name":"Rivers"} {"age":74,"first_name":"Milo","id":4,"second_name":"Walters"} -If an object contains a ``null`` value in a field, this field skipped: +``null`` field values are skipped: .. code-block:: json @@ -168,11 +176,55 @@ Set the ``tt tdg2 export`` batch size less or equal to 1000: $ tt tdg2 export localhost:3301 customers:customers.jsonl --batch-size=1000 +.. _tt-export-auth: + +Authentication +-------------- + +When connecting to the cluster with enabled authentication, specify access credentials +in the ``--username`` and ``--password`` command options: + +.. code-block:: console + + $ tt crud export localhost:3301 customers:customers.csv \ + --username myuser --password p4$$w0rD + +.. _tt-export-ssl: + +Encrypted connection +-------------------- + +To connect to instances that use :ref:`SSL encryption `, +provide the SSL certificate and SSL key files in the ``--sslcertfile`` and ``--sslkeyfile`` options. +If necessary, add other SSL parameters in the ``--ssl*`` options. + +.. code-block:: console + + $ tt crud export localhost:3301 customers:customers.csv \ + --username myuser --password p4$$w0rD \ + --auth pap-sha256 --sslcertfile certs/server.crt \ + --sslkeyfile certs/server.key + +For connections that use SSL but don't require additional parameters, add the ``--use-ssl`` +option: + +.. code-block:: console + + $ tt crud export localhost:3301 customers:customers.csv \ + --username myuser --password p4$$w0rD \ + --use-ssl + .. _tt-export-options: Options ------- +.. option:: --auth STRING + + **Applicable to:** ``tt crud export``, ``tt tdg2 export`` + + Authentication type: ``chap-sha1``, ``pap-sha256``, or ``auto``. + .. option:: --batch-queue-size INT The maximum number of tuple batches in a queue between a fetch and write threads (the default is ``32``). @@ -226,6 +278,66 @@ Options Export data using a :ref:`read view `. +.. option:: --sslcafile STRING + + **Applicable to:** ``tt crud export``, ``tt tdg2 export`` + + The path to a trusted certificate authorities (CA) file for encrypted connections. + + See also :ref:`tt-export-ssl`. + +.. option:: --sslcertfile STRING + + **Applicable to:** ``tt crud export``, ``tt tdg2 export`` + + The path to an SSL certificate file for encrypted connections. + + See also :ref:`tt-export-ssl`. + +.. option:: --sslciphersfile STRING + + **Applicable to:** ``tt crud export``, ``tt tdg2 export`` + + The list of SSL cipher suites used for encrypted connections, separated by colons (``:``). + + See also :ref:`tt-export-ssl`. + +.. option:: --sslkeyfile STRING + + **Applicable to:** ``tt crud export``, ``tt tdg2 export`` + + The path to a private SSL key file for encrypted connections. + + See also :ref:`tt-export-ssl`. + +.. option:: --sslpassword STRING + + **Applicable to:** ``tt crud export``, ``tt tdg2 export`` + + The password for the SSL key file for encrypted connections. + + See also :ref:`tt-export-ssl`. + +.. option:: --sslpasswordfile STRING + + **Applicable to:** ``tt crud export``, ``tt tdg2 export`` + + A file with list of passwords to the SSL key file for encrypted connections. + + See also :ref:`tt-export-auth`. + +.. option:: --token STRING + + **Applicable to:** ``tt tdg2 export`` + + An application token for connecting to TDG2. + +.. option:: --use-ssl STRING + + Use SSL without providing any additional SSL parameters. + + See also :ref:`tt-export-ssl`. + .. option:: --username STRING A username for connecting to the instance. diff --git a/doc/tooling/tt_cli/import.rst b/doc/tooling/tt_cli/import.rst index 277dc201b..dad406789 100644 --- a/doc/tooling/tt_cli/import.rst +++ b/doc/tooling/tt_cli/import.rst @@ -184,6 +184,13 @@ The objects are described in the ``customers.jsonl`` file. $ tt tdg2 import localhost:3301 customers.jsonl:customers +If token authentication is enabled in TDG2, pass the application token in the ``--token`` option: + +.. code-block:: console + + $ tt tdg2 import localhost:3301 customers.jsonl:customers \ + --token=2fc136cf-8cae-4655-a431-7c318967263d + The input file can look like this: .. code-block:: json @@ -220,11 +227,58 @@ To automatically confirm a batch import operation, add the ``--force`` option: --force +.. _tt-import-auth: + +Authentication +-------------- + +When connecting to the cluster with enabled authentication, specify access credentials +in the ``--username`` and ``--password`` command options: + +.. code-block:: console + + $ tt crud import localhost:3301 customers.csv:customers \ + --header --match=header \ + --username myuser --password p4$$w0rD + +.. _tt-import-ssl: + +Encrypted connection +-------------------- + +To connect to instances that use :ref:`SSL encryption `, +provide the SSL certificate and SSL key files in the ``--sslcertfile`` and ``--sslkeyfile`` options. +If necessary, add other SSL parameters in the ``--ssl*`` options. + +.. code-block:: console + + $ tt crud import localhost:3301 customers.csv:customers \ + --header --match=header \ + --username myuser --password p4$$w0rD \ + --auth pap-sha256 --sslcertfile certs/server.crt \ + --sslkeyfile certs/server.key + +For connections that use SSL but don't require additional parameters, add the ``--use-ssl`` +option: + +.. code-block:: console + + $ tt crud import localhost:3301 customers.csv:customers \ + --header --match=header \ + --username myuser --password p4$$w0rD \ + --use-ssl + .. _tt-import-options: Options ------- +.. option:: --auth STRING + + **Applicable to:** ``tt crud import``, ``tt tdg2 import`` + + Authentication type: ``chap-sha1``, ``pap-sha256``, or ``auto``. + .. option:: --batch-size INT **Applicable to:** ``tt crud import``, ``tt tdg2 import`` @@ -377,6 +431,65 @@ Options For CSV, double quotes are used by default (``"``). The double symbol of this option acts as the escaping symbol within input data. +.. option:: --rollback-on-error + + **Applicable to:** ``tt crud import`` + + Specify whether any operation failed on a storage leads to rolling back batch + import on this storage. + + .. note:: + + ``tt tdg2 import`` always works as if ``--rollback-on-error`` is ``true``. + +.. option:: --sslcafile STRING + + **Applicable to:** ``tt crud import``, ``tt tdg2 import`` + + The path to a trusted certificate authorities (CA) file for encrypted connections. + + See also :ref:`tt-import-ssl`. + +.. option:: --sslcertfile STRING + + **Applicable to:** ``tt crud import``, ``tt tdg2 import`` + + The path to an SSL certificate file for encrypted connections. + + See also :ref:`tt-import-ssl`. + +.. option:: --sslciphersfile STRING + + **Applicable to:** ``tt crud import``, ``tt tdg2 import`` + + The list of SSL cipher suites used for encrypted connections, separated by colons (``:``). + + See also :ref:`tt-import-ssl`. + +.. option:: --sslkeyfile STRING + + **Applicable to:** ``tt crud import``, ``tt tdg2 import`` + + The path to a private SSL key file for encrypted connections. + + See also :ref:`tt-import-ssl`. + +.. option:: --sslpassword STRING + + **Applicable to:** ``tt crud import``, ``tt tdg2 import`` + + The password for the SSL key file for encrypted connections. + + See also :ref:`tt-import-ssl`. + +.. option:: --sslpasswordfile STRING + + **Applicable to:** ``tt crud import``, ``tt tdg2 import`` + + A file with a list of passwords to the SSL key file for encrypted connections. + + See also :ref:`tt-import-auth`. + .. option:: -success STRING The name of a file with rows that were imported (the default is ``success``). @@ -394,17 +507,19 @@ Options Symbols specified in this option cannot intersect with ``--dec-sep``. -.. option:: --username STRING +.. option:: --token STRING - A username for connecting to the instance. + **Applicable to:** ``tt tdg2 import`` -.. option:: --rollback-on-error + An application token for connecting to TDG2. - **Applicable to:** ``tt crud import`` +.. option:: --use-ssl STRING - Specify whether any operation failed on a storage leads to rollback of a batch - import on this storage. + Use SSL without providing any additional SSL parameters. - .. note:: + See also :ref:`tt-import-ssl`. + +.. option:: --username STRING + + A username for connecting to the instance. - ``tt tdg2 import`` always works as if ``--rollback-on-error`` is ``true``.