Database Credential File

When working with MySQL as a database provider, an additional database credential file is needed, containing the credentials for accessing the database. By default, this file is located at config/database_credentials.yml. If this is not the case, the corresponding path has to be explicitly given when executing PyExperimenter. Below is an example of a database credential file, that connects to a server with the address example.mysqlserver.com using the user example_user and the password example_password.

CREDENTIALS:
  Database:
    user: example_user
    password: example_password
  Connection:
    Standard:
      server: example.mysqlserver.com

We additionally also support utilizing encrypted connections with (m)tls. To that end, the following parameters can be added to the Standard section of the database credential file - use_ssl: a boolean value indicating whether to use ssl - ssl_params: a dictionary containing the following keys:

• ca: the path to the ca certificate (optional, needed if the database server uses a custom ca certificate not trusted by the client)

• cert: the path to the user certificate (optional, needed in case of client authentication with mtls)

• key: the path to the user private key (optional, needed in case of client authentication with mtls)

CREDENTIALS:
  Database:
    user: example_user
    password: example_password
  Connection:
    Standard:
      server: example.mysqlserver.com
      use_ssl: some_boolean_value
      ssl_params:
        ca: config/certificates/ca.crt
        cert: config/certificates/user_cert.crt
        key: config/certificates/user_private_key.key

Alternatively, for security reasons, databases might only be accessible from a specific IP address. In these cases, one can use an ssh jumphost. This means that PyExperimenter will first connect to the ssh server that has access to the database and then connect to the database server from there. This is done by adding an additional Ssh section to the database credential file, and can be activated either by a PyExperimenter keyword argument or in the experimenter configuration file. The following example shows how to connect to a database server using an SSH server with the address ssh_hostname and the port optional_ssh_port.

CREDENTIALS:
  Database:
    user: example_user
    password: example_password
  Connection:
    Standard:
      server: example.sshmysqlserver.com
    Ssh:
      server: example.mysqlserver.com (address from ssh server)
      address: ssh_hostname (either name/ip address of the ssh server or a name from you local ssh config file)
      port: optional_ssh_port (default: 22)
      ssh_private_key_password: passphrase
      remote_address: optional_mysql_server_address (default: 127.0.0.1)
      remote_port: optional_mysql_server_port (default: 3306)
      local_address: optional_local_address (default: 127.0.0.1)
      local_port: optional_local_port (default: 3306)

Note

Note that we do not support further parameters for the SSH connection, such as explicitly setting the private key file. To use these, you have to adapt your local ssh config file.