For some data repositories, you want to ensure connections can always be made and maintained. In nearly all cases, this is not a concern since the Cyral sidecar is a highly available cluster, and services are normally not interrupted by the loss of a single sidecar instance. But for some mission-critical repositories, you may wish to avoid Cyral's normal behavior of shutting down connections in the event of a complete sidecar failure.
For such repositories, you can connect them to a sidecar that has been set to failover to passthrough mode, preserving connections even if other sidecar functions fail. This is a fail-open configuration (available at the sidecar level only) that allows connections to be made and maintained, even if one or more one of the sidecar's services remains unavailable. For example, the sidecar will enter passthrough mode if the Cyral sidecar's logging service fails.
We call this failover-to-passthrough operation of the sidecar. When set to failover in this way, the sidecar will switch to passthrough mode only when a sidecar service fails and does not recover.
Available passthrough activation settings
In all, there are three possible values for the sidecar's passthrough activation setting:
failover - the sidecar is set to failover-to-passthrough and will preserve repository connections even if other sidecar functions fail. See details above.
never - the sidecar does not allow passthrough mode at all. A complete failure of the sidecar will disconnect database sessions. This is the default and recommended setting to keep a repository secure.
always - all connections are in passthrough mode. This sidecar will not perform SSO, logging, alerting, or policy evaluation.
When a sidecar switches to passthrough mode, it sends a metric value to the reporting system to alert your team. Contact Cyral support for details.
About passthrough mode
Cyral sidecars can be run in passthrough mode to help troubleshoot performance problems, or better onboard new applications before turning on analysis.
In passthrough mode, the sidecar acts as a layer-4 load balancer and forwards all requests through to the repositories assigned to it. In passthrough mode, the Cyral sidecar provides:
no SSO authentication; instead, data users must use their native repository credentials to connect through the sidecar.
no policy enforcement
no logging or alerting
Put a sidecar in failover-to-passthrough operation
Contact Cyral support for assistance. Note! Using the Passthrough toggle in the Edit Sidecar window does not place the sidecar into failover-to-passthrough operation. Instead, it immediately places the sidecar into passthrough mode. This is the same as setting the always value for passthrough mode.
Check whether a sidecar is in passthrough mode
To check whether a sidecar is running in passthrough mode, click the Sidecars tab in the Cyral control plane UI and find your sidecar in the list. The Status column shows:
a Passthrough icon if the sidecar is running in passthrough mode:
an Active icon if the sidecar is running normally (no passthrough mode; sidecar services are active):