honeymoose
/
OpenSearch
mirror of https://github.com/honeymoose/OpenSearch.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Move DNS cache settings to important configuration 

This commit moves the DNS cache settings for the JVM to the important
settings section of the docs.

Relates #27592
This commit is contained in:
Jason Tedor 2017-11-29 18:02:26 -05:00 committed by GitHub
parent b8557651aa
commit ff3c19ed13
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 25 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
docs/reference/modules/discovery/zen.asciidoc
View File

@ -22,16 +22,12 @@ other nodes.
[[unicast]]
===== Unicast
Unicast discovery requires a list of hosts to use that will act as gossip routers. These hosts can be specified as
hostnames or IP addresses; hosts specified as hostnames are resolved to IP addresses during each round of pinging. Note
that with the Java security manager in place, the JVM defaults to caching positive hostname resolutions indefinitely.
This can be modified by adding
http://docs.oracle.com/javase/8/docs/technotes/guides/net/properties.html[`networkaddress.cache.ttl=<timeout>`] to your
http://docs.oracle.com/javase/8/docs/technotes/guides/security/PolicyFiles.html[Java security policy]. Any hosts that
fail to resolve will be logged. Note also that with the Java security manager in place, the JVM defaults to caching
negative hostname resolutions for ten seconds. This can be modified by adding
http://docs.oracle.com/javase/8/docs/technotes/guides/net/properties.html[`networkaddress.cache.negative.ttl=<timeout>`]
to your http://docs.oracle.com/javase/8/docs/technotes/guides/security/PolicyFiles.html[Java security policy].
Unicast discovery requires a list of hosts to use that will act as gossip
routers. These hosts can be specified as hostnames or IP addresses; hosts
specified as hostnames are resolved to IP addresses during each round of
pinging. Note that if you are in an environment where DNS resolutions vary with
time, you might need to adjust your <<networkaddress-cache-ttl,JVM security
settings>>.
It is recommended that the unicast hosts list be maintained as the list of
master-eligible nodes in the cluster.

19
docs/reference/setup/important-settings.asciidoc
View File

@ -201,3 +201,22 @@ the Elasticsearch process. If you wish to configure a heap dump path, you should
modify the entry `#-XX:HeapDumpPath=/heap/dump/path` in
<<jvm-options,`jvm.options`>> to remove the comment marker `#` and to specify an
actual path.
[float]
[[networkaddress-cache-ttl]]
Elasticsearch runs with a security manager in place. With a security manager in
place, the JVM defaults to caching positive hostname resolutions
indefinitely. If your Elasticsearch nodes rely on DNS in an environment where
DNS resolutions vary with time (e.g., for node-to-node discovery) then you might
want to modify the default JVM behavior. This can be modified by adding
http://docs.oracle.com/javase/8/docs/technotes/guides/net/properties.html[`networkaddress.cache.ttl=<timeout>`]
to your
http://docs.oracle.com/javase/8/docs/technotes/guides/security/PolicyFiles.html[Java
security policy]. Any hosts that fail to resolve will be logged. Note also that
with the Java security manager in place, the JVM defaults to caching negative
hostname resolutions for ten seconds. This can be modified by adding
http://docs.oracle.com/javase/8/docs/technotes/guides/net/properties.html[`networkaddress.cache.negative.ttl=<timeout>`]
to your
http://docs.oracle.com/javase/8/docs/technotes/guides/security/PolicyFiles.html[Java
security policy].