[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[jira] [Commented] (BROOKLYN-579) DNS lookups cached for too long

    [ https://issues.apache.org/jira/browse/BROOKLYN-579?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16495065#comment-16495065 ] 

ASF GitHub Bot commented on BROOKLYN-579:

Github user geomacy commented on a diff in the pull request:

    --- Diff: karaf/apache-brooklyn/src/main/resources/bin/setenv ---
    @@ -85,6 +89,9 @@ export EXTRA_JAVA_OPTS="-Dbrooklyn.location.localhost.address= ${EXTRA_
     # Increase garbage collection, see https://issues.apache.org/jira/browse/BROOKLYN-375
     export EXTRA_JAVA_OPTS="-XX:SoftRefLRUPolicyMSPerMB=1 ${EXTRA_JAVA_OPTS}"
    +# Set the DNS TTL for the JVM
    +export EXTRA_JAVA_OPTS="-Dsun.net.inetaddr.ttl=${DNS_TTL} ${EXTRA_JAVA_OPTS}"
    --- End diff --
    It would be nicer not to use the `sun` private system property but I take your point about the other value being a security property.  I had a look to see if Karaf would let us specify this somehow but I don't see a way to do that.  (You can configure security providers but there doesn't seem to be an equivalent for security properties.)
    At the least though I would add some comment here explaining the use of `sun.net` - even just copy the text from the description of this PR.

> DNS lookups cached for too long
> -------------------------------
>                 Key: BROOKLYN-579
>                 URL: https://issues.apache.org/jira/browse/BROOKLYN-579
>             Project: Brooklyn
>          Issue Type: Bug
>            Reporter: Alex Heneveld
>            Priority: Major
> I've had issues where DNS values are changed but Brooklyn doesn't see those.  I think Java caches hostnames forever by default, ignoring DNS TTL.  (Controlling Route 53 from Brooklyn is one obvious such example!)
> We should consider overriding this.
> Oracle Cloud describe how (https://docs.us-phoenix-1.oraclecloud.com/Content/API/SDKDocs/javasdk.htm):
> {quote}The JVM uses the [networkaddress.cache.ttl|http://docs.oracle.com/javase/8/docs/technotes/guides/net/properties.html] property to specify the caching policy for DNS name lookups. The value is an integer that represents the number of seconds to cache the successful lookup. The default value for many JVMs, {{-1}}, indicates that the lookup should be cached forever.
> Because resources in Oracle Cloud Infrastructure use DNS names that can change, we recommend that you change the the TTL value to 60 seconds. This ensures that the new IP address for the resource is returned on next DNS query. You can change this value globally or specifically for your application:
> {quote} * 
> {quote}To set TTL globally for all applications using the JVM, add the following in the {{$JAVA_HOME/jre/lib/security/java.security}} file:
> {{networkaddress.cache.ttl=60}}{quote}
>  * 
> {quote}To set TTL only for your application, set the following in your application's initialization code:
> {{java.security.Security.setProperty("networkaddress.cache.ttl" , "60");}}{quote}

This message was sent by Atlassian JIRA