Skip to content

Stats: Add JVM dns cache expiration config to JvmInfo #36372

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
wants to merge 4 commits into from
Closed

Stats: Add JVM dns cache expiration config to JvmInfo #36372

wants to merge 4 commits into from

Conversation

@spinscale
Copy link
Contributor

@spinscale spinscale commented Dec 7, 2018

The java security manager disables the DNS cache by default and never
expires any DNS entry. The default behaviour without the security
manager is 30 seconds.

In dynamic environment DNS entries can change, which means, that an
Elasticsearch instance requires a restart to pick up new settings.

Right now, there is no visibility to find out, if/how the configuration
for DNS expiration is set.

This adds this info to the JvmInfo class. Either the setting is shown or
it is marked as 'unlimited'

@spinscale
Stats: Add JVM dns cache expiration config to JvmInfo
03d0fe3 
The java security manager disables the DNS cache by default and never
expires any DNS entry. The default behaviour without the security
manager is 30 seconds.

In dynamic environment DNS entries can change, which means, that an
Elasticsearch instance requires a restart to pick up new settings.

Right now, there is no visibility to find out, if/how the configuration
for DNS expiration is set.

This adds this info to the JvmInfo class. Either the setting is shown or
it is marked as 'unlimited'
@spinscale spinscale added >enhancement :Data Management/Stats Statistics tracking and retrieval APIs v7.0.0 labels Dec 7, 2018
@elasticmachine
Copy link
Collaborator

elasticmachine commented Dec 7, 2018

Pinging @elastic/es-core-features

@spinscale
Copy link
Contributor Author

spinscale commented Dec 7, 2018

Testing is a bit hard as it requires JVM config changes. I tested this by setting the following in $JAVA_HOME/conf/security/java.security

networkaddress.cache.ttl=30

one more thing we could think about as well is to configure this setting in Elasticsearch using java.security.Security.setProperty("networkaddress.cache.ttl" , "30"); and thus restore the original behaviour or make this available as a setting, so that users do not have to change their JVM configuration.

jakelandis
jakelandis reviewed Dec 7, 2018
View reviewed changes
jakelandis
jakelandis reviewed Dec 7, 2018
View reviewed changes
server/src/test/java/org/elasticsearch/monitor/jvm/JvmInfoTests.java Outdated
}

public void testDnsTtl() {
String propertyValue = System.getProperty("networkaddress.cache.ttl");
Copy link
Contributor

@jakelandis jakelandis Dec 7, 2018

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

As you mention in the comment... I think it is safe to grab the property here, set it to the the desired value, test it, then set it back to the original value in a finally block. Assuming we don't execute any of the unit tests within the same JVM concurrently (I don't think we do, but not 100%).

@spinscale
Copy link
Contributor Author

spinscale commented Dec 18, 2018

@elasticmachine retest this please

@jasontedor
Copy link
Member

jasontedor commented Dec 20, 2018

After #36570 I am not sure if we need this anymore?

@spinscale
Copy link
Contributor Author

spinscale commented Dec 20, 2018

I think this still might help to quickly check the authoritative setting independent from the JVM args, i.e. in case of support - even though it is now more likely that the defaults are used?

@spinscale
Copy link
Contributor Author

spinscale commented Jan 8, 2019

After discussing this one more time yesterday: I thought about this over sleep and I agree we do not need it. The corner case that this can catch will be extremely rare in the future (unless different JDK distributions decide to change default behaviour, which I consider unlikely AND the user has removed the options in the configuration file).

As we can easily detect a configuration change by checking the jvm.options file (or the nodes info output) we can go from there in the future and debug further.

I will close this.

@spinscale spinscale closed this Jan 8, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@jakelandis jakelandis jakelandis left review comments

Assignees

No one assigned

Labels

:Data Management/Stats Statistics tracking and retrieval APIs >enhancement stalled v7.0.0-beta1

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

5 participants

@spinscale @elasticmachine @jasontedor @jakelandis @colings86