[
https://issues.apache.org/jira/browse/BROOKLYN-579?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16495065#comment-16495065
]
ASF GitHub Bot commented on BROOKLYN-579:
-----------------------------------------
Github user geomacy commented on a diff in the pull request:
https://github.com/apache/brooklyn-dist/pull/121#discussion_r191736125
--- Diff: karaf/apache-brooklyn/src/main/resources/bin/setenv ---
@@ -85,6 +89,9 @@ export
EXTRA_JAVA_OPTS="-Dbrooklyn.location.localhost.address=127.0.0.1 ${EXTRA_
# Increase garbage collection, see
https://issues.apache.org/jira/browse/BROOKLYN-375
export EXTRA_JAVA_OPTS="-XX:SoftRefLRUPolicyMSPerMB=1 ${EXTRA_JAVA_OPTS}"
+# Set the DNS TTL for the JVM
+export EXTRA_JAVA_OPTS="-Dsun.net.inetaddr.ttl=${DNS_TTL}
${EXTRA_JAVA_OPTS}"
--- End diff --
It would be nicer not to use the `sun` private system property but I take
your point about the other value being a security property. I had a look to
see if Karaf would let us specify this somehow but I don't see a way to do
that. (You can configure security providers but there doesn't seem to be an
equivalent for security properties.)
At the least though I would add some comment here explaining the use of
`sun.net` - even just copy the text from the description of this PR.
> DNS lookups cached for too long
> -------------------------------
>
> Key: BROOKLYN-579
> URL: https://issues.apache.org/jira/browse/BROOKLYN-579
> Project: Brooklyn
> Issue Type: Bug
> Reporter: Alex Heneveld
> Priority: Major
>
> I've had issues where DNS values are changed but Brooklyn doesn't see those.
> I think Java caches hostnames forever by default, ignoring DNS TTL.
> (Controlling Route 53 from Brooklyn is one obvious such example!)
> We should consider overriding this.
> Oracle Cloud describe how
> (https://docs.us-phoenix-1.oraclecloud.com/Content/API/SDKDocs/javasdk.htm):
>
> {quote}The JVM uses the
> [networkaddress.cache.ttl|http://docs.oracle.com/javase/8/docs/technotes/guides/net/properties.html]
> property to specify the caching policy for DNS name lookups. The value is an
> integer that represents the number of seconds to cache the successful lookup.
> The default value for many JVMs, {{-1}}, indicates that the lookup should be
> cached forever.
> Because resources in Oracle Cloud Infrastructure use DNS names that can
> change, we recommend that you change the the TTL value to 60 seconds. This
> ensures that the new IP address for the resource is returned on next DNS
> query. You can change this value globally or specifically for your
> application:
> {quote} *
> {quote}To set TTL globally for all applications using the JVM, add the
> following in the {{$JAVA_HOME/jre/lib/security/java.security}} file:
> {{networkaddress.cache.ttl=60}}{quote}
> *
> {quote}To set TTL only for your application, set the following in your
> application's initialization code:
> {{java.security.Security.setProperty("networkaddress.cache.ttl" ,
> "60");}}{quote}
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
