[jira] [Commented] (FLINK-9878) IO worker threads BLOCKED on SSL Session Cache while CMS full gc

Mon, 13 Aug 2018 10:26:17 -0700 


    [ 
https://issues.apache.org/jira/browse/FLINK-9878?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16578653#comment-16578653
 ] 

ASF GitHub Bot commented on FLINK-9878:
---------------------------------------

NicoK commented on issue #6355: [FLINK-9878][network][ssl] add more low-level 
ssl options
URL: https://github.com/apache/flink/pull/6355#issuecomment-412597634
 
 
   I pushed a rework of this PR which has a lighter footprint on the changes in 
SSLUtils by using a wrapper around `SSLContext` as @pnowojski suggested.
   
   I kept all existing logic though, including the `@Nullable` fields (vs. 
`Optional`) for these reasons:
   1) there are already conflicts when applying this to `release-1.6` and I'd 
like to keep the footprint small (some of the suggestions already make the diff 
bigger)
   2) there are several `null` checks which would need refactoring
   3) this seems to be out of scope of this PR, especially since no nullable 
field is added (any more)

----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
[email protected]


> IO worker threads BLOCKED on SSL Session Cache while CMS full gc
> ----------------------------------------------------------------
>
>                 Key: FLINK-9878
>                 URL: https://issues.apache.org/jira/browse/FLINK-9878
>             Project: Flink
>          Issue Type: Bug
>          Components: Network
>    Affects Versions: 1.5.0, 1.5.1, 1.6.0
>            Reporter: Nico Kruber
>            Assignee: Nico Kruber
>            Priority: Major
>              Labels: pull-request-available
>             Fix For: 1.5.3, 1.6.1, 1.7.0
>
>
> According to https://github.com/netty/netty/issues/832, there is a JDK issue 
> during garbage collection when the SSL session cache is not limited. We 
> should allow the user to configure this and further (advanced) SSL parameters 
> for fine-tuning to fix this and similar issues. In particular, the following 
> parameters should be configurable:
> - SSL session cache size
> - SSL session timeout
> - SSL handshake timeout
> - SSL close notify flush timeout



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

Reply via email to