diff --git a/deploy-manage/deploy/self-managed/important-settings-configuration.md b/deploy-manage/deploy/self-managed/important-settings-configuration.md index 00e5f12744..cdd27f116e 100644 --- a/deploy-manage/deploy/self-managed/important-settings-configuration.md +++ b/deploy-manage/deploy/self-managed/important-settings-configuration.md @@ -1,6 +1,7 @@ --- mapped_pages: - https://www.elastic.co/guide/en/elasticsearch/reference/current/important-settings.html + - https://www.elastic.co/guide/en/elasticsearch/reference/current/networkaddress-cache-ttl.html applies_to: deployment: self: @@ -13,16 +14,17 @@ products: {{es}} requires very little configuration to get started, but there are a number of items which **must** be considered before using your cluster in production: * [Path settings](#path-settings) -* [Cluster name setting](elasticsearch://reference/elasticsearch/configuration-reference/miscellaneous-cluster-settings.md#cluster-name) +* [Cluster name setting](#_cluster_name_setting) * [Node name setting](#node-name) * [Network host settings](#network.host) * [Discovery settings](#discovery-settings) * [Heap size settings](#heap-size-settings) * [JVM heap dump path setting](#heap-dump-path) -* [GC logging settings](elasticsearch://reference/elasticsearch/jvm-settings.md#gc-logging) +* [GC logging settings](#_gc_logging_settings) * [Temporary directory settings](#es-tmpdir) -* [JVM fatal error log setting](elasticsearch://reference/elasticsearch/jvm-settings.md#error-file-path) +* [JVM fatal error log setting](#_jvm_fatal_error_log_setting) * [Cluster backups](#important-settings-backups) +* [DNS cache settings](#networkaddress-cache-ttl) ## Path settings [path-settings] @@ -241,3 +243,7 @@ In a disaster, [snapshots](../../tools/snapshot-and-restore.md) can prevent perm **Taking a snapshot is the only reliable and supported way to back up a cluster.** You cannot back up an {{es}} cluster by making copies of the data directories of its nodes. There are no supported methods to restore any data from a file system-level backup. If you try to restore a cluster from such a backup, it may fail with reports of corruption or missing files or other data inconsistencies, or it may appear to have succeeded having silently lost some of your data. :::: + +## DNS cache settings [networkaddress-cache-ttl] + +{{es}} runs with a security manager in place. With a security manager in place, the JVM defaults to caching positive hostname resolutions indefinitely and defaults to caching negative hostname resolutions for ten seconds. {{es}} overrides this behavior with default values to cache positive lookups for sixty seconds, and to cache negative lookups for ten seconds. These values should be suitable for most environments, including environments where DNS resolutions vary with time. If not, you can edit the values `es.networkaddress.cache.ttl` and `es.networkaddress.cache.negative.ttl` in the [JVM options](elasticsearch://reference/elasticsearch/jvm-settings.md#set-jvm-options). Note that the values [`networkaddress.cache.ttl=`](https://docs.oracle.com/javase/8/docs/technotes/guides/net/properties.md) and [`networkaddress.cache.negative.ttl=`](https://docs.oracle.com/javase/8/docs/technotes/guides/net/properties.md) in the [Java security policy](https://docs.oracle.com/javase/8/docs/technotes/guides/security/PolicyFiles.md) are ignored by {{es}} unless you remove the settings for `es.networkaddress.cache.ttl` and `es.networkaddress.cache.negative.ttl`. diff --git a/deploy-manage/deploy/self-managed/important-system-configuration.md b/deploy-manage/deploy/self-managed/important-system-configuration.md index 8be74ed3fe..10328cd381 100644 --- a/deploy-manage/deploy/self-managed/important-system-configuration.md +++ b/deploy-manage/deploy/self-managed/important-system-configuration.md @@ -18,7 +18,6 @@ The following settings **must** be considered before going to production: * [](setup-configuration-memory.md) * [](vm-max-map-count.md) * [](max-number-of-threads.md) -* [](networkaddress-cache-ttl.md) * [](file-descriptors.md) (Linux and MacOS only) * [](executable-jna-tmpdir.md) (Linux only) * [](system-config-tcpretries.md) (Linux only) diff --git a/deploy-manage/deploy/self-managed/networkaddress-cache-ttl.md b/deploy-manage/deploy/self-managed/networkaddress-cache-ttl.md deleted file mode 100644 index d00fc5c592..0000000000 --- a/deploy-manage/deploy/self-managed/networkaddress-cache-ttl.md +++ /dev/null @@ -1,14 +0,0 @@ ---- -mapped_pages: - - https://www.elastic.co/guide/en/elasticsearch/reference/current/networkaddress-cache-ttl.html -applies_to: - deployment: - self: -products: - - id: elasticsearch ---- - -# DNS cache settings [networkaddress-cache-ttl] - -{{es}} runs with a security manager in place. With a security manager in place, the JVM defaults to caching positive hostname resolutions indefinitely and defaults to caching negative hostname resolutions for ten seconds. {{es}} overrides this behavior with default values to cache positive lookups for sixty seconds, and to cache negative lookups for ten seconds. These values should be suitable for most environments, including environments where DNS resolutions vary with time. If not, you can edit the values `es.networkaddress.cache.ttl` and `es.networkaddress.cache.negative.ttl` in the [JVM options](elasticsearch://reference/elasticsearch/jvm-settings.md#set-jvm-options). Note that the values [`networkaddress.cache.ttl=`](https://docs.oracle.com/javase/8/docs/technotes/guides/net/properties.md) and [`networkaddress.cache.negative.ttl=`](https://docs.oracle.com/javase/8/docs/technotes/guides/net/properties.md) in the [Java security policy](https://docs.oracle.com/javase/8/docs/technotes/guides/security/PolicyFiles.md) are ignored by {{es}} unless you remove the settings for `es.networkaddress.cache.ttl` and `es.networkaddress.cache.negative.ttl`. - diff --git a/deploy-manage/distributed-architecture/discovery-cluster-formation/discovery-hosts-providers.md b/deploy-manage/distributed-architecture/discovery-cluster-formation/discovery-hosts-providers.md index 70abebaf6a..519d914208 100644 --- a/deploy-manage/distributed-architecture/discovery-cluster-formation/discovery-hosts-providers.md +++ b/deploy-manage/distributed-architecture/discovery-cluster-formation/discovery-hosts-providers.md @@ -25,7 +25,7 @@ Refer to [Troubleshooting discovery](../../../troubleshoot/elasticsearch/discove By default the cluster formation module offers two seed hosts providers to configure the list of seed nodes: a *settings*-based and a *file*-based seed hosts provider. It can be extended to support cloud environments and other forms of seed hosts providers via [discovery plugins](elasticsearch://reference/elasticsearch-plugins/discovery-plugins.md). Seed hosts providers are configured using the `discovery.seed_providers` setting, which defaults to the *settings*-based hosts provider. This setting accepts a list of different providers, allowing you to make use of multiple ways to find the seed hosts for your cluster. -Each seed hosts provider yields the IP addresses or hostnames of the seed nodes. If it returns any hostnames then these are resolved to IP addresses using a DNS lookup. If a hostname resolves to multiple IP addresses then {{es}} tries to find a seed node at all of these addresses. If the hosts provider does not explicitly give the TCP port of the node by then, it will implicitly use the first port in the port range given by `transport.profiles.default.port`, or by `transport.port` if `transport.profiles.default.port` is not set. The number of concurrent lookups is controlled by `discovery.seed_resolver.max_concurrent_resolvers` which defaults to `10`, and the timeout for each lookup is controlled by `discovery.seed_resolver.timeout` which defaults to `5s`. Note that DNS lookups are subject to [JVM DNS caching](../../deploy/self-managed/networkaddress-cache-ttl.md). +Each seed hosts provider yields the IP addresses or hostnames of the seed nodes. If it returns any hostnames then these are resolved to IP addresses using a DNS lookup. If a hostname resolves to multiple IP addresses then {{es}} tries to find a seed node at all of these addresses. If the hosts provider does not explicitly give the TCP port of the node by then, it will implicitly use the first port in the port range given by `transport.profiles.default.port`, or by `transport.port` if `transport.profiles.default.port` is not set. The number of concurrent lookups is controlled by `discovery.seed_resolver.max_concurrent_resolvers` which defaults to `10`, and the timeout for each lookup is controlled by `discovery.seed_resolver.timeout` which defaults to `5s`. Note that DNS lookups are subject to [JVM DNS caching](/deploy-manage/deploy/self-managed/important-settings-configuration.md#networkaddress-cache-ttl). #### Settings-based seed hosts provider [settings-based-hosts-provider] diff --git a/deploy-manage/toc.yml b/deploy-manage/toc.yml index 5e5b188629..14eda45617 100644 --- a/deploy-manage/toc.yml +++ b/deploy-manage/toc.yml @@ -283,7 +283,6 @@ toc: - file: deploy/self-managed/file-descriptors.md - file: deploy/self-managed/vm-max-map-count.md - file: deploy/self-managed/max-number-of-threads.md - - file: deploy/self-managed/networkaddress-cache-ttl.md - file: deploy/self-managed/executable-jna-tmpdir.md - file: deploy/self-managed/system-config-tcpretries.md - file: deploy/self-managed/bootstrap-checks.md diff --git a/redirects.yml b/redirects.yml index 71751347aa..33c9971abc 100644 --- a/redirects.yml +++ b/redirects.yml @@ -466,3 +466,5 @@ redirects: 'solutions/observability/apm/collect-application-data.md': 'solutions/observability/apm/ingest/index.md' 'solutions/observability/apm/jaeger.md': 'solutions/observability/apm/ingest/jaeger.md' 'solutions/observability/apm/monitor-aws-lambda-functions.md': 'solutions/observability/apm/ingest/monitor-aws-lambda-functions.md' +# Related to https://github.com/elastic/docs-content/pull/3142 + 'deploy-manage/deploy/self-managed/networkaddress-cache-ttl.md': 'deploy-manage/deploy/self-managed/important-settings-configuration.md' \ No newline at end of file