This is an automated email from the ASF dual-hosted git repository.
dmagda pushed a commit to branch ignite-2.9-docs
in repository https://gitbox.apache.org/repos/asf/ignite.git
The following commit(s) were added to refs/heads/ignite-2.9-docs by this push:
new 1a5e3d2 ignite docs: updated the TcpDiscovery.soLinger documentation
1a5e3d2 is described below
commit 1a5e3d263b80d00bccebf3e225e36c273183e12c
Author: Denis Magda <dma...@gridgain.com>
AuthorDate: Fri Nov 13 11:47:44 2020 -0800
ignite docs: updated the TcpDiscovery.soLinger documentation
---
docs/_docs/clustering/network-configuration.adoc | 5 +++++
docs/_docs/security/ssl-tls.adoc | 8 ++++++++
2 files changed, 13 insertions(+)
diff --git a/docs/_docs/clustering/network-configuration.adoc
b/docs/_docs/clustering/network-configuration.adoc
index d656b0c..8c0e0f8 100644
--- a/docs/_docs/clustering/network-configuration.adoc
+++ b/docs/_docs/clustering/network-configuration.adoc
@@ -56,6 +56,11 @@ You can find the complete list of properties in the
javadoc:org.apache.ignite.sp
| `localPort` | The port that the node binds to. If set to a non-default
value, other cluster nodes must know this port to be able to discover the node.
| `47500`
| `localPortRange`| If the `localPort` is busy, the node attempts to bind to
the next port (incremented by 1) and continues this process until it finds a
free port. The `localPortRange` property defines the number of ports the node
will try (starting from `localPort`).
| `100`
+| `soLinger`| Specifies a linger-on-close timeout of TCP sockets used by
Discovery SPI. See Java `Socket.setSoLinger` API
+for details on how to adjust this setting. In Ignite, the timeout defaults to
a non-negative value to prevent
+link:https://bugs.openjdk.java.net/browse/JDK-8219658[potential deadlocks with
SSL connections, window=_blank] but,
+as a side effect, this can prolong the detection of cluster node failures.
Alternatively, update your JRE version to the
+one with the SSL issue fixed and adjust this setting accordingly. | `0`
| `reconnectCount` | The number of times the node tries to (re)establish
connection to another node. |`10`
| `networkTimeout` | The maximum network timeout in milliseconds for network
operations. |`5000`
| `socketTimeout` | The socket operations timeout. This timeout is used to
limit connection time and write-to-socket time. |`5000`
diff --git a/docs/_docs/security/ssl-tls.adoc b/docs/_docs/security/ssl-tls.adoc
index bf5a90e..b56b209 100644
--- a/docs/_docs/security/ssl-tls.adoc
+++ b/docs/_docs/security/ssl-tls.adoc
@@ -32,6 +32,14 @@ To enable SSL/TLS for cluster nodes, configure an
`SSLContext` factory in the no
You can use the `org.apache.ignite.ssl.SslContextFactory`, which is the
default factory that uses a configurable keystore to initialize the SSL context.
//You can also implement your own `SSLContext` factory.
+[CAUTION]
+====
+Ensure that your version of the JVM addresses
+link:https://bugs.openjdk.java.net/browse/JDK-8219658[the following issue,
window=_blank] that can cause deadlocks
+in SSL connections. If your JVM is affected but can't be updated, then set
+the link:clustering/network-configuration[`TcpDiscoverySpi.soLinger`]
parameter to a non-negative value.
+====
+
Below is an example of `SslContextFactory` configuration:
[tabs]
