.hazelcast.5.3.6.source-code.hazelcast-full-example.xml Maven / Gradle / Ivy
<?xml version="1.0" encoding="UTF-8"?> <!-- ~ Copyright (c) 2008-2023, Hazelcast, Inc. All Rights Reserved. ~ ~ Licensed under the Apache License, Version 2.0 (the "License"); ~ you may not use this file except in compliance with the License. ~ You may obtain a copy of the License at ~ ~ http://www.apache.org/licenses/LICENSE-2.0 ~ ~ Unless required by applicable law or agreed to in writing, software ~ distributed under the License is distributed on an "AS IS" BASIS, ~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. ~ See the License for the specific language governing permissions and ~ limitations under the License. --> <!-- This is a full example hazelcast.xml that includes all the configuration elements and attributes of a Hazelcast member. To use this, rename it to hazelcast.xml and place it in the directory where you start your Hazelcast member. To learn how to configure Hazelcast, please see the schema at https://hazelcast.com/schema/config/hazelcast-config-5.3.xsd or the Reference Manual at https://docs.hazelcast.com/ --> <!--suppress XmlDefaultAttributeValue --> <hazelcast xmlns="http://www.hazelcast.com/schema/config" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.hazelcast.com/schema/config http://www.hazelcast.com/schema/config/hazelcast-config-5.3.xsd"> <!-- You can use the <import> element to load different Hazelcast declarative configuration files you prepared. You can import as many XML files as you want and hence compose your Hazelcast configuration out of those XML files. If you want to use the <import> element, it should be placed at the top of your Hazelcast XML file right after the <hazelcast> element, and it should have the required attribute "resource". Below is an example where the configuration files you want to include are located at your Hazelcast working directory: <import resource="your-configuration-file.xml"/> Below are examples showing a classpath or filesystem location: <import resource="file:///etc/hazelcast/your-configuration-file-1.xml"/> <import resource="classpath:your-configuration-file-2.xml"/> Below is an example showing property placeholders: <import resource="${environment}-your-configuration-file.xml"/> --> <import resource="your-configuration-XML-file"/> <!-- The <config-replacers> allow to use variables (placeholders) within the configuration file and use an external class to retrieve correct values (replacements). It can be used for masking sensitive strings such as passwords for instance. Format of a variable is: $ PREFIX { STRING_TO_BE_REPLACED } e.g. $ENC{nnPgTqJCcCQ=:23000:B4y/nlp6M0t3q6YiKImW+w==} The PREFIX value depends on the replacer implementation (e.g. "ENC" is used for the EncryptionReplacer) The STRING_TO_BE_REPLACED is the value which is provided to replacer implementation. --> <config-replacers fail-if-value-missing="false"> <replacer class-name="com.hazelcast.config.replacer.EncryptionReplacer"> <properties> <property name="passwordFile">password.txt</property> <property name="passwordUserProperties">false</property> <property name="cipherAlgorithm">DES</property> <property name="keyLengthBits">64</property> <property name="secretKeyAlgorithm">DES</property> <property name="secretKeyFactoryAlgorithm">PBKDF2WithHmacSHA1</property> </properties> </replacer> </config-replacers> <!-- Specifies the cluster name. It allows creating separate sub-clusters with different names. The name is also referenced in the WAN Replication configuration. --> <cluster-name>my-cluster</cluster-name> <!-- ===== HAZELCAST LICENSE CONFIGURATION ===== If you have an Enterprise or Enterprise HD license, you can enter it here. You can also set your license key programmatically; please refer to http://docs.hazelcast.org/docs/latest/manual/html-single/index.html#setting-the-license-key --> <license-key>Your Hazelcast Enterprise or Enterprise HD License Key</license-key> <!-- When Hazelcast instances are created, they are put in a global registry with their creation names. <instance-name> elements gives you the ability to get a specific Hazelcast instance from this registry by giving the instance's name. --> <instance-name>hzInstance1</instance-name> <!-- ===== HAZELCAST MANAGEMENT CENTER CONFIGURATION ===== The element <management-center> has the following optional attributes: * scripting-enabled: Set to true to allow scripting on the member, false to disallow. Default value is false. * console-enabled: Set to true to allow console commands execution on the member, false to disallow. Default value is false. * data-access-enabled Set to true to allow Management Center access to contents of Hazelcast data structures (for instance map entries), false to disallow. Management Center can't access the data if at least one member has the data access disabled. Default value is true. You can also specify <trusted-interfaces> as child element. It includes allowed IP addresses for Management Center connections. More preciselly, the element configures addresses from which clients are allowed to run cluster management tasks over the Hazelcast client protocol. You can give an IP addresses range using the wildcards (*) or intervals in the IPv4 address (e.g. 192.168.1.* or 192.168.1.100-110). Default value is empty, meaning all Management Center connections can execute management tasks. Hazelcast's Open Source edition provides the Management Center with monitoring at most 3 members in your cluster. To use it for more members, you need to have either a Management Center, Hazelcast Enterprise or Hazelcast Enterprise HD license. --> <management-center scripting-enabled="false" console-enabled="false" data-access-enabled="true"> <trusted-interfaces> <interface>10.10.1.*</interface> <interface>10.10.2.*</interface> </trusted-interfaces> </management-center> <!-- The <properties> element lets you add properties to some of the Hazelcast elements used to configure some of the Hazelcast modules. You can define the name and value of these properties using the sub-element <property>. You can use <properties> for the following Hazelcast configuration elements: * <discovery-strategy> * <map-store> * <queue-store> * <wan-replication> * <ssl> * <service> * <login-module> * <security-object> * <socket-interceptor> --> <properties> <property name="your-property">Value of the property</property> </properties> <!-- ===== HAZELCAST WAN REPLICATION CONFIGURATION ===== The WAN replication feature is available only in Hazelcast Enterprise. The configuration element's name is <wan-replication>. It has two attributes: * name: Name of your WAN Replication. This name is referenced in IMap or ICache configuration when you add WAN Replication for these data structures (using the element <wan-replication-ref> in the configuration of IMap or ICache). Please see the <map> and <cache> configuration descriptions in this XML. The <wan-replication> element has the following sub-elements: * <batch-publisher>: WAN publisher using the built-in com.hazelcast.enterprise.wan.impl.replication.WanBatchPublisher. Waits until a batch size is reached or a delay time is passed. Please see the batch-size and batch-max-delay-millis configuration descriptions below. * "<cluster-name>": Sets the cluster name used as an endpoint cluster name for authentication on the target endpoint. If there is no separate publisher ID property defined, this cluster name will also be used as a WAN publisher ID. This ID is then used for identifying the publisher in a WanReplicationConfig. * "<publisher-id>": Sets the publisher ID used for identifying the publisher in a WanReplicationConfig. If there is no publisher ID defined (it is empty), the cluster name will be used as a publisher ID. * "<batch-size>": Changes the maximum size of events that are sent to the target cluster in a single batch. The batch of events is not sent until this size is reached. Its default value is 500. * "<batch-max-delay-millis>": If the number of events generated does not reach the "batch-size", they are sent to the target cluster after a certain amount of time is passed. You can set this time in milliseconds using this element. Its default value is 1000 milliseconds. * "<response-timeout-millis>": After a replication event is sent to the target cluster, the source member waits for a confirmation that says the event has reached the target. If confirmation is not received for a period of `response-timeout-millis`, the event is resent to the target cluster. The default value is 60000 milliseconds. * "<acknowledge-type>": Acknowledgment type for each target cluster when the events are replicated. You can set it to the following values: - ACK_ON_RECEIPT: Guarantees that events are received by the target cluster. It does not guarantee that the received event is actually applied, but it is faster. - ACK_ON_OPERATION_COMPLETE (default): Guarantees that the event is both received and applied by the target cluster. It is more time consuming, but it is the best way if you have strong consistency requirements. * "<initial-publisher-state>": Defines the initial state in which a WAN publisher is started. - REPLICATING (default): State where both enqueuing new events is allowed, enqueued events are replicated to the target cluster and WAN sync is enabled. - PAUSED: State where new events are enqueued but they not are dequeued. Some events which have been dequeued before the state was switched may still be replicated to the target cluster but further events will not be replicated. WAN sync is enabled. - STOPPED: State where neither new events are enqueued nor dequeued. As with the PAUSED state, some events might still be replicated after the publisher has switched to this state. WAN sync is enabled. * "<snapshot-enabled>": Sets if key-based coalescing is configured for this WAN publisher. When enabled, only the latest WanReplicationEvent of a key is sent to target. * "<idle-max-park-ns>": Sets the maximum duration in nanoseconds that the WAN replication thread will be parked if there are no events to replicate. * "<idle-min-park-ns>": Sets the minimum duration in nanoseconds that the WAN replication thread will be parked if there are no events to replicate. * "<max-concurrent-invocations>": Sets the maximum number of WAN event batches being sent to the target cluster concurrently. Setting this property to anything less than 2 will only allow a single batch of events to be sent to each target endpoint and will maintain causality of events for a single partition. Setting this property to 2 or higher will allow multiple batches of WAN events to be sent to each target endpoint. Since this allows reordering or batches due to network conditions, causality and ordering of events for a single partition is lost and batches for a single partition are now sent randomly to any available target endpoint. This, however, does present faster WAN replication for certain scenarios such as replicating immutable, independent map entries which are only added once and where ordering of when these entries are added is not necessary. Keep in mind that if you set this property to a value which is less than the target endpoint count, you will lose performance as not all target endpoints will be used at any point in time to process WAN event batches. So, for instance, if you have a target cluster with 3 members (target endpoints) and you want to use this property, it makes sense to set it to a value higher than 3. Otherwise, you can simply disable it by setting it to less than 2 in which case WAN will use the default replication strategy and adapt to the target endpoint count while maintaining causality. * "<discovery-period-seconds>": Sets the period in seconds in which WAN tries to discover new target endpoints and reestablish connections to failed endpoints. * "<use-endpoint-private-address>": Sets whether the WAN connection manager should connect to the endpoint on the private address returned by the discovery SPI. By default this property is false which means the WAN connection manager will always use the public address. * "<queue-full-behavior>": Policy to be applied when WAN Replication event queues are full. You can set it to the following values: - DISCARD_AFTER_MUTATION (default): The new WAN events generated are dropped and not replicated to the target cluster. - THROW_EXCEPTION: The WAN queue size is checked before each supported mutating operation. If one of the queues of the target cluster is full, WANReplicationQueueFullException is thrown and the operation is not allowed. * "<max-target-endpoints>": Returns the maximum number of endpoints that WAN will connect to when using a discovery mechanism to define endpoints. This property has no effect when static endpoint addresses are defined using target-endpoints. * "<queue-capacity>": Size of the queue of events. Its default value is 10000. If you exceed this queue size, then the oldest, not yet replicated updates might get lost. Therefore, if you have a large rate of put/update/remove operations, you should increase queue capacity. * "<target-endpoints>": Comma separated list of IP addresses of the target cluster members for which the WAN replication is implemented. * <sync>: Configuration for the WAN sync mechanism. It has the following sub-elements: - <consistency-check-strategy>: Sets the strategy for checking consistency of data between source and target cluster. Any inconsistency will not be reconciled, it will be merely reported via the usual mechanisms (e.g. statistics, diagnostics). The user must initiate WAN sync to reconcile there differences. For the check procedure to work properly, the target cluster should support the chosen strategy. Default value is NONE, which means the check is disabled. * <aws>: Set its "enabled" attribute to true for discovery within Amazon EC2. It has the following sub-elements: - <access-key>: Access key of your account on EC2. - <secret-key>: Secret key of your account on EC2. - <iam-role>: IAM role that binds with your instance. - <region>: The region where your Hazelcast members run. Default value is us-east-1. It needs to be specified if the region is other than the default one. - <host-header>: The URL that is the entry point for a web service. It is optional. - <security-group-name>: Name of the security group you specified at the EC2 management console. It is used to narrow the Hazelcast members to be within this group. It is optional. - <tag-key>: To narrow the members in the cloud down to only Hazelcast members, you can set this to the one you specified in the EC2 console. It is optional. - <tag-value>: To narrow the members in the cloud down to only Hazelcast members, you can set this to the one you specified in the EC2 console. It is optional. * <discovery-strategies>: Set its "enabled" attribute to true for discovery in various cloud infrastructures. You can define multiple discovery strategies using the <discovery-strategy> sub-element and its properties. Please refer to http://docs.hazelcast.org/docs/latest/manual/html-single/index.html#discovering-cluster-members to see the properties you can use. The following is an example for EC2 cloud. <discovery-strategies> <discovery-strategy enabled="true" class="com.hazelcast.aws.AwsDiscoveryStrategy"> <properties> <property name="access-key">test-access-key</property> <property name="secret-key">test-secret-key</property> <property name="region">test-region</property> <property name="iam-role">test-iam-role</property> <property name="host-header">ec2.test-host-header</property> <property name="security-group-name">test-security-group-name</property> <property name="tag-key">test-tag-key</property> <property name="tag-value">test-tag-value</property> <property name="connection-timeout-seconds">10</property> <property name="hz-port">5702</property> </properties> </discovery-strategy> </discovery-strategies> * <custom-publisher>: Custom implementation of a WAN publisher implementing WanPublisher. * "<class-name>": Mandatory config value defining the fully qualified class name of the WAN publisher implementation. * "<publisher-id>": Mandatory config value for the publisher ID used for identifying the publisher in a WanReplicationConfig. * <consumer>: Config for processing WAN events received from a target cluster. You can configure certain behaviour when processing incoming WAN events or even configure your own implementation for a WAN consumer. A custom WAN consumer allows you to define custom processing logic and is usually used in combination with a custom WAN publisher. A custom consumer is optional and you may simply omit defining it which will cause the default processing logic to be used. It has the following sub-elements: - <class-name>: Sets the fully qualified class name of the class implementing a custom WAN consumer (WanConsumer). If you don't define a class name, the default processing logic for incoming WAN events will be used. - <properties>: Properties for the custom WAN consumer. These properties are accessible when initalizing the WAN consumer. - <persist-wan-replicated-data>: When true, an incoming event over WAN replication can be persisted to a database for example, otherwise it will not be persisted. Default value is true. --> <wan-replication name="my-wan-cluster-batch"> <batch-publisher> <cluster-name>nyc</cluster-name> <publisher-id>nycPublisherId</publisher-id> <batch-size>1000</batch-size> <batch-max-delay-millis>2000</batch-max-delay-millis> <response-timeout-millis>60000</response-timeout-millis> <acknowledge-type>ACK_ON_OPERATION_COMPLETE</acknowledge-type> <initial-publisher-state>REPLICATING</initial-publisher-state> <snapshot-enabled>false</snapshot-enabled> <idle-max-park-ns>250000000</idle-max-park-ns> <idle-min-park-ns>10000000</idle-min-park-ns> <max-concurrent-invocations>-1</max-concurrent-invocations> <discovery-period-seconds>10</discovery-period-seconds> <use-endpoint-private-address>false</use-endpoint-private-address> <queue-full-behavior>DISCARD_AFTER_MUTATION</queue-full-behavior> <max-target-endpoints>2147483647</max-target-endpoints> <queue-capacity>10000</queue-capacity> <target-endpoints>10.3.5.1:5701,10.3.5.2:5701</target-endpoints> <sync> <consistency-check-strategy>NONE</consistency-check-strategy> </sync> <!-- <aws enabled="false">--> <!-- <access-key>my-access-key</access-key>--> <!-- <secret-key>my-secret-key</secret-key>--> <!-- <iam-role>dummy</iam-role>--> <!-- <region>us-west-1</region>--> <!-- <host-header>ec2.amazonaws.com</host-header>--> <!-- <security-group-name>hazelcast-sg</security-group-name>--> <!-- <tag-key>type</tag-key>--> <!-- <tag-value>hz-nodes</tag-value>--> <!-- </aws>--> <!-- <discovery-strategies>--> <!-- <discovery-strategy class="com.hazelcast.jclouds.JCloudsDiscoveryStrategy" enabled="true">--> <!-- <properties>--> <!-- <property name="provider">google-compute-engine</property>--> <!-- <property name="identity">GCE_IDENTITY</property>--> <!-- <property name="credential">GCE_CREDENTIAL</property>--> <!-- </properties>--> <!-- </discovery-strategy>--> <!-- </discovery-strategies>--> </batch-publisher> <custom-publisher> <publisher-id>customPublisherId</publisher-id> <class-name>com.companyName.CustomWanPublisher</class-name> <properties> <property name="prop1">prop1-value</property> <property name="prop2">prop2-value</property> </properties> </custom-publisher> <consumer> <!-- <class-name>com.myCompany.CustomWanConsumer</class-name>--> <!-- <properties>--> <!-- <property name="prop1">prop1-value</property>--> <!-- <property name="prop2">prop2-value</property>--> <!-- </properties>--> <persist-wan-replicated-data>true</persist-wan-replicated-data> </consumer> </wan-replication> <!-- ===== HAZELCAST NETWORK CONFIGURATION ===== The configuration to build your Hazelcast's network includes configuration for port, interface, discovery mechanism, SSL, encryption, etc. The configuration element's name is <network>. It has the following sub-elements: * <public address>: This optional element overrides the public address of a member. It is useful when you have a private cloud. Normally, a member selects its socket address as its public address. But behind a NAT, two members may not be able to see/access each other. In this case, you can set their public addresses to their defined addresses on NAT. The value should be given in the format "host IP address:port number". * <port>: Specifies the ports that Hazelcast will use to communicate between cluster members. It is optional and its default value is 5701. It has the following attributes: - port-count: By default, Hazelcast will try 100 ports to bind (i.e. the ports between 5701 and 5801). You can change the port count in such cases as having large instances on a single machine or you are willing to have only a few ports assigned. port-count is optional and its default value is 100. - auto-increment: By default, Hazelcast tries to find a port by automatically incrementing the port numbers. If you don't want this (for example, you want to use a specific port), set auto-increment to false. If it is set to false, the port-count attribute is ignored. auto-increment is optional and its default value is true. Examples: The example below looks for ports between 5701 and 5721, incrementing the ports starting from 5701. <port port-count="20">5701</port> The example below forces Hazelcast to use only the port 5701. <port auto-increment="false">5701</port> * <outbound-ports>: By default, Hazelcast lets the system pick up an ephemeral port during socket bind operation. But security policies/firewalls may require you to restrict outbound ports to be used by Hazelcast-enabled applications. You can specify these ports using <ports> under the element <outbound-ports>. You can give a single port number, comma separated multiple ports or port ranges. See the example below. <outbound-ports> <ports>33000-35000</ports> <ports>37000,37001,37002,37003</ports> <ports>38000,38500-38600</ports> </outbound-ports> * <reuse-address>: If you set this to true, Hazelcast will use the same port when you restart a member right after you shut it down. It is optional and its default value is false. * <join>: This configuration lets you choose a discovery mechanism that Hazelcast will use to form a cluster. Hazelcast can find members by multicast, TCP/IP lists and by various discovery mechanisms provided by different cloud APIs. The following are the elements of <join>: - <multicast>: Set its "enabled" attribute to true for discovery by multicast. It has another attribute ("loopbackModeEnabled") which enables or disables the loopback mode in the multicast discovery mechanism. It has the following sub-elements to fine tune the multicast discovery. - <multicast-group>: Specifies the multicast group IP address when you want to create clusters within the same network. Its default value is 224.2.2.3. - <multicast-port>: Specifies the multicast socket port that the Hazelcast member listens to and sends discovery messages through. Its default value is 54327. - <multicast-time-to-live>: Time-to-live value for multicast packets sent out to control the scope of multicasts. - <multicast-timeout-seconds>: Only when the members are starting up, this timeout (in seconds) specifies the period during which a member waits for a multicast response from another node. For example, if you set it as 60 seconds, each node will wait for 60 seconds until a leader node is selected. Its default value is 2 seconds. - <trusted-interfaces>: Includes IP addresses of trusted members. When a node wants to join to the cluster, its join request will be rejected if it is not a trusted member. You can give an IP addresses range using the wildcard (*) on the last digit of IP address (e.g. 192.168.1.* or 192.168.1.100-110). - <tcp-ip>: It has the following attributes. - "enabled": Specifies whether the TCP/IP discovery is enabled or not. Default value is false. - "connection-timeout-seconds": The maximum amount of time Hazelcast is going to try to connect to a well known member before giving up. Setting it to a too low value could mean that a member is not able to connect to a cluster. Setting it to a too high value means that member startup could slow down because of longer timeouts (e.g. when a well known member is not up). Increasing this value is recommended if you have many IPs listed and the members cannot properly build up the cluster. Its default value is 5. It has the following sub-elements. - <required-member>: IP address of the required member. Cluster will only be formed if the member with this IP address is found. - <member>: IP address(es) of one or more well known members. Once members are connected to these well known ones, all member addresses will be communicated with each other. You can also give comma separated IP addresses using the <members> element or list the members with the <member> element under <member-list>. - <members>: Comma separated IP addresses of one or more well known members. - <member-list>: IP address(es) of one or more well known members listed with the <member> element. - <interface>: IP address(es) of one or more well known members. - <aws>: Set its "enabled" attribute to true for discovery within Amazon EC2. Please refer to https://github.com/hazelcast/hazelcast-aws/#configuration for the configuration details. - <gcp>: Set its "enabled" attribute to true for discovery within the Google Cloud Platform. Please refer to https://github.com/hazelcast/hazelcast-gcp/#configuration for the configuration details. - <azure>: Set its "enabled" attribute to true for discovery within Microsoft Azure. Please refer to https://github.com/hazelcast/hazelcast-azure/#configuring-at-hazelcast-side for the configuration details. - <kubernetes>: Set its "enabled" attribute to true for discovery in the Kubernetes environment. Please refer to https://github.com/hazelcast/hazelcast-kubernetes#hazelcast-configuration for the configuration details. - <eureka>: Set its "enabled" attribute to true for discovery with using Eureka Service Registry. Please refer to https://github.com/hazelcast/hazelcast-eureka#hazelcast-configuration for the configuration details. - <discovery-strategies>: Set its "enabled" attribute to true for discovery in various cloud infrastructures. You also need to set the value of "hazelcast.discovery.enabled" property to true. See the description of the <properties> element to learn how to do this. You can define multiple discovery strategies using the <discovery-strategy> sub-element and its properties. Please refer to http://docs.hazelcast.org/docs/latest/manual/html-single/index.html#discovering-cluster-members to see the properties you can use. The following is an example for EC2 cloud. <discovery-strategies> <discovery-strategy class="com.hazelcast.jclouds.JCloudsDiscoveryStrategy" enabled="true"> <properties> <property name="provider">aws-ec2</property> <property name="identity">AWS_IDENTITY</property> <property name="credential">AWS_CREDENTIAL</property> </properties> </discovery-strategy> </discovery-strategies> * <interfaces>: Specifies which network interfaces Hazelcast should use. You need to set its "enabled" attribute to true to be able to use your defined interfaces. You can define multiple interfaces using its <interface> sub-element. By default, it is disabled. * <ssl>: Allows configuring TLS/SSL communication encryption. This feature is available only in Hazelcast Enterprise. The default configuration usually uses JSSE engine available in Java. Consult the Hazelcast documentation on how to integrate with OpenSSL/BoringSSL engines. <ssl enabled="true"> <factory-class-name>com.hazelcast.nio.ssl.OpenSSLEngineFactory</factory-class-name> <properties> <property name="protocol">TLSv1.2</property> <property name="trustCertCollectionFile">/opt/hazelcast/trusted-certs.pem</property> <property name="keyFile">/opt/hazelcast/privkey.pem</property> <property name="keyCertChainFile">/opt/hazelcast/chain.pem</property> </properties> </ssl> * <socket-interceptor>: Lets you add custom hooks to join and perform connection procedures (like a custom authentication negotiation protocol, etc.). This feature is available only in Hazelcast Enterprise. To be able to use it, you should first implement the MemberSocketInterceptor (for members joining to a cluster) or SocketInterceptor (for clients connecting to a member) class. Its configuration contains the class you implemented and socket interceptor properties. By default, it is disabled. The following is an example: <socket-interceptor enabled="true"> <class-name> com.hazelcast.examples.MySocketInterceptor </class-name> <properties> <property name="property1">value1</property> <property name="property2">value2</property> </properties> </socket-interceptor> * <symmetric-encryption>: The symmetric-encryption is deprecated since Hazelcast 4.2. Consider using TLS instead. <symmetric-encryption enabled="true"> <algorithm>PBEWithMD5AndDES</algorithm> <salt>thesalt</salt> <password>thepass</password> <iteration-count>19</iteration-count> </symmetric-encryption> * <member-address-provider>: IMPORTANT This configuration is not intended to provide addresses of other cluster members with which the Hazelcast instance will form a cluster. This is an SPI for advanced use in cases where the DefaultAddressPicker does not pick suitable addresses to bind to and publish to other cluster members. For instance, this could allow easier deployment in some cases when running on Docker, AWS or other cloud environments. That said, if you are just starting with Hazelcast, you will probably want to set the member addresses by using the tcp-ip or multicast configuration or adding a discovery strategy. Member address provider allows to plug in own strategy to customize: 1. What address Hazelcast will bind to 2. What address Hazelcast will advertise to other members on which they can bind to In most environments you don't need to customize this and the default strategy will work just fine. However in some cloud environments the default strategy does not make the right choice and the member address provider delegates the process of address picking to external code. It has one optional attribute: * enabled: Specifies whether the member address provider SPI is enabled or not. Its default value is false. It has the following sub-elements: - <class-name>: The name of the class implementing the com.hazelcast.spi.MemberAddressProvider interface. - <properties>: The properties that will be provided when constructing the provided MemberAddressProvider. Hazelcast will first try instantiating the provided class by invoking a constructor accepting a single java.util.Properties instance. In the case where there is no such constructor and there are also no properties defined by this configuration, Hazelcast will exceptionally try to use the no-arg constructor. * <failure-detector>: A failure detector is responsible to determine if a member in the cluster is unreachable or crashed. Please refer to https://docs.hazelcast.org/docs/latest/manual/html-single/index.html#failure-detector-configuration for the failure detectors implemented by Hazelcast. This element has the following sub-element: * <icmp>: ICMP can be used in addition to the other detectors. It operates at layer 3 and detects network and hardware issues more quickly. It has the following sub-elements: * <timeout-milliseconds>: Timeout in Milliseconds before declaring a failed ping. * <fail-fast-on-startup>: Cluster Member will fail to start if it is unable to action an ICMP ping command when ICMP is enabled. Failure is usually due to OS level restrictions. * <interval-milliseconds>: Time in milliseconds between each ICMP ping. * <max-attempts>: Maximum number of consecutive failed attempts before declaring a member suspect. * <parallel-mode>: Run ICMP detection in parallel with the Heartbeat failure detector. * <ttl>: Maximum number of times the IP Datagram (ping) can be forwarded, in most cases all Hazelcast cluster members would be within one network switch/router therefore default of 0 is usually sufficient. - <tpc-socket>: Socket configuration for TPC. In TPC, each eventloop has its own sockets. - <port-range>: Configures the port range available for TPC sockets. - <receive-buffer-size-kb>: Configures SO_RCVBUF socket option for TPC sockets. - <send-buffer-size-kb>: Configures SO_SNDBUF socket option for TPC sockets. --> <network> <public-address>11.22.33.44:5555</public-address> <port auto-increment="true" port-count="100">5701</port> <outbound-ports> <ports>34500</ports> </outbound-ports> <reuse-address>false</reuse-address> <join> <auto-detection enabled="false"/> <multicast enabled="false"> <multicast-group>224.2.2.3</multicast-group> <multicast-port>54327</multicast-port> </multicast> <tcp-ip enabled="false"> <interface>127.0.0.1</interface> <required-member>10.0.0.1</required-member> <member-list> <member>10.0.0.2</member> <member>10.0.0.3</member> </member-list> </tcp-ip> <aws enabled="false"> <access-key>my-access-key</access-key> <secret-key>my-secret-key</secret-key> <region>us-west-1</region> <host-header>ec2.amazonaws.com</host-header> <connection-timeout-seconds>7</connection-timeout-seconds> <read-timeout-seconds>7</read-timeout-seconds> <connection-retries>4</connection-retries> <hz-port>5701-5710</hz-port> <tag-key>type</tag-key> <tag-value>hz-nodes</tag-value> <security-group-name>hazelcast-sg</security-group-name> <iam-role>dummy</iam-role> <use-public-ip>true</use-public-ip> <!-- <cluster>my-cluster</cluster> <family>test-family</family> <service-name>test-service</service-name> --> </aws> <gcp enabled="false"> <private-key-path>key-path</private-key-path> <projects>project-1,project-2</projects> <region>us-central1</region> <zones>us-central1-b,us-central1-c</zones> <label>key=value</label> <hz-port>5701-5710</hz-port> <use-public-ip>true</use-public-ip> </gcp> <azure enabled="false"> <instance-metadata-available>false</instance-metadata-available> <client-id>CLIENT_ID</client-id> <client-secret>CLIENT_SECRET</client-secret> <tenant-id>TENANT_ID</tenant-id> <subscription-id>SUB_ID</subscription-id> <resource-group>RESOURCE-GROUP-NAME</resource-group> <scale-set>SCALE-SET-NAME</scale-set> <tag>TAG-NAME=HZLCAST001</tag> <hz-port>5701-5707</hz-port> <use-public-ip>true</use-public-ip> </azure> <kubernetes enabled="false"> <namespace>MY-KUBERNETES-NAMESPACE</namespace> <service-name>MY-SERVICE-NAME</service-name> <service-label-name>MY-SERVICE-LABEL-NAME</service-label-name> <service-label-value>MY-SERVICE-LABEL-VALUE</service-label-value> </kubernetes> <eureka enabled="false"> <self-registration>true</self-registration> <namespace>hazelcast</namespace> </eureka> <discovery-strategies> <node-filter class="com.yourpackage.NodeFilter"/> <discovery-strategy class="com.hazelcast.jclouds.JCloudsDiscoveryStrategy" enabled="true"> <properties> <property name="provider">google-compute-engine</property> <property name="identity">GCE_IDENTITY</property> <property name="credential">GCE_CREDENTIAL</property> </properties> </discovery-strategy> </discovery-strategies> </join> <interfaces enabled="true"> <interface>10.10.1.*</interface> </interfaces> <ssl enabled="false"> <properties> <property name="protocol">TLSv1.3</property> <property name="mutualAuthentication">REQUIRED</property> <property name="keyStore">/opt/hazelcast.keystore</property> <property name="keyStorePassword">secret.97531</property> <property name="keyStoreType">PKCS12</property> <property name="trustStore">/opt/hazelcast.truststore</property> <property name="trustStorePassword">changeit</property> <property name="trustStoreType">PKCS12</property> <property name="keyMaterialDuration">PT10M</property> </properties> </ssl> <socket-interceptor enabled="false"/> <member-address-provider enabled="false"> <class-name>com.hazelcast.MemberAddressProviderImpl</class-name> <properties> <property name="prop1">prop1-value</property> <property name="prop2">prop2-value</property> </properties> </member-address-provider> <failure-detector> <icmp enabled="true"> <timeout-milliseconds>1000</timeout-milliseconds> <fail-fast-on-startup>true</fail-fast-on-startup> <interval-milliseconds>1000</interval-milliseconds> <max-attempts>2</max-attempts> <parallel-mode>true</parallel-mode> <ttl>255</ttl> </icmp> </failure-detector> <!-- ===== HAZELCAST REST API CONFIGURATION ===== Configures Hazelcast HTTP REST API. The <rest-api/> element has a global enabled switch, which controls the entrypoint to HTTP REST API. If it's disabled then no text protocol is available. Once the global switch is enabled there is an optional second level of control - REST endpoint groups. They are configured by element <endpoint-group/>. Groups and their defaults: * CLUSTER_READ - enabled Group of operations for retrieving cluster state and its version. * CLUSTER_WRITE - disabled Operations which changes cluster or node state or their configurations. * HEALTH_CHECK - disabled Group of endpoints for HTTP health checking. * PERSISTENCE - disabled Group of HTTP REST APIs related to Persistence feature. * WAN - disabled Group of HTTP REST APIs related to WAN Replication feature. * DATA - disabled Group of HTTP REST APIs for data manipulation in the cluster (e.g. IMap and IQueue operations). --> <rest-api enabled="false"> <endpoint-group name="CLUSTER_READ" enabled="true"/> <endpoint-group name="CLUSTER_WRITE" enabled="false"/> <endpoint-group name="HEALTH_CHECK" enabled="false"/> <endpoint-group name="PERSISTENCE" enabled="false"/> <endpoint-group name="WAN" enabled="false"/> <endpoint-group name="DATA" enabled="false"/> <endpoint-group name="CP" enabled="false"/> </rest-api> <!-- ===== HAZELCAST MEMCACHE PROTOCOL CONFIGURATION ===== Allows to configure Memcache text protocol support in Hazelcast. --> <memcache-protocol enabled="false"/> <tpc-socket> <port-range>14000-16000</port-range> <receive-buffer-size-kb>256</receive-buffer-size-kb> <send-buffer-size-kb>256</send-buffer-size-kb> </tpc-socket> </network> <!-- ===== PARTITION GROUPING CONFIGURATION ===== Configuration element's name is <partition-group>. You can enable it and specify the type using the "enabled" and "group-type" attributes. For CUSTOM type, you can define groups using its <member-group> and <interface> sub-elements. You can group the members with one of the following types: * HOST_AWARE: Members sharing the same network interface are grouped together. All members on the same host will be a single partition group. * CUSTOM: You can add different and multiple members to a group. * PER_MEMBER: Each member is a group of its own and primary/backup partitions are distributed randomly (not on the same physical member). * ZONE_AWARE: Backups are created in the other zones. Each zone will be accepted as one partition group. It can be used when you make use of Hazelcast's jclouds or Azure discovery service plugins. * SPI: You can provide your own partition group implementation using the SPI grouping type. Please see Partition Group Configuration section in Hazelcast Reference Manual. --> <partition-group enabled="true" group-type="CUSTOM"> <member-group> <interface>10.10.0.*</interface> <interface>10.10.3.*</interface> <interface>10.10.5.*</interface> </member-group> <member-group> <interface>10.10.10.10-100</interface> <interface>10.10.1.*</interface> <interface>10.10.2.*</interface> </member-group> </partition-group> <!-- ===== HAZELCAST EXECUTOR SERVICE CONFIGURATION ===== Configuration element's name is <executor-service>. It has the optional attribute "name" with which you can specify the name of your executor service. Its default value is "default". It has the following sub-elements: * <statistics-enabled>: When you enable it, you can retrieve executor service statistics such as pending operations count, started operations count, completed operations count, and cancelled operations count. Its default value is true. * <pool-size>: The number of executor threads per member for the executor. Its default value is 8. * <queue-capacity>: Task queue capacity of the executor. Its default value is 0, meaning Integer.MAX_VALUE. * <split-brain-protection-ref>: Adds the Split Brain Protection for this data-structure which you configure using the <split-brain-protection> element. You should set the <split-brain-protection-ref>'s value as the <split-brain-protection>'s name. --> <executor-service name="default"> <statistics-enabled>true</statistics-enabled> <pool-size>16</pool-size> <queue-capacity>0</queue-capacity> <split-brain-protection-ref>splitBrainProtectionRuleWithThreeNodes</split-brain-protection-ref> </executor-service> <!-- ===== HAZELCAST DURABLE EXECUTOR SERVICE CONFIGURATION ===== Configuration element's name is <durable-executor-service>. It has the optional attribute "name" with which you can specify the name of your durable executor service. Its default value is "default". It has the following sub-elements: * <pool-size>: The number of executor threads per member for the executor. Its default value is 16. * <durability>: Durability of the executor. The default value is 1. * <capacity>: Capacity of the executor task per partition. The default value is 100. * <split-brain-protection-ref>: Adds the Split Brain Protection for this data-structure which you configure using the <split-brain-protection> element. You should set the <split-brain-protection-ref>'s value as the <split-brain-protection>'s name. --> <durable-executor-service name="default"> <pool-size>16</pool-size> <durability>1</durability> <capacity>100</capacity> <split-brain-protection-ref>splitBrainProtectionRuleWithThreeNodes</split-brain-protection-ref> </durable-executor-service> <!-- ===== HAZELCAST SCHEDULED EXECUTOR SERVICE CONFIGURATION ===== Configuration element's name is <scheduled-executor-service>. It has the optional attribute "name" with which you can specify the name of your scheduled executor service. Its default value is "default". It has the following sub-elements: * <pool-size>: The number of executor threads per member for the executor. Its default value is 16. * <durability>: Durability of the scheduled executor. The default value is 1. * <capacity>: Capacity of the scheduled executor. The default value is 100. This is the maximum number of tasks for a given scheduled executor on a particular partition. * <capacity-policy>: The active policy for the capacity setting. Default is PER_NODE Available options (PER_PARTITION, PER_NODE) * <split-brain-protection-ref>: Adds the Split Brain Protection for this data-structure which you configure using the <split-brain-protection> element. You should set the <split-brain-protection-ref>'s value as the <split-brain-protection>'s name. * <merge-policy>: The default policy is PutIfAbsentMergePolicy with a batch size of 100. This is the policy used when merging entries from sub-clusters (after split-brain recovery). --> <scheduled-executor-service name="default"> <pool-size>16</pool-size> <durability>1</durability> <capacity>100</capacity> <capacity-policy>PER_NODE</capacity-policy> <split-brain-protection-ref>splitBrainProtectionRuleWithThreeNodes</split-brain-protection-ref> <merge-policy batch-size="100">PutIfAbsentMergePolicy</merge-policy> </scheduled-executor-service> <!-- ===== HAZELCAST CARDINALITY ESTIMATOR SERVICE CONFIGURATION ===== Configuration element's name is <cardinality-estimator>. It has the optional attribute "name" with which you can specify the name of your estimator. Its default value is "default". It has the following sub-elements: * <backup-count>: Number of synchronous backups. For example, if 1 is set as the backup-count, then the cardinality estimation will be copied to one other JVM for fail-safety. Valid numbers are 0 (no backup), 1, 2 ... 6. * <async-backup-count>: Number of asynchronous backups. For example, if 1 is set as the backup-count, then the cardinality estimation will be copied to one other JVM for fail-safety. Valid numbers are 0 (no backup), 1, 2 ... 6. * <split-brain-protection-ref>: Adds the Split Brain Protection for this data-structure which you configure using the <split-brain-protection> element. You should set the <split-brain-protection-ref>'s value as the <split-brain-protection>'s name. * <merge-policy>: The default policy is `com.hazelcast.spi.merge.HyperLogLogMergePolicy` with a batch size of 100. This is the policy used when merging estimators from sub-clusters (after split-brain recovery). --> <cardinality-estimator name="default"> <backup-count>1</backup-count> <async-backup-count>0</async-backup-count> <split-brain-protection-ref>splitBrainProtectionRuleWithThreeNodes</split-brain-protection-ref> <merge-policy batch-size="102">PutIfAbsentMergePolicy</merge-policy> </cardinality-estimator> <!-- ===== HAZELCAST QUEUE CONFIGURATION ===== Configuration element's name is "queue". It has following optional attributes: * "name" with which you can specify the name of your queue. Its default value is "default". It has the following elements: * <statistics-enabled>: When you enable it, you can retrieve queue statistics. Its default value is true. * <max-size>: Maximum size of the queue. When a JVM's local queue size reaches the maximum, all put/offer operations will be blocked until the queue size of the JVM goes below this maximum. Its default value is 0, meaning Integer.MAX_VALUE. * <backup-count>: Number of synchronous backups. Queue is a non-partitioned data structure, so all entries of a Queue resides in one partition. When this parameter is '1', it means there will be 1 backup of that Queue in another member in the cluster. When it is '2', 2 members will have the backup. 0 means there will be no backups. Its default value is 1. * <async-backup-count>: Number of asynchronous backups. Its default value is 0. * <empty-queue-ttl>: Used to purge unused or empty queues. If you define a value (time in seconds) for this element, then your queue will be destroyed if it stays empty or unused for that time. * <item-listeners>: Adds listeners (listener classes) for the queue items using its sub-element <item-listener>. You can also set its attribute "include-value" to true if you want the item event to contain the item values, and you can set its attribute "local" to true if you want to listen to the items on the local member. * <queue-store>: Includes configuration elements and attributes for your queue store implementation. When you want to load/store the distributed queue items from/to a persistent datastore, first implement Hazelcast's QueueStore interface and then configure it using this element. It includes your implemented class name and the following property configurations: - binary: If you do not reach the queue store from an external application, you might prefer to insert the items in binary form. To do so, set this property to true and skip the deserialization step, which is a performance optimization. Its default value is false. - memory-limit: Number of items after which Hazelcast will store items only to datastore. For example, if the memory limit is 1000, then the 1001st item will be put only to datastore. This feature is useful when you want to avoid out-of-memory conditions. If you want to always use memory, you can set it to Integer.MAX_VALUE. Its default value is 1000. - bulk-load: Size of the bulks loaded from QueueStore when the queue is initialized. Its default value is 250. * <split-brain-protection-ref>: Adds the Split Brain Protection for this data-structure which you configure using the <split-brain-protection> element. You should set the <split-brain-protection-ref>'s value as the <split-brain-protection>'s name. * <priority-comparator-class-name>: Fully-qualified comparator's class name to be used for the priority queue. If nothing is provided, then queue behaves as a FIFO queue. If this value is non-null, then Hazelcast will ignore the queue store "memory-limit" configuration value. --> <queue name="default"> <statistics-enabled>true</statistics-enabled> <max-size>0</max-size> <backup-count>1</backup-count> <async-backup-count>0</async-backup-count> <empty-queue-ttl>-1</empty-queue-ttl> <item-listeners> <item-listener include-value="true">com.hazelcast.examples.ItemListener</item-listener> </item-listeners> <queue-store> <class-name>com.hazelcast.QueueStoreImpl</class-name> <properties> <property name="binary">false</property> <property name="memory-limit">1000</property> <property name="bulk-load">500</property> </properties> </queue-store> <split-brain-protection-ref>splitBrainProtectionRuleWithThreeNodes</split-brain-protection-ref> <merge-policy batch-size="100">PutIfAbsentMergePolicy</merge-policy> <priority-comparator-class-name>com.hazelcast.collection.impl.queue.model.PriorityElementComparator</priority-comparator-class-name> </queue> <!-- ===== HAZELCAST MAP CONFIGURATION ===== Configuration element's name is <map>. It has the optional attribute "name" with which you can specify the name of your map. Its default value is "default". It has the following sub-elements: * <in-memory-format>: Specifies in which format data will be stored in your map. Available values are as follows: - BINARY: Data will be stored in serialized binary format. It is the default option. - OBJECT: Data will be stored in deserialized form. - NATIVE: Data will be stored in the map that uses Hazelcast's High-Density Memory Store feature. This option is available only in Hazelcast Enterprise HD. * <statistics-enabled>: When you enable it, you can have map level statistics such as last access time to map, total number of hits, key, value, etc. Its default value is true. * <per-entry-stats-enabled>: Enable/disable per entry statistics. Its default value is false. When you enable it, you can retrieve entry level statistics such as hits, creation time, last access time, last update time,last stored time. * "<eviction>": By default map has no eviction configured. Its <eviction-policy> is NONE. To make it work you have to configure it. Configuration has the following attributes: - size: Maximum size of the map. - max-size-policy: Maximum size policy for eviction of the map. Available values are as follows: * PER_NODE: Maximum number of map entries in each cluster member. You cannot set the max-size to a value lower than the partition count (which is 271 by default). * PER_PARTITION: Maximum number of map entries within each partition. * USED_HEAP_SIZE: Maximum used heap size in megabytes per map for each Hazelcast instance. It does not work when "in-memory-format" is set to OBJECT. * USED_HEAP_PERCENTAGE: Maximum used heap size percentage per map for each Hazelcast instance. If, for example, JVM is configured to have 1000 MB and this value is 10, then the map entries will be evicted when used heap size exceeds 100 MB. It does not work when "in-memory-format" is set to OBJECT. * FREE_HEAP_SIZE: Minimum free heap size in megabytes for each Hazelcast instance. * FREE_HEAP_PERCENTAGE: Minimum free heap size percentage for each Hazelcast instance. If, for example, JVM is configured to have 1000 MB and this value is 10, then the map entries will be evicted when free heap size is below 100 MB. * USED_NATIVE_MEMORY_SIZE: Maximum used native memory size in megabytes per map for each Hazelcast instance. It is available only in Hazelcast Enterprise HD. * USED_NATIVE_MEMORY_PERCENTAGE: Maximum used native memory size percentage per map for each Hazelcast instance. It is available only in Hazelcast Enterprise HD. * FREE_NATIVE_MEMORY_SIZE: Minimum free native memory size in megabytes for each Hazelcast instance. It is available only in Hazelcast Enterprise HD. * FREE_NATIVE_MEMORY_PERCENTAGE: Minimum free native memory size percentage for each Hazelcast instance. It is available only in Hazelcast Enterprise HD. - eviction-policy: Eviction policy has following values: * NONE: No eviction. * LRU: Least recently used entries will be removed. * LFU: Least frequently used entries will be removed. * RANDOM: Randomly selected entries will be removed. * <metadata-policy> Metadata policy for this map. Hazelcast may process objects of supported types ahead of time to create additional metadata about them. This metadata then is used to make querying and indexing faster. Metadata creation may decrease put throughput. Valid values are: CREATE_ON_UPDATE (default): Objects of supported types are pre-processed when they are created and updated. OFF: No metadata is created. * <cache-deserialized-values>: Controls caching of deserialized values. Caching makes the query evaluation faster, but it costs memory. Available values are as follows: - NEVER: Deserialized values will never be cached. - INDEX-ONLY: Deserialized values will be cached only when they are inserted into an index. - ALWAYS: Deserialized values will always be cached. * <backup-count>: Count of synchronous backups. When this count is 1, a map entry will have its backup on one other node in the cluster. If you set it to 2, then a map entry will have its backup on two other nodes. You can set it to 0 if you do not want your entries to be backed up. The maximum value for the backup count is 6. Its default value is 1. * <async-backup-count>: Number of asynchronous backups. Unlike the synchronous backup process, asynchronous backup process does not block the map operations. Its default value is 0, meaning there will be no asynchronous backups. * <time-to-live-seconds>: Maximum time in seconds for each entry to stay in the map. If it is not 0, entries that are older than this time and not updated for this time are evicted automatically. Valid values are integers between 0 and Integer.MAX VALUE. Its default value is 0, which means infinite. If it is not 0, entries are evicted regardless of the set eviction-policy. * <max-idle-seconds>: Maximum time in seconds for each entry to stay idle in the map. Entries that are idle for more than this time are evicted automatically. An entry is idle if no get, put, EntryProcessor.process or containsKey is called. Valid values are integers between 0 and Integer.MAX VALUE. Its default value is 0, which means infinite. * <merge-policy>: Policy that specifies how the map entries in the small cluster will merge with the bigger cluster after a split-brain syndrome. Its default values is "com.hazelcast.spi.merge.PutIfAbsentMergePolicy". Available built-in policies are as follows: - com.hazelcast.spi.merge.PassThroughMergePolicy: Entry will be added if there is no existing entry for the key. - com.hazelcast.spi.merge.PutIfAbsentMergePolicy: Entry will be added if the merging entry does not exist in the cluster. - com.hazelcast.spi.merge.HigherHitsMergePolicy: Entry with the higher number of hits wins. - com.hazelcast.spi.merge.LatestUpdateMergePolicy: Entry with the latest update wins. * <read-backup-data>: Used to enable reading from local backup map entries. Its default value is false. It can be used if there is at least 1 sync or async backup. * <merkle-tree>: It has the following attributes and sub-elements: - enabled: Specifies whether the merkle tree is enabled. - <depth>: The depth of the merkle tree. A larger depth means that a data synchronization mechanism will be able to pinpoint a smaller subset of the data structure contents in which a change occurred. This causes the synchronization mechanism to be more efficient. On the other hand, a larger tree depth means the merkle tree will consume more memory. A smaller depth means the data synchronization mechanism will have to transfer larger chunks of the data structure in which a possible change happened. On the other hand, a shallower tree consumes less memory. The depth must be between 2 and 27 (exclusive). The default depth is 10. * <data-persistence>: Used to enable Hazelcast's Persistence feature for the map. It is available only in Hazelcast Enterprise HD. Set its "enabled" to true to enable the feature. By default, it is disabled. It has the following sub-element. - <fsync>: Set to true if the writing to disk should be followed by an fsync() system call. Its default value is false. * <tiered-store>: Used to enable Hazelcast's Tiered-Store feature for the map. It is available only in Hazelcast Enterprise. Set its "enabled" to true to enable the feature. By default, it is disabled. It has the following attributes and sub-elements: - enabled: Specifies whether the tiered-store is enabled. - <memory-tier>: Memory-tier of the tiered-store. It has the following sub-element: - <capacity>: Memory tier capacity, i.e., how much main memory should this tier consume at most. You can give the size using its "value" attribute and the unit using its "unit" attribute. Unit can be bytes, kilobytes, megabytes and gigabytes. The default is 256 megabytes. - <disk-tier>: Defines configuration for the disk tier of the tiered store. It has the following attributes: - enabled: Specifies whether (local) disk should be used as the second memory tier. - device-name: Name of the device for a given disk tier. The default is "default-tiered-store-device". * <event-journal>: It has the following attributes and sub-elements: - enabled: Specifies whether the event journal is enabled. - <capacity>: The capacity of the event journal. The capacity is the total number of items that the event journal can hold at any moment. The actual number of items contained in the journal can be lower. Its default value is 10000. The capacity is shared equally between all partitions. This is done by assigning each partition {@code getCapacity() / partitionCount} available slots in the event journal. Because of this, the effective total capacity may be somewhat lower and you must take into account that the configured capacity is at least greater than the partition count. - <time-to-live-seconds>: Sets the time to live in seconds. Time to live is the time the event journal retains items before removing them from the journal. The events are removed on journal read and write actions, not while the journal is idle. Time to live can be disabled by setting timeToLiveSeconds to 0. This means that the events never expire but they can be overwritten when the capacity of the journal is exceeed. Any integer between 0 and Integer.MAX_VALUE. 0 means infinite. Its default value is 0. * <map-store>: Configuration options when you want to load/store the map entries from/to a persistent data store such as a relational database. Before configuring <map-store>, you need to implement Hazelcast's MapStore or MapLoader interfaces. It has the following attributes: - enabled: Set to true to enable the map store functionality for your map. Its default value is true. - initial-mode: Sets the initial entry loading mode. Available values are as follows: - LAZY: The loading is asynchronous. It is the default mode. - EAGER: The loading is blocked until all partitions are loaded. It has the following sub-elements: - <class-name>: The name of your class implementing MapLoader and/or MapStore interface. - <offload>: Default value is true. MapStore or MapLoader implementations are executed by partition threads, by setting offload to true, Hazelcast makes these threads available for other cluster operations and offloads MapStore or MapLoader interacting parts of executions to a different thread pool, upon interaction finish, operations continue to work in the partition thread from the point they are offloaded. - <write-delay-seconds>: Number of seconds to delay the storing of entries. If the value is 0, then it is write-through. Otherwise, it is write-behind so updates will be stored after this period. Its default value is 0. - <write-batch-size>: Used to create batches when writing to map store. In default mode, all map entries will try to be written in one go. To create batches, the minimum meaningful value is 2. For values smaller than 2, it works as in default mode. Its default value is 1. - <write-coalescing>: It is meaningful if you are using write behind in MapStore. When it is set to true, only the latest store operation on a key during the write-delay-seconds will be reflected to MapStore. Its default value is true. - <properties>: While you are implementing MapStore or MapLoader you can define specific properties to be configured. It can be your store's URL, credentials, etc. Please see the example map configuration snippet below. * <near-cache>: Configuration options when you want to use a Near Cache for your map. It has the following attributes: - name: You can give a name for your Near Cache. It is optional and its default value is "default". It has the following sub-elements: - <time-to-live-seconds>: Maximum number of seconds for each entry to stay in the Near Cache. Entries that are older than this period are automatically evicted from the Near Cache. Any integer between 0 and Integer.MAX_VALUE. 0 means infinite. Its default value is 0. - <max-idle-seconds>: Maximum number of seconds each entry can stay in the Near Cache as untouched (not read). Entries that are not read more than this period are removed from the Near Cache. Any integer between 0 and Integer.MAX_VALUE. 0 means Integer.MAX_VALUE. Its default value is 0. - <invalidate-on-change>: Specifies whether the cached entries are evicted when the entries are updated or removed. Its default value is true. - <in-memory-format>: Specifies in which format data will be stored in your Near Cache. Note that a map's in-memory format can be different from that of its Near Cache. Available values are as follows: - BINARY: Data will be stored in serialized binary format. It is the default option. - OBJECT: Data will be stored in deserialized form. - NATIVE: Data will be stored in the Near Cache that uses Hazelcast's High-Density Memory Store feature. This option is available only in Hazelcast Enterprise HD. Note that a map and its Near Cache can independently use High-Density Memory Store. For example, while your map does not use High-Density Memory Store, its Near Cache can use it. - <cache-local-entries>: Specifies whether the local entries will be cached. It can be useful when in-memory format for Near Cache is different from that of the map. By default, it is disabled. - <eviction>: Configuration for the eviction. It has following attributes: - size: Maximum size (entry count) of the Near Cache. - max-size-policy: Maximum size policy for eviction of the Near Cache. Available values are as follows: * ENTRY_COUNT: Maximum entry count per member. * USED_NATIVE_MEMORY_SIZE: Maximum used native memory size in megabytes. * USED_NATIVE_MEMORY_PERCENTAGE: Maximum used native memory percentage. * FREE_NATIVE_MEMORY_SIZE: Minimum free native memory size to trigger cleanup. * FREE_NATIVE_MEMORY_PERCENTAGE: Minimum free native memory percentage to trigger cleanup. - eviction-policy: See the <eviction-policy> element above. - comparator-class-name: The comparator to be used while comparing entries to be evicted. * <wan-replication-ref>: Configuration of the WAN replication for your map. It has the following attributes: - name: Name of the WAN replication configuration specified in the "name" attribute of the <wan-replication> element. See the <wan-replication> element above. It has the following sub-elements: - <filters>: Filters to intercept WAN replication events before they are placed to WAN event replication queues by providing a filtering API. Just implement Hazelcast's MapWanEventFilter interface to create your filters. You can define multiple filters and add to the configuration using the <filter> sub-elements within the <filters> element. - <republishing-enabled>: When enabled, an incoming event to a member is forwarded to target cluster of that member. Its default value is true. - <merge-policy-class-name>: Resolve conflicts that occurred when target cluster already has the replicated entry key. 4 merge policy implementations for IMap and 2 merge policy implementations for ICache are provided out-of-the-box. IMap has the following merge policies: com.hazelcast.spi.merge.PutIfAbsentMergePolicy: Incoming entry merges from the source map to the target map if it does not exist in the target map. com.hazelcast.spi.merge.HigherHitsMergePolicy: Incoming entry merges from the source map to the target map if the source entry has more hits than the target one. com.hazelcast.spi.merge.PassThroughMergePolicy: Incoming entry merges from the source map to the target map unless the incoming entry is not null. com.hazelcast.spi.merge.LatestUpdateMergePolicy: Incoming entry merges from the source map to the target map if the source entry has been updated more recently than the target entry. Please note that this merge policy can only be used when the clusters' clocks are in sync. ICache has the following merge policies: com.hazelcast.spi.merge.HigherHitsMergePolicy: Incoming entry merges from the source cache to the target cache if the source entry has more hits than the target one. com.hazelcast.spi.merge.PassThroughMergePolicy: Incoming entry merges from the source cache to the target cache unless the incoming entry is not null. The default policy is com.hazelcast.spi.merge.PassThroughMergePolicy. * <indexes>: You can define indexes for your map using this element's <index> sub-elements. Index definition consists of type, optional name and the list of columns to be indexed. Valid types are SORTED (default) and HASH. * <attributes>: You can define attributes that may be referenced in predicates, queries and indexes using this element's <attribute> sub-elements. Each <attribute> has only the "extractor-class-name" attribute which you should define beforehand by implementing Hazelcast's ValueExtractor class. * <entry-listeners>: Adds listeners (listener classes) for the map entries using the <entry-listener> sub-elements. You can also set its attribute "include-value" to true if you want the entry event to contain the item values, and you can set its attribute "local" to true if you want to listen to the entries on the local member. * <partition-lost-listeners>: Adds the partition lost listeners that you created by implementing Hazelcast's PartitionLostListener interface. * <split-brain-protection-ref>: Adds the split brain protection for this map which you configure using the <split-brain-protection> element. You should set the <split-brain-protection-ref>'s value as the <split-brain-protection>'s name. --> <map name="default"> <in-memory-format>BINARY</in-memory-format> <metadata-policy>CREATE_ON_UPDATE</metadata-policy> <statistics-enabled>true</statistics-enabled> <per-entry-stats-enabled>false</per-entry-stats-enabled> <cache-deserialized-values>ALWAYS</cache-deserialized-values> <backup-count>1</backup-count> <async-backup-count>0</async-backup-count> <time-to-live-seconds>0</time-to-live-seconds> <max-idle-seconds>0</max-idle-seconds> <eviction eviction-policy="NONE" max-size-policy="PER_NODE" size="0"/> <merge-policy batch-size="100">PutIfAbsentMergePolicy</merge-policy> <read-backup-data>false</read-backup-data> <merkle-tree enabled="false"> <depth>10</depth> </merkle-tree> <data-persistence enabled="false"> <fsync>false</fsync> </data-persistence> <tiered-store enabled="false"> <memory-tier> <capacity unit="MEGABYTES" value="1024"/> </memory-tier> <disk-tier enabled="true" device-name="tiered-store-local-device"/> </tiered-store> <event-journal enabled="false"> <capacity>10000</capacity> <time-to-live-seconds>0</time-to-live-seconds> </event-journal> <map-store enabled="true" initial-mode="LAZY"> <class-name>com.hazelcast.examples.DummyStore</class-name> <offload>true</offload> <write-delay-seconds>60</write-delay-seconds> <write-batch-size>1000</write-batch-size> <write-coalescing>true</write-coalescing> <properties> <property name="jdbc_url">my.jdbc.com</property> </properties> </map-store> <near-cache> <time-to-live-seconds>0</time-to-live-seconds> <max-idle-seconds>60</max-idle-seconds> <invalidate-on-change>true</invalidate-on-change> <in-memory-format>BINARY</in-memory-format> <cache-local-entries>false</cache-local-entries> <eviction size="1000" max-size-policy="ENTRY_COUNT" eviction-policy="LFU"/> </near-cache> <wan-replication-ref name="my-wan-cluster-batch"> <merge-policy-class-name>PassThroughMergePolicy</merge-policy-class-name> <filters> <filter-impl>com.example.SampleFilter</filter-impl> <filter-impl>com.example.SampleFilter2</filter-impl> </filters> <republishing-enabled>false</republishing-enabled> </wan-replication-ref> <indexes> <!-- unordered/hash index on the name attribute --> <index type="HASH"> <attributes> <attribute>name</attribute> </attributes> </index> <!-- ordered/tree index on the age attribute --> <index> <attributes> <attribute>age</attribute> </attributes> </index> <!-- composite unordered/hash index on the name and age attributes --> <index type="HASH"> <attributes> <attribute>name</attribute> <attribute>age</attribute> </attributes> </index> <!-- composite ordered/tree index on the age and name attributes --> <index> <attributes> <attribute>age</attribute> <attribute>name</attribute> </attributes> </index> <!-- bitmap index on the age attribute --> <index type="BITMAP"> <attributes> <attribute>age</attribute> </attributes> </index> <!-- bitmap index on the name attribute with options --> <index type="BITMAP"> <attributes> <attribute>name</attribute> </attributes> <bitmap-index-options> <unique-key>id</unique-key> <unique-key-transformation>RAW</unique-key-transformation> </bitmap-index-options> </index> <index type="SORTED"> <attributes> <attribute>age</attribute> </attributes> <btree-index> <memory-tier> <capacity value="128" unit="BYTES" /> </memory-tier> <page-size value="1024" unit="BYTES" /> </btree-index> </index> </indexes> <attributes> <attribute extractor-class-name="com.bank.CurrencyExtractor">currency</attribute> </attributes> <entry-listeners> <entry-listener include-value="false" local="false">com.your-package.MyEntryListener</entry-listener> </entry-listeners> <partition-lost-listeners> <partition-lost-listener>com.your-package.YourPartitionLostListener</partition-lost-listener> </partition-lost-listeners> <split-brain-protection-ref>splitBrainProtectionRuleWithThreeNodes</split-brain-protection-ref> <!-- ===== HAZELCAST CONTINUOUS QUERY CACHE CONFIGURATION ===== Configuration element's name is <query-caches>. You can create your query caches using its <query-cache> sub-element. Its parent element is <map>, i.e. it should be placed within the <map> configuration. Each <query-cache> has the attribute "name" with which you can specify the name of your query cache. It has the following sub-elements: * <include-value>: Set to true if you want to cache the value too. Its default value is true. * <predicate>: Predicate to filter events which will be applied to the query cache. * <entry-listeners>: Adds listeners (listener classes) for your query cache entries. See <entry-listeners> in the map configuration above. * <in-memory-format>: Type of the data to be stored in your query cache. See <in-memory-format> in the map configuration above. * <populate>: Set to true if you want to enable the initial population of your query cache. Its default value is true. * <coalesce>: Set to true if you want to enable the coalescing of your query cache. Its default value is false. * <delay-seconds>: Minimum time in seconds that an event waits in the member's buffer. Its default value is 0. * <batch-size>: Batch size used to determine the number of events sent in a batch to your query cache. Its default value is 1. * <buffer-size>: Maximum number of events which can be stored in a partition buffer. Its default value is 16. * <serialize-keys>: Defines if the Query Cache keys should be serialized or not. Keys are better to be serialized if they are mutable and need to be cloned via serialization. Default value is false. * <eviction>: Configuration for the eviction of your query cache. See <eviction> in the map configuration above. * <indexes>: You can define indexes for your query cache using this element's <index> sub-elements. See <index> in the map configuration above. --> <query-caches> <query-cache name="myContQueryCache"> <include-value>true</include-value> <predicate type="class-name">com.hazelcast.examples.ExamplePredicate</predicate> <entry-listeners> <entry-listener>...</entry-listener> </entry-listeners> <in-memory-format>BINARY</in-memory-format> <populate>true</populate> <coalesce>false</coalesce> <delay-seconds>3</delay-seconds> <batch-size>2</batch-size> <buffer-size>32</buffer-size> <serialize-keys>false</serialize-keys> <eviction size="1000" max-size-policy="ENTRY_COUNT" eviction-policy="LFU"/> <indexes> <index> <attributes> <attribute>name</attribute> </attributes> </index> </indexes> </query-cache> </query-caches> <!-- In an actual config, only one of {partition-strategy, partition-attributes} should be present --> <partition-strategy>com.example.Strategy</partition-strategy> <partition-attributes> <attribute>attributeName1</attribute> <attribute>attributeName2</attribute> </partition-attributes> </map> <!-- ===== HAZELCAST MULTIMAP CONFIGURATION ===== Configuration element's name is <multimap>. It has the optional attribute "name" with which you can specify the name of your multimap. Its default value is "default". All sub-elements of <multimap> except <value-collection-type> and <binary> have the same meaning as in <map> configuration. You can specify the type of the value collection using <value-collection-type>. Available values are SET and LIST. By default, BINARY in-memory format is used, meaning that the object is stored in a serialized form. You can set the element <binary> to false, then, the OBJECT in-memory format is used. It has also the following sub-elements: * <split-brain-protection-ref>: Adds the Split Brain Protection for this data-structure which you configure using the <split-brain-protection> element. You should set the <split-brain-protection-ref>'s value as the <split-brain-protection>'s name. --> <multimap name="default"> <backup-count>1</backup-count> <async-backup-count>0</async-backup-count> <binary>true</binary> <value-collection-type>SET</value-collection-type> <entry-listeners> <entry-listener include-value="true" local="true">com.hazelcast.examples.EntryListener</entry-listener> </entry-listeners> <split-brain-protection-ref>splitBrainProtectionRuleWithThreeNodes</split-brain-protection-ref> <merge-policy batch-size="100">PutIfAbsentMergePolicy</merge-policy> </multimap> <!-- ===== HAZELCAST REPLICATED MAP CONFIGURATION ===== Configuration element's name is <replicatedmap>. It has the required attribute "name" with which you can specify the name of your replicated map. It has the following sub-elements: * <in-memory-format>: Specifies in which format data will be stored in your replicated map. Available values are as follows: - BINARY: Data will be stored in serialized binary format. It is the default option. - OBJECT: Data will be stored in deserialized form. * <async-fillup>: Specifies whether the replicated map is available for reads before the initial replication is completed. Its default value is true. If false, no Exception will be thrown when the replicated map is not yet ready, but call is blocked until the initial replication is completed. * <statistics-enabled>: When you enable it, you can retrieve replicated map entry statistics such as creation time, expiration time, number of hits, key, value, etc. Its default value is true. * <entry-listeners>: Adds listeners (listener classes) for the replicated map entries using the <entry-listener> sub-elements. You can also set its attribute "include-value" to true if you want the entry event to contain the item values, and you can set its attribute "local" to true if you want to listen to the entries on the local member. * <split-brain-protection-ref>: Adds the Split Brain Protection for this data-structure which you configure using the <split-brain-protection> element. You should set the <split-brain-protection-ref>'s value as the <split-brain-protection>'s name. --> <replicatedmap name="replicatedMap1"> <in-memory-format>BINARY</in-memory-format> <async-fillup>true</async-fillup> <statistics-enabled>true</statistics-enabled> <entry-listeners> <entry-listener include-value="true" local="true">com.hazelcast.examples.EntryListener</entry-listener> </entry-listeners> <split-brain-protection-ref>splitBrainProtectionRuleWithThreeNodes</split-brain-protection-ref> <merge-policy batch-size="100">LatestAccessMergePolicy</merge-policy> </replicatedmap> <!-- ===== HAZELCAST CACHE CONFIGURATION ===== Configuration element's name is <cache>. It has the required attribute "name" with which you can specify the name of your cache. It has the following sub-elements: * <key-type>: Type of the cache entries' keys. The fully qualified class name of the cache key type should be given using its "class-name" attribute. * <value-type>: Type of the cache entries' values. The fully qualified class name of the cache value type should be given using its "class-name" attribute. * <statistics-enabled>: When you enable it, you can retrieve cache entry statistics such as creation time, expiration time, number of hits, key, value, etc. Its default value is false. * <management-enabled>: If set to true, JMX beans are enabled and collected statistics are provided. It doesn't automatically enable statistics collection. Its default value is false. * <read-through>: If set to true, enables read-through behavior of the cache to an underlying configured javax.cache.integration.CacheLoader which is also known as lazy-loading. Its default value is false. * <write-through>: If set to true, enables write-through behavior of the cache to an underlying configured javax.cache.integration.CacheWriter which passes any changed value to the external backend resource. Its default value is false. * <cache-loader-factory>: Fully qualified class name of the javax.cache.configuration.Factory implementation providing a javax.cache.integration.CacheLoader instance to the cache. Provide this class name by using its "class-name" attribute. * <cache-loader>: Name of the cache loader class. * <cache-writer-factory>: Fully qualified class name of the javax.cache.configuration.Factory implementation providing a javax.cache.integration.CacheWriter instance to the cache. Provide this class name using its "class-name" attribute. * <cache-writer>: Name of the cache writer class. * <expiry-policy-factory>: Fully qualified class name of the javax.cache.configuration.Factory implementation providing a javax.cache.expiry.ExpiryPolicy instance to the cache. Provide this class name using its "class-name" attribute. * <cache-entry-listeners>: List of cache entry listeners given by its <cache-entry-listener> sub-element. Each <cache-entry-listener> has the following attributes: - old-value-required: If set to true, previously assigned values for the affected keys will be sent to the javax.cache.event.CacheEntryListener implementation. Setting this attribute to true creates additional traffic. Its default value is false. - synchronous: If set to true, the javax.cache.event.CacheEntryListener implementation will be called in a synchronous manner. Its default value is false. It has the following sub-elements: - cache-entry-listener-factory: Fully qualified class name of the javax.cache.configuration.Factory implementation providing a javax.cache.event.CacheEntryListener instance. - cache-entry-event-filter-factory: Fully qualified class name of the javax.cache.configuration.Factory implementation providing a javax.cache.event.CacheEntryEventFilter instance. * <in-memory-format>: Specifies in which format data will be stored in your cache. Available values are as follows: - BINARY: Data will be stored in serialized binary format. It is the default option. - OBJECT: Data will be stored in deserialized form. - NATIVE: Data will be stored in the cache that uses Hazelcast's High-Density Memory Store feature. This option is available only in Hazelcast Enterprise HD. * <backup-count>: Number of synchronous backups. If it is 1, for example, then all entries of the cache are copied to one other instance as synchronous for fail-safety. Its default value is 1. * <async-backup-count>: Number of asynchronous backups. For example, if it is 1, then all entries of the cache are copied to one other instance as asynchronous for fail-safety. The sum of <backup-count> and <async-backup-count> cannot be larger than 6. Its default value is 0. * <eviction>: Configuration for the eviction of your cache. It has the following attributes: - size: Maximum size (entry count) of the cache. - max-size-policy: Maximum size policy for eviction of the cache. Available values are as follows: * ENTRY_COUNT: Maximum entry count per member. * USED_NATIVE_MEMORY_SIZE: Maximum used native memory size in megabytes. * USED_NATIVE_MEMORY_PERCENTAGE: Maximum used native memory percentage. * FREE_NATIVE_MEMORY_SIZE: Minimum free native memory size to trigger cleanup. * FREE_NATIVE_MEMORY_PERCENTAGE: Minimum free native memory percentage to trigger cleanup. - eviction-policy: See the <eviction-policy> element above. * <wan-replication-ref>: Configuration of the WAN replication for your cache. It has the following attributes: - name: Name of the WAN replication configuration specified in the "name" attribute of the <wan-replication> element. See the <wan-replication> element above. It has the following sub-elements: - <filters>: Filters to intercept WAN replication events before they are placed to WAN event replication queues by providing a filtering API. Just implement Hazelcast's CacheWanEventFilter interface to create your filters. You can define multiple filters and add to the configuration using the <filter> sub-elements within the <filters> element. - <republishing-enabled>: When enabled, an incoming event to a member is forwarded to target cluster of that member. Its default value is true. - <merge-policy>: Resolve conflicts that occurred when target cluster already has the replicated entry key. 4 merge policy implementations for IMap and 2 merge policy implementations for ICache are provided out-of-the-box. ICache has the following merge policies: com.hazelcast.spi.merge.HigherHitsMergePolicy: Incoming entry merges from the source cache to the target cache if the source entry has more hits than the target one. com.hazelcast.spi.merge.PassThroughMergePolicy: Incoming entry merges from the source cache to the target cache unless the incoming entry is not null. * <split-brain-protection-ref>: Adds the split brain protection for this cache which you configure using the <split-brain-protection> element. You should set the <split-brain-protection-ref>'s value as the <split-brain-protection>'s name. * <partition-lost-listeners>: Adds the partition lost listeners that you created by implementing Hazelcast's PartitionLostListener interface. * <merge-policy>: The following are the built-in merge policies for cache. You can either use their full class names or constant names (given in parentheses). - com.hazelcast.spi.merge.PassThroughMergePolicy (PASS_THROUGH) - com.hazelcast.spi.merge.PutIfAbsentMergePolicy (PUT_IF_ABSENT) - com.hazelcast.spi.merge.HigherHitsMergePolicy (HIGHER_HITS) - com.hazelcast.spi.merge.LatestAccessMergePolicy (LATEST_ACCESS) * <data-persistence>: Used to enable Hazelcast's Persistence feature for the cache. It is available only in Hazelcast Enterprise HD. Set its "enabled" to true to enable the feature. By default, it is disabled. It has the following sub-element. - <fsync>: Set as true if the writing to disk should be followed by an fsync() system call. Its default value is false. * <event-journal>: It has the following attributes and sub-elements: - enabled: Specifies whether the event journal is enabled. - <capacity>: The capacity of the event journal. The capacity is the total number of items that the event journal can hold at any moment. The actual number of items contained in the journal can be lower. Its default value is 10000. The capacity is shared equally between all partitions. This is done by assigning each partition {@code getCapacity() / partitionCount} available slots in the event journal. Because of this, the effective total capacity may be somewhat lower and you must take into account that the configured capacity is at least greater than the partition count. - <time-to-live-seconds>: Sets the time to live in seconds. Time to live is the time the event journal retains items before removing them from the journal. The events are removed on journal read and write actions, not while the journal is idle. Time to live can be disabled by setting timeToLiveSeconds to 0. This means that the events never expire but they can be overwritten when the capacity of the journal is exceeed. Any integer between 0 and Integer.MAX_VALUE. 0 means infinite. Its default value is 0. * <disable-per-entry-invalidation-events>: Disables invalidation events for each entry; but full-flush invalidation events are still enabled. Full-flush invalidation means the invalidation of events for all entries when clear is called. The default value is false. --> <cache name="default"> <key-type class-name="java.lang.Object"/> <value-type class-name="java.lang.Object"/> <statistics-enabled>false</statistics-enabled> <management-enabled>false</management-enabled> <read-through>true</read-through> <write-through>true</write-through> <cache-loader-factory class-name="com.example.cache.MyCacheLoaderFactory"/> <cache-writer-factory class-name="com.example.cache.MyCacheWriterFactory"/> <expiry-policy-factory class-name="com.example.cache.MyExpirePolicyFactory"/> <cache-entry-listeners> <cache-entry-listener old-value-required="false" synchronous="false"> <cache-entry-listener-factory class-name="com.example.cache.MyEntryListenerFactory"/> <cache-entry-event-filter-factory class-name="com.example.cache.MyEntryEventFilterFactory"/> </cache-entry-listener> </cache-entry-listeners> <in-memory-format>BINARY</in-memory-format> <backup-count>1</backup-count> <async-backup-count>0</async-backup-count> <eviction size="1000" max-size-policy="ENTRY_COUNT" eviction-policy="LFU"/> <wan-replication-ref name="my-wan-cluster-batch"> <merge-policy-class-name>PassThroughMergePolicy</merge-policy-class-name> <republishing-enabled>true</republishing-enabled> <filters> <filter-impl>com.example.SampleFilter</filter-impl> </filters> </wan-replication-ref> <split-brain-protection-ref>splitBrainProtectionRuleWithThreeNodes</split-brain-protection-ref> <partition-lost-listeners> <partition-lost-listener>com.your-package.YourPartitionLostListener</partition-lost-listener> </partition-lost-listeners> <merge-policy batch-size="100">LatestAccessMergePolicy</merge-policy> <merkle-tree enabled="false"> <depth>10</depth> </merkle-tree> <data-persistence enabled="false"> <fsync>false</fsync> </data-persistence> <event-journal enabled="false"> <capacity>10000</capacity> <time-to-live-seconds>0</time-to-live-seconds> </event-journal> <disable-per-entry-invalidation-events>true</disable-per-entry-invalidation-events> </cache> <!-- ===== HAZELCAST LIST CONFIGURATION ===== Configuration element's name is <list>. It has the optional attribute "name" with which you can specify the name of your list. This attribute's default value is "default". It has the following sub-elements: * <statistics-enabled>: When you enable it, you can retrieve list statistics. Its default value is true. * <max-size>: Maximum size of the list (item count). Its default value is 0, meaning Integer.MAX_VALUE. * <backup-count>: Number of synchronous backups. List is a non-partitioned data structure, so all entries of a List reside in one partition. If it is set to 1, there will be 1 backup of that List in another member in the cluster. When it is 2, 2 members will have the backup. Its default value is 1. * <async-backup-count>: Number of asynchronous backups. Its default value is 0. * <item-listeners>: Adds listeners (listener classes) for the List items using its sub-element <item-listener>. You can also set its attribute "include-value" to true if you want the item event to contain the item values. * <split-brain-protection-ref>: Adds the Split Brain Protection for this data-structure which you configure using the <split-brain-protection> element. You should set the <split-brain-protection-ref>'s value as the <split-brain-protection>'s name. --> <list name="default"> <statistics-enabled>false</statistics-enabled> <max-size>0</max-size> <backup-count>1</backup-count> <async-backup-count>0</async-backup-count> <item-listeners> <item-listener include-value="true">com.hazelcast.examples.ItemListener</item-listener> </item-listeners> <split-brain-protection-ref>splitBrainProtectionRuleWithThreeNodes</split-brain-protection-ref> <merge-policy batch-size="100">PutIfAbsentMergePolicy</merge-policy> </list> <!-- ===== HAZELCAST SET CONFIGURATION ===== Configuration element's name is <set>. It has the optional attribute "name" with which you can specify the name of your set. This attribute's default value is "default". It has the following sub-elements: * <statistics-enabled>: When you enable it, you can retrieve set statistics. Its default value is true. * <max-size>: Maximum size of the set (item count). Its default value is 0, meaning Integer.MAX_VALUE. * <backup-count>: Number of synchronous backups. Set is a non-partitioned data structure, so all entries of a Set reside in one partition. If it is set to 1, there will be 1 backup of that Set in another member in the cluster. When it is 2, 2 members will have the backup. Its default value is 1. * <async-backup-count>: Number of asynchronous backups. Its default value is 0. * <item-listeners>: Adds listeners (listener classes) for the Set items using its sub-element <item-listener>. You can also set its attribute "include-value" to true if you want the item event to contain the item values. * <split-brain-protection-ref>: Adds the Split Brain Protection for this data-structure which you configure using the <split-brain-protection> element. You should set the <split-brain-protection-ref>'s value as the <split-brain-protection>'s name. --> <set name="default"> <backup-count>1</backup-count> <async-backup-count>0</async-backup-count> <max-size>10</max-size> <item-listeners> <item-listener include-value="true">com.hazelcast.examples.ItemListener</item-listener> </item-listeners> <split-brain-protection-ref>splitBrainProtectionRuleWithThreeNodes</split-brain-protection-ref> <merge-policy batch-size="100">PutIfAbsentMergePolicy</merge-policy> </set> <!-- ===== HAZELCAST TOPIC CONFIGURATION ===== Configuration element's name is <topic>. It has the optional attribute "name" with which you can specify the name of your topic. This attribute's default value is "default". It has the following sub-elements: * <global-ordering-enabled>: When it is set to true, all cluster members that listen to a topic will receive the messages in the same order they were published by all members. This way, Hazelcast guarantees that all members will see the in the same order. Its default value is false. * <statistics-enabled>: When you enable it, you can retrieve topic statistics such as total number of published and received messages. Its default value is true. * <message-listeners>: Adds listeners (listener classes) for the Topic messages using its sub-element <message-listener>. * <multi-threading-enabled>: Default is `false`, meaning only one dedicated thread will handle topic messages. When multi-threading is enabled (true), all threads from event thread pool can be used for message handling. --> <topic name="default"> <global-ordering-enabled>true</global-ordering-enabled> <statistics-enabled>true</statistics-enabled> <message-listeners> <message-listener>com.hazelcast.examples.MessageListener</message-listener> </message-listeners> </topic> <!-- ===== HAZELCAST RELIABLE TOPIC CONFIGURATION ===== Reliable Topic uses the same ITopic interface. The main difference is that it is backed up by Hazelcast Ringbuffer data structure. Reliable Topic messages are stored in the Ringbuffer Configuration element's name is <reliable-topic>. It has the optional attribute "name" with which you can specify the name of your Reliable Topic, which is the same name you give to your Ringbuffer. This attribute's default value is "default". It has the following sub-elements: * <statistics-enabled>: Enables or disables statistics for this reliable topic. Collects the creation time, total number of published and received messages for each member locally. Its default value is true. * <read-batch-size>: Sets the read batch size. The ReliableTopic tries to read a batch of messages from the ringbuffer. It will get at least one, but if there are more available, then it will try to get more to increase throughput. The maximum read batch size can be influenced using the read batch size. Apart from influencing the number of messages to retrieve, the readBatchSize also determines how many messages will be processed by the thread running the MessageListener before it returns back to the pool to look for other MessageListeners that need to be processed. The problem with returning to the pool and looking for new work is that interacting with an executor is quite expensive due to contention on the work-queue. The more work that can be done without retuning to the pool, the smaller the overhead. If the readBatchSize is 10 and there are 50 messages available, 10 items are retrieved and processed consecutively before the thread goes back to the pool and helps out with the processing of other messages. If the readBatchSize is 10 and there are 2 items available, 2 items are retrieved and processed consecutively. If the readBatchSize is an issue because a thread will be busy too long with processing a single MessageListener and it can't help out other MessageListeners, increase the size of the threadpool so the other MessageListeners don't need to wait for a thread, but can be processed in parallel. * <topic-overload-policy>: A policy to deal with an overloaded topic; so topic where there is no place to store new messages. This policy can only be used in combination with the com.hazelcast.core.HazelcastInstance#getReliableTopic(String). The reliable topic uses a com.hazelcast.ringbuffer.Ringbuffer to store the messages. A ringbuffer doesn't track where readers are, so it has no concept of a slow consumers. This provides many advantages like high performance reads, but it also gives the ability to the reader to re-read the same message multiple times in case of an error. A ringbuffer has a limited, fixed capacity. A fast producer may overwrite old messages that are still being read by a slow consumer. To prevent this, we may configure a time-to-live on the ringbuffer (see com.hazelcast.config.RingbufferConfig#setTimeToLiveSeconds(int). Once the time-to-live is configured, the TopicOverloadPolicy controls how the publisher is going to deal with the situation that a ringbuffer is full and the oldest item in the ringbuffer is not old enough to get overwritten. Keep in mind that this retention period (time-to-live) can keep messages from being overwritten, even though all readers might have already completed reading. Its default value is BLOCK. Available values are as follows: - DISCARD_OLDEST: Using this policy, a message that has not expired can be overwritten. No matter the retention period set, the overwrite will just overwrite the item. This can be a problem for slow consumers because they were promised a certain time window to process messages. But it will benefit producers and fast consumers since they are able to continue. This policy sacrifices the slow producer in favor of fast producers/consumers. - DISCARD_NEWEST: Message that was to be published is discarded. - BLOCK: The caller will wait until there is space in the Ringbuffer. - ERROR: The publish call fails immediately. * <message-listeners>: Adds listeners (listener classes) for the Reliable Topic messages using its sub-element <message-listener>. --> <reliable-topic name="default"> <statistics-enabled>true</statistics-enabled> <topic-overload-policy>ERROR</topic-overload-policy> <read-batch-size>10</read-batch-size> <message-listeners> <message-listener>com.hazelcast.examples.MessageListener</message-listener> </message-listeners> </reliable-topic> <!-- ===== HAZELCAST RINGBUFFER CONFIGURATION ===== Configuration element's name is <ringbuffer>. It has the required attribute "name" with which you can specify the name of your Ringbuffer. It has the following sub-elements: * <capacity>: Number of items in the Ringbuffer. If no <time-to-live-seconds> is set, this value will always be equal to the capacity after the head completes the first loop around the ring. This is because no items are being expired. Its default value is 10000. * <time-to-live-seconds>: Sets the time to live in seconds which is the maximum number of seconds for each item to stay in the ringbuffer before being removed. Entries that are older than time-to-live-seconds are removed from the ringbuffer on the next ringbuffer operation (read or write). Time to live can be disabled by setting time-to-live-seconds to 0. It means that items won't get removed because they expire. They may only be overwritten. When time-to-live-seconds is disabled and after the tail does a full loop in the ring, the ringbuffer size will always be equal to the capacity. The time-to-live-seconds can be any integer between 0 and Integer#MAX_VALUE. 0 means infinite. The default is 0. * <backup-count>: Number of synchronous backups. For example, if it is set to 1, then the Ringbuffer items are copied to one other member for fail-safety. Its default value is 1. * <async-backup-count>: Number of asynchronous backups. Its default value is 0. * <in-memory-format>: Sets the in-memory format. Setting the in-memory format controls the format of the stored item in the ringbuffer: - OBJECT: the item is stored in deserialized format (a regular object) - BINARY (default): the item is stored in serialized format (a binary blob) The object in-memory format is useful when: - the object stored in object format has a smaller footprint than in binary format - if there are readers using a filter. Since for every filter invocation, the object needs to be available in object format. * <ringbuffer-store>: Includes the Ringbuffer store factory class name and property configurations. The store format is the same as the in-memory-format for the Ringbuffer. * <split-brain-protection-ref>: Adds the Split Brain Protection for this data-structure which you configure using the <split-brain-protection> element. You should set the <split-brain-protection-ref>'s value as the <split-brain-protection>'s name. --> <ringbuffer name="default"> <capacity>10000</capacity> <time-to-live-seconds>0</time-to-live-seconds> <backup-count>1</backup-count> <async-backup-count>0</async-backup-count> <in-memory-format>BINARY</in-memory-format> <ringbuffer-store> <class-name>com.hazelcast.RingbufferStoreImpl</class-name> <properties> <property name="prop1">prop1-value</property> <property name="prop2">prop2-value</property> </properties> </ringbuffer-store> <split-brain-protection-ref>splitBrainProtectionRuleWithThreeNodes</split-brain-protection-ref> <merge-policy>PutIfAbsentMergePolicy</merge-policy> </ringbuffer> <!-- ===== HAZELCAST FLAKE ID GENERATOR CONFIGURATION ===== Configuration element's name is <flake-id-generator>. It has the required attribute "name" with which you can specify the name of your Flake ID generator. It has the following sub-elements: * <prefetch-count>: Sets how many IDs are pre-fetched on the background when one call to FlakeIdGenerator.newId() is made. Value must be in the range 1..100,000, default is 100. This setting pertains only to newId() calls made on the member that configured it. * <prefetch-validity-millis>: Sets for how long the pre-fetched IDs can be used. If this time elapses, a new batch of IDs will be fetched. Time unit is milliseconds, default is 600,000 (10 minutes). The IDs contain timestamp component, which ensures rough global ordering of IDs. If an ID is assigned to an object that was created much later, it will be much out of order. If you don't care about ordering, set this value to 0. This setting pertains only to newId() calls made on the member that configured it. * <epoch-start>: Sets the offset of timestamp component. Time unit is milliseconds, default is 1514764800000 (1.1.2018 0:00 UTC). * <node-id-offset>: Sets the offset that will be added to the node ID assigned to cluster member for this generator. Might be useful in A/B deployment scenarios where you have cluster A which you want to upgrade. You create cluster B and for some time both will generate IDs and you want to have them unique. In this case, configure node ID offset for generators on cluster B. * <bits-sequence>: Sets the bit-length of the sequence component, default is 6 bits. * <bits-node-id>: Sets the bit-length of node id component. Default value is 16 bits. * <allowed-future-millis>: Sets how far to the future is the generator allowed to go to generate IDs without blocking, default is 15 seconds. * <statistics-enabled>: When you enable it, you can retrieve the Flake ID generators statistics. Its default value is true. --> <flake-id-generator name="default"> <prefetch-count>100</prefetch-count> <prefetch-validity-millis>600000</prefetch-validity-millis> <epoch-start>1514764800000</epoch-start> <node-id-offset>0</node-id-offset> <bits-sequence>6</bits-sequence> <bits-node-id>16</bits-node-id> <allowed-future-millis>15000</allowed-future-millis> <statistics-enabled>true</statistics-enabled> </flake-id-generator> <!-- ===== HAZELCAST LISTENER CONFIGURATIONS ===== Configuration used to register the listeners that you created by implementing Hazelcast's MembershipListener, DistributedObjectListener, MigrationListener and PartitionLostListener interfaces. --> <listeners> <listener>your-package.YourMembershipListener</listener> <listener>your-package.YourDistributedObjectListener</listener> <listener>your-package.YourMigrationListener</listener> <listener>your-package.YourPartitionLostListener</listener> </listeners> <!-- ===== HAZELCAST SERIALIZATION CONFIGURATION ===== Configuration element's name is <serialization>. It has the following sub-elements: * <portable-version>: Version of the portable serialization. Portable version is used to differentiate two of the same classes that have changes such as a new field or a new field type. * <use-native-byte-order>: Set as true if you want to use the native byte order of the underlying platform. Its default value is false. * <byte-order>: Specifies the byte order that the serialization will use. Its default value is BIG_ENDIAN. Available values are BIG_ENDIAN and LITTLE_ENDIAN. * <enable-compression>: Set as true to enable compression when default Java serialization is used. Its default value is false. * <enable-shared-object>: Set as true to enable shared object when default Java serialization is used. Its default value is false. * <allow-unsafe>: Set as true to allow the usage of unsafe. Its default value is false. * <allow-override-default-serializers>: Set as true to allow override of default serializers. Its default value is false. * <data-serializable-factories>: Lists your class implementations of Hazelcast's DataSerializableFactory using the <data-serializable-factory> sub-elements. Each factory has the required "factory-id" attribute that you should give as the ID of your factory. * <portable-factories>: Lists your class implementations of Hazelcast's PortableFactory using the <portable-factory> sub-elements. Each factory has the required "factory-id" attribute that you should give as the ID of your factory. * <serializers>: Lists the serializers (classes) that you implement using Hazelcast's StreamSerializer, ByteArraySerializer, Global Serializer, etc. Global serializer should be specified using the <global-serializer> sub-element. For others, use the <serializer> sub-element. The <serializer> sub-element has two required attributes: - class-name: Full class name of the serializer you implemented. - type-class: Type of your serializer class implementation. The <global-serializer> sub-element has an optional boolean "override-java-serialization" attribute. If you set it as true, the Java serialization step will be handled by the global serializer, not by the Java Serializable or Externalizable. * <check-class-def-errors>: If set to true, serialization system will check the class definitions error at the start of serialization process and throw a Serialization Exception with the error definition. * <java-serialization-filter>: Allows to configure blacklisting and whitelisting for deserialized classes when Java serialization is used. * <compact-serialization>: Contains configuration elements and attributes for the compact serialization. The optional "enabled" attribute enables or disables the Compact serialization. It has the following sub-elements. * <serializers>: List of fully qualified class names of the Compact serializers. * <classes>: List of fully qualified names of the classes to be serialized with the reflective Compact serializer. It is meant to be used to serialize classes that are serializable with other mechanisms like Java serialization with Compact serialization. --> <serialization> <portable-version>0</portable-version> <use-native-byte-order>false</use-native-byte-order> <byte-order>BIG_ENDIAN</byte-order> <data-serializable-factories> <data-serializable-factory factory-id="1">com.hazelcast.examples.DataSerializableFactory </data-serializable-factory> </data-serializable-factories> <portable-factories> <portable-factory factory-id="1">com.hazelcast.examples.PortableFactory</portable-factory> </portable-factories> <serializers> <global-serializer>com.hazelcast.examples.GlobalSerializerFactory</global-serializer> <serializer type-class="com.hazelcast.examples.DummyType" class-name="com.hazelcast.examples.SerializerFactory"/> </serializers> <check-class-def-errors>true</check-class-def-errors> <java-serialization-filter defaults-disabled="true"> <blacklist> <class>com.acme.app.BeanComparator</class> </blacklist> <whitelist> <class>java.lang.String</class> <class>example.Foo</class> <package>com.acme.app</package> <package>com.acme.app.subpkg</package> <prefix>com.hazelcast.</prefix> <prefix>java</prefix> </whitelist> </java-serialization-filter> <compact-serialization> <serializers> <serializer>com.hazelcast.examples.DummyTypeSerializer</serializer> </serializers> <classes> <class>com.hazelcast.examples.DummyType</class> </classes> </compact-serialization> </serialization> <!-- ===== HAZELCAST HIGH-DENSITY MEMORY STORE CONFIGURATION ===== This feature is available only in Hazelcast Enterprise HD. Configuration element's name is <native-memory>. It has the following attributes: - enabled: Set as true to enable the High-Density Memory Store usage. Its default value is false. - allocator-type: Type of the memory allocator. Its default value is POOLED. Available values are as follows: * STANDARD: Allocates/frees the memory using default OS memory manager. * POOLED: Manages memory blocks in thread local pools. It has the following sub-elements: - <size>: Size of the total native memory to allocate. You can give the size using its "value" attribute and the unit using its "unit" attribute. Unit can be bytes, kilobytes, megabytes and gigabytes. Default value is 128 and default unit is MEGABYTES. - <min-block-size>: Minimum size of the blocks in bytes to split and fragment a page block to assign to an allocation request. It is used only by the POOLED memory allocator. The value has to be power of two. Default value is 16. - <page-size>: Size of the page in bytes to allocate memory as a block. It is used only by the POOLED memory allocator. Its default value is 1 << 22 (about 4 MB). - <metadata-space-percentage>: Percentage of the allocated native memory that is used for the metadata such as indexes, offsets, etc. It is used only by the POOLED memory allocator. Its default value is 12.5. - <persistent-memory-directory>: Simple configuration option for a single directory where the non-volatile memory (e.g. Intel Optane) is mounted. This should be used only on single-socket systems as only one directory can be defined. On multi-socket systems use <persistent-memory> instead. If neither this or <persistent-memory> elements are defined, the RAM is used as native memory. This directory will be created automatically if it does not exist. To avoid collisions, every member of the cluster will create its own subfolder to work with the non-volatile memory. - <persistent-memory>: Specifies the configuration for the non-volatile memory (e.g. Intel Optane) in the system. Under this configuration section multiple directories can be listed with optionally specifying the NUMA node the non-volatile memory mounted in the given directory is attached to for NUMA-aware allocations. If neither this or the <persistent-memory-directory> elements are defined, the RAM is used as native memory. The directories defined under this section will be created automatically if they do not exist. To avoid collisions, every member of the cluster will create its own subfolder to work with the non-volatile memory. --> <native-memory allocator-type="POOLED" enabled="true"> <size unit="MEGABYTES" value="256"/> <min-block-size>32</min-block-size> <page-size>4194304</page-size> <metadata-space-percentage>12.5</metadata-space-percentage> <!-- Simple configuration for single-socket machines with non-volatile memory --> <!-- <persistent-memory-directory>/mnt/optane</persistent-memory-directory> --> <!-- Advanced configuration for non-volatile memory --> <persistent-memory enabled="true" mode="MOUNTED"> <directories> <directory numa-node="0">/mnt/pmem0</directory> <directory numa-node="1">/mnt/pmem1</directory> </directories> </persistent-memory> </native-memory> <!-- ===== HAZELCAST SECURITY CONFIGURATION ===== This feature is available only in Hazelcast Enterprise. Configuration element's name is <security>. It has the following attributes and sub-elements: * enabled: Set to true to enable Hazelcast's security features. * <realms> Defines named security realms. * <member-authentication> Maps member authentication to a realm name. It has the "realm" attribute. * <client-authentication> Maps client authentication to a realm name. It has the "realm" attribute. * <client-permissions>: Lists the client permissions that can be accessed by the client permission policy. For each permission, you need to provide the end points and actions to be permitted. Also, the name and principal for each permission should be given using the "name" and "principal" attributes. Please see http://docs.hazelcast.org/docs/latest/manual/html-single/index.html#permissions for all permissions and actions. * <security-interceptor> Specifies the security interceptor class that you developed by implementing Hazelcast's SecurityInterceptor interface to intercept every remote operation executed by a client. * <client-block-unmapped-actions> Specifies whether to block (true) or allow (false) actions, submitted as tasks in an Executor from the clients and have no permission mappings. --> <security enabled="false"> <realms> <!-- ===== HAZELCAST SECURITY REALMS CONFIGURATION ===== Security realms are named security configurations which can be referenced from Hazelcast security configuration. Currently, the realms support configuring <authentication> and/or <identity>. Only one type of authentication configuration and one type of identity configuration is allowed per the realm. Authentication types: * <simple> Simple authentication where users with their username, password and roles are directly listed in the configuration * <jaas> Defines JAAS authentication - i.e. list of <login-modules> and its optional <properties> * <tls> TLS defines X.509 based authentication (for cases when SSL mutual authentication is configured in Hazelcast network configuration) * <ldap> LDAP based authentication * <kerberos> Kerberos based authentication Identity configuration types: * <credentials-factory>: Specifies the name and properties of your class that you developed by implementing Hazelcast's Credentials interface. This element has a mandatory "class-name" attribute where you should define the factory class implementing ICredentialsFactory used to create Credentials objects. With the <properties> sub-element, you can define properties for the factory class. The properties can be defined with the <property> sub-element nested in the <properties>. The <property> element has the attribute "name" used to define the name of the attribute. The value of the property is defined in the body. * <username-password> Defines a static UsernamePasswordCredentials instance as the member's identity. It has mandatory "username" and "password" attributes. * <token> Defines a static TokenCredentials instance as the client's identity. It can have attribute "encoding". Content of the element is token value in given encoding (or in plain text). * <kerberos> Uses Kerberos ticket (wrapped as GSS-API init token) as the identity. --> <realm name="simpleRealm"> <authentication> <simple> <user username="test" password="a1234"> <role>monitor</role> <role>hazelcast</role> </user> <user username="dev" password="secret"> <role>root</role> </user> </simple> </authentication> </realm> <realm name="jaasRealm"> <authentication> <jaas> <login-module class-name="com.hazelcast.examples.MyRequiredLoginModule" usage="REQUIRED"> <properties> <property name="property">value</property> </properties> </login-module> </jaas> </authentication> <identity> <credentials-factory class-name="com.hazelcast.examples.MyCredentialsFactory"> <properties> <property name="property">value</property> </properties> </credentials-factory> </identity> </realm> <realm name="ldapRealm"> <authentication> <ldap> <url>ldap://ldap.my-company.example</url> <socket-factory-class-name>socketFactoryClassName</socket-factory-class-name> <parse-dn>true</parse-dn> <role-context>roleContext</role-context> <role-filter>roleFilter</role-filter> <role-mapping-attribute>roleMappingAttribute</role-mapping-attribute> <role-mapping-mode>reverse</role-mapping-mode> <role-name-attribute>roleNameAttribute</role-name-attribute> <role-recursion-max-depth>25</role-recursion-max-depth> <role-search-scope>object</role-search-scope> <user-name-attribute>userNameAttribute</user-name-attribute> <system-user-dn>systemUserDn</system-user-dn> <system-user-password>systemUserPassword</system-user-password> <system-authentication>simple</system-authentication> <security-realm>realmName</security-realm> <password-attribute>passwordAttribute</password-attribute> <user-context>userContext</user-context> <user-filter>userFilter</user-filter> <user-search-scope>one-level</user-search-scope> </ldap> </authentication> </realm> <realm name="tlsRealm"> <authentication> <tls roleAttribute="cn"/> </authentication> </realm> <realm name="usernamePasswordIdentityRealm"> <identity> <username-password username="user" password="Hazelcast"/> </identity> </realm> <realm name="tokenIdentityRealm"> <identity> <token encoding="base64">SGF6ZWxjYXN0</token> </identity> </realm> <realm name="kerberosRealm"> <authentication> <kerberos> <skip-role>true</skip-role> <relax-flags-check>true</relax-flags-check> <use-name-without-realm>true</use-name-without-realm> <security-realm>krb5Acceptor</security-realm> <ldap> <url>ldap://127.0.0.1/</url> <system-authentication>GSSAPI</system-authentication> <security-realm>krb5Initiator</security-realm> <skip-authentication>true</skip-authentication> <user-filter>(krb5PrincipalName={login})</user-filter> <role-mapping-attribute>cn</role-mapping-attribute> </ldap> </kerberos> </authentication> <identity> <kerberos> <realm>HAZELCAST.COM</realm> <security-realm>krb5Initiator</security-realm> <service-name-prefix>hz/</service-name-prefix> <use-canonical-hostname>true</use-canonical-hostname> <spn>hz/[email protected]</spn> </kerberos> </identity> </realm> <realm name="simpleKerberosRealm"> <authentication> <kerberos> <principal>hz/[email protected]</principal> <keytab-file>/opt/localhost.keytab</keytab-file> </kerberos> </authentication> <identity> <kerberos> <realm>HAZELCAST.COM</realm> <principal>hz/[email protected]</principal> <keytab-file>/opt/localhost.keytab</keytab-file> </kerberos> </identity> </realm> <realm name="krb5Acceptor"> <authentication> <jaas> <login-module class-name="com.sun.security.auth.module.Krb5LoginModule" usage="REQUIRED"> <properties> <property name="isInitiator">false</property> <property name="useTicketCache">false</property> <property name="doNotPrompt">true</property> <property name="useKeyTab">true</property> <property name="storeKey">true</property> <property name="principal">hz/[email protected]</property> <property name="keyTab">/opt/hz-localhost.keytab</property> </properties> </login-module> </jaas> </authentication> </realm> <realm name="krb5Initiator"> <authentication> <jaas> <login-module class-name="com.sun.security.auth.module.Krb5LoginModule" usage="REQUIRED"> <properties> <property name="isInitiator">true</property> <property name="useTicketCache">false</property> <property name="doNotPrompt">true</property> <property name="useKeyTab">true</property> <property name="storeKey">true</property> <property name="principal">hz/[email protected]</property> <property name="keyTab">/opt/hz-localhost.keytab</property> </properties> </login-module> </jaas> </authentication> </realm> </realms> <member-authentication realm="jaasRealm"/> <client-authentication realm="simpleRealm"/> <client-permission-policy class-name="com.hazelcast.examples.MyPermissionPolicy"> <properties> <property name="property">value</property> </properties> </client-permission-policy> <client-permissions on-join-operation="RECEIVE"> <all-permissions principal="admin"> <endpoints> <endpoint>127.0.0.1</endpoint> </endpoints> </all-permissions> <config-permission> <endpoints> <endpoint>127.0.0.1</endpoint> </endpoints> </config-permission> <transaction-permission> <endpoints> <endpoint>127.0.0.1</endpoint> </endpoints> </transaction-permission> <map-permission name="custom" principal="dev"> <endpoints> <endpoint>127.0.0.1</endpoint> </endpoints> <actions> <action>create</action> <action>destroy</action> <action>put</action> <action>read</action> </actions> </map-permission> <queue-permission name="*"> <actions> <action>all</action> </actions> </queue-permission> <topic-permission name="*"> <actions> <action>all</action> </actions> </topic-permission> <multimap-permission name="*"> <actions> <action>all</action> </actions> </multimap-permission> <list-permission name="*"> <actions> <action>all</action> </actions> </list-permission> <set-permission name="*"> <actions> <action>all</action> </actions> </set-permission> <flake-id-generator-permission name="*"> <actions> <action>all</action> </actions> </flake-id-generator-permission> <lock-permission name="*"> <actions> <action>all</action> </actions> </lock-permission> <atomic-long-permission name="*"> <actions> <action>all</action> </actions> </atomic-long-permission> <countdown-latch-permission name="*"> <actions> <action>all</action> </actions> </countdown-latch-permission> <semaphore-permission name="*"> <actions> <action>all</action> </actions> </semaphore-permission> <executor-service-permission name="*"> <actions> <action>all</action> </actions> </executor-service-permission> <durable-executor-service-permission name="*"> <actions> <action>all</action> </actions> </durable-executor-service-permission> <cardinality-estimator-permission name="*"> <actions> <action>all</action> </actions> </cardinality-estimator-permission> <scheduled-executor-permission name="*"> <actions> <action>all</action> </actions> </scheduled-executor-permission> <cache-permission name="*"> <actions> <action>all</action> </actions> </cache-permission> <user-code-deployment-permission name="*" principal="*"> <actions> <action>all</action> </actions> </user-code-deployment-permission> <pn-counter-permission name="*"> <actions> <action>all</action> </actions> </pn-counter-permission> <replicatedmap-permission name="*"> <actions> <action>all</action> </actions> </replicatedmap-permission> <management-permission principal="management"> <endpoints> <endpoint>127.0.0.1</endpoint> </endpoints> </management-permission> <sql-permission name="*"> <actions> <action>create</action> <action>destroy</action> </actions> </sql-permission> <ring-buffer-permission name="*"> <actions> <action>all</action> </actions> </ring-buffer-permission> <connector-permission name="*"> <actions> <action>all</action> </actions> </connector-permission> </client-permissions> <client-block-unmapped-actions>true</client-block-unmapped-actions> <security-interceptors> <interceptor class-name="com.your-package.YourSecurityInterceptorImplementation"/> </security-interceptors> </security> <!-- ===== HAZELCAST MEMBER ATTRIBUTE CONFIGURATION ===== You can define member attributes for your Hazelcast members to tag your members according to your business logic requirements. Configuration element's name is <member-attributes>. You can list each member attribute using its <attribute> sub-element. For each <attribute>, you need to provide its name, type and value. --> <member-attributes> <attribute name="CPU_CORE_COUNT">4</attribute> <attribute name="CPU_CORE_FREQ">1033</attribute> </member-attributes> <!-- ===== HAZELCAST SPLIT BRAIN PROTECTION CONFIGURATION ===== Configuration element's name is <split-brain-protection>. It has the following attributes: * name: Name of your split brain protection. This name will be given as the value for <split-brain-protection-ref> element in the data structure configuration for which you want to define a split brain protection. Currently, IMap, TransactionalMap and Cache structures support split brain protection. * enabled: Specifies whether this split brain protection is enabled. It has the following sub-elements: * <minimum-cluster-size>: The minimum number of members required in a cluster for the cluster to remain in an operational state. If the number of members is below the defined minimum at any time, the operations are rejected and the rejected operations return a SplitBrainProtectionException to their callers. * <protect-on>: Specifies for which operations the split brain protection will be applied. Available values are READ, WRITE and READ_WRITE. * <function-class-name>: Name of the class that you develop by implementing Hazelcast's SplitBrainProtectionFunction interface to conclude the absence/presence of your split brain protection. This function is triggered when any change happens to the member list. * <listeners>: Provides the list of split brain protection listeners that you can register to be notified about split brain protection results. Each listener is specified by <listener> sub-element. Split brain protection listeners are local to the member that they are registered, so they receive only events occurred on that local member. --> <split-brain-protection name="splitBrainProtectionRuleWithThreeMembers" enabled="true"> <minimum-cluster-size>3</minimum-cluster-size> <protect-on>READ_WRITE</protect-on> <function-class-name>com.your-package.AbsPresMySplitBrainProtection</function-class-name> <listeners> <listener>com.your-package.ThreeMemberSplitBrainProtectionListener</listener> </listeners> </split-brain-protection> <!-- ===== HAZELCAST LITE MEMBER CONFIGURATION ===== Configuration element's name is <lite-member>. When you want to use a Hazelcast member as a lite member, set this element's "enabled" attribute to true in that member's XML configuration. Lite members do not store data and are used mainly to execute tasks and register listeners. They do not have partitions. --> <lite-member enabled="true"/> <!-- ===== HAZELCAST PERSISTENCE CONFIGURATION ===== This feature is available only in Hazelcast Enterprise HD. Configuration element's name is <persistence>. It has the required attribute "enabled" to specify whether this feature will be enabled on your cluster. This part is the feature's configuration itself and you define the general specifications for the feature. However, note that <map> and <cache> have a sub-element called <data-persistence> with which you should enable its usage on those data structures. Keep in mind that the Data Persistence feature is currently supported for Hazelcast's map and cache data structures. It has the following sub-elements: * <base-dir>: Specifies the directory where the Persistence data will be stored. Its default value is persistence. You can use the default value, or you can specify another folder. This directory will be created automatically if it does not exist. * <backup-dir>: Specifies the directory where the backup data will be stored. If this element is not defined, backup will be disabled. If a directory is defined which does not exist, it will be created on first backup. To avoid clashing data on multiple backups, each backup has a unique sequence ID which determines the name of the directory which will contain all persistence data. This unique directory is created as a subdirectory of the configured `backup-dir`. * <parallelism>: Deprecated. Please leave it to default. Level of parallelism in Persistence. There will be this many IO threads, each writing in parallel to its own files. During the restart procedure, this many IO threads will be reading the files and this many Rebuilder threads will be rebuilding the Persistence metadata. * <validation-timeout-seconds>: Validation timeout for the restart process when validating the cluster members expected to join and the partition table on the whole cluster. * <data-load-timeout-seconds>: Deprecated. Please leave it to default. Data load timeout for the Restart process. All members in the cluster should finish restoring their local data before this timeout period. * <cluster-data-recovery-policy>: Specifies the data recovery policy that will be respected during restart cluster start. Valid values are; FULL_RECOVERY_ONLY: Starts the cluster only when all expected members are present and correct. Otherwise, it fails. This is the default value. PARTIAL_RECOVERY_MOST_RECENT: Starts the cluster with the members which have most up-to-date partition table and successfully restored their data. All other members will leave the cluster and force start themselves. If no member restores its data successfully, cluster start fails. PARTIAL_RECOVERY_MOST_COMPLETE: Starts the cluster with the largest group of members which have the same partition table version and successfully restored their data. All other members will leave the cluster and force start themselves. If no member restores its data successfully, cluster start fails. - <encryption-at-rest>: Specifies the (optional) encryption settings for Persistence. It has the required attribute "enabled" to specify whether encryption is enabled. In addition to that, it specifies the symmetric cipher to use (such as AES/CBC/PKCS5Padding), the encryption salt, the key size for generating encryption keys, and, in the <secure-store> sub-element, the configuration of the Secure Store that it will be used to retrieve the encryption keys. * <keystore>: Provides integration with Java KeyStore. Specifies the path to the KeyStore file, the KeyStore type (such as PKCS12 or JCEKS), the KeyStore password, an (optional) alias for the current encryption key entry, and (optionally) a polling interval for checking for changes in the KeyStore. * <vault>: Provides integration with HashiCorp Vault. Specifies the address of the Vault server, the (optional) secrets engine path, the secret path where the encryption key is stored, the access token, the (optional) namespace, the (optional) <ssl> configuration for HTTPS support, and an (optional) polling interval for checking for changes in Vault. --> <persistence enabled="true"> <base-dir>/mnt/persistence</base-dir> <backup-dir>/mnt/persistence-backup</backup-dir> <validation-timeout-seconds>120</validation-timeout-seconds> <cluster-data-recovery-policy>PARTIAL_RECOVERY_MOST_COMPLETE</cluster-data-recovery-policy> <encryption-at-rest enabled="true"> <algorithm>AES/CBC/PKCS5Padding</algorithm> <salt>somesalt</salt> <key-size>16</key-size> <secure-store> <keystore> <path>/path/to/keystore.file</path> <type>PKCS12</type> <password>password</password> <current-key-alias>current</current-key-alias> <polling-interval>60</polling-interval> </keystore> <!-- <vault> <address>http://localhost:1234</address> <secret-path>secret/path</secret-path> <token>token</token> <polling-interval>60</polling-interval> <ssl enabled="false"> <factory-class-name>com.hazelcast.nio.ssl.BasicSSLContextFactory</factory-class-name> <properties> <property name="protocol">TLS</property> <property name="mutualAuthentication">REQUIRED</property> <property name="keyStore">/opt/hazelcast.keystore</property> <property name="keyStorePassword">secret.97531</property> <property name="keyStoreType">JKS</property> <property name="trustStore">/opt/hazelcast.truststore</property> <property name="trustStorePassword">changeit</property> <property name="trustStoreType">JKS</property> </properties> </ssl> </vault> --> </secure-store> </encryption-at-rest> </persistence> <!-- ===== HAZELCAST LOCAL-DEVICE CONFIGURATION ===== Tiered-Store device configuration. Currently, only local disk is supported as a device. Multiple devices can be configured, and a map with enabled tiered-store can reference a given device from its disk-tier. It has the following attributes and sub-elements: - name: Name of the device. The default is "default-tiered-store-device". * <base-dir>: Specifies the directory where the Tiered-Store data will be stored. Its default value is "tiered-store". You can use the default value, or you can specify another folder. This directory will be created automatically if it does not exist. * <capacity>: Device capacity, i.e., what is the soft upper bound capacity of the device. You can give the size using its "value" attribute and the unit using its "unit" attribute. Unit can be bytes, kilobytes, megabytes and gigabytes. The default is 256 gigabytes. * <block-size>: Device block/sector size in bytes. The default is 4096. The minimum is 512. * <read-io-thread-count>: Read IO thread count. The default is 4. * <write-io-thread-count>: Write IO thread count. The default is 4. --> <local-device name="tiered-store-local-device"> <base-dir>/mnt/tiered-store</base-dir> <capacity unit="GIGABYTES" value="512"/> <block-size>4096</block-size> <read-io-thread-count>4</read-io-thread-count> <write-io-thread-count>4</write-io-thread-count> </local-device> <!-- ===== HAZELCAST DYNAMIC CONFIGURATION CONFIGURATION ===== Configuration settings related to dynamic configuration feature. It has the following sub-elements: * <persistence-enabled>: True if dynamic configuration persistence is enabled. * <backup-dir>: Directory for dynamic configuration persistence file backups. Each new backup will be created inside this directory. Can be an absolute or relative path to the node startup directory. If not set, new folder will be created where dynamic configuration file exists. * <backup-count>: How many backups will be kept. Default is 5. You can set this to zero to disable backups. --> <dynamic-configuration> <persistence-enabled>true</persistence-enabled> <backup-dir>/mnt/dynamic/backup-dir</backup-dir> <backup-count>7</backup-count> </dynamic-configuration> <!-- ===== HAZELCAST USER CODE DEPLOYMENT CONFIGURATION ===== Configuration element's name is <user-code-deployment>. It has the required attribute "enabled" to specify whether this feature will be enabled on your cluster. It has the following sub-elements: * <class-cache-mode>: Controls the local caching behavior for the classes loaded from the remote class repository. Available values are as follows: ETERNAL: Cache the loaded classes locally. This is the default value and suitable when you load long-living objects, such as domain objects stored in a map. OFF: Do not cache the loaded classes locally. * <provider-mode>: Controls how the classes are served to the other cluster members. Available values are as follows: LOCAL_AND_CACHED_CLASSES: Serve classes loaded from both local classpath and from other members. This is the default value. LOCAL_CLASSES_ONLY: Serve classes from the local classpath only. Classes loaded from other members will be used locally, but they are not served to other members. OFF: Never serve classes to other members. * <blacklist-prefixes>: Comma separated name prefixes of classes/packages to be prevented from dynamic class loading. For example, if you set it as "com.foo", remote loading of all classes from the "com.foo" package will be blacklisted, including the classes from all its sub-packages. If you set it as "com.foo.Class", then the "Class" and all classes having the "Class" as prefix in the "com.foo" package will be blacklisted. * <whitelist-prefixes>: Comma separated name prefixes of classes/packages only from which the classes will be loaded. It allows to quickly configure remote loading only for classes from selected packages. It can be used together with blacklisting. For example, you can whitelist the prefix "com.foo" and blacklist the prefix "com.foo.secret". * <provider-filter>: Filter to constraint members to be used for a class loading request when a class is not available locally. The value is in the format "HAS_ATTRIBUTE:foo". When it is set as "HAS_ATTRIBUTE:foo", the class loading request will only be sent to the members which have "foo" as a member attribute. --> <user-code-deployment enabled="true"> <class-cache-mode>ETERNAL</class-cache-mode> <provider-mode>LOCAL_CLASSES_ONLY</provider-mode> <blacklist-prefixes>com.foo</blacklist-prefixes> <whitelist-prefixes>com.bar.MyClass</whitelist-prefixes> <provider-filter>HAS_ATTRIBUTE:lite</provider-filter> </user-code-deployment> <!-- ===== HAZELCAST CRDT REPLICATION CONFIGURATION ===== Configures the replication mechanism for all CRDT implementations. The CRDT states are replicated in rounds (the period is configurable) and in each round the state is replicated up to the configured number of members. It has the following sub-elements: * <max-concurrent-replication-targets>: The maximum number of target members that we replicate the CRDT states to in one period. A higher count will lead to states being disseminated more rapidly at the expense of burst-like behaviour - one update to a CRDT will lead to a sudden burst in the number of replication messages in a short time interval. * <replication-period-millis>: The period between two replications of CRDT states in milliseconds. A lower value will increase the speed at which changes are disseminated to other cluster members at the expense of burst-like behaviour - less updates will be batched together in one replication message and one update to a CRDT may cause a sudden burst of replication messages in a short time interval. The value must be a positive non-null integer. --> <crdt-replication> <max-concurrent-replication-targets>1</max-concurrent-replication-targets> <replication-period-millis>1000</replication-period-millis> </crdt-replication> <!-- ===== HAZELCAST PN COUNTER CONFIGURATION ===== Configuration element's name is <pn-counter>. It has the optional attribute "name" with which you can specify the name of your PN counter. Its default value is "default". It has the following sub-elements: * <replica-count>: Number of replicas on which the CRDT state will be kept. The updates are replicated asynchronously between replicas. The number must be greater than 1 and up to 2147483647 (Integer.MAX_VALUE). The default value is 2147483647 (Integer.MAX_VALUE). * <split-brain-protection-ref>: Adds the Split Brain Protection for this data-structure which you configure using the <split-brain-protection> element. You should set the <split-brain-protection-ref>'s value as the <split-brain-protection>'s name. * <statistics-enabled>: When you enable it, you can retrieve the PN counter statistics. Its default value is true. --> <pn-counter name="default"> <replica-count>2147483647</replica-count> <split-brain-protection-ref>splitBrainProtectionRuleWithThreeNodes</split-brain-protection-ref> <statistics-enabled>true</statistics-enabled> </pn-counter> <!-- ===== HAZELCAST ADVANCED NETWORK CONFIGURATION ===== The advanced network configuration provides fine-tuning capabilities for configuring network with the ability of defining separate server sockets for different protocols, such as for member-member and member-client communication. This configuration renders exclusive or relation with the generic <network> configuration element. The configuration element's name is <advanced-network>. It has the following attribute: * enabled: Indicates whether the advanced network configuration is enabled or not. Default is false. The <advanced-network> element has the following sub-elements: * <join>: This configuration lets you choose a discovery mechanism that Hazelcast will use to form a cluster. Hazelcast can find members by multicast, TCP/IP lists and by various discovery mechanisms provided by different cloud APIs. The following are the elements of <join>: - <multicast>: Set its "enabled" attribute to true for discovery by multicast. It has another attribute ("loopbackModeEnabled") which enables or disables the loopback mode in the multicast discovery mechanism. It has the following sub-elements to fine tune the multicast discovery. - <multicast-group>: Specifies the multicast group IP address when you want to create clusters within the same network. Its default value is 224.2.2.3. - <multicast-port>: Specifies the multicast socket port that the Hazelcast member listens to and sends discovery messages through. Its default value is 54327. - <multicast-time-to-live>: Time-to-live value for multicast packets sent out to control the scope of multicasts. - <multicast-timeout-seconds>: Only when the members are starting up, this timeout (in seconds) specifies the period during which a member waits for a multicast response from another node. For example, if you set it as 60 seconds, each node will wait for 60 seconds until a leader node is selected. Its default value is 2 seconds. - <trusted-interfaces>: Includes IP addresses of trusted members. When a node wants to join to the cluster, its join request will be rejected if it is not a trusted member. You can give an IP addresses range using the wildcard (*) on the last digit of IP address (e.g. 192.168.1.* or 192.168.1.100-110). - <tcp-ip>: It has the following attributes. - "enabled": Specifies whether the TCP/IP discovery is enabled or not. Default value is false. - "connection-timeout-seconds": The maximum amount of time Hazelcast is going to try to connect to a well known member before giving up. Setting it to a too low value could mean that a member is not able to connect to a cluster. Setting it to a too high value means that member startup could slow down because of longer timeouts (e.g. when a well known member is not up). Increasing this value is recommended if you have many IPs listed and the members cannot properly build up the cluster. Its default value is 5. It has the following sub-elements. - <required-member>: IP address of the required member. Cluster will only be formed if the member with this IP address is found. - <member>: IP address(es) of one or more well known members. Once members are connected to these well known ones, all member addresses will be communicated with each other. You can also give comma separated IP addresses using the <members> element or list the members with the <member> element under <member-list>. - <members>: Comma separated IP addresses of one or more well known members. - <member-list>: IP address(es) of one or more well known members listed with the <member> element. - <interface>: IP address(es) of one or more well known members. - <aws>: Set its "enabled" attribute to true for discovery within Amazon EC2. Please refer to https://github.com/hazelcast/hazelcast-aws/#configuration for the configuration details. - <gcp>: Set its "enabled" attribute to true for discovery within the Google Cloud Platform. Please refer to https://github.com/hazelcast/hazelcast-gcp/#configuration for the configuration details. - <azure>: Set its "enabled" attribute to true for discovery within Microsoft Azure. Please refer to https://github.com/hazelcast/hazelcast-azure/#configuring-at-hazelcast-side for the configuration details. - <kubernetes>: Set its "enabled" attribute to true for discovery in the Kubernetes environment. Please refer to https://github.com/hazelcast/hazelcast-kubernetes#hazelcast-configuration for the configuration details. - <eureka>: Set its "enabled" attribute to true for discovery with using Eureka Service Registry. Please refer to https://github.com/hazelcast/hazelcast-eureka#hazelcast-configuration for the configuration details. - <discovery-strategies>: Set its "enabled" attribute to true for discovery in various cloud infrastructures. You also need to set the value of "hazelcast.discovery.enabled" property to true. See the description of the <properties> element to learn how to do this. You can define multiple discovery strategies using the <discovery-strategy> sub-element and its properties. Please refer to http://docs.hazelcast.org/docs/latest/manual/html-single/index.html#discovering-cluster-members to see the properties you can use. The following is an example for EC2 cloud. <discovery-strategies> <discovery-strategy class="com.hazelcast.jclouds.JCloudsDiscoveryStrategy" enabled="true"> <properties> <property name="provider">aws-ec2</property> <property name="identity">AWS_IDENTITY</property> <property name="credential">AWS_CREDENTIAL</property> </properties> </discovery-strategy> </discovery-strategies> * <member-address-provider>: IMPORTANT This configuration is not intended to provide addresses of other cluster members with which the Hazelcast instance will form a cluster. This is an SPI for advanced use in cases where the DefaultAddressPicker does not pick suitable addresses to bind to and publish to other cluster members. For instance, this could allow easier deployment in some cases when running on Docker, AWS or other cloud environments. That said, if you are just starting with Hazelcast, you will probably want to set the member addresses by using the tcp-ip or multicast configuration or adding a discovery strategy. Member address provider allows to plug in own strategy to customize: 1. What address Hazelcast will bind to 2. What address Hazelcast will advertise to other members on which they can bind to In most environments you don't need to customize this and the default strategy will work just fine. However in some cloud environments the default strategy does not make the right choice and the member address provider delegates the process of address picking to external code. It has on optional attribute: * enabled: Specifies whether the member address provider SPI is enabled or not. Its default value is false. It has the following sub-elements: - <class-name>: The name of the class implementing the com.hazelcast.spi.MemberAddressProvider interface. - <properties>: The properties that will be provided when constructing the provided MemberAddressProvider. Hazelcast will first try instantiating the provided class by invoking a constructor accepting a single java.util.Properties instance. In the case where there is no such constructor and there are also no properties defined by this configuration, Hazelcast will exceptionally try to use the no-arg constructor. * <failure-detector>: A failure detector is responsible to determine if a member in the cluster is unreachable or crashed. Please refer to https://docs.hazelcast.org/docs/latest/manual/html-single/index.html#failure-detector-configuration for the failure detectors implemented by Hazelcast. This element has the following sub-element: * <icmp>: ICMP can be used in addition to the other detectors. It operates at layer 3 and detects network and hardware issues more quickly. It has the following sub-elements: * <timeout-milliseconds>: Timeout in Milliseconds before declaring a failed ping. * <fail-fast-on-startup>: Cluster Member will fail to start if it is unable to action an ICMP ping command when ICMP is enabled. Failure is usually due to OS level restrictions. * <interval-milliseconds>: Time in milliseconds between each ICMP ping. * <max-attempts>: Maximum number of consecutive failed attempts before declaring a member suspect. * <parallel-mode>: Run ICMP detection in parallel with the Heartbeat failure detector. * <ttl>: Maximum number of times the IP Datagram (ping) can be forwarded, in most cases all Hazelcast cluster members would be within one network switch/router therefore default of 0 is usually sufficient. * <member-server-socket-endpoint-config>: Configures the server socket used for the member-member communication. * <client-server-socket-endpoint-config>: Configures the server socket used for the member-client communication. * <wan-server-socket-endpoint-config>: Configures the server sockets used for the WAN replication's inbound WAN connections. Multiple WAN server sockets can be configured to allow configuring separate server sockets for each inbound WAN connection. * <memcache-server-socket-endpoint-config>: These four server socket elements have the same attribute and sub-elements. The server socket elements have the following attribute: - "name": Name of the endpoint configuration. Only relevant when defining WAN server sockets. The server socket elements have the following sub-elements: * <port>: The ports which Hazelcast will use to communicate between cluster members. Its default value is 5701. It has the following attributes. - port-count: The default value is 100, meaning that Hazelcast will try to bind 100 ports. If you set the value of port as 5701, as members join the cluster, Hazelcast tries to find ports between 5701 and 5801. You can change the port count in cases like having large instances on a single machine or you are willing to have only a few ports assigned. - auto-increment: Default value is true. If port is set to 5701, Hazelcast will try to find free ports between 5701 and 5801. Normally, you will not need to change this value, but it comes in handy when needed. You may also want to choose to use only one port. In that case, you can disable the auto-increment feature of port by setting its value as false. * <public-address>: Overrides the public address of a node. By default, a node selects its socket address as its public address. But behind a network address translation (NAT), two endpoints (nodes) may not be able to see/access each other. If both nodes set their public addresses to their defined addresses on NAT, then they can communicate with each other. In this case, their public addresses are not an address of a local network interface but a virtual address defined by NAT. This is optional to set and useful when you have a private cloud. * <reuse-address>: When you shutdown a cluster member, the server socket port will be in the TIME_WAIT state for the next couple of minutes. If you start the member right after shutting it down, you may not be able to bind it to the same port because it is in the TIME_WAIT state. If you set reuse-address to true, the TIME_WAIT state is ignored and you can bind the member to the same port again. Default value is false. * <outbound-ports>: By default, Hazelcast lets the system pick up an ephemeral port during socket bind operation. But security policies/firewalls may require to restrict outbound ports to be used by Hazelcast-enabled applications. To fulfill this requirement, you can configure Hazelcast to use only defined outbound ports. The <outbound-ports> has the <ports> sub-element to allow you to define outbound ports. * <interfaces>: Specifies which network interfaces Hazelcast should use. You need to set its "enabled" attribute to true to be able to use your defined interfaces. You can define multiple interfaces using its <interface> sub-element. By default, it is disabled. * <ssl>: Lets you configure SSL using the SSL context factory. This feature is available only in Hazelcast Enterprise. To be able to use it, encryption should NOT be enabled and you should first implement your SSLContextFactory class. Its configuration contains the factory class and SSL properties. By default, it is disabled. The following is an example: <ssl enabled="true"> <factory-class-name> com.hazelcast.nio.ssl.BasicSSLContextFactory </factory-class-name> <properties> <property name="keyStore">keyStore</property> <property name="keyStorePassword">keyStorePassword</property> <property name="keyManagerAlgorithm">SunX509</property> <property name="trustManagerAlgorithm">SunX509</property> <property name="protocol">TLS</property> <property name="mutualAuthentication">REQUIRED</property> </properties> </ssl> * <socket-interceptor>: Lets you add custom hooks to join and perform connection procedures (like a custom authentication negotiation protocol, etc.). This feature is available only in Hazelcast Enterprise. To be able to use it, you should first implement the MemberSocketInterceptor (for members joining to a cluster) or SocketInterceptor (for clients connecting to a member) class. Its configuration contains the class you implemented and socket interceptor properties. By default, it is disabled. The following is an example: <socket-interceptor enabled="true"> <class-name> com.hazelcast.examples.MySocketInterceptor </class-name> <properties> <property name="property1">value1</property> <property name="property2">value2</property> </properties> </socket-interceptor> * <symmetric-encryption>: Lets you encrypt the entire socket level communication among all Hazelcast members. This feature is available only in Hazelcast Enterprise. Its configuration contains the encryption properties and the same configuration must be placed to all members. By default, it is disabled. The following is an example: <symmetric-encryption enabled="true"> <algorithm>PBEWithMD5AndDES</algorithm> <salt>thesalt</salt> <password>thepass</password> <iteration-count>19</iteration-count> </symmetric-encryption> * <socket-options>: It has the following sub-elements: * <buffer-direct>: Specifies whether direct or non-direct buffers should be allocated for the socket. The default value is false. * <tcp-no-delay>: Specifies whether Nagle's algorithm should be disabled. The default value is true meaning that Nagle's algorithm is disabled. * <keep-alive>: Specifies whether TCP keep-alive should be enabled. The default value is true. * <connect-timeout-seconds>: Specifies the TCP timeout in seconds. The default value is 0. * <send-buffer-size-kb>: Specifies the size of the send buffer. The default value is 128KB. * <receive-buffer-size-kb>: Specifies the size of the receive buffer. The default value is 128KB. * <linger-seconds>: Specifies the TCP linger seconds. The default value is 0. * <keep-count>: When keep-alive is true and supported by the platform, sets the number of unacknowledged TCP keep-alive probes to be sent before declaring a connection dead. * <keep-idle-seconds>: When keep-alive is true and supported by the platform, sets the number of seconds to wait after the last packet was sent before sending a keep-alive probe. * <keep-interval-seconds>: When keep-alive is true and supported by the platform, sets the number of seconds to wait between keep-alive probes. * <tpc-socket>: Socket configuration for TPC. In TPC, each eventloop has its own sockets. * <port-range>: Configures the port range available for TPC sockets. * <receive-buffer-size-kb>: Configures SO_RCVBUF socket option for TPC sockets. * <send-buffer-size-kb>: Configures SO_SNDBUF socket option for TPC sockets. * <rest-server-socket-endpoint-config>: Controls access to Hazelcast HTTP REST API. The methods available through REST API are grouped to several REST endpoint groups, which can be specified in this section. The <rest-server-socket-endpoint-config> element has the same attribute and sub-elements that the above server socket elements have plus it has the following additional sub-element. * <endpoint-groups>: Enables or disables named REST endpoint groups. If a group is not listed within the rest-api configuration, then it's 'enabledByDefault' flag is used to control the behavior of the group. The groups can be defined with the <endpoint-group> sub-element. Groups and their defaults: * CLUSTER_READ - enabled Group of operations for retrieving cluster state and its version. * CLUSTER_WRITE - disabled Operations which changes cluster or node state or their configurations. * HEALTH_CHECK - disabled Group of endpoints for HTTP health checking. * PERSISTENCE - disabled Group of HTTP REST APIs related to Persistence feature. * WAN - disabled Group of HTTP REST APIs related to WAN Replication feature. * DATA - disabled Group of HTTP REST APIs for data manipulation in the cluster (e.g. IMap and IQueue operations). * <wan-endpoint-config>: This element configures socket settings for the outgoing WAN connections. This element has "name" attribute and the following sub-elements from the list above: * <outbound-ports> * <interfaces> * <ssl> * <socket-interceptor> * <symmetric-encryption> * <socket-options> * <tpc-socket> --> <advanced-network enabled="false"> <join> <multicast enabled="true" loopbackModeEnabled="true"> <multicast-group>1.2.3.4</multicast-group> <multicast-port>12345</multicast-port> <multicast-timeout-seconds>5</multicast-timeout-seconds> <multicast-time-to-live>10</multicast-time-to-live> <trusted-interfaces> <interface>10.10.1.*</interface> <interface>10.10.2.*</interface> </trusted-interfaces> </multicast> <tcp-ip enabled="false" connection-timeout-seconds="123"> <required-member>dummy</required-member> <member>dummy1</member> <member>dummy2</member> <interface>127.0.0.10</interface> <members>dummy3,dummy4</members> <member-list> <member>dummy5</member> <member>dummy6</member> </member-list> </tcp-ip> <aws enabled="false"> <access-key>my-access-key</access-key> <secret-key>my-secret-key</secret-key> <region>us-west-1</region> <host-header>ec2.amazonaws.com</host-header> <connection-timeout-seconds>7</connection-timeout-seconds> <read-timeout-seconds>7</read-timeout-seconds> <connection-retries>4</connection-retries> <hz-port>5701-5710</hz-port> <tag-key>type</tag-key> <tag-value>hz-nodes</tag-value> <security-group-name>hazelcast-sg</security-group-name> <iam-role>dummy</iam-role> <use-public-ip>true</use-public-ip> <!-- <cluster>my-cluster</cluster> <family>test-family</family> <service-name>test-service</service-name> --> </aws> <gcp enabled="false"> <private-key-path>key-path</private-key-path> <projects>project-1,project-2</projects> <region>us-central1</region> <zones>us-central1-b,us-central1-c</zones> <label>key=value</label> <hz-port>5701-5710</hz-port> <use-public-ip>true</use-public-ip> </gcp> <azure enabled="false"> <instance-metadata-available>false</instance-metadata-available> <client-id>CLIENT_ID</client-id> <client-secret>CLIENT_SECRET</client-secret> <tenant-id>TENANT_ID</tenant-id> <subscription-id>SUB_ID</subscription-id> <resource-group>RESOURCE-GROUP-NAME</resource-group> <scale-set>SCALE-SET-NAME</scale-set> <tag>TAG-NAME=HZLCAST001</tag> <hz-port>5701-5707</hz-port> <use-public-ip>true</use-public-ip> </azure> <kubernetes enabled="false"> <namespace>MY-KUBERNETES-NAMESPACE</namespace> <service-name>MY-SERVICE-NAME</service-name> <service-label-name>MY-SERVICE-LABEL-NAME</service-label-name> <service-label-value>MY-SERVICE-LABEL-VALUE</service-label-value> </kubernetes> <eureka enabled="false"> <self-registration>true</self-registration> <namespace>hazelcast</namespace> </eureka> <!-- <discovery-strategies> <node-filter class="DummyFilterClass"/> <discovery-strategy class="DummyClass" enabled="true"> <properties> <property name="foo">bar</property> </properties> </discovery-strategy> </discovery-strategies>--> </join> <member-address-provider enabled="false"> <class-name>DummyMemberAddressProvider</class-name> <properties> <property name="foo">bar</property> </properties> </member-address-provider> <failure-detector> <icmp enabled="false"> <timeout-milliseconds>1000</timeout-milliseconds> <fail-fast-on-startup>true</fail-fast-on-startup> <interval-milliseconds>1000</interval-milliseconds> <max-attempts>2</max-attempts> <parallel-mode>true</parallel-mode> <ttl>255</ttl> </icmp> </failure-detector> <!-- cluster protocol server socket --> <member-server-socket-endpoint-config> <outbound-ports> <ports>33000-35000</ports> <ports>37000,37001,37002,37003</ports> <ports>38000,38500-38600</ports> </outbound-ports> <interfaces enabled="true"> <interface>10.10.1.*</interface> </interfaces> <ssl enabled="true"> <factory-class-name>com.hazelcast.examples.MySSLContextFactory</factory-class-name> <properties> <property name="foo">bar</property> </properties> </ssl> <socket-interceptor enabled="true"> <class-name>com.hazelcast.examples.MySocketInterceptor</class-name> <properties> <property name="foo">bar</property> </properties> </socket-interceptor> <socket-options> <buffer-direct>true</buffer-direct> <tcp-no-delay>true</tcp-no-delay> <keep-alive>true</keep-alive> <connect-timeout-seconds>64</connect-timeout-seconds> <send-buffer-size-kb>25</send-buffer-size-kb> <receive-buffer-size-kb>33</receive-buffer-size-kb> <linger-seconds>99</linger-seconds> <!-- wait 10 minutes before sending a keep-alive probe --> <keep-idle-seconds>600</keep-idle-seconds> <!-- send 10 keep-alive probes before closing connection --> <keep-count>10</keep-count> <!-- send keep-alive probe retries every 15 seconds --> <keep-interval-seconds>15</keep-interval-seconds> </socket-options> <port auto-increment="true" port-count="100">5701</port> <public-address>dummy</public-address> <!-- If the address should be reused. See NetworkConfig.setReuseAddress for more information. --> <reuse-address>true</reuse-address> <tpc-socket> <port-range>14000-16000</port-range> <receive-buffer-size-kb>256</receive-buffer-size-kb> <send-buffer-size-kb>256</send-buffer-size-kb> </tpc-socket> </member-server-socket-endpoint-config> <!-- server socket listening for connections from hazelcast clients --> <client-server-socket-endpoint-config> <outbound-ports> <ports>38000,38500-38600</ports> </outbound-ports> <interfaces enabled="false"> <interface>10.10.1.*</interface> </interfaces> <ssl enabled="true"> <factory-class-name>com.hazelcast.examples.MySSLContextFactory</factory-class-name> <properties> <property name="foo">bar</property> </properties> </ssl> <socket-interceptor enabled="true"> <class-name>com.hazelcast.examples.MySocketInterceptor</class-name> <properties> <property name="foo">bar</property> </properties> </socket-interceptor> <port auto-increment="true" port-count="100">9999</port> <public-address>10.10.0.10</public-address> <reuse-address>true</reuse-address> <tpc-socket> <port-range>14000-16000</port-range> <receive-buffer-size-kb>256</receive-buffer-size-kb> <send-buffer-size-kb>256</send-buffer-size-kb> </tpc-socket> </client-server-socket-endpoint-config> <!-- create a server socket for REST API --> <rest-server-socket-endpoint-config name="internal-server-socket"> <interfaces enabled="false"> <interface>10.10.1.*</interface> </interfaces> <port auto-increment="false">8080</port> <public-address>192.168.1.10</public-address> <reuse-address>true</reuse-address> <endpoint-groups> <endpoint-group name="WAN" enabled="true"/> <endpoint-group name="CLUSTER_READ" enabled="true"/> <endpoint-group name="CLUSTER_WRITE" enabled="false"/> <endpoint-group name="HEALTH_CHECK" enabled="true"/> </endpoint-groups> <tpc-socket> <port-range>14000-16000</port-range> <receive-buffer-size-kb>256</receive-buffer-size-kb> <send-buffer-size-kb>256</send-buffer-size-kb> </tpc-socket> </rest-server-socket-endpoint-config> <!-- specify SSL config to be used for outgoing connections --> <wan-endpoint-config name="endpoint-tokyo"> <ssl enabled="true"> <factory-class-name>com.hazelcast.examples.MySSLContextFactory</factory-class-name> <properties> <property name="foo">bar</property> </properties> </ssl> <tpc-socket> <port-range>14000-16000</port-range> <receive-buffer-size-kb>256</receive-buffer-size-kb> <send-buffer-size-kb>256</send-buffer-size-kb> </tpc-socket> </wan-endpoint-config> <wan-endpoint-config name="endpoint-london"> <symmetric-encryption enabled="true"> <algorithm>Algorithm</algorithm> <salt>thesalt</salt> <password>thepassword</password> <iteration-count>1000</iteration-count> </symmetric-encryption> </wan-endpoint-config> <wan-server-socket-endpoint-config name="wan-server-socket-config"> <interfaces enabled="false"> <interface>192.168.8.101</interface> <interface>10.20.10.100</interface> </interfaces> <tpc-socket> <port-range>14000-16000</port-range> <receive-buffer-size-kb>256</receive-buffer-size-kb> <send-buffer-size-kb>256</send-buffer-size-kb> </tpc-socket> </wan-server-socket-endpoint-config> <memcache-server-socket-endpoint-config name="memcache"> <port auto-increment="false" port-count="10">6000</port> <tpc-socket> <port-range>14000-16000</port-range> <receive-buffer-size-kb>256</receive-buffer-size-kb> <send-buffer-size-kb>256</send-buffer-size-kb> </tpc-socket> </memcache-server-socket-endpoint-config> </advanced-network> <!-- ===== HAZELCAST CP SUBSYSTEM CONFIGURATION ===== Configuration element's name is <cp-subsystem>. It has the following sub-elements: * <cp-member-count>: Number of CP Members to initialize the CP Subsystem. It is 0 by default, meaning that the CP subsystem is disabled. The CP subsystem is enabled when a positive value is set. After the CP subsystem is initialized successfully, more CP members can be added at run-time and number of active CP members can go beyond the configured CP member count. Number of CP members can be smaller than total size of the Hazelcast cluster. For instance, you can run 5 CP members in a 20-member Hazelcast cluster. If set, must be greater than or equal to group-size. * <group-size>: Number of CP members to run CP groups. If set, it must be an odd number between 3 and 7. Otherwise, cp-member-count is respected. If set, must be smaller than or equal to cp-member-count. * <session-time-to-live-seconds>: Duration for a CP session to be kept alive after the last received heartbeat. The session will be closed if there is no new heartbeat this duration. Session TTL must be decided wisely. If a very low value is set, CP session of a Hazelcast instance can be closed prematurely if the instance temporarily loses connectivity to the CP subsystem because of a network partition or a GC pause. In such an occasion, all CP resources of this Hazelcast instance, such as FencedLock or ISemaphore, are released. On the other hand, if a very large value is set, CP resources can remain assigned to an actually crashed Hazelcast instance for too long and liveliness problems can occur. The CP subsystem offers an API, CPSessionManagementService, to deal with liveliness issues related to CP sessions. In order to prevent premature session expires, session TTL configuration can be set a relatively large value and CPSessionManagementService#forceCloseSession() can be manually called to close CP session of a crashed Hazelcast instance. Must be greater than session-heartbeat-interval-seconds, and smaller than or equal to missing-cp-member-auto-removal-seconds. * <session-heartbeat-interval-seconds>: Interval for the periodically-committed CP session heartbeats. A CP session is started on a CP group with the first session-based request of a Hazelcast instance. After that moment, heartbeats are periodically committed to the CP group. Must be smaller than session-time-to-live-seconds. * <missing-cp-member-auto-removal-seconds>: Duration to wait before automatically removing a missing CP member from the CP subsystem. When a CP member leaves the cluster, it is not automatically removed from the CP subsystem, since it could be still alive and left the cluster because of a network partition. On the other hand, if a missing CP member is actually crashed, it creates a danger for its CP groups, because it will be still part of majority calculations. This situation could lead to losing majority of CP groups if multiple CP members leave the cluster over time. With the default configuration, missing CP members will be automatically removed from the CP subsystem after 4 hours. This feature is very useful in terms of fault tolerance when CP member count is also configured to be larger than group size. In this case, a missing CP member will be safely replaced in its CP groups with other available CP members in the CP subsystem. This configuration also implies that no network partition is expected to be longer than the configured duration. Must be greater than or equal to session-time-to-live-seconds. If a missing CP member comes back alive after it is automatically removed from the CP subsystem with this feature, that CP member must be terminated manually. * <fail-on-indeterminate-operation-state>: Offers a choice between at-least-once and at-most-once execution of the operations on top of the Raft consensus algorithm. It is disabled by default and offers at-least-once execution guarantee. If enabled, it switches to at-most-once execution guarantee. When you invoke an API method on a CP data structure proxy, it replicates an internal operation to the corresponding CP group. After this operation is committed to majority of this CP group by the Raft leader node, it sends a response for the public API call. If a failure causes loss of the response, then the calling side cannot determine if the operation is committed on the CP group or not. In this case, if this configuration is disabled, the operation is replicated again to the CP group, and hence could be committed multiple times. If it is enabled, the public API call fails with com.hazelcast.core.IndeterminateOperationStateException * <persistence-enabled>: Flag to denote whether or not CP Subsystem Persistence is enabled. If enabled, CP members persist their local CP data to stable storage and can recover from crashes. * <base-dir>: Base directory to store all CP data when persistence-enabled is true. This directory can be shared between multiple CP members. Each CP member creates a unique directory for itself under the base directory. This is especially useful for cloud environments where CP members generally use a shared filesystem. * <data-load-timeout-seconds>: Timeout duration for CP members to restore their data from disk. A CP member fails its startup if it cannot complete its CP data restore process in the configured duration. * <cp-member-priority>: The CP member priority. The CP groups' leadership will be eventually transferred to members with higher priorities within the CP group. * <raft-algorithm>: These parameters tune specific parameters of Hazelcast’s Raft consensus algorithm implementation and are only for power users. * <leader-election-timeout-in-millis>: Leader election timeout in milliseconds. If a candidate cannot win majority of the votes in time, a new election round is initiated. * <leader-heartbeat-period-in-millis>: Period in milliseconds for a leader to send heartbeat messages to its followers. * <max-missed-leader-heartbeat-count>: Maximum number of missed leader heartbeats to trigger a new leader election. * <append-request-max-entry-count>: Maximum number of entries that can be sent in a single batch of append entries request. * <commit-index-advance-count-to-snapshot>: Number of new commits to initiate a new snapshot after the last snapshot. * <uncommitted-entry-count-to-reject-new-appends>: Maximum number of uncommitted entries in the leader's Raft log before temporarily rejecting new requests of callers. * <append-request-backoff-timeout-in-millis>: Timeout in milliseconds for append request backoff. After the leader sends an append request to a follower, it will not send a subsequent append request until the follower responds to the former request or this timeout occurs. * <semaphores>: Configurations for CP semaphore instances. The semaphores can be configured under <semaphore> elements with the following sub-elements: * <name>: Name of the CP semaphore. * <jdk-compatible>: Enables / disables JDK compatibility of the CP ISemaphore. When it is JDK compatible, just as in the Semaphore#release() method, a permit can be released without acquiring it first, because acquired permits are not bound to threads. However, there is no auto-cleanup of acquired permits upon Hazelcast server / client failures. If a permit holder fails, its permits must be released manually. When JDK compatibility is disabled, a HazelcastInstance must acquire permits before releasing them and it cannot release a permit that it has mot acquired. It means, you can acquire a permit from one thread and release it from another thread using the same HazelcastInstance, but not different HazelcastInstances. In this mode, acquired permits are automatically released upon failure of the holder HazelcastInstance. So there is a minor behavioral difference to the Semaphore#release() method. JDK compatibility is disabled by default. * <locks>: Configurations for FencedLock instances. The FencedLocks can be configured under <fenced-lock> elements with the following sub-elements: * <name>: Name of the FencedLock. * <lock-acquire-limit>: Maximum number of reentrant lock acquires. Once a caller acquires the lock this many times, it will not be able to acquire the lock again, until it makes at least one unlock() call. By default, no upper bound is set for the number of reentrant lock acquires, which means that once a caller acquires a FencedLock, all of its further lock() calls will succeed. However, for instance, if you set lock-acquire-limit to 2, once a caller acquires the lock, it will be able to acquire it once more, but its third lock() call will not succeed. If lock-acquire-limit is set to 1, then the lock becomes non-reentrant. --> <cp-subsystem> <cp-member-count>10</cp-member-count> <group-size>3</group-size> <session-time-to-live-seconds>60</session-time-to-live-seconds> <session-heartbeat-interval-seconds>5</session-heartbeat-interval-seconds> <missing-cp-member-auto-removal-seconds>120</missing-cp-member-auto-removal-seconds> <fail-on-indeterminate-operation-state>false</fail-on-indeterminate-operation-state> <persistence-enabled>true</persistence-enabled> <base-dir>custom-cp-dir</base-dir> <data-load-timeout-seconds>30</data-load-timeout-seconds> <cp-member-priority>1</cp-member-priority> <raft-algorithm> <leader-election-timeout-in-millis>2000</leader-election-timeout-in-millis> <leader-heartbeat-period-in-millis>5000</leader-heartbeat-period-in-millis> <max-missed-leader-heartbeat-count>5</max-missed-leader-heartbeat-count> <append-request-max-entry-count>50</append-request-max-entry-count> <commit-index-advance-count-to-snapshot>1000</commit-index-advance-count-to-snapshot> <uncommitted-entry-count-to-reject-new-appends>100</uncommitted-entry-count-to-reject-new-appends> <append-request-backoff-timeout-in-millis>100</append-request-backoff-timeout-in-millis> </raft-algorithm> <semaphores> <semaphore> <name>sem1</name> <jdk-compatible>true</jdk-compatible> <initial-permits>1</initial-permits> </semaphore> <semaphore> <name>sem2</name> <jdk-compatible>false</jdk-compatible> <initial-permits>2</initial-permits> </semaphore> </semaphores> <locks> <fenced-lock> <name>lock1</name> <lock-acquire-limit>1</lock-acquire-limit> </fenced-lock> <fenced-lock> <name>lock2</name> <lock-acquire-limit>2</lock-acquire-limit> </fenced-lock> </locks> </cp-subsystem> <!-- ===== HAZELCAST METRICS CONFIGURATION ===== Configuration element's name is <metrics>. It has the following attributes: - enabled: The master-switch for the metrics collection. If this is set to false no metrics collection is done, regardless of the other settings. Its default value is true. It has the following sub-elements: * <management-center>: Defines the Hazelcast Management Center related metrics configuration. It has the following attributes: * "enabled": Controls whether the metrics collected are exposed to Hazelcast Management Center. It is enabled by default. Please note that the metrics are polled by the Hazelcast Management Center, hence the members need to buffer the collected metrics between two polls. The aim for this switch is to reduce memory consumption of the metrics system if the Hazelcast Management Center is not used. It has the following sub-elements: * <retention-seconds>: Sets the number of seconds the metrics will be retained on the instance. By default, metrics are retained for 5 seconds (that is for one collection of metrics values, if default <collection-frequency-seconds> collection frequency is used). More retention means more heap memory, but allows for longer client hiccups without losing a value (for example to restart the Management Center). * <jmx>: Defines the JMX related metrics configuration. It has the following attributes: * "enabled": Controls whether the metrics collected are exposed to through JMX. It is enabled by default. In order to expose the metrics, the metrics system need to be enabled via the enabled master-switch attribute. * <collection-frequency-seconds>: Sets the metrics collection frequency in seconds. By default, metrics are collected every 5 seconds. --> <metrics enabled="false"> <management-center enabled="false"> <retention-seconds>30</retention-seconds> </management-center> <jmx enabled="false"/> <collection-frequency-seconds>10</collection-frequency-seconds> </metrics> <auditlog enabled="false"> <factory-class-name>com.acme.AuditlogToSyslogFactory</factory-class-name> <properties> <property name="host">syslogserver.acme.com</property> <property name="port">514</property> <property name="type">tcp</property> </properties> </auditlog> <!-- ===== HAZELCAST INSTANCE TRACKING CONFIGURATION ===== Configuration element's name is <instance-tracking>. It has the following attributes: - enabled: Enables or disables instance tracking. It has the following sub-elements: * <format-pattern>: Sets the pattern used to render the contents of the instance tracking file. It may contain placeholders for these properties: - "product": The instance product name, e.g. "Hazelcast" or "Hazelcast Enterprise". - "version": The instance version. - "mode": The instance mode which can be "server", "embedded" or "client". - "start_timestamp": The timestamp of when the instance was started expressed the difference, measured in milliseconds, between the current time and midnight, January 1, 1970 UTC - "licensed": If this instance is using a license or not. The value 0 signifies that there is no license set and the value 1 signifies that a license is in use. - "pid": Attempts to get the process ID value. The algorithm does not guarantee to get the process ID on all JVMs and operating systems so please test before use. In case we are unable to get the PID, the value will be -1. The placeholders are defined by a $HZ_INSTANCE_TRACKING{ prefix and followed by }. For instance, a placeholder for the "start_timestamp" would be $HZ_INSTANCE_TRACKING{start_timestamp}. The placeholders are resolved in a fail-safe manner. Any incorrect syntax is ignored and only the known properties are resolved, placeholders for any parameters which do not have defined values will be ignored. This also means that if there is a missing closing bracket in one of the placeholders, the property name will be resolved as anything from the opening bracket to the next closing bracket, which might contain additional opening brackets. If unset, a JSON formatted output will be used. * <file-name>: Sets the name of the file which will contain the tracking metadata. If left unset a file named "Hazelcast.process" will be created in the directory as returned by System.getProperty("java.io.tmpdir"). The filename can contain placeholders that will be resolved in the same way as placeholders for the format pattern. --> <instance-tracking enabled="false"> <file-name>hazelcast.process</file-name> <format-pattern>$HZ_INSTANCE_TRACKING{product}:$HZ_INSTANCE_TRACKING{version}</format-pattern> </instance-tracking> <!-- ===== HAZELCAST SQL CONFIGURATION ===== Configuration element's name is <sql>. It has the following sub-elements: * <statement-timeout-millis> Defines the timeout in milliseconds that is applied to queries without an explicit timeout. * <catalog-persistence-enabled> Sets whether SQL Catalog persistence is enabled for the node. With SQL Catalog persistence enabled you can restart the whole cluster without losing schema definition objects (such as MAPPINGs, TYPEs, VIEWs and DATA CONNECTIONs). The feature is implemented on top of the Hot Restart feature of Hazelcast which persists the data to disk. If enabled, you have to also configure Hot Restart. Feature is disabled by default. If you enable this option in open-source, the member will fail to start, you need Enterprise to run it and obtain a license from Hazelcast. --> <sql> <statement-timeout-millis>0</statement-timeout-millis> <catalog-persistence-enabled>false</catalog-persistence-enabled> </sql> <!-- ===== HAZELCAST JET CONFIGURATION ===== Configuration element's name is <jet>. It has the following attributes: - enabled: Enables or disables Jet Service. - resource-upload-enabled Enables or disables resource uploading for Jet jobs. It has the following sub-elements: * <cooperative-thread-count>: Sets the number of threads each cluster member will use to execute Jet jobs. This refers only to threads executing `cooperative` processors; each `blocking` processor is assigned its own thread. * <flow-control-period>: While executing a Jet job there is the issue of regulating the rate at which one member of the cluster sends data to another member. The receiver will regularly report to each sender how much more data it is allowed to send over a given DAG edge. This method sets the length (in milliseconds) of the interval between flow-control ("ack") packets. * <backup-count>: Sets the number of backups that Jet will maintain for the job metadata and snapshots. Each backup is on another cluster member; all backup write operations must complete before the overall write operation can complete. The maximum allowed number of backups is 6 and the default is 1. For example, if you set the backup count to 2, Jet will replicate all the job metadata and snapshot data to two other members. If one or two members of the cluster fail, Jet can recover the data from the snapshot and continue executing the job on the remaining members without loss. * <scale-up-delay-millis>: Sets the delay after which auto-scaled jobs will restart if a new member is added to the cluster. The default is 10 seconds. Has no effect on jobs with auto scaling disabled. * <lossless-restart-enabled>: Sets whether lossless job restart is enabled for the node. With lossless restart you can restart the whole cluster without losing the jobs and their state. The feature is implemented on top of the Hot Restart feature of Hazelcast which persists the data to disk. If enabled, you have to also enable/configure Hazelcast Persistence. Note: the snapshots exported using `Job#exportSnapshot` will also be saved to the persistent storage. This Lossless restart feature is disabled by default. If you enable this option in open-source, the member will fail to start, you need Enterprise to run it and obtain a license from Hazelcast. * <max-processor-accumulated-records>: Sets the maximum number of records that can be accumulated by any single processor instance. Operations like grouping, sorting or joining require certain amount of records to be accumulated before they can proceed. You can set this option to reduce the probability of OutOfMemoryError. This option applies to each processor instance separately, hence the effective limit of records accumulated by each cluster member is influenced by the vertex's localParallelism and the number of jobs in the cluster. Currently, maxProcessorAccumulatedRecords limits: 1. number of items sorted by the sort operation 2. number of distinct keys accumulated by aggregation operations 3. number of entries in each hash-join lookup table 4. number of entries in stateful transforms 5. number of distinct items in distinct operation Note: the limit does not apply to streaming aggregations. The default value is Long.MAX_VALUE. * <edge-defaults> A configuration object for a DAG `Edge` that holds fine-tuning parameters that influence its performance characteristics. It has the following sub-elements: * <queue-size>: Sets the capacity of processor-to-processor concurrent queues. The value is rounded upwards to the next power of 2. When data needs to travel between two processors on the same cluster member, Jet sends it over a concurrent single-producer, single-consumer (SPSC) queue of fixed capacity. Since there are several processors executing the logic of each vertex, and since the queues are SPSC, there will be `senderParallelism * receiverParallelism` queues representing the edge on each member. The edge capacity should strike a balance between performance and memory usage. * <packet-size-limit> For a distributed edge, data is sent to a remote member via Hazelcast network packets. Each packet is dedicated to the data of a single edge, but may contain any number of data items. This setting limits the size of the packet in bytes. Packets should be large enough to drown out any fixed overheads, but small enough to allow good interleaving with other packets. Note that a single item cannot straddle packets, therefore the maximum packet size can exceed the value configured here by the size of a single data item. This setting has no effect on a non-distributed edge. * <receive-window-multiplier> Sets the scaling factor used by the adaptive receive window sizing function. For each distributed edge the receiving member regularly sends flow-control ("ack") packets to its sender which prevent it from sending too much data and overflowing the buffers. The sender is allowed to send the data one `receive window` further than the last acknowledged byte and the receive window is sized in proportion to the rate of processing at the receiver. Ack packets are sent in regular intervals (InstanceConfig#setFlowControlPeriodMs) and the `receive window multiplier` sets the factor of the linear relationship between the amount of data processed within one such interval and the size of the receive window. To put it another way, let us define an `ackworth` as the amount of data processed between two consecutive ack packets. The receive window multiplier determines the number of ackworths the sender can be ahead of the last acked byte. This setting has no effect on a non-distributed edge. --> <jet enabled="true" resource-upload-enabled="true"> <!-- number of threads in the cooperative thread pool --> <cooperative-thread-count>8</cooperative-thread-count> <!-- period between flow control packets in milliseconds --> <flow-control-period>100</flow-control-period> <!-- number of backup copies to configure for Hazelcast IMaps used internally in a Jet job --> <backup-count>1</backup-count> <!-- the delay after which auto-scaled jobs will restart if a new member is added to the cluster. The default is 10 seconds. Has no effect on jobs with auto scaling disabled --> <scale-up-delay-millis>10000</scale-up-delay-millis> <!-- Sets whether lossless job restart is enabled for the node. With lossless restart you can restart the whole cluster without losing the jobs and their state. The feature is implemented on top of the Persistence feature of Hazelcast which persists the data to disk. --> <lossless-restart-enabled>false</lossless-restart-enabled> <max-processor-accumulated-records>1000000000</max-processor-accumulated-records> <edge-defaults> <!-- capacity of the concurrent SPSC queue between each two processors --> <queue-size>1024</queue-size> <!-- network packet size limit in bytes, only applies to distributed edges --> <packet-size-limit>16384</packet-size-limit> <!-- receive window size multiplier, only applies to distributed edges --> <receive-window-multiplier>3</receive-window-multiplier> </edge-defaults> </jet> <!-- ===== HAZELCAST INTEGRITY CHECKER CONFIGURATION ===== Configuration element's name is <integrity-checker>. When you want to enable Integrity Checker, set this element's "enabled" attribute to true in that member's XML configuration. Integrity Checker is a component that verifies that the executable contains all the required META-INF/services files, it is a costly operation, it can be disabled to improve startup time. Integrity Checker is disabled by default. --> <integrity-checker enabled="false"/> <!-- ===== HAZELCAST DATA CONNECTION CONFIGURATION ===== Configuration element's name is <data-connection>. Contains configuration of data connections used by map stores and jdbc sinks and sources --> <data-connection name="mysql-database"> <type>jdbc</type> <properties> <property name="jdbcUrl">jdbc:mysql://dummy:3306</property> </properties> <shared>false</shared> </data-connection> <data-connection name="other-database"> <type>other</type> </data-connection> <!-- ===== HAZELCAST TPC CONFIGURATION ===== Hazelcast TPC is the next generation of Hazelcast built with thread per core architecture. It's still being developed and everything is subject to change. TPC is disabled by default. --> <tpc enabled="true"> <!-- Configures the number of eventloops. It's equal to available processor count by default. --> <eventloop-count>12</eventloop-count> </tpc> </hazelcast>
© 2015 - 2024 Weber Informatics LLC | Privacy Policy