##################################### # Akka Remote Reference Config File # ##################################### # This is the reference config file that contains all the default settings. # Make your edits/overrides in your application.conf. # comments about akka.actor settings left out where they are already in akka- # actor.jar, because otherwise they would be repeated in config rendering. akka { actor { serializers { akka-containers = "akka.remote.serialization.MessageContainerSerializer" proto = "akka.remote.serialization.ProtobufSerializer" daemon-create = "akka.remote.serialization.DaemonMsgCreateSerializer" } serialization-bindings { # Since com.google.protobuf.Message does not extend Serializable but # GeneratedMessage does, need to use the more specific one here in order # to avoid ambiguity "akka.actor.SelectionPath" = akka-containers "com.google.protobuf.GeneratedMessage" = proto "akka.remote.DaemonMsgCreate" = daemon-create } deployment { default { # if this is set to a valid remote address, the named actor will be # deployed at that node e.g. "akka://sys@host:port" remote = "" target { # A list of hostnames and ports for instantiating the children of a # router # The format should be on "akka://sys@host:port", where: # - sys is the remote actor system name # - hostname can be either hostname or IP address the remote actor # should connect to # - port should be the port for the remote server on the other node # The number of actor instances to be spawned is still taken from the # nr-of-instances setting as for local routers; the instances will be # distributed round-robin among the given nodes. nodes = [] } } } } remote { ### General settings # Timeout after which the startup of the remoting subsystem is considered # to be failed. Increase this value if your transport drivers (see the # enabled-transports section) need longer time to be loaded. startup-timeout = 10 s # Timout after which the graceful shutdown of the remoting subsystem is # considered to be failed. After the timeout the remoting system is # forcefully shut down. Increase this value if your transport drivers # (see the enabled-transports section) need longer time to stop properly. shutdown-timeout = 10 s # Before shutting down the drivers, the remoting subsystem attempts to flush # all pending writes. This setting controls the maximum time the remoting is # willing to wait before moving on to shut down the drivers. flush-wait-on-shutdown = 2 s # Reuse inbound connections for outbound messages use-passive-connections = on # Controls the backoff interval after a refused write is reattempted. # (Transports may refuse writes if their internal buffer is full) backoff-interval = 0.01 s # Acknowledgment timeout of management commands sent to the transport stack. command-ack-timeout = 30 s # If set to a nonempty string remoting will use the given dispatcher for # its internal actors otherwise the default dispatcher is used. Please note # that since remoting can load arbitrary 3rd party drivers (see # "enabled-transport" and "adapters" entries) it is not guaranteed that # every module will respect this setting. use-dispatcher = "" ### Security settings # Enable untrusted mode for full security of server managed actors, prevents # system messages to be send by clients, e.g. messages like 'Create', # 'Suspend', 'Resume', 'Terminate', 'Supervise', 'Link' etc. untrusted-mode = off # Should the remote server require that its peers share the same # secure-cookie (defined in the 'remote' section)? Secure cookies are passed # between during the initial handshake. Connections are refused if the initial # message contains a mismatching cookie or the cookie is missing. require-cookie = off # Generate your own with the script availbale in # '$AKKA_HOME/scripts/generate_config_with_secure_cookie.sh' or using # 'akka.util.Crypt.generateSecureCookie' secure-cookie = "" ### Logging # If this is "on", Akka will log all inbound messages at DEBUG level, # if off then they are not logged log-received-messages = off # If this is "on", Akka will log all outbound messages at DEBUG level, # if off then they are not logged log-sent-messages = off # If this is "on", Akka will log all RemoteLifeCycleEvents at the level # defined for each, if off then they are not logged. Failures to deserialize # received messages also fall under this flag. log-remote-lifecycle-events = on # Logging of message types with payload size in bytes larger than # this value. Maximum detected size per message type is logged once, # with an increase threshold of 10%. # By default this feature is turned off. Activate it by setting the property to # a value in bytes, such as 1000b. Note that for all messages larger than this # limit there will be extra performance and scalability cost. log-frame-size-exceeding = off ### Failure detection and recovery # Settings for the Phi accrual failure detector (http://ddg.jaist.ac.jp/pub/HDY+04.pdf # [Hayashibara et al]) used by the remoting subsystem to detect failed # connections. transport-failure-detector { # FQCN of the failure detector implementation. # It must implement akka.remote.FailureDetector and have # a public constructor with a com.typesafe.config.Config and # akka.actor.EventStream parameter. implementation-class = "akka.remote.PhiAccrualFailureDetector" # How often keep-alive heartbeat messages should be sent to each connection. heartbeat-interval = 1 s # Defines the failure detector threshold. # A low threshold is prone to generate many wrong suspicions but ensures # a quick detection in the event of a real crash. Conversely, a high # threshold generates fewer mistakes but needs more time to detect # actual crashes. threshold = 7.0 # Number of the samples of inter-heartbeat arrival times to adaptively # calculate the failure timeout for connections. max-sample-size = 100 # Minimum standard deviation to use for the normal distribution in # AccrualFailureDetector. Too low standard deviation might result in # too much sensitivity for sudden, but normal, deviations in heartbeat # inter arrival times. min-std-deviation = 100 ms # Number of potentially lost/delayed heartbeats that will be # accepted before considering it to be an anomaly. # This margin is important to be able to survive sudden, occasional, # pauses in heartbeat arrivals, due to for example garbage collect or # network drop. acceptable-heartbeat-pause = 3 s } # Settings for the Phi accrual failure detector (http://ddg.jaist.ac.jp/pub/HDY+04.pdf # [Hayashibara et al]) used for remote death watch. watch-failure-detector { # FQCN of the failure detector implementation. # It must implement akka.remote.FailureDetector and have # a public constructor with a com.typesafe.config.Config and # akka.actor.EventStream parameter. implementation-class = "akka.remote.PhiAccrualFailureDetector" # How often keep-alive heartbeat messages should be sent to each connection. heartbeat-interval = 1 s # Defines the failure detector threshold. # A low threshold is prone to generate many wrong suspicions but ensures # a quick detection in the event of a real crash. Conversely, a high # threshold generates fewer mistakes but needs more time to detect # actual crashes. threshold = 10.0 # Number of the samples of inter-heartbeat arrival times to adaptively # calculate the failure timeout for connections. max-sample-size = 200 # Minimum standard deviation to use for the normal distribution in # AccrualFailureDetector. Too low standard deviation might result in # too much sensitivity for sudden, but normal, deviations in heartbeat # inter arrival times. min-std-deviation = 100 ms # Number of potentially lost/delayed heartbeats that will be # accepted before considering it to be an anomaly. # This margin is important to be able to survive sudden, occasional, # pauses in heartbeat arrivals, due to for example garbage collect or # network drop. acceptable-heartbeat-pause = 4 s # How often to check for nodes marked as unreachable by the failure # detector unreachable-nodes-reaper-interval = 1s # After the heartbeat request has been sent the first failure detection # will start after this period, even though no heartbeat mesage has # been received. expected-response-after = 3 s } # After failed to establish an outbound connection, the remoting will mark the # address as failed. This configuration option controls how much time should # be elapsed before reattempting a new connection. While the address is # gated, all messages sent to the address are delivered to dead-letters. # If this setting is 0, the remoting will always immediately reattempt # to establish a failed outbound connection and will buffer writes until # it succeeds. retry-gate-closed-for = 0 s # If the retry gate function is disabled (see retry-gate-closed-for) the # remoting subsystem will always attempt to reestablish failed outbound # connections. The settings below together control the maximum number of # reattempts in a given time window. The number of reattempts during # a window of "retry-window" will be maximum "maximum-retries-in-window". retry-window = 60 s maximum-retries-in-window = 3 # The length of time to gate an address whose name lookup has failed # or has explicitly signalled that it will not accept connections # (remote system is shutting down or the requesting system is quarantined). # No connection attempts will be made to an address while it remains # gated. Any messages sent to a gated address will be directed to dead # letters instead. Name lookups are costly, and the time to recovery # is typically large, therefore this setting should be a value in the # order of seconds or minutes. gate-invalid-addresses-for = 60 s # This settings controls how long a system will be quarantined after # catastrophic communication failures that result in the loss of system # messages. Quarantining prevents communication with the remote system # of a given UID. This function can be disabled by setting the value # to "off". quarantine-systems-for = 60s # This setting defines the maximum number of unacknowledged system messages # allowed for a remote system. If this limit is reached the remote system is # declared to be dead and its UID marked as tainted. system-message-buffer-size = 1000 # This setting defines the maximum idle time after an individual # acknowledgement for system messages is sent. System message delivery # is guaranteed by explicit acknowledgement messages. These acks are # piggybacked on ordinary traffic messages. If no traffic is detected # during the time period configured here, the remoting will send out # an individual ack. system-message-ack-piggyback-timeout = 0.3 s # This setting defines the time after messages that have not been # explicitly acknowledged or negatively acknowledged are resent. # Messages that were negatively acknowledged are always immediately # resent. resend-interval = 1 s ### Transports and adapters # List of the transport drivers that will be loaded by the remoting. # A list of fully qualified config paths must be provided where # the given configuration path contains a transport-class key # pointing to an implementation class of the Transport interface. # If multiple transports are provided, the address of the first # one will be used as a default address. enabled-transports = ["akka.remote.netty.tcp"] # Transport drivers can be augmented with adapters by adding their # name to the applied-adapters setting in the configuration of a # transport. The available adapters should be configured in this # section by providing a name, and the fully qualified name of # their corresponding implementation. The class given here # must implement akka.akka.remote.transport.TransportAdapterProvider # and have public constructor without parameters. adapters { gremlin = "akka.remote.transport.FailureInjectorProvider" trttl = "akka.remote.transport.ThrottlerProvider" } ### Default configuration for the Netty based transport drivers netty.tcp { # The class given here must implement the akka.remote.transport.Transport # interface and offer a public constructor which takes two arguments: # 1) akka.actor.ExtendedActorSystem # 2) com.typesafe.config.Config transport-class = "akka.remote.transport.netty.NettyTransport" # Transport drivers can be augmented with adapters by adding their # name to the applied-adapters list. The last adapter in the # list is the adapter immediately above the driver, while # the first one is the top of the stack below the standard # Akka protocol applied-adapters = [] transport-protocol = tcp # The default remote server port clients should connect to. # Default is 2552 (AKKA), use 0 if you want a random available port # This port needs to be unique for each actor system on the same machine. port = 2552 # The hostname or ip to bind the remoting to, # InetAddress.getLocalHost.getHostAddress is used if empty hostname = "" # Enables SSL support on this transport enable-ssl = false # Sets the connectTimeoutMillis of all outbound connections, # i.e. how long a connect may take until it is timed out connection-timeout = 15 s # If set to "" then the specified dispatcher # will be used to accept inbound connections, and perform IO. If "" then # dedicated threads will be used. # Please note that the Netty driver only uses this configuration and does # not read the "akka.remote.use-dispatcher" entry. Instead it has to be # configured manually to point to the same dispatcher if needed. use-dispatcher-for-io = "" # Sets the high water mark for the in and outbound sockets, # set to 0b for platform default write-buffer-high-water-mark = 0b # Sets the low water mark for the in and outbound sockets, # set to 0b for platform default write-buffer-low-water-mark = 0b # Sets the send buffer size of the Sockets, # set to 0b for platform default send-buffer-size = 256000b # Sets the receive buffer size of the Sockets, # set to 0b for platform default receive-buffer-size = 256000b # Maximum message size the transport will accept, but at least # 32000 bytes. # Please note that UDP does not support arbitrary large datagrams, # so this setting has to be chosen carefully when using UDP. # Both send-buffer-size and receive-buffer-size settings has to # be adjusted to be able to buffer messages of maximum size. maximum-frame-size = 128000b # Sets the size of the connection backlog backlog = 4096 # Enables the TCP_NODELAY flag, i.e. disables Nagle’s algorithm tcp-nodelay = on # Enables TCP Keepalive, subject to the O/S kernel’s configuration tcp-keepalive = on # Enables SO_REUSEADDR, which determines when an ActorSystem can open # the specified listen port (the meaning differs between *nix and Windows) # Valid values are "on", "off" and "off-for-windows" # due to the following Windows bug: http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=4476378 # "off-for-windows" of course means that it's "on" for all other platforms tcp-reuse-addr = off-for-windows # Used to configure the number of I/O worker threads on server sockets server-socket-worker-pool { # Min number of threads to cap factor-based number to pool-size-min = 2 # The pool size factor is used to determine thread pool size # using the following formula: ceil(available processors * factor). # Resulting size is then bounded by the pool-size-min and # pool-size-max values. pool-size-factor = 1.0 # Max number of threads to cap factor-based number to pool-size-max = 2 } # Used to configure the number of I/O worker threads on client sockets client-socket-worker-pool { # Min number of threads to cap factor-based number to pool-size-min = 2 # The pool size factor is used to determine thread pool size # using the following formula: ceil(available processors * factor). # Resulting size is then bounded by the pool-size-min and # pool-size-max values. pool-size-factor = 1.0 # Max number of threads to cap factor-based number to pool-size-max = 2 } } netty.udp = ${akka.remote.netty.tcp} netty.udp { transport-protocol = udp } netty.ssl = ${akka.remote.netty.tcp} netty.ssl = { # Enable SSL/TLS encryption. # This must be enabled on both the client and server to work. enable-ssl = true security { # This is the Java Key Store used by the server connection key-store = "keystore" # This password is used for decrypting the key store key-store-password = "changeme" # This password is used for decrypting the key key-password = "changeme" # This is the Java Key Store used by the client connection trust-store = "truststore" # This password is used for decrypting the trust store trust-store-password = "changeme" # Protocol to use for SSL encryption, choose from: # Java 6 & 7: # 'SSLv3', 'TLSv1' # Java 7: # 'TLSv1.1', 'TLSv1.2' protocol = "TLSv1" # Example: ["TLS_RSA_WITH_AES_128_CBC_SHA", "TLS_RSA_WITH_AES_256_CBC_SHA"] # You need to install the JCE Unlimited Strength Jurisdiction Policy # Files to use AES 256. # More info here: # http://docs.oracle.com/javase/7/docs/technotes/guides/security/SunProviders.html#SunJCEProvider enabled-algorithms = ["TLS_RSA_WITH_AES_128_CBC_SHA"] # There are three options, in increasing order of security: # "" or SecureRandom => (default) # "SHA1PRNG" => Can be slow because of blocking issues on Linux # "AES128CounterSecureRNG" => fastest startup and based on AES encryption # algorithm # "AES256CounterSecureRNG" # The following use one of 3 possible seed sources, depending on # availability: /dev/random, random.org and SecureRandom (provided by Java) # "AES128CounterInetRNG" # "AES256CounterInetRNG" (Install JCE Unlimited Strength Jurisdiction # Policy Files first) # Setting a value here may require you to supply the appropriate cipher # suite (see enabled-algorithms section above) random-number-generator = "" } } } }