raboof/pekko
1
0
Fork 0
Code Issues Pull requests Projects Releases 6 Packages Wiki Activity Actions 10
pekko/remote/src/main/resources/reference.conf
He-Pin fbac70e9dd =ret Change the comment of Akka to Pekko. 
Signed-off-by: He-Pin <hepin1989@gmail.com>
2023-07-17 14:05:48 +08:00

1263 lines
60 KiB
Text
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

# SPDX-License-Identifier: Apache-2.0
#//#shared
######################################
# Pekko Remote Reference Config File #
######################################
# This is the reference config file that contains all the default settings.
# Make your edits/overrides in your application.conf.
# comments about pekko.actor settings left out where they are already in pekko-
# actor.jar, because otherwise they would be repeated in config rendering.
#
# For the configuration of the new remoting implementation (Artery) please look
# at the bottom section of this file as it is listed separately.
pekko {
actor {
serializers {
pekko-containers = "org.apache.pekko.remote.serialization.MessageContainerSerializer"
pekko-misc = "org.apache.pekko.remote.serialization.MiscMessageSerializer"
artery = "org.apache.pekko.remote.serialization.ArteryMessageSerializer"
proto = "org.apache.pekko.remote.serialization.ProtobufSerializer"
daemon-create = "org.apache.pekko.remote.serialization.DaemonMsgCreateSerializer"
pekko-system-msg = "org.apache.pekko.remote.serialization.SystemMessageSerializer"
}
serialization-bindings {
"org.apache.pekko.actor.ActorSelectionMessage" = pekko-containers
"org.apache.pekko.remote.DaemonMsgCreate" = daemon-create
"org.apache.pekko.remote.artery.ArteryMessage" = artery
# Since org.apache.pekko.protobuf.Message does not extend Serializable but
# GeneratedMessage does, need to use the more specific one here in order
# to avoid ambiguity.
# This is only loaded if pekko-protobuf is on the classpath
# It should not be used and users should migrate to using the protobuf classes
# directly
# Remove in 2.7
"org.apache.pekko.protobuf.GeneratedMessage" = proto
"org.apache.pekko.protobufv3.internal.GeneratedMessageV3" = proto
# Since com.google.protobuf.Message does not extend Serializable but
# GeneratedMessage does, need to use the more specific one here in order
# to avoid ambiguity.
# This com.google.protobuf serialization binding is only used if the class can be loaded,
# i.e. com.google.protobuf dependency has been added in the application project.
"com.google.protobuf.GeneratedMessage" = proto
"com.google.protobuf.GeneratedMessageV3" = proto
"org.apache.pekko.actor.Identify" = pekko-misc
"org.apache.pekko.actor.ActorIdentity" = pekko-misc
"scala.Some" = pekko-misc
"scala.None$" = pekko-misc
"java.util.Optional" = pekko-misc
"org.apache.pekko.actor.Status$Success" = pekko-misc
"org.apache.pekko.actor.Status$Failure" = pekko-misc
"org.apache.pekko.actor.ActorRef" = pekko-misc
"org.apache.pekko.actor.PoisonPill$" = pekko-misc
"org.apache.pekko.actor.Kill$" = pekko-misc
"org.apache.pekko.remote.RemoteWatcher$Heartbeat$" = pekko-misc
"org.apache.pekko.remote.RemoteWatcher$HeartbeatRsp" = pekko-misc
"org.apache.pekko.Done" = pekko-misc
"org.apache.pekko.NotUsed" = pekko-misc
"org.apache.pekko.actor.Address" = pekko-misc
"org.apache.pekko.remote.UniqueAddress" = pekko-misc
"org.apache.pekko.actor.ActorInitializationException" = pekko-misc
"org.apache.pekko.actor.IllegalActorStateException" = pekko-misc
"org.apache.pekko.actor.ActorKilledException" = pekko-misc
"org.apache.pekko.actor.InvalidActorNameException" = pekko-misc
"org.apache.pekko.actor.InvalidMessageException" = pekko-misc
"java.util.concurrent.TimeoutException" = pekko-misc
"org.apache.pekko.remote.serialization.ThrowableNotSerializableException" = pekko-misc
"org.apache.pekko.actor.LocalScope$" = pekko-misc
"org.apache.pekko.remote.RemoteScope" = pekko-misc
"com.typesafe.config.impl.SimpleConfig" = pekko-misc
"com.typesafe.config.Config" = pekko-misc
"org.apache.pekko.routing.FromConfig" = pekko-misc
"org.apache.pekko.routing.DefaultResizer" = pekko-misc
"org.apache.pekko.routing.BalancingPool" = pekko-misc
"org.apache.pekko.routing.BroadcastGroup" = pekko-misc
"org.apache.pekko.routing.BroadcastPool" = pekko-misc
"org.apache.pekko.routing.RandomGroup" = pekko-misc
"org.apache.pekko.routing.RandomPool" = pekko-misc
"org.apache.pekko.routing.RoundRobinGroup" = pekko-misc
"org.apache.pekko.routing.RoundRobinPool" = pekko-misc
"org.apache.pekko.routing.ScatterGatherFirstCompletedGroup" = pekko-misc
"org.apache.pekko.routing.ScatterGatherFirstCompletedPool" = pekko-misc
"org.apache.pekko.routing.SmallestMailboxPool" = pekko-misc
"org.apache.pekko.routing.TailChoppingGroup" = pekko-misc
"org.apache.pekko.routing.TailChoppingPool" = pekko-misc
"org.apache.pekko.remote.routing.RemoteRouterConfig" = pekko-misc
"org.apache.pekko.pattern.StatusReply" = pekko-misc
"org.apache.pekko.dispatch.sysmsg.SystemMessage" = pekko-system-msg
# Java Serializer is by default used for exceptions and will by default
# not be allowed to be serialized, but in certain cases they are replaced
# by `org.apache.pekko.remote.serialization.ThrowableNotSerializableException` if
# no specific serializer has been defined:
# - when wrapped in `org.apache.pekko.actor.Status.Failure` for ask replies
# - when wrapped in system messages for exceptions from remote deployed child actors
#
# It's recommended that you implement custom serializer for exceptions that are
# sent remotely, You can add binding to pekko-misc (MiscMessageSerializer) for the
# exceptions that have a constructor with single message String or constructor with
# message String as first parameter and cause Throwable as second parameter. Note that it's not
# safe to add this binding for general exceptions such as IllegalArgumentException
# because it may have a subclass without required constructor.
"java.lang.Throwable" = java
}
serialization-identifiers {
"org.apache.pekko.remote.serialization.ProtobufSerializer" = 2
"org.apache.pekko.remote.serialization.DaemonMsgCreateSerializer" = 3
"org.apache.pekko.remote.serialization.MessageContainerSerializer" = 6
"org.apache.pekko.remote.serialization.MiscMessageSerializer" = 16
"org.apache.pekko.remote.serialization.ArteryMessageSerializer" = 17
"org.apache.pekko.remote.serialization.SystemMessageSerializer" = 22
# deprecated in Akka 2.6.0, moved to pekko-actor
"org.apache.pekko.remote.serialization.LongSerializer" = 18
# deprecated in Akka 2.6.0, moved to pekko-actor
"org.apache.pekko.remote.serialization.IntSerializer" = 19
# deprecated in Akka 2.6.0, moved to pekko-actor
"org.apache.pekko.remote.serialization.StringSerializer" = 20
# deprecated in Akka 2.6.0, moved to pekko-actor
"org.apache.pekko.remote.serialization.ByteStringSerializer" = 21
}
deployment {
default {
# if this is set to a valid remote address, the named actor will be
# deployed at that node e.g. "pekko://sys@host:port"
remote = ""
target {
# A list of hostnames and ports for instantiating the children of a
# router
# The format should be on "pekko://sys@host:port", where:
# - sys is the remote actor system name
# - hostname can be either hostname or IP address the remote actor
# should connect to
# - port should be the port for the remote server on the other node
# The number of actor instances to be spawned is still taken from the
# nr-of-instances setting as for local routers; the instances will be
# distributed round-robin among the given nodes.
nodes = []
}
}
}
}
remote {
### Settings shared by classic remoting and Artery (the new implementation of remoting)
# Using remoting directly is typically not desirable, so a warning will
# be shown to make this clear. Set this setting to 'off' to suppress that
# warning.
warn-about-direct-use = on
# If Cluster is not used, remote watch and deployment are disabled.
# To optionally use them while not using Cluster, set to 'on'.
use-unsafe-remote-features-outside-cluster = off
# A warning will be logged on remote watch attempts if Cluster
# is not in use and 'use-unsafe-remote-features-outside-cluster'
# is 'off'. Set this to 'off' to suppress these.
warn-unsafe-watch-outside-cluster = on
# Settings for the Phi accrual failure detector (http://www.jaist.ac.jp/~defago/files/pdf/IS_RR_2004_010.pdf
# [Hayashibara et al]) used for remote death watch.
# The default PhiAccrualFailureDetector will trigger if there are no heartbeats within
# the duration heartbeat-interval + acceptable-heartbeat-pause + threshold_adjustment,
# i.e. around 12.5 seconds with default settings.
watch-failure-detector {
# FQCN of the failure detector implementation.
# It must implement org.apache.pekko.remote.FailureDetector and have
# a public constructor with a com.typesafe.config.Config and
# org.apache.pekko.actor.EventStream parameter.
implementation-class = "org.apache.pekko.remote.PhiAccrualFailureDetector"
# How often keep-alive heartbeat messages should be sent to each connection.
heartbeat-interval = 1 s
# Defines the failure detector threshold.
# A low threshold is prone to generate many wrong suspicions but ensures
# a quick detection in the event of a real crash. Conversely, a high
# threshold generates fewer mistakes but needs more time to detect
# actual crashes.
threshold = 10.0
# Number of the samples of inter-heartbeat arrival times to adaptively
# calculate the failure timeout for connections.
max-sample-size = 200
# Minimum standard deviation to use for the normal distribution in
# AccrualFailureDetector. Too low standard deviation might result in
# too much sensitivity for sudden, but normal, deviations in heartbeat
# inter arrival times.
min-std-deviation = 100 ms
# Number of potentially lost/delayed heartbeats that will be
# accepted before considering it to be an anomaly.
# This margin is important to be able to survive sudden, occasional,
# pauses in heartbeat arrivals, due to for example garbage collect or
# network drop.
acceptable-heartbeat-pause = 10 s
# How often to check for nodes marked as unreachable by the failure
# detector
unreachable-nodes-reaper-interval = 1s
# After the heartbeat request has been sent the first failure detection
# will start after this period, even though no heartbeat mesage has
# been received.
expected-response-after = 1 s
}
# remote deployment configuration section
deployment {
# deprecated, use `enable-allow-list`
enable-whitelist = off
# If true, will only allow specific classes listed in `allowed-actor-classes` to be instantiated on this
# system via remote deployment
enable-allow-list = ${pekko.remote.deployment.enable-whitelist}
# deprecated, use `allowed-actor-classes`
whitelist = []
allowed-actor-classes = ${pekko.remote.deployment.whitelist}
}
### Default dispatcher for the remoting subsystem
default-remote-dispatcher {
type = Dispatcher
executor = "fork-join-executor"
fork-join-executor {
parallelism-min = 2
parallelism-factor = 0.5
parallelism-max = 16
}
throughput = 10
}
#//#shared
}
}
pekko {
remote {
#//#classic
classic {
### Configuration for classic remoting. Classic remoting is deprecated, use artery.
# If set to a nonempty string remoting will use the given dispatcher for
# its internal actors otherwise the default dispatcher is used. Please note
# that since remoting can load arbitrary 3rd party drivers (see
# "enabled-transport" and "adapters" entries) it is not guaranteed that
# every module will respect this setting.
use-dispatcher = "pekko.remote.default-remote-dispatcher"
# Settings for the failure detector to monitor connections.
# For TCP it is not important to have fast failure detection, since
# most connection failures are captured by TCP itself.
# The default DeadlineFailureDetector will trigger if there are no heartbeats within
# the duration heartbeat-interval + acceptable-heartbeat-pause, i.e. 124 seconds
# with the default settings.
transport-failure-detector {
# FQCN of the failure detector implementation.
# It must implement org.apache.pekko.remote.FailureDetector and have
# a public constructor with a com.typesafe.config.Config and
# org.apache.pekko.actor.EventStream parameter.
implementation-class = "org.apache.pekko.remote.DeadlineFailureDetector"
# How often keep-alive heartbeat messages should be sent to each connection.
heartbeat-interval = 4 s
# Number of potentially lost/delayed heartbeats that will be
# accepted before considering it to be an anomaly.
# A margin to the `heartbeat-interval` is important to be able to survive sudden,
# occasional, pauses in heartbeat arrivals, due to for example garbage collect or
# network drop.
acceptable-heartbeat-pause = 120 s
}
# Timeout after which the startup of the remoting subsystem is considered
# to be failed. Increase this value if your transport drivers (see the
# enabled-transports section) need longer time to be loaded.
startup-timeout = 10 s
# Timout after which the graceful shutdown of the remoting subsystem is
# considered to be failed. After the timeout the remoting system is
# forcefully shut down. Increase this value if your transport drivers
# (see the enabled-transports section) need longer time to stop properly.
shutdown-timeout = 10 s
# Before shutting down the drivers, the remoting subsystem attempts to flush
# all pending writes. This setting controls the maximum time the remoting is
# willing to wait before moving on to shut down the drivers.
flush-wait-on-shutdown = 2 s
# Reuse inbound connections for outbound messages
use-passive-connections = on
# Controls the backoff interval after a refused write is reattempted.
# (Transports may refuse writes if their internal buffer is full)
backoff-interval = 5 ms
# Acknowledgment timeout of management commands sent to the transport stack.
command-ack-timeout = 30 s
# The timeout for outbound associations to perform the handshake.
# If the transport is pekko.remote.classic.netty.tcp or pekko.remote.classic.netty.ssl
# the configured connection-timeout for the transport will be used instead.
handshake-timeout = 15 s
### Security settings
# Enable untrusted mode for full security of server managed actors, prevents
# system messages to be send by clients, e.g. messages like 'Create',
# 'Suspend', 'Resume', 'Terminate', 'Supervise', 'Link' etc.
untrusted-mode = off
# When 'untrusted-mode=on' inbound actor selections are by default discarded.
# Actors with paths defined in this list are granted permission to receive actor
# selections messages.
# E.g. trusted-selection-paths = ["/user/receptionist", "/user/namingService"]
trusted-selection-paths = []
### Logging
# If this is "on", Pekko will log all inbound messages at DEBUG level,
# if off then they are not logged
log-received-messages = off
# If this is "on", Pekko will log all outbound messages at DEBUG level,
# if off then they are not logged
log-sent-messages = off
# Sets the log granularity level at which Pekko logs remoting events. This setting
# can take the values OFF, ERROR, WARNING, INFO, DEBUG, or ON. For compatibility
# reasons the setting "on" will default to "debug" level. Please note that the effective
# logging level is still determined by the global logging level of the actor system:
# for example debug level remoting events will be only logged if the system
# is running with debug level logging.
# Failures to deserialize received messages also fall under this flag.
log-remote-lifecycle-events = on
# Logging of message types with payload size in bytes larger than
# this value. Maximum detected size per message type is logged once,
# with an increase threshold of 10%.
# By default this feature is turned off. Activate it by setting the property to
# a value in bytes, such as 1000b. Note that for all messages larger than this
# limit there will be extra performance and scalability cost.
log-frame-size-exceeding = off
# Log warning if the number of messages in the backoff buffer in the endpoint
# writer exceeds this limit. It can be disabled by setting the value to off.
log-buffer-size-exceeding = 50000
# After failed to establish an outbound connection, the remoting will mark the
# address as failed. This configuration option controls how much time should
# be elapsed before reattempting a new connection. While the address is
# gated, all messages sent to the address are delivered to dead-letters.
# Since this setting limits the rate of reconnects setting it to a
# very short interval (i.e. less than a second) may result in a storm of
# reconnect attempts.
retry-gate-closed-for = 5 s
# After catastrophic communication failures that result in the loss of system
# messages or after the remote DeathWatch triggers the remote system gets
# quarantined to prevent inconsistent behavior.
# This setting controls how long the Quarantine marker will be kept around
# before being removed to avoid long-term memory leaks.
# WARNING: DO NOT change this to a small value to re-enable communication with
# quarantined nodes. Such feature is not supported and any behavior between
# the affected systems after lifting the quarantine is undefined.
prune-quarantine-marker-after = 5 d
# If system messages have been exchanged between two systems (i.e. remote death
# watch or remote deployment has been used) a remote system will be marked as
# quarantined after the two system has no active association, and no
# communication happens during the time configured here.
# The only purpose of this setting is to avoid storing system message redelivery
# data (sequence number state, etc.) for an undefined amount of time leading to long
# term memory leak. Instead, if a system has been gone for this period,
# or more exactly
# - there is no association between the two systems (TCP connection, if TCP transport is used)
# - neither side has been attempting to communicate with the other
# - there are no pending system messages to deliver
# for the amount of time configured here, the remote system will be quarantined and all state
# associated with it will be dropped.
#
# Maximum value depends on the scheduler's max limit (default 248 days) and if configured
# to a longer duration this feature will effectively be disabled. Setting the value to
# 'off' will also disable the feature. Note that if disabled there is a risk of a long
# term memory leak.
quarantine-after-silence = 2 d
# This setting defines the maximum number of unacknowledged system messages
# allowed for a remote system. If this limit is reached the remote system is
# declared to be dead and its UID marked as tainted.
system-message-buffer-size = 20000
# This setting defines the maximum idle time after an individual
# acknowledgement for system messages is sent. System message delivery
# is guaranteed by explicit acknowledgement messages. These acks are
# piggybacked on ordinary traffic messages. If no traffic is detected
# during the time period configured here, the remoting will send out
# an individual ack.
system-message-ack-piggyback-timeout = 0.3 s
# This setting defines the time after internal management signals
# between actors (used for DeathWatch and supervision) that have not been
# explicitly acknowledged or negatively acknowledged are resent.
# Messages that were negatively acknowledged are always immediately
# resent.
resend-interval = 2 s
# Maximum number of unacknowledged system messages that will be resent
# each 'resend-interval'. If you watch many (> 1000) remote actors you can
# increase this value to for example 600, but a too large limit (e.g. 10000)
# may flood the connection and might cause false failure detection to trigger.
# Test such a configuration by watching all actors at the same time and stop
# all watched actors at the same time.
resend-limit = 200
# WARNING: this setting should not be not changed unless all of its consequences
# are properly understood which assumes experience with remoting internals
# or expert advice.
# This setting defines the time after redelivery attempts of internal management
# signals are stopped to a remote system that has been not confirmed to be alive by
# this system before.
initial-system-message-delivery-timeout = 3 m
### Transports and adapters
# List of the transport drivers that will be loaded by the remoting.
# A list of fully qualified config paths must be provided where
# the given configuration path contains a transport-class key
# pointing to an implementation class of the Transport interface.
# If multiple transports are provided, the address of the first
# one will be used as a default address.
enabled-transports = ["pekko.remote.classic.netty.tcp"]
# Transport drivers can be augmented with adapters by adding their
# name to the applied-adapters setting in the configuration of a
# transport. The available adapters should be configured in this
# section by providing a name, and the fully qualified name of
# their corresponding implementation. The class given here
# must implement org.apache.pekko.remote.transport.TransportAdapterProvider
# and have public constructor without parameters.
adapters {
gremlin = "org.apache.pekko.remote.transport.FailureInjectorProvider"
trttl = "org.apache.pekko.remote.transport.ThrottlerProvider"
}
### Default configuration for the Netty based transport drivers
netty.tcp {
# The class given here must implement the org.apache.pekko.remote.transport.Transport
# interface and offer a public constructor which takes two arguments:
# 1) org.apache.pekko.actor.ExtendedActorSystem
# 2) com.typesafe.config.Config
transport-class = "org.apache.pekko.remote.transport.netty.NettyTransport"
# Transport drivers can be augmented with adapters by adding their
# name to the applied-adapters list. The last adapter in the
# list is the adapter immediately above the driver, while
# the first one is the top of the stack below the standard
# Pekko protocol
applied-adapters = []
# The default remote server port clients should connect to.
# Default is 7355 (PEKK on a telephone keypad), use 0 if you want a random available port
# This port needs to be unique for each actor system on the same machine.
port = 7355
# The hostname or ip clients should connect to.
# InetAddress.getLocalHost.getHostAddress is used if empty
hostname = ""
# Use this setting to bind a network interface to a different port
# than remoting protocol expects messages at. This may be used
# when running pekko nodes in a separated networks (under NATs or docker containers).
# Use 0 if you want a random available port. Examples:
#
# pekko.remote.classic.netty.tcp.port = 7355
# pekko.remote.classic.netty.tcp.bind-port = 7356
# Network interface will be bound to the 7356 port, but remoting protocol will
# expect messages sent to port 7355.
#
# pekko.remote.classic.netty.tcp.port = 0
# pekko.remote.classic.netty.tcp.bind-port = 0
# Network interface will be bound to a random port, and remoting protocol will
# expect messages sent to the bound port.
#
# pekko.remote.classic.netty.tcp.port = 7355
# pekko.remote.classic.netty.tcp.bind-port = 0
# Network interface will be bound to a random port, but remoting protocol will
# expect messages sent to port 7355.
#
# pekko.remote.classic.netty.tcp.port = 0
# pekko.remote.classic.netty.tcp.bind-port = 7356
# Network interface will be bound to the 7356 port, and remoting protocol will
# expect messages sent to the bound port.
#
# pekko.remote.classic.netty.tcp.port = 7355
# pekko.remote.classic.netty.tcp.bind-port = ""
# Network interface will be bound to the 7355 port, and remoting protocol will
# expect messages sent to the bound port.
#
# pekko.remote.classic.netty.tcp.port if empty
bind-port = ""
# Use this setting to bind a network interface to a different hostname or ip
# than remoting protocol expects messages at.
# Use "0.0.0.0" to bind to all interfaces.
# pekko.remote.classic.netty.tcp.hostname if empty
bind-hostname = ""
# Enables SSL support on this transport
enable-ssl = false
# Sets the connectTimeoutMillis of all outbound connections,
# i.e. how long a connect may take until it is timed out
connection-timeout = 15 s
# If set to "<id.of.dispatcher>" then the specified dispatcher
# will be used to accept inbound connections, and perform IO. If "" then
# dedicated threads will be used.
# Please note that the Netty driver only uses this configuration and does
# not read the "pekko.remote.use-dispatcher" entry. Instead it has to be
# configured manually to point to the same dispatcher if needed.
use-dispatcher-for-io = ""
# Sets the high water mark for the in and outbound sockets,
# set to 0b for platform default
write-buffer-high-water-mark = 0b
# Sets the low water mark for the in and outbound sockets,
# set to 0b for platform default
write-buffer-low-water-mark = 0b
# Sets the send buffer size of the Sockets,
# set to 0b for platform default
send-buffer-size = 256000b
# Sets the receive buffer size of the Sockets,
# set to 0b for platform default
receive-buffer-size = 256000b
# Maximum message size the transport will accept, but at least
# 32000 bytes.
# Please note that UDP does not support arbitrary large datagrams,
# so this setting has to be chosen carefully when using UDP.
# Both send-buffer-size and receive-buffer-size settings has to
# be adjusted to be able to buffer messages of maximum size.
maximum-frame-size = 128000b
# Sets the size of the connection backlog
backlog = 4096
# Enables the TCP_NODELAY flag, i.e. disables Nagles algorithm
tcp-nodelay = on
# Enables TCP Keepalive, subject to the O/S kernels configuration
tcp-keepalive = on
# Enables SO_REUSEADDR, which determines when an ActorSystem can open
# the specified listen port (the meaning differs between *nix and Windows)
# Valid values are "on", "off" and "off-for-windows"
# due to the following Windows bug: https://bugs.java.com/bugdatabase/view_bug.do?bug_id=4476378
# "off-for-windows" of course means that it's "on" for all other platforms
tcp-reuse-addr = off-for-windows
# Used to configure the number of I/O worker threads on server sockets
server-socket-worker-pool {
# Min number of threads to cap factor-based number to
pool-size-min = 2
# The pool size factor is used to determine thread pool size
# using the following formula: ceil(available processors * factor).
# Resulting size is then bounded by the pool-size-min and
# pool-size-max values.
pool-size-factor = 1.0
# Max number of threads to cap factor-based number to
pool-size-max = 2
}
# Used to configure the number of I/O worker threads on client sockets
client-socket-worker-pool {
# Min number of threads to cap factor-based number to
pool-size-min = 2
# The pool size factor is used to determine thread pool size
# using the following formula: ceil(available processors * factor).
# Resulting size is then bounded by the pool-size-min and
# pool-size-max values.
pool-size-factor = 1.0
# Max number of threads to cap factor-based number to
pool-size-max = 2
}
}
netty.ssl = ${pekko.remote.classic.netty.tcp}
netty.ssl = {
# Enable SSL/TLS encryption.
# This must be enabled on both the client and server to work.
enable-ssl = true
# Factory of SSLEngine.
# Must implement org.apache.pekko.remote.transport.netty.SSLEngineProvider and have a public
# constructor with an ActorSystem parameter.
# The default ConfigSSLEngineProvider is configured by properties in section
# pekko.remote.classic.netty.ssl.security
#
# The SSLEngineProvider can also be defined via ActorSystemSetup with
# SSLEngineProviderSetup when starting the ActorSystem. That is useful when
# the SSLEngineProvider implementation requires other external constructor
# parameters or is created before the ActorSystem is created.
# If such SSLEngineProviderSetup is defined this config property is not used.
ssl-engine-provider = org.apache.pekko.remote.transport.netty.ConfigSSLEngineProvider
security {
# This is the Java Key Store used by the server connection
key-store = "keystore"
# This password is used for decrypting the key store
key-store-password = "changeme"
# This password is used for decrypting the key
key-password = "changeme"
# This is the Java Key Store used by the client connection
trust-store = "truststore"
# This password is used for decrypting the trust store
trust-store-password = "changeme"
# Protocol to use for SSL encryption.
protocol = "TLSv1.2"
# Example: ["TLS_DHE_RSA_WITH_AES_128_GCM_SHA256",
# "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256",
# "TLS_DHE_RSA_WITH_AES_256_GCM_SHA384",
# "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384"]
# When doing rolling upgrades, make sure to include both the algorithm used
# by old nodes and the preferred algorithm.
# If you use a JDK 8 prior to 8u161 you need to install
# the JCE Unlimited Strength Jurisdiction Policy Files to use AES 256.
# More info here:
# https://www.oracle.com/java/technologies/javase-jce-all-downloads.html
enabled-algorithms = ["TLS_DHE_RSA_WITH_AES_256_GCM_SHA384",
"TLS_RSA_WITH_AES_128_CBC_SHA"]
# There are two options, and the default SecureRandom is recommended:
# "" or "SecureRandom" => (default)
# "SHA1PRNG" => Can be slow because of blocking issues on Linux
#
# Setting a value here may require you to supply the appropriate cipher
# suite (see enabled-algorithms section above)
random-number-generator = ""
# Require mutual authentication between TLS peers
#
# Without mutual authentication only the peer that actively establishes a connection (TLS client side)
# checks if the passive side (TLS server side) sends over a trusted certificate. With the flag turned on,
# the passive side will also request and verify a certificate from the connecting peer.
#
# To prevent man-in-the-middle attacks this setting is enabled by default.
#
# Note: Nodes that are configured with this setting to 'on' might not be able to receive messages from nodes that
# run on older versions of pekko-remote. This is because in versions of Pekko < 2.4.12 the active side of the remoting
# connection will not send over certificates even if asked.
#
# However, starting with Pekko 2.4.12, even with this setting "off", the active side (TLS client side)
# will use the given key-store to send over a certificate if asked. A rolling upgrade from versions of
# Pekko < 2.4.12 can therefore work like this:
# - upgrade all nodes to a Pekko version >= 2.4.12, in the best case the latest version, but keep this setting at "off"
# - then switch this flag to "on" and do again a rolling upgrade of all nodes
# The first step ensures that all nodes will send over a certificate when asked to. The second
# step will ensure that all nodes finally enforce the secure checking of client certificates.
require-mutual-authentication = on
}
}
### Default configuration for the failure injector transport adapter
gremlin {
# Enable debug logging of the failure injector transport adapter
debug = off
}
backoff-remote-dispatcher {
type = Dispatcher
executor = "fork-join-executor"
fork-join-executor {
# Min number of threads to cap factor-based parallelism number to
parallelism-min = 2
parallelism-max = 2
}
}
}
}
}
#//#classic
#//#artery
pekko {
remote {
### Configuration for Artery, the new implementation of remoting
artery {
# Disable artery with this flag
enabled = on
# Select the underlying transport implementation.
#
# Possible values: aeron-udp, tcp, tls-tcp
# See https://pekko.apache.org/docs/pekko/current/remoting-artery.html#selecting-a-transport for the tradeoffs
# for each transport
transport = tcp
# Canonical address is the address other clients should connect to.
# Artery transport will expect messages to this address.
canonical {
# The default remote server port clients should connect to.
# Default is 17355, use 0 if you want a random available port
# This port needs to be unique for each actor system on the same machine.
port = 17355
# Hostname clients should connect to. Can be set to an ip, hostname
# or one of the following special values:
# "<getHostAddress>" InetAddress.getLocalHost.getHostAddress
# "<getHostName>" InetAddress.getLocalHost.getHostName
#
hostname = "<getHostAddress>"
}
# Use these settings to bind a network interface to a different address
# than artery expects messages at. This may be used when running Pekko
# nodes in a separated networks (under NATs or in containers). If canonical
# and bind addresses are different, then network configuration that relays
# communications from canonical to bind addresses is expected.
bind {
# Port to bind a network interface to. Can be set to a port number
# of one of the following special values:
# 0 random available port
# "" pekko.remote.artery.canonical.port
#
port = ""
# Hostname to bind a network interface to. Can be set to an ip, hostname
# or one of the following special values:
# "0.0.0.0" all interfaces
# "" pekko.remote.artery.canonical.hostname
# "<getHostAddress>" InetAddress.getLocalHost.getHostAddress
# "<getHostName>" InetAddress.getLocalHost.getHostName
#
hostname = ""
# Time to wait for Aeron/TCP to bind
bind-timeout = 3s
}
# Actor paths to use the large message stream for when a message
# is sent to them over remoting. The large message stream dedicated
# is separate from "normal" and system messages so that sending a
# large message does not interfere with them.
# Entries should be the full path to the actor. Wildcards in the form of "*"
# can be supplied at any place and matches any name at that segment -
# "/user/supervisor/actor/*" will match any direct child to actor,
# while "/supervisor/*/child" will match any grandchild to "supervisor" that
# has the name "child"
# Entries have to be specified on both the sending and receiving side.
# Messages sent to ActorSelections will not be passed through the large message
# stream, to pass such messages through the large message stream the selections
# but must be resolved to ActorRefs first.
large-message-destinations = []
# Enable untrusted mode, which discards inbound system messages, PossiblyHarmful and
# ActorSelection messages. E.g. remote watch and remote deployment will not work.
# ActorSelection messages can be enabled for specific paths with the trusted-selection-paths
untrusted-mode = off
# When 'untrusted-mode=on' inbound actor selections are by default discarded.
# Actors with paths defined in this list are granted permission to receive actor
# selections messages.
# E.g. trusted-selection-paths = ["/user/receptionist", "/user/namingService"]
trusted-selection-paths = []
# If this is "on", all inbound remote messages will be logged at DEBUG level,
# if off then they are not logged
log-received-messages = off
# If this is "on", all outbound remote messages will be logged at DEBUG level,
# if off then they are not logged
log-sent-messages = off
# Logging of message types with payload size in bytes larger than
# this value. Maximum detected size per message type is logged once,
# with an increase threshold of 10%.
# By default this feature is turned off. Activate it by setting the property to
# a value in bytes, such as 1000b. Note that for all messages larger than this
# limit there will be extra performance and scalability cost.
log-frame-size-exceeding = off
advanced {
# Maximum serialized message size, including header data.
maximum-frame-size = 256 KiB
# Direct byte buffers are reused in a pool with this maximum size.
# Each buffer has the size of 'maximum-frame-size'.
# This is not a hard upper limit on number of created buffers. Additional
# buffers will be created if needed, e.g. when using many outbound
# associations at the same time. Such additional buffers will be garbage
# collected, which is not as efficient as reusing buffers in the pool.
buffer-pool-size = 128
# Maximum serialized message size for the large messages, including header data.
# If the value of pekko.remote.artery.transport is set to aeron-udp, it is currently
# restricted to 1/8th the size of a term buffer that can be configured by setting the
# 'aeron.term.buffer.length' system property.
# See 'large-message-destinations'.
maximum-large-frame-size = 2 MiB
# Direct byte buffers for the large messages are reused in a pool with this maximum size.
# Each buffer has the size of 'maximum-large-frame-size'.
# See 'large-message-destinations'.
# This is not a hard upper limit on number of created buffers. Additional
# buffers will be created if needed, e.g. when using many outbound
# associations at the same time. Such additional buffers will be garbage
# collected, which is not as efficient as reusing buffers in the pool.
large-buffer-pool-size = 32
# For enabling testing features, such as blackhole in pekko-remote-testkit.
test-mode = off
# Settings for the materializer that is used for the remote streams.
materializer = ${pekko.stream.materializer}
# Remoting will use the given dispatcher for the ordinary and large message
# streams.
use-dispatcher = "pekko.remote.default-remote-dispatcher"
# Remoting will use the given dispatcher for the control stream.
# It can be good to not use the same dispatcher for the control stream as
# the dispatcher for the ordinary message stream so that heartbeat messages
# are not disturbed.
use-control-stream-dispatcher = "pekko.actor.internal-dispatcher"
# Total number of inbound lanes, shared among all inbound associations. A value
# greater than 1 means that deserialization can be performed in parallel for
# different destination actors. The selection of lane is based on consistent
# hashing of the recipient ActorRef to preserve message ordering per receiver.
# Lowest latency can be achieved with inbound-lanes=1 because of one less
# asynchronous boundary.
inbound-lanes = 4
# Number of outbound lanes for each outbound association. A value greater than 1
# means that serialization and other work can be performed in parallel for different
# destination actors. The selection of lane is based on consistent hashing of the
# recipient ActorRef to preserve message ordering per receiver. Note that messages
# for different destination systems (hosts) are handled by different streams also
# when outbound-lanes=1. Lowest latency can be achieved with outbound-lanes=1
# because of one less asynchronous boundary.
outbound-lanes = 1
# Size of the send queue for outgoing messages. Messages will be dropped if
# the queue becomes full. This may happen if you send a burst of many messages
# without end-to-end flow control. Note that there is one such queue per
# outbound association. The trade-off of using a larger queue size is that
# it consumes more memory, since the queue is based on preallocated array with
# fixed size.
outbound-message-queue-size = 3072
# Size of the send queue for outgoing control messages, such as system messages.
# If this limit is reached the remote system is declared to be dead and its UID
# marked as quarantined. Note that there is one such queue per outbound association.
# It is a linked queue so it will not use more memory than needed but by increasing
# too much you may risk OutOfMemoryError in the worst case.
outbound-control-queue-size = 20000
# Size of the send queue for outgoing large messages. Messages will be dropped if
# the queue becomes full. This may happen if you send a burst of many messages
# without end-to-end flow control. Note that there is one such queue per
# outbound association.
# It is a linked queue so it will not use more memory than needed but by increasing
# too much you may risk OutOfMemoryError, especially since the message payload
# of these messages may be large.
outbound-large-message-queue-size = 256
# This setting defines the maximum number of unacknowledged system messages
# allowed for a remote system. If this limit is reached the remote system is
# declared to be dead and its UID marked as quarantined.
system-message-buffer-size = 20000
# unacknowledged system messages are re-delivered with this interval
system-message-resend-interval = 1 second
# The timeout for outbound associations to perform the initial handshake.
# This timeout must be greater than the 'image-liveness-timeout' when
# transport is aeron-udp.
handshake-timeout = 20 seconds
# incomplete initial handshake attempt is retried with this interval
handshake-retry-interval = 1 second
# Handshake requests are performed periodically with this interval,
# also after the handshake has been completed to be able to establish
# a new session with a restarted destination system.
inject-handshake-interval = 1 second
# System messages that are not acknowledged after re-sending for this period are
# dropped and will trigger quarantine. The value should be longer than the length
# of a network partition that you need to survive.
give-up-system-message-after = 6 hours
# Outbound streams are stopped when they haven't been used for this duration.
# They are started again when new messages are sent.
stop-idle-outbound-after = 5 minutes
# Outbound streams are quarantined when they haven't been used for this duration
# to cleanup resources used by the association, such as compression tables.
# This will cleanup association to crashed systems that didn't announce their
# termination.
# The value should be longer than the length of a network partition that you
# need to survive.
# The value must also be greater than stop-idle-outbound-after.
# Once every 1/10 of this duration an extra handshake message will be sent.
# Therfore it's also recommended to use a value that is greater than 10 times
# the stop-idle-outbound-after, since otherwise the idle streams will not be
# stopped.
quarantine-idle-outbound-after = 6 hours
# Stop outbound stream of a quarantined association after this idle timeout, i.e.
# when not used any more.
stop-quarantined-after-idle = 3 seconds
# After catastrophic communication failures that could result in the loss of system
# messages or after the remote DeathWatch triggers the remote system gets
# quarantined to prevent inconsistent behavior.
# This setting controls how long the quarantined association will be kept around
# before being removed to avoid long-term memory leaks. It must be quarantined
# and also unused for this duration before it's removed. When removed the historical
# information about which UIDs that were quarantined for that hostname:port is
# gone which could result in communication with a previously quarantined node
# if it wakes up again. Therfore this shouldn't be set too low.
remove-quarantined-association-after = 1 h
# during ActorSystem termination the remoting will wait this long for
# an acknowledgment by the destination system that flushing of outstanding
# remote messages has been completed
shutdown-flush-timeout = 1 second
# Before sending notificaiton of terminated actor (DeathWatchNotification) other messages
# will be flushed to make sure that the Terminated message arrives after other messages.
# It will wait this long for the flush acknowledgement before continuing.
# The flushing can be disabled by setting this to `off`.
death-watch-notification-flush-timeout = 3 seconds
# See 'inbound-max-restarts'
inbound-restart-timeout = 5 seconds
# Max number of restarts within 'inbound-restart-timeout' for the inbound streams.
# If more restarts occurs the ActorSystem will be terminated.
inbound-max-restarts = 5
# Retry outbound connection after this backoff.
# Only used when transport is tcp or tls-tcp.
outbound-restart-backoff = 1 second
# See 'outbound-max-restarts'
outbound-restart-timeout = 5 seconds
# Max number of restarts within 'outbound-restart-timeout' for the outbound streams.
# If more restarts occurs the ActorSystem will be terminated.
outbound-max-restarts = 5
# compression of common strings in remoting messages, like actor destinations, serializers etc
compression {
actor-refs {
# Max number of compressed actor-refs
# Note that compression tables are "rolling" (i.e. a new table replaces the old
# compression table once in a while), and this setting is only about the total number
# of compressions within a single such table.
# Must be a positive natural number. Can be disabled with "off".
max = 256
# interval between new table compression advertisements.
# this means the time during which we collect heavy-hitter data and then turn it into a compression table.
advertisement-interval = 1 minute
}
manifests {
# Max number of compressed manifests
# Note that compression tables are "rolling" (i.e. a new table replaces the old
# compression table once in a while), and this setting is only about the total number
# of compressions within a single such table.
# Must be a positive natural number. Can be disabled with "off".
max = 256
# interval between new table compression advertisements.
# this means the time during which we collect heavy-hitter data and then turn it into a compression table.
advertisement-interval = 1 minute
}
}
# List of fully qualified class names of remote instruments which should
# be initialized and used for monitoring of remote messages.
# The class must extend org.apache.pekko.remote.artery.RemoteInstrument and
# have a public constructor with empty parameters or one ExtendedActorSystem
# parameter.
# A new instance of RemoteInstrument will be created for each encoder and decoder.
# It's only called from the stage, so if it dosn't delegate to any shared instance
# it doesn't have to be thread-safe.
# Refer to `org.apache.pekko.remote.artery.RemoteInstrument` for more information.
instruments = ${?pekko.remote.artery.advanced.instruments} []
# Only used when transport is aeron-udp
aeron {
# Periodically log out all Aeron counters. See https://github.com/real-logic/aeron/wiki/Monitoring-and-Debugging#counters
# Only used when transport is aeron-udp.
log-aeron-counters = false
# Controls whether to start the Aeron media driver in the same JVM or use external
# process. Set to 'off' when using external media driver, and then also set the
# 'aeron-dir'.
# Only used when transport is aeron-udp.
embedded-media-driver = on
# Directory used by the Aeron media driver. It's mandatory to define the 'aeron-dir'
# if using external media driver, i.e. when 'embedded-media-driver = off'.
# Embedded media driver will use a this directory, or a temporary directory if this
# property is not defined (empty).
# Only used when transport is aeron-udp.
aeron-dir = ""
# Whether to delete aeron embedded driver directory upon driver stop.
# Only used when transport is aeron-udp.
delete-aeron-dir = yes
# Level of CPU time used, on a scale between 1 and 10, during backoff/idle.
# The tradeoff is that to have low latency more CPU time must be used to be
# able to react quickly on incoming messages or send as fast as possible after
# backoff backpressure.
# Level 1 strongly prefer low CPU consumption over low latency.
# Level 10 strongly prefer low latency over low CPU consumption.
# Only used when transport is aeron-udp.
idle-cpu-level = 5
# messages that are not accepted by Aeron are dropped after retrying for this period
# Only used when transport is aeron-udp.
give-up-message-after = 60 seconds
# Timeout after which aeron driver has not had keepalive messages
# from a client before it considers the client dead.
# Only used when transport is aeron-udp.
client-liveness-timeout = 20 seconds
# Timout after after which an uncommitted publication will be unblocked
# Only used when transport is aeron-udp.
publication-unblock-timeout = 40 seconds
# Timeout for each the INACTIVE and LINGER stages an aeron image
# will be retained for when it is no longer referenced.
# This timeout must be less than the 'handshake-timeout'.
# Only used when transport is aeron-udp.
image-liveness-timeout = 10 seconds
# Timeout after which the aeron driver is considered dead
# if it does not update its C'n'C timestamp.
# Only used when transport is aeron-udp.
driver-timeout = 20 seconds
}
# Only used when transport is tcp or tls-tcp.
tcp {
# Timeout of establishing outbound connections.
connection-timeout = 5 seconds
# The local address that is used for the client side of the TCP connection.
outbound-client-hostname = ""
}
}
# SSL configuration that is used when transport=tls-tcp.
ssl {
# Factory of SSLEngine.
# Must implement org.apache.pekko.remote.artery.tcp.SSLEngineProvider and have a public
# constructor with an ActorSystem parameter.
# The default ConfigSSLEngineProvider is configured by properties in section
# pekko.remote.artery.ssl.config-ssl-engine
ssl-engine-provider = org.apache.pekko.remote.artery.tcp.ConfigSSLEngineProvider
# Config of org.apache.pekko.remote.artery.tcp.ConfigSSLEngineProvider
config-ssl-engine {
# This is the Java Key Store used by the server connection
key-store = "keystore"
# This password is used for decrypting the key store
# Use substitution from environment variables for passwords. Don't define
# real passwords in config files. key-store-password=${SSL_KEY_STORE_PASSWORD}
key-store-password = "changeme"
# This password is used for decrypting the key
# Use substitution from environment variables for passwords. Don't define
# real passwords in config files. key-password=${SSL_KEY_PASSWORD}
key-password = "changeme"
# This is the Java Key Store used by the client connection
trust-store = "truststore"
# This password is used for decrypting the trust store
# Use substitution from environment variables for passwords. Don't define
# real passwords in config files. trust-store-password=${SSL_TRUST_STORE_PASSWORD}
trust-store-password = "changeme"
# Protocol to use for SSL encryption.
protocol = "TLSv1.2"
# Example: ["TLS_DHE_RSA_WITH_AES_128_GCM_SHA256",
# "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256",
# "TLS_DHE_RSA_WITH_AES_256_GCM_SHA384",
# "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384"]
# When doing rolling upgrades, make sure to include both the algorithm used
# by old nodes and the preferred algorithm.
# If you use a JDK 8 prior to 8u161 you need to install
# the JCE Unlimited Strength Jurisdiction Policy Files to use AES 256.
# More info here:
# https://www.oracle.com/java/technologies/javase-jce-all-downloads.html
enabled-algorithms = ["TLS_DHE_RSA_WITH_AES_256_GCM_SHA384",
"TLS_RSA_WITH_AES_128_CBC_SHA"]
# There are two options, and the default SecureRandom is recommended:
# "" or "SecureRandom" => (default)
# "SHA1PRNG" => Can be slow because of blocking issues on Linux
#
# Setting a value here may require you to supply the appropriate cipher
# suite (see enabled-algorithms section above)
random-number-generator = ""
# Require mutual authentication between TLS peers
#
# Without mutual authentication only the peer that actively establishes a connection (TLS client side)
# checks if the passive side (TLS server side) sends over a trusted certificate. With the flag turned on,
# the passive side will also request and verify a certificate from the connecting peer.
#
# To prevent man-in-the-middle attacks this setting is enabled by default.
require-mutual-authentication = on
# Set this to `on` to verify hostnames with sun.security.util.HostnameChecker
# If possible it is recommended to have this enabled. Hostname verification is designed for
# situations where things locate each other by hostname, in scenarios where host names are dynamic
# and not known up front it can make sense to have this disabled.
hostname-verification = off
}
# Config of org.apache.pekko.remote.artery.tcp.ssl.RotatingKeysSSLEngineProvider
# This engine provider reads PEM files from a mount point shared with the secret
# manager. The constructed SSLContext is cached some time (configurable) so when
# the credentials rotate the new credentials are eventually picked up.
# By default mTLS is enabled.
# This provider also includes a verification phase that runs after the TLS handshake
# phase. In this verification, both peers run an authorization and verify they are
# part of the same pekko cluster. The verification happens via comparing the subject
# names in the peer's certificate with the name on the own certificate so if you
# use this SSLEngineProvider you should make sure all nodes on the cluster include
# at least one common subject name (CN or SAN).
# The Key setup this implementation supports has some limitations:
# 1. the private key must be provided on a PKCS#1 or a non-encrypted PKCS#8 PEM-formatted file
# 2. the private key must be be of an algorythm supported by `pekko-pki` tools (e.g. "RSA", not "EC")
# 3. the node certificate must be issued by a root CA (not an intermediate CA)
# 4. both the node and the CA certificates must be provided in PEM-formatted files
rotating-keys-engine {
# This is a convention that people may follow if they wish to save themselves some configuration
secret-mount-point = /var/run/secrets/pekko-tls/rotating-keys-engine
# The absolute path the PEM file with the private key.
key-file = ${pekko.remote.artery.ssl.rotating-keys-engine.secret-mount-point}/tls.key
# The absolute path to the PEM file of the certificate for the private key above.
cert-file = ${pekko.remote.artery.ssl.rotating-keys-engine.secret-mount-point}/tls.crt
# The absolute path to the PEM file of the certificate of the CA that emited
# the node certificate above.
ca-cert-file = ${pekko.remote.artery.ssl.rotating-keys-engine.secret-mount-point}/ca.crt
# There are two options, and the default SecureRandom is recommended:
# "" or "SecureRandom" => (default)
# "SHA1PRNG" => Can be slow because of blocking issues on Linux
#
# Setting a value here may require you to supply the appropriate cipher
# suite (see enabled-algorithms section)
random-number-generator = ""
# Example: ["TLS_DHE_RSA_WITH_AES_128_GCM_SHA256",
# "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256",
# "TLS_DHE_RSA_WITH_AES_256_GCM_SHA384",
# "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384"]
# If you use a JDK 8 prior to 8u161 you need to install
# the JCE Unlimited Strength Jurisdiction Policy Files to use AES 256.
# More info here:
# https://www.oracle.com/java/technologies/javase-jce-all-downloads.html
enabled-algorithms = ["TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384"]
# Protocol to use for SSL encryption.
protocol = "TLSv1.2"
# How long should an SSLContext instance be cached. When rotating keys and certificates,
# there must a time overlap between the old certificate/key and the new ones. The
# value of this setting should be lower than duration of that overlap.
ssl-context-cache-ttl = 5m
}
}
}
}
}
#//#artery
Reference in a new issue View git blame Copy permalink