-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathhazelcast-full-example.yaml
3309 lines (3236 loc) · 165 KB
/
hazelcast-full-example.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
# Copyright (c) 2008-2019, Hazelcast, Inc. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# This is a full example hazelcast.yaml that includes all the
# configuration elements and attributes of a Hazelcast member.
#
# To use this, rename it to hazelcast.yaml and place it in
# the directory where you start your Hazelcast member.
#
# To learn how to configure Hazelcast, please see the Reference Manual
# at https://hazelcast.org/documentation/
hazelcast:
# You can use import to load different Hazelcast declarative configuration files you prepared.
# 您可以使用import加载准备好的其他Hazelcast声明式配置文件。
# You can import as many YAML files as you want and hence compose your Hazelcast configuration
# 您可以根据需要导入任意数量的YAML文件,从而构成Hazelcast配置
# out of those YAML files. If you want to use import, it should be placed at the top of your
# 那些YAML文件中。 如果要使用导入,则应将其放在您的顶部
# Hazelcast YAML file right after the "hazelcast" root node. #
# Hazelcast YAML文件位于“ hazelcast”根节点之后。
# Below is an example where the configuration files you want to include are located at your
# Hazelcast working directory:
# import:
# - your-configuration-file.yaml
#
# Below are examples showing a classpath or filesystem location:
# import:
# - file:///etc/hazelcast/your-configuration-file-1.yaml
# - classpath:your-configuration-file-2.yaml
#
# Below is an example showing property placeholders:
# import:
# - ${environment}-your-configuration-file.yaml
import:
- your-configuration-YAML-file
# The "config-replacers" allow to use variables (placeholders) within the configuration file and use an external
# class to retrieve correct values (replacements).
# “config-replacers”允许在配置文件中使用变量(占位符)并使用外部
# 类以获取正确的值(替换)。
# It can be used for masking sensitive strings such as passwords for instance.
#
# Format of a variable is:
# $ PREFIX { STRING_TO_BE_REPLACED } e.g. $ENC{nnPgTqJCcCQ=:23000:B4y/nlp6M0t3q6YiKImW+w==}
#
# The PREFIX value depends on the replacer implementation (e.g. "ENC" is used for the EncryptionReplacer)
# The STRING_TO_BE_REPLACED is the value which is provided to replacer implementation.
#
config-replacers:
fail-if-value-missing: false
replacers:
- class-name: com.hazelcast.config.replacer.EncryptionReplacer
properties:
passwordFile: password.txt
passwordUserProperties: false
cipherAlgorithm: DES
keyLengthBits: 64
secretKeyAlgorithm: DES
secretKeyFactoryAlgorithm: PBKDF2WithHmacSHA1
#
# Specifies the name and password for a cluster group you create.
# Cluster groups allow you to create separate sub-clusters with different names.
# They are also referenced in the WAN Replication configuration.
# The group password is only used when the security is enabled (Enterprise edition feature).
group:
name: dev
password: dev-pass
#
# ===== HAZELCAST LICENSE CONFIGURATION =====
#
# If you have an Enterprise or Enterprise HD license, you can enter it here.
# You can also set your license key programmatically; please refer to
# http://docs.hazelcast.org/docs/latest/manual/html-single/index.html#setting-the-license-key
#
license-key: Your Hazelcast Enterprise or Enterprise HD License Key
#
# When Hazelcast instances are created, they are put in a global registry with their creation names.
# "instance-name" gives you the ability to get a specific Hazelcast instance from this registry
# by giving the instance's name.
#
instance-name: hzInstance1
#
# ===== HAZELCAST MANAGEMENT CENTER CONFIGURATION =====
#
# The value for the element "management-center" is the URL where you deploy the Management Center.
# It has three optional attributes:
# * enabled:
# Set to true to be able to use the Management Center. Its default value is false.
# * scripting-enabled:
# Set to true to allow scripting on the member, false to disallow.
# * update-interval:
# The time frequency (in seconds) for which Management Center will take information from Hazelcast cluster.
# Its default value is 3 seconds. Hazelcast's Open Source edition provides the Management Center with monitoring
# at most 2 members in your cluster. To use it for more members, you need to have either a Management Center,
# Hazelcast Enterprise or Hazelcast Enterprise HD license.
#
management-center:
enabled: true
scripting-enabled: false
update-interval: 2
url: http://localhost:8080/hazelcast-mancenter
#
# The "properties" mapping lets you add properties to some of the Hazelcast elements used to configure some of
# the Hazelcast modules.
# You can define the name and value of these properties.
# You can use "properties" for the following Hazelcast configuration elements:
# * discovery-strategy
# * map-store
# * queue-store
# * wan-replication
# * ssl
# * service
# * login-module
# * security-object
# * socket-interceptor
#
properties:
your-property: Value of the property
#
# ===== HAZELCAST WAN REPLICATION CONFIGURATION =====
#
# The WAN replication feature is available only in Hazelcast Enterprise.
# The configuration element's name is "wan-replication". It has two attributes:
# * name:
# Name of your WAN Replication. This name is referenced in IMap or ICache configuration when you add WAN
# Replication for these data structures (using the element "wan-replication-ref" in the configuration of
# IMap or ICache). Please see the "map" and "cache" configuration descriptions in this YAML.
#
# The "wan-replication" element has the following sub-elements:
# * "wan-publisher":
# Fully qualified class name of WAN Replication implementation implementing WanReplicationEndpoint.
# Hazelcast Enterprise comes with com.hazelcast.enterprise.wan.replication.WanBatchReplication:
# Waits until a batch size is reached or a delay time is passed.
# Please see the `batch.size and batch.max.delay.millis configuration descriptions below.
# * "wan-consumer":
# Config for processing WAN events received from a target cluster.
# You can configure certain behaviour when processing incoming WAN events
# or even configure your own implementation for a WAN consumer. A custom
# WAN consumer allows you to define custom processing logic and is usually
# used in combination with a custom WAN publisher.
# A custom consumer is optional and you may simply omit defining it which
# will cause the default processing logic to be used.
# It has the following sub-elements:
# - "class-name":
# Sets the fully qualified class name of the class implementing
# a custom WAN consumer (WanReplicationConsumer).
# If you don't define a class name, the default processing logic for
# incoming WAN events will be used.
# - "properties":
# Properties for the custom WAN consumer. These properties are
# accessible when initalizing the WAN consumer.
# - "persist-wan-replicated-data":
# When true, an incoming event over WAN replication can be persisted to a
# database for example, otherwise it will not be persisted. Default value
# is true.
# * "ack.type":
# Acknowledgment type for each target cluster when the events are replicated. You can set it to the following values:
# - ACK_ON_RECEIPT:
# Guarantees that events are received by the target cluster. It does not guarantee that
# the received event is actually applied, but it is faster.
# - ACK_ON_OPERATION_COMPLETE:
# Guarantees that the event is both received and applied by the target cluster.
# It is more time consuming, but it is the best way if you have strong consistency requirements.
# * "endpoints":
# Comma separated list of IP addresses of the target cluster members for which the WAN replication is implemented.
# * "batch.size":
# This element is valid when you set "class-name" (the WAN Replication implementation) to
# `WanBatchReplication`. It changes the maximum size of events that are sent to the target cluster in a
# single batch. The batch of events is not sent until this size is reached. Its default value is 500.
# * "batch.max.delay.millis":
# This element is valid when you set "class-name" (the WAN Replication implementation) to
# `WanBatchReplication`. If the number of events generated does not reach the "batch.size", they are sent to the
# target cluster after a certain amount of time is passed. You can set this time in milliseconds using this
# element. Its default value is 1000 milliseconds.
# * "response.timeout.millis":
# After a replication event is sent to the target cluster, the source member waits for a confirmation
# that says the event has reached the target. If confirmation is not received for a period of
# `response.timeout.millis`, the event is resent to the target cluster. The default value is 60000 milliseconds.
# * "queue-capacity":
# Size of the queue of events. Its default value is 10000. If you exceed this queue size, then the
# oldest, not yet replicated updates might get lost. Therefore, if you have a large rate of
# put/update/remove operations, you should increase "queue-capacity".
# * "queue-full-behavior":
# Policy to be applied when WAN Replication event queues are full. You can set it to the following values:
# - DISCARD_AFTER_MUTATION:
# The new WAN events generated are dropped and not replicated to the target cluster.
# - THROW_EXCEPTION:
# The WAN queue size is checked before each supported mutating operation. If one of the queues of the target
# cluster is full, WANReplicationQueueFullException is thrown and the operation is not allowed.
# * "initial-publisher-state":
# Defines the initial state in which a WAN publisher is started.
# - REPLICATING (default):
# State where both enqueuing new events is allowed, enqueued events are replicated to the target cluster
# and WAN sync is enabled.
# - PAUSED:
# State where new events are enqueued but they not are dequeued. Some events which have been dequeued before
# the state was switched may still be replicated to the target cluster but further events will not be
# replicated. WAN sync is enabled.
# - STOPPED:
# State where neither new events are enqueued nor dequeued. As with the PAUSED state, some events might
# still be replicated after the publisher has switched to this state. WAN sync is enabled.
# * "wan-sync":
# Configuration for the WAN sync mechanism. It has the following sub-elements:
# - "consistency-check-strategy":
# Sets the strategy for checking consistency of data between source and
# target cluster. Any inconsistency will not be reconciled, it will be
# merely reported via the usual mechanisms (e.g. statistics, diagnostics).
# The user must initiate WAN sync to reconcile there differences. For the
# check procedure to work properly, the target cluster should support the
# chosen strategy.
# Default value is NONE, which means the check is disabled.
# * "aws":
# Set its "enabled" attribute to true for discovery within Amazon EC2. It has the following sub-elements:
# - "access-key":
# Access key of your account on EC2.
# - "secret-key":
# Secret key of your account on EC2.
# - "iam-role":
# IAM role that binds with your instance.
# - "region":
# The region where your Hazelcast members run. Default value is us-east-1.
# It needs to be specified if the region is other than the default one.
# - "host-header":
# The URL that is the entry point for a web service. It is optional.
# - "security-group-name":
# Name of the security group you specified at the EC2 management console.
# It is used to narrow the Hazelcast members to be within this group. It is optional.
# - "tag-key":
# To narrow the members in the cloud down to only Hazelcast members, you can set
# this to the one you specified in the EC2 console. It is optional.
# - "tag-value":
# To narrow the members in the cloud down to only Hazelcast members, you can set
# this to the one you specified in the EC2 console. It is optional.
# * "discovery-strategies":
# Set its "enabled" attribute to true for discovery in various cloud infrastructures.
# You can define multiple discovery strategies using the "discovery-strategy" sub-element and its properties.
# Please refer to
# http://docs.hazelcast.org/docs/latest/manual/html-single/index.html#discovering-cluster-members
# to see the properties you can use.
# The following is an example for EC2 cloud.
# "discovery-strategies"
# discovery-strategy:
# - enabled: true
# class: com.hazelcast.aws.AwsDiscoveryStrategy
# properties:
# access-key: test-access-key
# secret-key: test-secret-key
# region: test-region
# iam-role: test-iam-role
# host-header: ec2.test-host-header
# security-group-name: test-security-group-name
# tag-key: test-tag-key
# tag-value: test-tag-value
# connection-timeout-seconds: 10
# hz-port: 5702
#
wan-replication:
my-wan-cluster-batch:
wan-publisher:
nycPublisherId:
group-name: nyc
class-name: com.hazelcast.enterprise.wan.replication.WanBatchReplication
queue-capacity: 15000
queue-full-behavior: DISCARD_AFTER_MUTATION
initial-publisher-state: REPLICATING
wan-sync:
consistency-check-strategy: NONE
properties:
endpoints: 10.3.5.1:5701,10.3.5.2:5701
batch.size: 1000
batch.max.delay.millis: 2000
response.timeout.millis: 60000
ack.type: ACK_ON_OPERATION_COMPLETE
snapshot.enabled: false
group.password: nyc-pass
# aws:
# enabled: false
# access-key: my-access-key
# secret-key: my-secret-key
# iam-role: dummy
# region: us-west-1
# host-header: ec2.amazonaws.com
# security-group-name: hazelcast-sg
# tag-key: type
# tag-value: hz-nodes
# discovery-strategies:
# - enabled: true
# class: com.hazelcast.jclouds.JCloudsDiscoveryStrategy
# properties:
# - provider: google-compute-engine
# - identity: GCE_IDENTITY
# - credential: GCE_CREDENTIAL
wan-consumer:
# class-name: com.myCompany.CustomWanConsumer
# properties:
# prop1: prop1-value
# prop2: prop2-value
persist-wan-replicated-data: true
#
# ===== HAZELCAST NETWORK CONFIGURATION =====
#
# The configuration to build your Hazelcast's network includes configuration for port, interface, discovery
# mechanism, SSL, encryption, etc. The configuration element's name is "network".
# It has the following sub-elements:
# * "public address":
# This optional element overrides the public address of a member. It is useful when
# you have a private cloud. Normally, a member selects its socket address as its public address. But behind a NAT,
# two members may not be able to see/access each other. In this case, you can set their public addresses to their
# defined addresses on NAT. The value should be given in the format "host IP address:port number".
# * "port":
# Specifies the ports that Hazelcast will use to communicate between cluster members. It is optional and
# its default value is 5701. It has the following attributes:
# - port-count:
# By default, Hazelcast will try 100 ports to bind (i.e. the ports between 5701 and 5801). You can
# change the port count in such cases as having large instances on a single machine or you are
# willing to have only a few ports assigned. port-count is optional and its default value is 100.
# - auto-increment:
# By default, Hazelcast tries to find a port by automatically incrementing the port numbers. If you
# don't want this (for example, you want to use a specific port), set auto-increment to false. If it is
# set to false, the port-count attribute is ignored. auto-increment is optional and its default value is true.
# Examples:
# The example below looks for ports between 5701 and 5721, incrementing the ports starting from 5701.
# port:
# port-count: 20
# port: 5701
# The example below forces Hazelcast to use only the port 5701.
# port:
# auto-increment: false
# port: 5701
# * "outbound-ports":
# By default, Hazelcast lets the system pick up an ephemeral port during socket bind operation. But security
# policies/firewalls may require you to restrict outbound ports to be used by Hazelcast-enabled applications.
# You can specify these ports under the element "outbound-ports". You can give a single
# port number, comma separated multiple ports or port ranges. See the example below.
# outbound-ports:
# - 33000-35000
# - 37000,37001,37002,37003
# - 38000,38500-38600
# * "reuse-address":
# If you set this to true, Hazelcast will use the same port when you restart a member right after you
# shut it down. It is optional and its default value is false.
# * "join":
# This configuration lets you choose a discovery mechanism that Hazelcast will use to form a cluster.
# Hazelcast can find members by multicast, TCP/IP lists and by various discovery mechanisms provided by different cloud APIs.
# The following are the elements of "join":
# - "multicast":
# Set its "enabled" attribute to true for discovery by multicast. It has another attribute
# ("loopbackModeEnabled") which enables or disables the loopback mode in the multicast discovery
# mechanism.
# It has the following sub-elements to fine tune the multicast discovery.
# - "multicast-group":
# Specifies the multicast group IP address when you want to create clusters within
# the same network. Its default value is 224.2.2.3.
# - "multicast-port":
# Specifies the multicast socket port that the Hazelcast member listens to and
# sends discovery messages through. Its default value is 54327.
# - "multicast-time-to-live":
# Time-to-live value for multicast packets sent out to control the scope of multicasts.
# - "multicast-timeout-seconds":
# Only when the members are starting up, this timeout (in seconds) specifies the
# period during which a member waits for a multicast response from another node.
# For example, if you set it as 60 seconds, each node will wait for 60 seconds until a
# leader node is selected. Its default value is 2 seconds.
# - "trusted-interfaces":
# Includes IP addresses of trusted members. When a node wants to join to the cluster,
# its join request will be rejected if it is not a trusted member.
# You can give an IP addresses range using the wildcard (*) on the last digit of
# IP address (e.g. 192.168.1.* or 192.168.1.100-110).
# - "tcp-ip":
# It has the following sub-elements.
# - "enabled":
# Specifies whether the TCP/IP discovery is enabled or not. Default value is false.
# - "connection-timeout-seconds":
# The maximum amount of time Hazelcast is going to try to connect to a well known member
# before giving up. Setting it to a too low value could mean that a member is not able
# to connect to a cluster. Setting it to a too high value means that member startup could
# slow down because of longer timeouts (e.g. when a well known member is not up). Increasing
# this value is recommended if you have many IPs listed and the members cannot properly
# build up the cluster. Its default value is 5.
# - "required-member":
# IP address of the required member. Cluster will only be formed if the member with this
# IP address is found.
# - "member":
# IP address(es) of one or more well known members. Once members are connected to these
# well known ones, all member addresses will be communicated with each other. You can
# also give comma separated IP addresses using the "members" element or list the members
# under the "member-list" sequence.
# - "members":
# Comma separated IP addresses of one or more well known members.
# - "member-list":
# Sequence to list IP address(es) of one or more well known members.
# - "interface":
# IP address(es) of one or more well known members.
# - "aws":
# Set its "enabled" sub-element to true for discovery within Amazon EC2.
# Please refer to https://github.com/hazelcast/hazelcast-aws/#configuration for the configuration details.
# - "gcp":
# Set its "enabled" sub-element to true for discovery within the Google Cloud Platform.
# Please refer to https://github.com/hazelcast/hazelcast-gcp/#configuration for the configuration details.
# - "azure":
# Set its "enabled" sub-element to true for discovery within Microsoft Azure.
# Please refer to https://github.com/hazelcast/hazelcast-azure/#configuring-at-hazelcast-side for
# the configuration details.
# - "kubernetes":
# Set its "enabled" sub-element to true for discovery in the Kubernetes environment.
# Please refer to https://github.com/hazelcast/hazelcast-kubernetes#hazelcast-configuration for
# the configuration details.
# - "eureka":
# Set its "enabled" sub-element to true for discovery with using Eureka Service Registry.
# Please refer to https://github.com/hazelcast/hazelcast-eureka#hazelcast-configuration for
# the configuration details.
# - "discovery-strategies":
# Set its "enabled" attribute to true for discovery in various cloud infrastructures. You also need to set the
# value of "hazelcast.discovery.enabled" property to true. See the description of the "properties" element
# to learn how to do this.
# You can define multiple discovery strategies and its properties. Please refer to
# http://docs.hazelcast.org/docs/latest/manual/html-single/index.html#discovering-cluster-members
# to see the properties you can use.
# The following is an example for EC2 cloud.
# discovery-strategies:
# - enabled: true
# class: com.hazelcast.jclouds.JCloudsDiscoveryStrategy>
# properties:
# provider: aws-ec2
# identity: AWS_IDENTITY
# credential: AWS_CREDENTIAL
# * "interfaces":
# Specifies which network interfaces Hazelcast should use. You need to set its "enabled" attribute
# to true to be able to use your defined interfaces. You can define multiple interfaces. By default, it is disabled.
# * "ssl":
# Lets you configure SSL using the SSL context factory. This feature is available only in Hazelcast
# Enterprise. To be able to use it, encryption should NOT be enabled and you should first implement
# your SSLContextFactory class. Its configuration contains the factory class and SSL properties.
# By default, it is disabled. The following is an example:
# ssl:
# enabled: true
# factory-class-name: com.hazelcast.nio.ssl.BasicSSLContextFactory
# properties:
# keyStore: keyStore
# keyStorePassword: keyStorePassword
# keyManagerAlgorithm: SunX509
# trustManagerAlgorithm: SunX509
# protocol: TLS
# mutualAuthentication: REQUIRED
# * "socket-interceptor":
# Lets you add custom hooks to join and perform connection procedures (like identity checking using
# Kerberos, etc.). This feature is available only in Hazelcast Enterprise. To be able to use it, you
# should first implement the MemberSocketInterceptor (for members joining to a cluster) or
# SocketInterceptor (for clients connecting to a member) class. Its configuration contains the class you
# implemented and socket interceptor properties. By default, it is disabled. The following is an example:
# socket-interceptor:
# enabled: true
# class-name: com.hazelcast.examples.MySocketInterceptor
# properties:
# kerberos-host: kerb-host-name
# kerberos-config-file: kerb.conf
# * "symmetric-encryption":
# Lets you encrypt the entire socket level communication among all Hazelcast members.
# This feature is available only in Hazelcast Enterprise. Its configuration contains the encryption
# properties and the same configuration must be placed to all members. By default, it is disabled.
# The following is an example:
# symmetric-encryption:
# enabled: true
# algorithm: PBEWithMD5AndDES
# salt: thesalt
# password: thepass
# iteration-count: 19
# * "member-address-provider":
# IMPORTANT
# This configuration is not intended to provide addresses of other cluster members with
# which the Hazelcast instance will form a cluster. This is an SPI for advanced use in
# cases where the DefaultAddressPicker does not pick suitable addresses to bind to
# and publish to other cluster members. For instance, this could allow easier
# deployment in some cases when running on Docker, AWS or other cloud environments.
# That said, if you are just starting with Hazelcast, you will probably want to
# set the member addresses by using the tcp-ip or multicast configuration
# or adding a discovery strategy.
# Member address provider allows to plug in own strategy to customize:
# 1. What address Hazelcast will bind to
# 2. What address Hazelcast will advertise to other members on which they can bind to
# In most environments you don't need to customize this and the default strategy will work just
# fine. However in some cloud environments the default strategy does not make the right choice and the
# member address provider delegates the process of address picking to external code.
# It has the following sub-elements:
# - enabled:
# Specifies whether the member address provider SPI is enabled or not. Its default value is false.
# - "class-name":
# The name of the class implementing the com.hazelcast.spi.MemberAddressProvider interface.
# - "properties":
# The properties that will be provided when constructing the provided MemberAddressProvider. Hazelcast will
# first try instantiating the provided class by invoking a constructor accepting a single
# java.util.Properties instance. In the case where there is no such constructor and there are also
# no properties defined by this configuration, Hazelcast will exceptionally try to use the no-arg
# constructor.
# * "failure-detector":
# A failure detector is responsible to determine if a member in the cluster is unreachable or crashed.
# Please refer to https://docs.hazelcast.org/docs/latest/manual/html-single/index.html#failure-detector-configuration
# for the failure detectors implemented by Hazelcast.
#
# This element has the following sub-element:
# * "icmp":
# ICMP can be used in addition to the other detectors. It operates at layer 3 and detects network
# and hardware issues more quickly.
#
# It has the following sub-elements:
# * "timeout-milliseconds":
# Timeout in Milliseconds before declaring a failed ping.
# * "fail-fast-on-startup":
# Cluster Member will fail to start if it is unable to action an ICMP ping command when ICMP is enabled.
# Failure is usually due to OS level restrictions.
# * "interval-milliseconds":
# Time in milliseconds between each ICMP ping.
# * "max-attempts":
# Maximum number of consecutive failed attempts before declaring a member suspect.
# * "parallel-mode":
# Run ICMP detection in parallel with the Heartbeat failure detector.
# * "ttl":
# Maximum number of times the IP Datagram (ping) can be forwarded, in most cases
# all Hazelcast cluster members would be within one network switch/router therefore
# default of 0 is usually sufficient.
#
network:
public-address: 11.22.33.44:5555
port:
auto-increment: true
port-count: 100
port: 5701
outbound-ports:
- 34500
reuse-address: false
join:
multicast:
enabled: false
multicast-group: 224.2.2.3
multicast-port: 54327
tcp-ip:
enabled: false
interface: 127.0.0.1
required-member: 10.0.0.1
member-list:
- 10.0.0.2
- 10.0.0.3
aws:
enabled: false
access-key: my-access-key
secret-key: my-secret-key
iam-role: dummy
region: us-west-1
host-header: ec2.amazonaws.com
security-group-name: hazelcast-sg
tag-key: type
tag-value: hz-nodes
gcp:
enabled: false
zones: us-east1-b,us-east1-c
azure:
enabled: false
client-id: CLIENT_ID
client-secret: CLIENT_SECRET
tenant-id: TENANT_ID
subscription-id: SUB_ID
cluster-id: HZLCAST001
group-name: GROUP-NAME
kubernetes:
enabled: false
namespace: MY-KUBERNETES-NAMESPACE
service-name: MY-SERVICE-NAME
service-label-name: MY-SERVICE-LABEL-NAME
service-label-value: MY-SERVICE-LABEL-VALUE
eureka:
enabled: false
self-registration: true
namespace: hazelcast
discovery-strategies:
node-filter:
class: com.yourpackage.NodeFilter
discovery-strategies:
- enabled: true
class: com.hazelcast.jclouds.JCloudsDiscoveryStrategy
properties:
provider: google-compute-engine
identity: GCE_IDENTITY
credential: GCE_CREDENTIAL
interfaces:
enabled: true
interfaces:
- 10.10.1.*
ssl:
enabled: false
factory-class-name: com.hazelcast.nio.ssl.BasicSSLContextFactory
properties:
protocol: TLS
mutualAuthentication: REQUIRED
keyStore: /opt/hazelcast.keystore
keyStorePassword: secret.97531
keyStoreType: JKS
trustStore: /opt/hazelcast.truststore
trustStorePassword: changeit
trustStoreType: JKS
socket-interceptor:
enabled: false
symmetric-encryption:
enabled: false
algorithm: PBEWithMD5AndDES
password: ...
salt: ...
iteration-count: 7
member-address-provider:
enabled: false
class-name: com.hazelcast.MemberAddressProviderImpl
properties:
prop1: prop1-value
prop2: prop2-value
failure-detector:
icmp:
enabled: true
timeout-milliseconds: 1000
fail-fast-on-startup: true
interval-milliseconds: 1000
max-attempts: 2
parallel-mode: true
ttl: 255
#
# ===== HAZELCAST REST API CONFIGURATION =====
#
# Configures Hazelcast HTTP REST API.
# The "rest-api" element has a global enabled switch, which controls the entrypoint to HTTP REST API. If it's disabled
# then no text protocol is available.
# Once the global switch is enabled there is an optional second level of control - REST endpoint groups. They are configured
# by element "endpoint-group".
# Groups and their defaults:
# * CLUSTER_READ - enabled
# Group of operations for retrieving cluster state and its version.
# * CLUSTER_WRITE - disabled
# Operations which changes cluster or node state or their configurations.
# * HEALTH_CHECK - disabled
# Group of endpoints for HTTP health checking.
# * HOT_RESTART - disabled
# Group of HTTP REST APIs related to Hot Restart feature.
# * WAN - disabled
# Group of HTTP REST APIs related to WAN Replication feature.
# * DATA - disabled
# Group of HTTP REST APIs for data manipulation in the cluster (e.g. IMap and IQueue operations).
#
rest-api:
enabled: false
endpoint-groups:
CLUSTER_READ:
enabled: true
CLUSTER_WRITE:
enabled: false
HEALTH_CHECK:
enabled: false
HOT_RESTART:
enabled: false
WAN:
enabled: false
DATA:
enabled: false
#
# ===== HAZELCAST MEMCACHE PROTOCOL CONFIGURATION =====
#
# Allows to configure Memcache text protocol support in Hazelcast.
#
memcache-protocol:
enabled: false
#
# ===== PARTITION GROUPING CONFIGURATION =====
#
# Configuration element's name is "partition-group". You can enable it and specify the type using
# the "enabled" and "group-type" attributes. For CUSTOM type, you can define groups using its
# "member-group" and "interface" sub-elements. You can group the members with one of the following types:
# * HOST_AWARE:
# Members sharing the same network interface are grouped together. All members on the same host will be a
# single partition group.
# * CUSTOM:
# You can add different and multiple members to a group.
# * PER_MEMBER:
# Each member is a group of its own and primary/backup partitions are distributed
# randomly (not on the same physical member).
# * ZONE_AWARE:
# Backups are created in the other zones. Each zone will be accepted as one partition group.
# It can be used when you make use of Hazelcast's jclouds or Azure discovery service plugins.
# * SPI:
# You can provide your own partition group implementation using the SPI grouping type. Please see
# Partition Group Configuration section in Hazelcast Reference Manual.
#
partition-group:
enabled: true
group-type: CUSTOM
member-group:
- - 10.10.0.*
- 10.10.3.*
- 10.10.5.*
- - 10.10.10.10-100
- 10.10.1.*
- 10.10.2.*
#
# ===== HAZELCAST EXECUTOR SERVICE CONFIGURATION =====
#
# Configuration element's name is "executor-service". It has the optional attribute "name" with which you
# can specify the name of your executor service. Its default value is "default".
# It has the following sub-elements:
# * "statistics-enabled":
# When you enable it, you can retrieve executor service statistics such as pending operations count,
# started operations count, completed operations count, and cancelled operations count. Its default
# value is true.
# * "pool-size":
# The number of executor threads per member for the executor. Its default value is 8.
# * "queue-capacity":
# Task queue capacity of the executor. Its default value is 0, meaning Integer.MAX_VALUE.
# * "quorum-ref":
# Adds the Split Brain Protection for this data-structure which you configure using the "quorum" element. You should set the
# "quorum-ref"'s value
# as the "quorum"'s name.
#
executor-service:
default:
statistics-enabled: true
pool-size: 16
queue-capacity: 0
quorum-ref: quorumRuleWithThreeNodes
#
# ===== HAZELCAST DURABLE EXECUTOR SERVICE CONFIGURATION =====
#
# Configuration element's name is "durable-executor-service". It has the optional attribute "name" with which you
# can specify the name of your durable executor service. Its default value is "default".
# It has the following sub-elements:
# * "pool-size":
# The number of executor threads per member for the executor. Its default value is 16.
# * "durability":
# Durability of the executor. The default value is 1.
# * "capacity":
# Capacity of the executor task per partition. The default value is 100.
# * "quorum-ref":
# Adds the Split Brain Protection for this data-structure which you configure using the "quorum" element. You should set
# the "quorum-ref"'s value
# as the "quorum"'s name.
#
durable-executor-service:
default:
pool-size: 16
durability: 1
capacity: 100
quorum-ref: quorumRuleWithThreeNodes
#
# ===== HAZELCAST SCHEDULED EXECUTOR SERVICE CONFIGURATION =====
#
# Configuration element's name is "scheduled-executor-service". It has the optional attribute "name" with which you
# can specify the name of your scheduled executor service. Its default value is "default".
# It has the following sub-elements:
# * "pool-size":
# The number of executor threads per member for the executor. Its default value is 16.
# * "durability":
# Durability of the scheduled executor. The default value is 1.
# * "capacity":
# Capacity of the scheduled executor. The default value is 100.
# This is the maximum number of tasks for a given scheduled executor on a particular partition.
# * "quorum-ref":
# Adds the Split Brain Protection for this data-structure which you configure using the "quorum" element. You should set
# the "quorum-ref"'s value as the "quorum"'s name.
# * "merge-policy":
# The default policy is PutIfAbsentMergePolicy with a batch size of 100.
# This is the policy used when merging entries from sub-clusters (after split-brain recovery).
#
scheduled-executor-service:
default:
pool-size: 16
durability: 1
capacity: 100
quorum-ref: quorumRuleWithThreeNodes
merge-policy:
batch-size: 100
class-name: PutIfAbsentMergePolicy
#
# ===== HAZELCAST CARDINALITY ESTIMATOR SERVICE CONFIGURATION =====
#
# Configuration element's name is "cardinality-estimator". It has the optional attribute "name" with which you
# can specify the name of your estimator. Its default value is "default".
# It has the following sub-elements:
# * "backup-count":
# Number of synchronous backups. For example, if 1 is set as the backup-count,
# then the cardinality estimation will be copied to one other JVM for
# fail-safety. Valid numbers are 0 (no backup), 1, 2 ... 6.
# * "async-backup-count":
# Number of asynchronous backups. For example, if 1 is set as the backup-count,
# then the cardinality estimation will be copied to one other JVM for
# fail-safety. Valid numbers are 0 (no backup), 1, 2 ... 6.
# * "quorum-ref":
# Adds the Split Brain Protection for this data-structure which you configure using the "quorum" element. You should set
# the "quorum-ref"'s value as the "quorum"'s name.
# * "merge-policy":
# The default policy is `com.hazelcast.spi.merge.HyperLogLogMergePolicy` with a batch size of 100.
# This is the policy used when merging estimators from sub-clusters (after split-brain recovery).
#
cardinality-estimator:
default:
backup-count: 1
async-backup-count: 0
quorum-ref: quorumRuleWithThreeNodes
merge-policy:
batch-size: 102
class-name: PutIfAbsentMergePolicy
#
# ===== HAZELCAST QUEUE CONFIGURATION =====
#
# Configuration element's name is "queue". It has the optional attribute "name" with which you
# can specify the name of your queue. Its default value is "default".
# It has the following elements:
# * "statistics-enabled":
# When you enable it, you can retrieve queue statistics. Its default value is true.
# * "max-size":
# Maximum size of the queue. When a JVM's local queue size reaches the maximum, all put/offer operations
# will be blocked until the queue size of the JVM goes below this maximum. Its default value is 0,
# meaning Integer.MAX_VALUE.
# * "backup-count":
# Number of synchronous backups. Queue is a non-partitioned data structure, so all entries of a Queue
# resides in one partition. When this parameter is '1', it means there will be 1 backup of that Queue in
# another member in the cluster. When it is '2', 2 members will have the backup. 0 means there will be no
# backups. Its default value is 1.
# * "async-backup-count":
# Number of asynchronous backups. Its default value is 0.
# * "empty-queue-ttl":
# Used to purge unused or empty queues. If you define a value (time in seconds) for this element, then
# your queue will be destroyed if it stays empty or unused for that time.
# * "item-listeners":
# Adds listeners (listener classes) for the queue items using its sub-element "item-listener". You can
# also set its attribute "include-value" to true if you want the item event to contain the item values,
# and you can set its attribute "local" to true if you want to listen to the items on the local member.
# * "queue-store":
# Includes configuration elements and attributes for your queue store implementation. When you want to
# load/store the distributed queue items from/to a persistent datastore, first implement Hazelcast's
# QueueStore interface and then configure it using this element. It includes your implemented class name
# and the following property configurations:
# - binary:
# If you do not reach the queue store from an external application, you might prefer to insert the items
# in binary form. To do so, set this property to true and skip the deserialization step, which is a
# performance optimization. Its default value is false.
# - memory-limit:
# Number of items after which Hazelcast will store items only to datastore. For example,
# if the memory limit is 1000, then the 1001st item will be put only to datastore.
# This feature is useful when you want to avoid out-of-memory conditions. If you want to
# always use memory, you can set it to Integer.MAX_VALUE. Its default value is 1000.
# - bulk-load:
# Size of the bulks loaded from QueueStore when the queue is initialized. Its default
# value is 250.
# * "quorum-ref":
# Adds the Split Brain Protection for this data-structure which you configure using the "quorum" element. You should set
# the "quorum-ref"'s value as the "quorum"'s name.
#
queue:
default:
statistics-enabled: true
max-size: 0
backup-count: 1
async-backup-count: 0
empty-queue-ttl: -1
item-listeners:
- include-value: true
class-name: com.hazelcast.examples.ItemListener
queue-store:
class-name: com.hazelcast.QueueStoreImpl
properties:
binary: false
memory-limit: 1000
bulk-load: 500
quorum-ref: quorumRuleWithThreeNodes
merge-policy:
batch-size: 100
class-name: PutIfAbsentMergePolicy
#
# ===== HAZELCAST MAP CONFIGURATION =====
#
# 配置元素的名称是“map”。 它具有可选的属性“name”,可用于指定map名称。 其默认值为“default”。
# Configuration element's name is "map". It has the optional attribute "name" with which you
# can specify the name of your map. Its default value is "default".
# It has the following sub-elements:
# * "in-memory-format":
# Specifies in which format data will be stored in your map. Available values are as follows:
# - BINARY:
# Data will be stored in serialized binary format. It is the default option.
# 数据将以序列化二进制格式存储。 这是默认选项。
# - OBJECT:
# Data will be stored in deserialized form.
# - NATIVE:
# Data will be stored in the map that uses Hazelcast's High-Density Memory Store feature. This
# option is available only in Hazelcast Enterprise HD.
# * "statistics-enabled":
# 启用它后,您可以检索地图条目统计信息,例如创建时间,到期时间,命中次数,键,值等。其默认值为true。
# When you enable it, you can retrieve map entry statistics such as creation time, expiration time,
# number of hits, key, value, etc. Its default value is true.
# * "optimize-queries":
# 从Hazelcast 3.6开始不推荐使用。 请改用“ cache-deserialized-values”元素。
# 当同时使用“优化查询”和“反序列化缓存的值”时,Hazelcast将尽力检测可能的冲突。
# 冲突检测是在尽力而为的基础上进行的,您不应依赖它。 如果为true,则会提高map中查询过程的速度。
# 它仅在“内存格式”设置为BINARY并对查询的条目执行预缓存时才有效。 其默认值为false。
# It is deprecated as of Hazelcast 3.6. Use the "cache-deserialized-values" element instead. When
# "optimize-queries" and "cache-deserialized-values" are used at the same time, Hazelcast will do its
# best to detect possible conflicts. Conflict detection is done on best-effort basis and you should not
# rely on it. If true, it increases the speed of query processes in the map. It only works when
# "in-memory-format" is set to BINARY and performs a pre-caching on the entries queried. Its default
# value is false.
# * "metadata-policy"
# 此map的元数据策略。 Hazelcast可能会提前处理受支持类型的对象,以创建有关它们的其他元数据。
# 然后,可以使用此元数据使查询和索引编制更快。 创建元数据可能会降低放置吞吐量。
# Metadata policy for this map. Hazelcast may process objects of supported types ahead of time to
# create additional metadata about them. This metadata then is used to make querying and indexing faster.
# Metadata creation may decrease put throughput.
# Valid values are:
# CREATE_ON_UPDATE (default): Objects of supported types are pre-processed when they are created and updated.
# OFF: No metadata is created.
# * "cache-deserialized-values":
# 控制反序列化值的缓存。 缓存可以使查询评估更快,但是会消耗内存。可用的值如下:
# Controls caching of deserialized values. Caching makes the query evaluation faster, but it costs memory.
# Available values are as follows:
# - NEVER: Deserialized values will never be cached.反序列化的值将永远不会被缓存。
# - INDEX-ONLY: Deserialized values will be cached only when they are inserted into an index.反序列化的值仅在将其插入索引时才被缓存。
# - ALWAYS: Deserialized values will always be cached.反序列化的值将始终被缓存。
# * "backup-count":
# 同步备份的计数。
# 当此计数为1时,映射条目将在群集的另一个节点上进行备份。
# 如果将其设置为2,则映射条目将在其他两个节点上具有其备份。
# 如果您不希望备份您的条目,可以将其设置为0。 备份计数的最大值为6。默认值为1。
# Count of synchronous backups. When this count is 1, a map entry will have its backup on one other node in
# the cluster. If you set it to 2, then a map entry will have its backup on two other nodes. You can set it
# to 0 if you do not want your entries to be backed up. The maximum value for the backup count is 6.
# Its default value is 1.
# * "async-backup-count":
# 异步备份数。 与同步备份过程不同,异步备份过程不会阻止映射操作。 它的默认值为0,表示将没有异步备份。
# Number of asynchronous backups. Unlike the synchronous backup process, asynchronous backup process does not
# block the map operations. Its default value is 0, meaning there will be no asynchronous backups.
# * "time-to-live-seconds":
# 每个条目停留在map上的最长时间(以秒为单位)。
# 如果它不为0,则将自动逐出早于该时间且当前未更新的条目。
# 有效值是0到Integer.MAX VALUE之间的整数。
# 其默认值为0,表示无穷大。 如果它不为0,则不管设置的驱逐策略如何,都将逐出条目。
# Maximum time in seconds for each entry to stay in the map. If it is not 0, entries that are older than
# this time and not updated for this time are evicted automatically. Valid values are integers between 0 and
# Integer.MAX VALUE. Its default value is 0, which means infinite. If it is not 0, entries are evicted regardless
# of the set eviction-policy.
# * "max-idle-seconds":
# 每个条目在地图上保持空闲状态的最长时间(以秒为单位)。 空闲时间超过此时间的条目将被自动逐出。
# 如果没有调用get,put,EntryProcessor.process或containsKey,则该条目是空闲的。
# 有效值是0到Integer.MAX VALUE之间的整数。 其默认值为0,表示无穷大。
# Maximum time in seconds for each entry to stay idle in the map.
# Entries that are idle for more than this time are evicted automatically.
# An entry is idle if no get, put, EntryProcessor.process or
# containsKey is called.
# Valid values are integers between 0 and Integer.MAX VALUE. Its default value
# is 0, which means infinite.
# * "eviction-policy":
# Eviction policy configuration. Its default values is NONE. Available values are as follows:
# - NONE:
# No items will be evicted and the property max-size will be ignored. You still
# can combine it with time-to-live-seconds and max-idle-seconds.
# - LRU: Least Recently Used. 最少最近使用
# - LFU: Least Frequently Used. 最不常使用