A "connection" to a GemFire distributed system. A
DistributedSystem
is created by invoking the
connect(java.util.Properties)
method with a configuration as described
below. A
DistributedSystem
is used when calling
CacheFactory.create(com.gemstone.gemfire.distributed.DistributedSystem)
. This class should
not be confused with the
AdminDistributedSystem
interface that is used for administering a
distributed system.
When a program connects to the distributed system, a "distribution
manager" is started in this VM and the other members of the
distributed system are located. This discovery can be performed
using either IP multicast (default) or by contacting "locators"
running on a given host and port. All connections that are
configured to use the same multicast address/port and the same
locators are part of the same distributed system.
The current version of GemFire only supports creating one
DistributedSystem
per virtual machine. Attempts to
connect to multiple distributed systems (that is calling connect(java.util.Properties)
multiple times with different configuration
Properties
) will result in an IllegalStateException
being thrown (if connect
is
invoked multiple times with equivalent Properties
,
then the same instance of DistributedSystem
will be
returned). A common practice is to connect to the distributed
system and store a reference to the DistributedSystem
object in a well-known location such as a static
variable. This practice provides access to the
DistributedSystem
slightly faster than invoking
connect
multiple times. Note that it is always
advisable to disconnect()
from the distributed system when a
program will no longer access it. Disconnecting frees up certain
resources and allows your application to connect to a different
distributed system, if desirable.
Configuration
There are a number of configuration properties that can be set when
a program connects to a distributed system.
Distribution Configuration Properties
- groups
- Description: Defines the list of groups this member belongs to.
Use commas to separate group names.
Note that anything defined by the roles gemfire property will also be considered a group.
- Default: ""
- Since: 7.0
- name
- Description: Uniquely identifies a member in its distributed system.
If two members with the same name try to join the same distributed system
then the second join will fail.
- Default: ""
- distributed-system-id
- A number that uniquely identifies this distributed system, when
using the WAN gateway to share data between multiple distributed systems. This
setting is only required when using the WAN gateway in conjunction with
the Portable Data eXchange (PDX) serialization format.
If set, this setting must be the same for every member in this distributed
system. It must be different than the number in other distributed systems
that this one will connect to using the WAN.
-1 means no setting.
- Range-1..255
- Default: "-1"
- mcast-port
- Description: The port used for multicast networking.
If zero, then multicast will be disabled and locators must be used to find the other members
of the distributed system.
If "mcast-port" is zero and "locators" is ""
then this distributed system will be isolated from all other GemFire
processes.
- Default: "0" if locators is not ""; otherwise "10334"
- mcast-address
- Description: The IP address used for multicast
networking. If mcast-port is zero, then mcast-address is
ignored.
- Default: "239.192.81.1"
- mcast-ttl
- Description: Determines how far through your network
the multicast packets used by GemFire will propagate.
- Default: "32"
- Allowed values: 0..255
- Since: 4.1
- mcast-send-buffer-size
- Description: Sets the size of the socket buffer used for
outgoing multicast transmissions.
- Default: "65535"
- Allowed values: 2048..Operating System maximum
- Since: 5.0
- mcast-recv-buffer-size
- Description: Sets the size of the socket buffer used for
incoming multicast transmissions. You should set this high if there will be
high volumes of messages.
- Default: "1048576"
- Allowed values: 2048..Operating System maximum
- Since: 5.0
- mcast-flow-control
- Description: Configures the flow-of-control protocol for
multicast messaging. There are three settings that are separated
by commas: byteAllowance (integer), rechargeThreshold (float) and
rechargeBlockMs (integer). The byteAllowance determines how many bytes
can be sent without a recharge from other processes. The rechargeThreshold
tells receivers how low the sender's initial to remaining allowance
ratio should be before sending a recharge. The rechargeBlockMs
tells the sender how long to wait for a recharge before explicitly
requesting one.
- Default: "1048576,0.25,5000"
- Allowed values: 100000-maxInt, 0.1-0.5, 500-60000
- Since: 5.0
- udp-send-buffer-size
- Description: Sets the size of the socket buffer used for
outgoing udp point-to-point transmissions.
- Default: "65535"
- Allowed values: 2048..Operating System maximum
- Since: 5.0
- udp-recv-buffer-size
- Description: Sets the size of the socket buffer used for
incoming udp point-to-point transmissions. Note: if multicast is not
enabled and disable-tcp is not enabled, a reduced default size of
65535 is used.
- Default: "1048576 if multicast is enabled or disable-tcp is true, 131071 if not"
- Allowed values: 2048..Operating System maximum
- Since: 5.0
- udp-fragment-size
- Description: When messages are sent over datagram sockets,
GemFire breaks large messages down into fragments for transmission.
This property sets the maximum fragment size for transmission.
- Default: "60000"
- Allowed values: 1000..60000
- Since: 5.0
- disable-tcp
- Description: Turns off use of tcp/ip sockets, forcing the
cache to use datagram sockets for all communication. This is useful
if you have a large number of processes in the distributed cache since
it eliminates the per-connection reader-thread that is otherwise required.
However, udp communications are somewhat slower than tcp/ip communications
due to the extra work required in Java to break messages down to
transmittable sizes, and the extra work required to guarantee
message delivery.
- Default: "false"
- Allowed values: true or false
- Since: 5.0
- tcp-port
- Description: A 16-bit integer that determines the tcp/ip port number to listen on
for cache communications. If zero, the operating system will select
an available port to listen on. Each process on a machine must have
its own tcp-port. Note that some operating systems restrict the range
of ports usable by non-privileged users, and using restricted port
numbers can cause runtime errors in GemFire startup.
- Default: "0"
- Allowed values: 0..65535
- Since: 5.0
- member-timeout
- Description: Sets the timeout interval, in milliseconds, used
to determine whether another process is alive or not. When another process
appears to be gone, GemFire sends it an ARE-YOU-DEAD message and waits
for the member-timeout period for it to respond and declare it is not dead.
- Default: "5000"
- Allowed values: 1000-600000
- Since: 5.0
- bind-address
- Description: The IP address that this distributed system's
server sockets will listen on.
If set to an empty string then the local machine's
default address will be listened on.
- Default: ""
- membership-port-range
- Description: The allowed range of ports for use in forming an
unique membership identifier (UDP), for failure detection purposes (TCP) and
to listen on for peer connections (TCP). This range is given as two numbers
separated by a minus sign. Minimum 3 values in range are required to
successfully startup.
- Default: 1024-65535
- locators
- Description: A list of locators (host and port) that
are used to find other member of the distributed system. This
attribute's value is a possibly empty comma separated list. Each
element must be of the form "hostName[portNum]" and may be of the
form "host:bindAddress[port]" if a specific bind address is to be
used on the locator machine. The square
brackets around the portNum are literal character and must be
specified.
Since IPv6 bind addresses may contain colons, you may use an at symbol
instead of a colon to separate the host name and bind address.
For example, "server1@fdf0:76cf:a0ed:9449::5[12233]" specifies a locator
running on "server1" and bound to fdf0:76cf:a0ed:9449::5 on port 12233.
If "mcast-port" is zero and "locators" is ""
then this distributed system will be isolated from all other GemFire
processes.
- Default: ""
- locator-wait-time
- Description: The number of seconds to wait for a locator to start
if one is not available when attempting to join the distributed system. This
setting can be used when locators and peers are being started all at once in
order to have the peers be patient and wait for the locators to finish starting
up before attempting to join the distributed system..
- Default: "0"
- remote-locators
- Description: A list of locators (host and port) that a cluster
will use in order to connect to a remote site in a multi-site (WAN)
configuration. This attribute's value is a possibly comma separated list.
For each remote locator, provide a hostname and/or address
(separated by '@', if you use both), followed by a port number in brackets.
Examples:
remote-locators=address1[port1],address2[port2]
remote-locators=hostName1@address1[port1],hostName2@address2[port2]
remote-locators=hostName1[port1],hostName2[port2]
- Default: ""
- start-locator
- Description: A host name or bind-address and port
("host[port],peer=,server=")
that are used to start a locator in the same process as the DistributedSystem.
The locator is started when the DistributedSystem connects,
and is stopped when the DistributedSystem disconnects. To start a
locator that is not tied to the DistributedSystem's lifecycle, see
the
Locator
class in this same package.
The peer and server parameters are optional. They specify whether
the locator can be used for peers to discover each other, or for clients
to discover peers. By default both are true.
- Default: "" (doesn't start a locator)
- ssl-enabled
- Description: If true, all gemfire socket communication is
configured to use SSL through JSSE.
- Default: "false"
- Deprecated: as of 8.0 use
cluster-ssl-enabled
instead.
- ssl-protocols
- Description: A space separated list of the SSL protocols to enable.
Those listed must be supported by the available providers.
- Default: "any"
- Deprecated: as of 8.0 use
cluster-ssl-protocols
instead.
- ssl-ciphers
- Description: A space separated list of the SSL cipher suites to enable.
Those listed must be supported by the available providers.
- Default: "any"
- Deprecated: as of 8.0 use
cluster-ssl-ciphers
instead.
- ssl-require-authentication
- Description: If false, allow ciphers that do not require the client
side of the connection to be authenticated.
- Default: "true"
- Deprecated: as of 8.0 use
cluster-ssl-require-authentication
instead.
- cluster-ssl-enabled
- Description: If true, all gemfire socket communication is
configured to use SSL through JSSE. Preferably Use cluster-ssl-* properties
rather than ssl-* properties.
- Default: "false"
- Since: 8.0
- cluster-ssl-protocols
- Description: A space separated list of the SSL protocols to
enable. Those listed must be supported by the available providers.Preferably
use cluster-ssl-* properties rather than ssl-* properties.
- Default: "any"
- Since: 8.0
- cluster-ssl-ciphers
- Description: A space separated list of the SSL cipher suites to
enable. Those listed must be supported by the available providers.Preferably
use cluster-ssl-* properties rather than ssl-* properties.
- Default: "any"
- cluster-ssl-require-authentication
- Description: If false, allow ciphers that do not require the
client side of the connection to be authenticated.Preferably use
cluster-ssl-* properties rather than ssl-* properties.
- Default: "true"
- Since: 8.0
- cluster-ssl-keystore
- DescriptionLocation of the Java keystore file containing
certificate and private key.
- Default: ""
- Since: 8.0
- cluster-ssl-keystore-type
- DescriptionFor Java keystore file format, this property has the
value jks (or JKS).
- Default: ""
- Since: 8.0
- cluster-ssl-keystore-password
- DescriptionPassword to access the private key from the keystore
file specified by javax.net.ssl.keyStore.
- Default: ""
- Since: 8.0
- cluster-ssl-truststore
- DescriptionLocation of the Java keystore file containing the
collection of CA certificates trusted by distributed member (trust store).
- Default: ""
- Since: 8.0
- cluster-ssl-truststore-password
- DescriptionPassword to unlock the keystore file (store password)
specified by javax.net.ssl.trustStore.
- Default: ""
- Since: 8.0
- ack-wait-threshold
- Description: The number of seconds the distributed
system will wait for a message to be acknowledged before it sends
a warning level alert to signal that something might be wrong with the system
node that is unresponsive. After sending this alert the waiter
continues to wait. The alerts are logged in the log as warnings
and will cause an alert notification in the Admin API and GemFire
JMX Agent.
- Default: "15"
- Allowed values: 1..2147483647
- ack-severe-alert-threshold
- Description:
The number of seconds the distributed
system will wait after the ack-wait-threshold for a message to be
acknowledged before it issues an alert at severe level. The
default value is zero, which turns off this feature.
when ack-severe-alert-threshold is used, GemFire will also initiate
additional checks to see if the process is alive. These checks will
begin when the ack-wait-threshold is reached and will continue until
GemFire has been able to communicate with the process and ascertain its
status.
- Default: "0"
- Allowed values: 0..2147483647
- conserve-sockets
- Description: If "true" then a minimal number of sockets
will be used when connecting to the distributed system. This conserves
resource usage but can cause performance to suffer.
If "false" then every application thread that sends
distribution messages to other members of the distributed system
will own its own sockets and have exclusive access to them.
The length of time a thread can have exclusive access to a socket
can be configured with "socket-lease-time".
- Default: "true"
- Allowed values: true|false
- Since: 4.1
- socket-lease-time
- Description: The number of milliseconds a thread
can keep exclusive access to a socket that it is not actively using.
Once a thread loses its lease to a socket it will need to re-acquire
a socket the next time it sends a message.
A value of zero causes socket leases to never expire.
This property is ignored if "conserve-sockets" is true.
- Default: "15000"
- Allowed values: 0..600000
- Since: 4.1
- socket-buffer-size
- Description: The size of each socket buffer, in bytes.
Smaller buffers conserve memory. Larger buffers can improve performance;
in particular if large messages are being sent.
- Default: "32768"
- Allowed values: 128..16777215
- Since: 4.1
- conflate-events
- Description: This is a client-side property that is passed to
the server. Allowable values are "server", "true", and "false". With the
"server" setting, this client's servers use their own client queue
conflation settings. With a "true" setting, the servers disregard their
own configuration and enable conflation of events for all regions for the
client. A "false" setting causes the client's servers to disable
conflation for all regions for the client.
- Default: "server"
- Since: 5.7
- durable-client-id
- Description: The id to be used by this durable client. When a
durable client connects to a server, this id is used by the server to
identify it. The server will accumulate updates for a durable client
while it is disconnected and deliver these events to the client when it
reconnects.
- Default: ""
- Since: 5.5
- durable-client-timeout
- Description: The number of seconds a disconnected durable
client is kept alive and updates are accumulated for it by the server
before it is terminated.
- Default: "300"
- Since: 5.5
- security-
- Description: Mechanism to define client credentials.
All tags with "security-" prefix is packaged together as security properties
and passed as an argument to getCredentials of Authentication module.
These tags cannot have null values.
- Default: Optional
- Allowed values: any string
- security-client-auth-init
- Description: Authentication module name for Clients that requires to act
upon credentials read from the gemfire.properties file.
Module must implement AuthInitialize interface.
- Default: "gemfire.jar:authInit"
- Allowed values: jar file:class name
- delta-propagation
- Description: "true" indicates that server propagates delta
generated from
Delta
type of objects. If "false"
then server propagates full object but not delta.
- Default: "true"
- Allowed values: true|false
Network Partitioning Detection
- enable-network-partition-detection
- Description: Turns on network partitioning detection algorithms, which
detect loss of quorum and shuts down losing partitions.
- Default: "false"
- disable-auto-reconnect
- Description: By default GemFire will attempt to reconnect and
reinitialize the cache when it has been forced out of the distributed system
by a network-partition event or has otherwise been shunned by other members.
This setting will turn off this behavior.
- Default: "false"
Redundancy Management
- enforce-unique-host
- Description: Whether or not partitioned regions will
put redundant copies of the same data in different JVMs running on the same physical host.
By default, partitioned regions will try to put redundancy copies on different physical hosts, but it may
put them on the same physical host if no other hosts are available. Setting this property to true
will prevent partitions regions from ever putting redundant copies of data on the same physical host.
- Default: "false"
- redundancy-zone
- Description: Defines the redundancy zone from this member. If this property is set, partitioned
regions will not put two redundant copies of data in two members with the same redundancy zone setting.
- Default: ""
Logging Configuration Properties
- log-file
- Description: Name of the file to write logging
messages to. If the file name if "" (default) then messages are
written to standard out.
- Default: ""
- log-level
- Description:The type of log messages that will
actually write to the log file.
- Default: "config"
- Allowed values: all|finest|finer|fine|config|info|warning|severe|none
- statistic-sampling-enabled
- Description: "true" causes the statistics to be
sampled periodically and operating system statistics to be
fetched each time a sample is taken. "false" disables sampling
which also disables operating system statistic collection. Non
OS statistics will still be recorded in memory and can be viewed
by administration tools. However, charts will show no activity
and no statistics will be archived while sampling is
disabled.
Starting in 7.0 the default value has been changed to true.
If statistic sampling is disabled it will also cause various
metrics seen in gfsh and pulse to always be zero.
- Default: "true"
- Allowed values: true|false
- statistic-sample-rate
- Description:The rate, in milliseconds, at which samples
of the statistics will be taken.
If set to a value less than 1000 the rate will be set to 1000 because
the VSD tool does not support sub-second sampling.
- Default: "1000"
- Allowed values: 100..60000
- statistic-archive-file
- Description: The file that statistic samples are
written to. An empty string (default) disables statistic
archival.
- Default: ""
- enable-time-statistics
- Description: "true" causes additional time-based statistics to be
gathered for gemfire operations. This can aid in discovering
where time is going in cache operations, albeit at the expense of
extra clock probes on every operation. "false" disables the additional
time-based statistics.
- Default: "false"
- Allowed values: true or false
- Since: 5.0
- log-file-size-limit
- Description: Limits, in megabytes, how large the current log
file can grow before it is closed and logging rolls on to a new file.
Set to zero to disable log rolling.
- Default: "0"
- Allowed values: 0..1000000
- log-disk-space-limit
- Description: Limits, in megabytes, how much disk space can be
consumed by old inactive log files. When the limit is
exceeded the oldest inactive log file is deleted.
Set to zero to disable automatic log file deletion.
- Default: "0"
- Allowed values: 0..1000000
- archive-file-size-limit
- Description: Limits, in megabytes, how large the current statistic archive
file can grow before it is closed and archival rolls on to a new file.
Set to zero to disable archive rolling.
- Default: "0"
- Allowed values: 0..1000000
- archive-disk-space-limit
- Description: Limits, in megabytes, how much disk space can be
consumed by old inactive statistic archive files. When the limit is
exceeded the oldest inactive archive is deleted.
Set to zero to disable automatic archive deletion.
- Default: "0"
- Allowed values: 0..1000000
- roles
- Description: Specifies the application roles that this member
performs in the distributed system. This is a comma delimited list of
user-defined strings. Any number of members can be configured to perform
the same role, and a member can be configured to perform any number of
roles.
Note that anything defined by the groups gemfire property will also be considered a role.
- Default: ""
- Since: 5.0
- Deprecated: as of 7.0 use
groups
instead.
- max-wait-time-reconnect
- Description: Specifies the maximum number of milliseconds
to wait for the distributed system to reconnect in case of required role
loss or forced disconnect. The system will attempt to reconnect
more than once, and this timeout period applies to each reconnection attempt.
- Default: "60000"
- Since: 5.0
- max-num-reconnect-tries
- Description: Specifies the maximum number or times to attempt
to reconnect to the distributed system when required roles are missing.
This does not apply to reconnect attempts due to a forced disconnect.
- Default: "3"
- Since: 5.0
Licensing Configuration Properties
- license-application-cache
- Description: Specifies the serial number this distributed
system member will use unless a
license-data-management
serial number is
also specified. This distributed member will attempt to activate a
GemFire Application Cache Node license which allows it to be a peer-to-peer
application cache node. If a license-data-management
serial number is
provided, then the license-application-cache
serial number may be specified
as the license for cache clients connecting to this node. The keyword
"dynamic" may be used to specify that the member will attempt to acquire
a license from either a vFabric serial number file or a vFabric License
Server.
- Default: ""
- Since: 6.6.0
- license-data-management
- Description: Specifies the serial number(s) this distributed
system member will use. This distributed member will attempt to activate
a GemFire Data Management Node license which allows it to provide advanced
data management services which includes hosting a cache server to which
cache clients may connect. If you have serial numbers for the Unlimited
Client Upgrade or Global WAN Upgrade, then list them after the serial
number for Data Management Node separating each with a comma. If you do
not have the Unlimited Client Upgrade, then you should also use
license-application-cache
to
specify the serial number for the cache clients that will connect to
this cache server. The keyword "dynamic" may be used to specify that the
member will attempt to acquire a license from either a vFabric serial
number file or a vFabric License Server.
- Default: ""
- Since: 6.6.0
- license-server-timeout
- Description: Specifies the maximum number of milliseconds
to wait for a license from a vFabric License Server when attempting to
dynamically acquire a license. This timeout is observed when using the
keyword "dynamic" for either of the licensing properties
license-data-management
or license-application-cache
.
- Default: "10000"
- Allowed values: 1000..3600000
- Since: 6.6.1
- license-working-dir
- Description: Specifies the license working directory
which this distributed member will use to persist runtime information
about licensing. This directory should be unchanged when restarting the
member so that it can read what was previously persisted. The default is
the current working directory as determined by
System.getProperty("user.dir")
.
- Default:
System.getProperty("user.dir")
- Since: 6.6.1
- writable-working-dir
- Description: Specifies the license working directory
which this distributed member will use to persist runtime information
about licensing. This directory should be unchanged when restarting the
member so that it can read what was previously persisted. The default is
the current working directory as determined by
System.getProperty("user.dir")
.
- Default:
System.getProperty("user.dir")
- Since: 6.6.0
- Deprecated: as of 6.6.1 use
license-working-dir
instead.
Cache Configuration Properties
- cache-xml-file
- Description: Specifies the name of the XML file or resource
to initialize the cache with when it is
created.
Create will first look for a file that matches the value of this property.
If a file is not found then it will be searched for using
ClassLoader.getResource(java.lang.String)
. If the value of this
property is the empty string (""
), then the cache
will not be declaratively initialized.
- Default: "cache.xml"
- memcached-port
- Description: Specifies the port used by
GemFireMemcachedServer
which enables memcached clients to connect and store data in GemFire distributed system.
see GemFireMemcachedServer
for other configuration options.
- Default: "0" disables GemFireMemcachedServer
- Allowed values: 0..65535
- memcached-protocol
- Description: Specifies the protocol used by
GemFireMemcachedServer
- Default: "ASCII"
- Allowed values: "ASCII" "BINARY"
- memcached-bind-address
- Description: Specifies the bind address used by
GemFireMemcachedServer
- Default: ""
Asynchronous Message Properties
- async-distribution-timeout
- Description: The number of milliseconds before a
publishing process should attempt to distribute a cache operation
before switching over to asynchronous messaging for this process.
To enable asynchronous messaging, the value must be set above
zero. If a thread that is publishing to the cache exceeds this value
when attempting to distribute to this process, it will switch to
asynchronous messaging until this process catches up, departs, or
some specified limit is reached, such as
async-queue-timeout or
async-max-queue-size.
- Default: "0"
- Allowed values: 0..60000
- async-queue-timeout
- Description: The number of milliseconds a queuing
publisher may enqueue asynchronous messages without any distribution
to this process before that publisher requests this process to
depart. If a queuing publisher has not been able to send this process
any cache operations prior to the timeout, this process will attempt
to close its cache and disconnect from the distributed system.
- Default: "60000"
- Allowed values: 0..86400000
- async-max-queue-size
- Description: The maximum size in megabytes that a
publishing process should be allowed to asynchronously enqueue
for this process before asking this process to depart from the
distributed system.
- Default: "8"
- Allowed values: 0..1024
JMX Management
- jmx-manager
- Description: If true then this member is willing to be a jmx-manager.
All the other jmx-manager properties will be used when it does become a manager.
If this property is false then all other jmx-manager properties are ignored.
- Default: "false except on locators"
- jmx-manager-start
- Description: If true then this member will start a jmx manager when
it creates a cache. Management tools like gfsh can be configured to connect
to the jmx-manager. In most cases you should not set this because a jmx manager will
automatically be started when needed on a member that sets "jmx-manager" to true.
Ignored if jmx-manager is false.
- Default: "false"
- jmx-manager-port
- Description: The port this jmx manager will listen to for client connections.
If this property is set to zero then GemFire will not allow remote client connections
but you can alternatively use the standard system properties supported by the JVM
for configuring access from remote JMX clients.
Ignored if jmx-manager is false.
- Default: "1099"
- jmx-manager-ssl
- Description: If true and jmx-manager-port is not zero then the jmx-manager
will only accept ssl connections. Note that the ssl-enabled property does not apply to the jmx-manager
but the other ssl properties do. This allows ssl to be configured for just the jmx-manager
without needing to configure it for the other GemFire connections.
Ignored if jmx-manager is false.
- Default: "false"
- Deprecated: as of 8.0 use
jmx-manager-ssl-enabled
instead.
- jmx-manager-ssl-enabled
- Description: If true and jmx-manager-port is not zero then the jmx-manager
will only accept ssl connections. Note that the ssl-enabled property does not apply to the jmx-manager
but the other ssl properties do. This allows ssl to be configured for just the jmx-manager
without needing to configure it for the other GemFire connections.
Ignored if jmx-manager is false.
- Default: "false"
- jmx-manager-ssl-ciphers
- Description: A space seperated list of the SSL cipher suites to enable.
Those listed must be supported by the available providers.
- Default: "any"
- jmx-manager-ssl-protocols
- Description: A space seperated list of the SSL protocols to enable.
Those listed must be supported by the available providers.
- Default: "any"
- jmx-manager-ssl-require-authentication
- Description: If false, allow ciphers that do not require the client
side of the connection to be authenticated.
- Default: "true"
- jmx-manager-ssl-keystore
- DescriptionLocation of the Java keystore file containing
certificate and private key.
- Default: ""
- Since: 8.0
- jmx-manager-ssl-keystore-type
- DescriptionFor Java keystore file format, this property has the
value jks (or JKS).
- Default: ""
- Since: 8.0
- jmx-manager-ssl-keystore-password
- DescriptionPassword to access the private key from the keystore
file specified by javax.net.ssl.keyStore.
- Default: ""
- Since: 8.0
- jmx-manager-ssl-truststore
- DescriptionLocation of the Java keystore file containing the
collection of CA certificates trusted by manager (trust store).
- Default: ""
- Since: 8.0
- jmx-manager-ssl-truststore-password
- DescriptionPassword to unlock the keystore file (store password)
specified by javax.net.ssl.trustStore.
- Default: ""
- Since: 8.0
- jmx-manager-bind-address
- Description: By default the jmx-manager when configured with a port will listen
on all the local host's addresses. You can use this property to configure what ip address
or host name the jmx-manager will listen on. In addition, if the embedded http server is
started, it will also bind to this address if it is set.
Ignored if jmx-manager is false or jmx-manager-port is zero.
- Default: ""
- jmx-manager-hostname-for-clients
- Description: Lets you control what hostname will be given to clients that ask
the locator for the location of a jmx manager. By default the ip address that the jmx-manager
reports is used. But for clients on a different network this property allows you to configure
a different hostname that will be given to clients.
Ignored if jmx-manager is false or jmx-manager-port is zero.
- Default: ""
- jmx-manager-password-file
- Description: By default the jmx-manager will allow clients without credentials to connect.
If this property is set to the name of a file then only clients that connect with credentials that
match an entry in this file will be allowed.
Most JVMs require that the file is only readable by the owner.
For more information about the format of this file see Oracle's documentation of the
com.sun.management.jmxremote.password.file system property.
Ignored if jmx-manager is false or if jmx-manager-port is zero.
- Default: ""
- jmx-manager-access-file
- Description: By default the jmx-manager will allow full access to all mbeans by any client.
If this property is set to the name of a file then it can restrict clients to only being able to read
mbeans; they will not be able to modify mbeans. The access level can be configured differently in this
file for each user name defined in the password file.
For more information about the format of this file see Oracle's documentation of the
com.sun.management.jmxremote.access.file system property.
Ignored if jmx-manager is false or if jmx-manager-port is zero.
- Default: ""
- jmx-manager-http-port
- Description: If non-zero then when the jmx manager is started, an embedded
web server will also be started and will listen on this port.
The web server is used to host the GemFire Pulse application.
If you are hosting the Pulse web app in your own web server, then disable
this embedded server by setting this property to zero.
Ignored if jmx-manager is false.
- Default: "7070"
- Deprecated: as of 8.0 use
http-service-port
instead.
- jmx-manager-update-rate
- Description: The rate, in milliseconds, at which this member will push updates
to any jmx managers. Currently this value should be greater than or equal to the
statistic-sample-rate. Setting this value too high will cause stale values to be
seen by gfsh and pulse.
- Default: "2000"
- http-service-port
- Description: Specifies the port used by gemfire HTTP service. If
configured with non-zero value, then an HTTP service will listen on this port.
Value of "0" disables Gemfire HTTP service.
- Default: "7070"
- Allowed values: 0..65535
- Since: 8.0
- http-service-bind-address
- Description: The address where gemfire HTTP service will listen
for remote connections. One can use this property to configure what ip
address or host name the HTTP service will listen on. When not set, by
default the HTTP service will listen on the local host's address.
- Default: ""
- Since: 8.0
HTTP Service SSL Configuration
- http-service-ssl-enabled
- Description: Specifies if http service is started with separate ssl configuration.
If not specified, global property cluster-ssl-enabled (and its other related properties) are used
to secure http service. All http-service-ssl-* properties are inherited from cluster-ssl-* properties.
User can ovverride them using specific http-service-ssl-* property.
- Default:
false
- Since: 8.1
- http-service-ssl-ciphers
- Description: A space separated list of the SSL cipher suites to enable.
Those listed must be supported by the available providers.
- Default:
any
- Since: 8.1
- http-service-ssl-protocols
- Description: A space separated list of the SSL protocols to enable.
Those listed must be supported by the available providers.
- Default:
any
- Since: 8.1
- http-service-ssl-require-authentication
- Description: If false, allow ciphers that do not require the client
side of the connection to be authenticated.
- Default:
false
- Since: 8.1
- http-service-ssl-keystore
- DescriptionLocation of the Java keystore file containing
certificate and private key.
- Default: ""
- Since: 8.1
- http-service-ssl-keystore-type
- DescriptionFor Java keystore file format, this property has the
value jks (or JKS).
- Default: ""
- Since: 8.1
- http-service-ssl-keystore-password
- DescriptionPassword to access the private key from the keystore
file specified by javax.net.ssl.keyStore.
- Default: ""
- Since: 8.1
- http-service-ssl-truststore
- DescriptionLocation of the Java keystore file containing the
collection of CA certificates trusted by server (trust store).
- Default: ""
- Since: 8.1
- http-service-ssl-truststore-password
- DescriptionPassword to unlock the keystore file (store password)
specified by javax.net.ssl.trustStore.
- Default: ""
- Since: 8.1
- start-dev-rest-api
- Description: If true then developer(API) REST service will be
started when cache is created. REST service can be configured using
http-service-port
and http-service-bind-address
properties.
- Default: "false"
- Since: 8.0
Cluster Configuration Service
- enable-cluster-configuration
- Description: "true" causes creation of cluster configuration service on dedicated locators. The cluster configuration service on dedicated locator(s)
would serve the configuration to new members joining the distributed system and also save the configuration changes caused by the Gfsh commands.
This property is only applicable to dedicated locators.
- Default: "true"
- Allowed values: true or false
- Since: 8.0
- use-cluster-configuration
- Description: This property is only applicable for data members (non client and non locator)
"true" causes a member to request and uses the configuration from cluster configuration services running on dedicated locators.
"false" causes a member to not request the configuration from the configuration services running on the locator(s).
- Default: "true"
- Allowed values: true or false
- Since: 8.0
- load-cluster-configuration-from-dir
- Description: "true" causes loading of cluster configuration from "cluster_config" directory in the locator.
This property is only applicable to dedicated locators which have "enable-cluster-configuration" set to true.
- Default: "false"
- Allowed values: true or false
- Since: 8.0
*
- cluster-configuration-dir
- Description: This property specifies the directory in which the cluster configuration related disk-store and artifacts are stored
This property is only applicable to dedicated locators which have "enable-cluster-configuration" set to true.
- Default: ""
- Allowed values
- Since: 8.1
Server SSL Configuration
- server-ssl-enabled
- Description: Specifies if server is started with separate ssl configuration.
If not specified global property ssl-enabled (and its other related properties) are used
to create server socket
- Default:
false
- Since: 8.0
- server-ssl-ciphers
- Description: A space seperated list of the SSL cipher suites to enable.
Those listed must be supported by the available providers.
- Default:
any
- Since: 8.0
- server-ssl-protocols
- Description: A space seperated list of the SSL protocols to enable.
Those listed must be supported by the available providers.
- Default:
any
- Since: 8.0
- server-ssl-require-authentication
- Description: If false, allow ciphers that do not require the client
side of the connection to be authenticated.
- Default:
any
- Since: 8.0
- server-ssl-keystore
- DescriptionLocation of the Java keystore file containing
certificate and private key.
- Default: ""
- Since: 8.0
- server-ssl-keystore-type
- DescriptionFor Java keystore file format, this property has the
value jks (or JKS).
- Default: ""
- Since: 8.0
- server-ssl-keystore-password
- DescriptionPassword to access the private key from the keystore
file specified by javax.net.ssl.keyStore.
- Default: ""
- Since: 8.0
- server-ssl-truststore
- DescriptionLocation of the Java keystore file containing the
collection of CA certificates trusted by server (trust store).
- Default: ""
- Since: 8.0
- server-ssl-truststore-password
- DescriptionPassword to unlock the keystore file (store password)
specified by javax.net.ssl.trustStore.
- Default: ""
- Since: 8.0
Gateway SSL Configuration
- gateway-ssl-enabled
- Description: Specifies if gateway is started with separate ssl configuration.
If not specified global property ssl-enabled (and its other related properties) are used
to create gateway socket
- Default:
false
- Since: 8.0
- gateway-ssl-ciphers
- Description: A space seperated list of the SSL cipher suites to enable.
Those listed must be supported by the available providers.
- Default:
any
- Since: 8.0
- gateway-ssl-protocols
- Description: A space seperated list of the SSL protocols to enable.
Those listed must be supported by the available providers.
- Default:
any
- Since: 8.0
- gateway-ssl-require-authentication
- Description: If false, allow ciphers that do not require the Gateway Sender
side of the connection to be authenticated.
- Default:
any
- Since: 8.0
- gateway-ssl-keystore
- DescriptionLocation of the Java keystore file containing
certificate and private key.
- Default: ""
- Since: 8.0
- gateway-ssl-keystore-type
- DescriptionFor Java keystore file format, this property has the
value jks (or JKS).
- Default: ""
- Since: 8.0
- gateway-ssl-keystore-password
- DescriptionPassword to access the private key from the keystore
file specified by javax.net.ssl.keyStore.
- Default: ""
- Since: 8.0
- gateway-ssl-truststore
- DescriptionLocation of the Java keystore file containing the
collection of CA certificates trusted by server (trust store).
- Default: ""
- Since: 8.0
- gateway-ssl-truststore-password
- DescriptionPassword to unlock the keystore file (store password)
specified by javax.net.ssl.trustStore.
- Default: ""
- Since: 8.0
Miscellaneous
- deploy-working-dir
- Description: Specifies the working directory which this
distributed member will use to persist deployed JAR files. This directory
should be unchanged when restarting the member so that it can read what
was previously persisted. The default is the current working directory
as determined by
System.getProperty("user.dir")
.
- Default:
System.getProperty("user.dir")
- Since: 7.0
- user-command-packages
- Description: A comma separated list of Java packages that
contain classes implementing the
CommandMarker
interface.
Matching classes will be loaded when the VM starts and will be available
in the GFSH command-line utility.
- Default:
""
- Since: 8.0