I need to set Java's DNS cache TTL (networkaddress.cache.ttl) for an Amazon Elastic Beanstalk app running in Tomcat 8. Because EB can start and stop server instances at any time, I can't simply edit a Tomcat config file and the server and expect the change to persist.
I tried setting the networkaddress.cache.ttl and sun.net.inetaddr.ttl environment variables, but those had no effect. Amazon says calling java.security.Security.setProperty("networkaddress.cache.ttl" , "60"); "will not work if you run your application inside of Tomcat" (http://aws.amazon.com/articles/4035). What's a good way to set the TTL?
The problem is that I was doing it wrong. Setting the sun.net.inetaddr.ttl environment variable works. You can do this in your Elastic Beakstalk config file:
option_settings:
- namespace: aws:elasticbeanstalk:application:environment
option_name: sun.net.inetaddr.ttl
value: 60
60 seconds is the value recommended by Amazon
Another option that seems a little nicer to me is to create and use a java.security file:
option_settings:
- namespace: aws:elasticbeanstalk:application:environment
option_name: java.security.properties
value: /etc/myapp/java.security
container_commands:
00create_config_dir:
command: 'mkdir -p /etc/myapp'
ignoreErrors: true
01create_java_security_file:
command: 'echo "networkaddress.cache.ttl=60" > /etc/myapp/java.security'
ignoreErrors: true