bleimehl
(Bleimehl)
December 13, 2021, 8:51am
1
@michael.hunger says that the Docker images are updated to mitigate the problem
"The docker images have also been updated with a config setting disabling jmx."
Is that true? On dockerhub the 4.4 images are still 6 days old and the 4.3 even 10 days
https://hub.docker.com/_/neo4j?tab=tags
It seems that they had jmx access already disabled
If you do
call dbms.listConfig() yield name, value
where name starts with "dbms.jvm.additional"
return name, value
it shows this which includes the disabled log4j jmx -Dlog4j2.disable.jmx=true
-XX:-OmitStackTraceInFastThrow
-XX:+AlwaysPreTouch
-XX:+UnlockExperimentalVMOptions
-XX:+TrustFinalNonStaticFields
-XX:+DisableExplicitGC
-XX:MaxInlineLevel=15
-XX:-UseBiasedLocking
-Djdk.nio.maxCachedBufferSize=262144
-Dio.netty.tryReflectionSetAccessible=true
-Djdk.tls.ephemeralDHKeySize=2048
-Djdk.tls.rejectClientInitiatedRenegotiation=true
-XX:FlightRecorderOptions=stackdepth=256
-XX:+UnlockDiagnosticVMOptions
-XX:+DebugNonSafepoints
-Dlog4j2.disable.jmx=true"
1 Like
bleimehl
(Bleimehl)
December 13, 2021, 4:46pm
3
Thanks Michael for the clarification:
Additional hint:
if you use NEO4J_dbms_jvm_additional
you will overwrite these default and you have to set them yourself
Yes I realized that only after the fact which is a bit annoying.
The other option one can use with Docker is to set this environment variable:
ENV LOG4J_FORMAT_MSG_NO_LOOKUPS=true