How to safely and correctly disable the Access Scanner in Couchbase 7+

Hi all,
We’re running Couchbase Server 7.x in a production environment and are evaluating the best way to disable the Access Scanner on certain buckets.

We’ve come across a few methods in the community and documentation:

• Rest API
  POST /pools/default/buckets/<bucket_name> -d 'accessScannerEnabled=false'

• cbepctl flush param
  cbepctl -u admin -p pass -a host set flush_param access_scanner_enabled false

• internal /diag/eval method

• etc..

We want to:
• Confirm the officially supported and recommended method for Couchbase 7.x
• Understand if this change requires a node restart or is applied dynamically
• Know whether there are any side effects whilst running on live cluster
• Learn if there’s a safe way to apply this across multiple buckets or nodes or full cluster level

Would appreciate best practice guidance from Couchbase engineers or others who’ve done this in production.

Thanks!

There is some information in https://review.couchbase.org/c/ep-engine/+/40884

Thank you for your quick response @mreiche - Really appreciate it!

I’ve checked this out - using cbepctl -u admin -p pass -a host set flush_param access_scanner_enabled false applies the change immediately and doesn’t require a restart - which is good for runtime tuning.

That said, since cbepctl modifies ep-engine runtime parameters, those settings are not persisted and will revert to defaults after a node restart.

We’re specifically looking for a persistent and supported way to disable the Access Scanner - bucket level or cluster level - so the configuration survives restarts across all nodes.

Is there a way to make this setting stick across reboots ?