Re: Problem with mod_proxyajp and Tomcat 7
On Mar 5, 2014, at 11:23 AM, Teresa Fasano t.fas...@cineca.it wrote: Hi, I have a communication problem between Apache and Tomcat with mod_proxy_ajp. The Apache version is 2.2.15. The problem occurred only with Tomcat 7 ( the same problem occurred with various version 7.0.x ), while it works with Tomcat 6. The configuration of mod_proxy_ajp is ProxyPass / share ajp :/ / 127.0.0.1:8009 / share ProxyPassReverse / share ajp :/ / 127.0.0.1:8009 / share Why the spaces? - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
[ANNOUNCE] Apache Tomcat 5.5.35 Released.
The Apache Tomcat team announces the immediate availability of Apache Tomcat 5.5.35 stable. Apache Tomcat 5.5.35 is primarily a security and bug fix release. All users of older versions of the Tomcat 5.5 family should upgrade to 5.5.35. Please refer to the change log for the list of changes: http://tomcat.apache.org/tomcat-5.5-doc/changelog.html Downloads: http://tomcat.apache.org/download-55.cgi Thank you, -- The Apache Tomcat Team - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Availability of Tomcat 5.5.34
Tomcat 5.5.34 was released and announced yesterday... - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Availability of Tomcat 5.5.34
I am TRing 5.5.34 today... - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Availability of Tomcat 5.5.34
My plan is to TR 5.5.34 the week after next… I'm traveling next week :/ On Aug 12, 2011, at 12:25 AM, Sachin Mankapure wrote: Hi Jim, Is there any update on release date of 5.5.34? Thanks, -Sachin Jim Jagielski wrote: I am tempted to do a release next week... we seem to have enough to warrant it. On Jul 21, 2011, at 5:57 AM, Sachin Mankapure wrote: Thanks. I wanted to know *when* 5.5.34 will be available. I got the answer. Konstantin Kolinko wrote: 2011/7/20 msachin sachin.mankap...@gmail.com: Where can I get information about availability of Tomcat 5.3.34? Thanks. Here: http://tomcat.apache.org/download-55.cgi http://tomcat.apache.org/whichversion.html If you want o be notified about release you can subscribe to the announce@ mailing list I do not think that it can happen sooner than next release of 6.0. There is not much activity with Tomcat 5.5 development. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org -- View this message in context: http://old.nabble.com/Availability-of-Tomcat-5.5.34-tp32098293p32106146.html Sent from the Tomcat - User mailing list archive at Nabble.com. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org -- View this message in context: http://old.nabble.com/Availability-of-Tomcat-5.5.34-tp32098293p32247100.html Sent from the Tomcat - User mailing list archive at Nabble.com. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Availability of Tomcat 5.5.34
I am tempted to do a release next week... we seem to have enough to warrant it. On Jul 21, 2011, at 5:57 AM, Sachin Mankapure wrote: Thanks. I wanted to know *when* 5.5.34 will be available. I got the answer. Konstantin Kolinko wrote: 2011/7/20 msachin sachin.mankap...@gmail.com: Where can I get information about availability of Tomcat 5.3.34? Thanks. Here: http://tomcat.apache.org/download-55.cgi http://tomcat.apache.org/whichversion.html If you want o be notified about release you can subscribe to the announce@ mailing list I do not think that it can happen sooner than next release of 6.0. There is not much activity with Tomcat 5.5 development. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org -- View this message in context: http://old.nabble.com/Availability-of-Tomcat-5.5.34-tp32098293p32106146.html Sent from the Tomcat - User mailing list archive at Nabble.com. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
[ANN] Apache Tomcat 5.5.31 released
The Apache Tomcat Team announces the immediate availability of Apache Tomcat 5.5.31 stable. Apache Tomcat 5.5.31 is primarily a security and bug fix release. All users of older versions of the Tomcat 5.5 family should upgrade to 5.5.31. Please refer to the change log for the list of changes: http://tomcat.apache.org/tomcat-5.5-doc/changelog.html Please refer to the Tomcat 5 security page for the list of security fixes in this release: http://tomcat.apache.org/security-5.html Downloads: http://tomcat.apache.org/download-55.cgi Thank you, The Apache Tomcat Team - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: 2 second delays in mod_jk while maintaining workers
On Sep 9, 2010, at 8:34 AM, Mladen Turk wrote:
On 09/09/2010 02:09 PM, John Baker wrote:
Thanks for the feedback.
Can you tell me why this if statement exists:
if (poll(fds, 1, timeout) 0)
{
...
}
else
break;
It appears to be at fault.
poll returns positive number if there is some data to
read on the socket.
It returns 0 in case of timeout (two seconds in this case).
Try to change
fds.events = POLLIN;
to
fds.events = POLLIN | POLLHUP | POLLERR;
If that doesn't help, it's obvious the Tomcat
doesn't close the socket, so should be investigated
why. Like said before, either the Tomcat doesn't
respond to shutdown or the shutdown's FIN packet
isn't send to the Tomcat or back to mod_jk,
due to some weird OS networking issues.
+1
-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Feedback Requested: Proposed CLI Tool for Apache Tomcat; kitty.
Any interest in the code moving to the ASF incubator? On Aug 16, 2010, at 4:06 PM, Networked wrote: Elevator pitch Myself and Peary Chiu have created a lightweight utility for administering Tomcat from the command line in our copious amounts of free time on the weekends. This is a very rough utility, but we wanted a command line administration utility that made it very easy and quick to debug a Tomcat server via JMX. We are looking to solicit feedback from the community on this utility. Really it could be used for any application server, but because of Tomcat's relevance and our familiarity with it, we prefer to offer to this audience. The reason we are creating this utility is because we didn't feel that jconsole or other utilities such as jmxsh were not swift enough or user friendly enough for troubleshooting Tomcat in a production environment. We have nothing against these projects, we just had a different preference for this tool. Needs to be improved We are aware that it needs some features, such as: - #1 Documentation - Easier navigation - Bash-style auto completion (if accomplished, could also benefit the Jython project) - Compile Jython code to Java classes We are working on getting these problems addressed. To our knowledge it works without issue with Jython 2.5.1+. (http://sourceforge.net/projects/jython/files/) What we'd appreciate Feel free to reply back with bugs and enhancement requests. We believe this will eventually be a useful, lightweight administration utility for Tomcat. We believe that by putting this out to the community early, we can address the needs of the community for such a utility, if at all, and have the community give some feedback on their general thoughts on the project. Fin Code is available at: http://github.com/msacks/kitty Thanks for your friendly replies, Matthew Sacks - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
[ANN] Apache Tomcat 5.5.30 released
The Apache Tomcat Team announces the immediate availability of Apache Tomcat 5.5.30 stable. Apache Tomcat 5.5.30 is primarily a security and bug fix release. All users of older versions of the Tomcat 5.5 family should upgrade to 5.5.30. Please refer to the change log for the list of changes: http://tomcat.apache.org/tomcat-5.5-doc/changelog.html Please refer to the Tomcat 5 security page for the list of security fixes in this release: http://tomcat.apache.org/security-5.html Downloads: http://tomcat.apache.org/download-55.cgi Thank you, The Apache Tomcat Team - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Apache 2.2 to Tomcat 6 via proxy_ajp
On May 21, 2009, at 10:28 PM, J. Zimmerman wrote: I am just getting started with Tomcat and have been asked to take on the administration of our Tomcat servers at our college. I am not one of the developers, just the administrator. So far everything has gone pretty smoothly except for getting everything to run proxied via Apache (at least the way we would like it). Our requirement is for Tomcat to deliver the application through http://hostname:8080/appname and/or ajp://hostname:8009/appname. This happens by default and works well. However, we want end users to access the applications via port 443 or 80 and we are doing this via Apache. I can make this work via proxy_ajp and proxy_http so that something like http://hostname/appname works just fine. The wrench in the works is that we want to do virtual hosting through Apache and not have the appname appended to it. The Apache virtual hosted URL's will be the ones exposed to the public. For example if we developed an application called mycoolapp and we were deploying it at a website of the same name we would want the application to run at http://mycoolapp.com and not http://mycoolapp.com/mycoolapp. I have hacked together several different configs suggested through many different pieces of documentation and forums, but just can't seem to get it. Our setup is as follows. Server: Ubuntu 8.04 (all updates) Java: Latest JDK download from Sun Tomcat: Latest version 6 official download (configs are near defaults, I have revereted to the default server.xml) Apache: Latest version 2.2 via Ubuntu repositories. proxy_ajp, proxy_http, and rewrite enabled. If anyone has suggestions or a working example any help is greatly appreciated. ProxyPass / http://hostname:8080/mycoolapp -or- ProxyPass / ajp://hostname:8080/mycoolapp Assuming hostname:8080 is the Tomcat server No need for rewrite at all. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: ProxyPaths and mod_proxy_ajp
Seems to me you are using Apache as a front-end to TC. In which case you are telling Apache that whatever is under /examples should be handled by TC, everything else is local... Right so far? If so, then you for SURE do not what to configure Apache as a forward proxy, which is what you are doing with the ProxyRequests On directive. For a simple reverse proxy you should make sure that Apache is not also a forward one as well... checkout http://httpd.apache.org/docs/2.2/mod/mod_proxy.html#forwardreverse On Feb 27, 2008, at 4:17 PM, Stephen Nelson-Smith wrote: Hi, I have an application which, due to restrictions by third party developers must run on Tomcat 4.1.31 with Java version 1.4.2_11. I am deploying this on a new RHEL 5 machine, with httpd-2.2.3-11.el5_1.3. From my reading, it appears that mod_proxy_ajp is the way to go, and I aim to loadbalance several instances, so this seems to be ideal. I am testing with the default Tomcat webapps - I would like to be able to enter: http://10.1.1.203/examples and get the webapps, where I can click on the examples and run them. On tomcat the path is: http://10.1.1.203:8080/examples/servlets/index.html I am trying to understand the following behavour: The relevant apache config is: IfModule mod_proxy.c ProxyRequests On Proxy * Order allow,deny Allow from all /Proxy LoadModule proxy_ajp_module modules/mod_proxy_ajp.so ProxyPass /examples/ ajp://localhost:8080/examples/ ProxyVia on My server.xml contains: Connector className=org.apache.ajp.tomcat4.Ajp13Connector port=8080 maxHttpHeaderSize=8192 maxThreads=150 minSpareThreads=25 maxSpareThreads=75 enableLookups=false redirectPort=8443 acceptCount=100 connectionTimeout=2 disableUploadTimeout=true proxyName=my.test.com proxyPort=80/ When I browse to http://10.1.1.203/examples I get a tomcat-served directory listing, which I can use to navigate to the examples, from whence I can click on the examples, and they work. If I add /servlets to both sides of the ProxyPass directive, I can browse directly to the directory listing, but if I click on one of the examples I get a 404 / resource unavailable. Why is this happening? How do I get 10.1.1.3/examples to map to the examples, in such a way that I can click on them and they work? Once this is tested and working, I will roll out the real app. What's the recommended way to mix in apache virtual hosts, so I can browse to www.mywizzoapp.com/login.jsp and be mapped to /some/path/which/eventually/logs/into/the/app? Thanks, S. - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [Announce] Enhanced ISAPI Redirector + Tomcat Connector Binaries
On Dec 21, 2007, at 9:56 AM, Rainer Jung wrote: Hi Tim, Tim Whittington wrote: There's one in particular that we feel is very useful that hasn't been accepted though, which is the addition of chunked encoding support to the ISAPI Redirector, which allows IIS to use HTTP keep alives between the browser and IIS - we've found this has major scalability benefits on high transaction volume sites. http://issues.apache.org/bugzilla/show_bug.cgi?id=35297 tracks the proposed patch for this, but it's been waiting for 2+ years for a 1.3 development branch to open to make it available to the wider community. If/when the 1.3 development branch opens and the chunked encoding support is added to the main trunk we'll wind up our patches and see if there's a better way to distribute the binaries. I expect to look at your patch at the beginning of next year. It totally slipped my attention, mainly because I joined the team only in May 2006. When the bug was last updated this year, I actually marked the mail as important, but unfortunately never came back to it. I'll definitely have a look at it. Me too... :) - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: mod_proxy_ajp TIME_WAIT
The below is the workaround for 2.2.6... 2.2.7 contains the actual fix that negates the need for the workaround :) On Nov 21, 2007, at 4:34 AM, David Cassidy wrote: That would be excellent ! Is the only change - as far as mod_proxy_ajp is concerned the one below or is that a work around for 2.2.6 ? Thanks D On Tue, 2007-11-20 at 14:39 -0500, Jim Jagielski wrote: I'm hoping to get it out the top of December :) On Nov 20, 2007, at 3:57 AM, David Cassidy wrote: Hi Jim !!! This is fantastic news ! When is 2.2.7 going to be released ? :) Many many thanks David On Mon, 2007-11-19 at 15:27 -0500, Jim Jagielski wrote: 2.2.6 has a nasty bug were AJP connections are being closed when they shouldn't. 2.2.7 will fix that. In the meantime, trying building httpd with USE_ALTERNATE_IS_CONNECTED defined as 0 (proxy_util.c). On Nov 19, 2007, at 9:07 AM, Rainer Jung wrote: Hi David, TIME_WAIT is a normal TCP state after a connection was successfully closed. Only one side of the connection goes into TIME_WAIT, namely the side that sent the first FIN. So since you've got httpd and Tomcat on the same server, you first need to find out, which side of the conection is in TIME_WAIT. In netstat, usually the left hand IP:PORT is the local side, and the right IP:PORT the remote side. In case the left pair of the TIME_WAIT line includes the port 8009, this would mean, that Tomcat closed the connection first, in case 8009 is on the right side, it would mean, that Apache httpd closed the connection first. Maybe you could show us some of the TIME_WAIT netstat lines. Both could be OK, so we could ask ourselves, if we expect such behaviour. In general AJP connections should be used persistently and only closed, if they have been idle for to long. Is the number of TIME_WAIT connections much larger, than the concurrency (-c) used with ab? Regards, Rainer David Cassidy wrote: Guys, I'm using mod_proxy in apache 2.2.6 with the ajp connector in tomcat. apache config - Proxy balancer://myclusterclear BalancerMember ajp://localhost:8009 route=server1 min=0 smax=1000 max=1000 keepalive=On /Proxy ProxyPass // balancer://myclusterclear/ stickysession=JSESSIONID|jsessionid Tomcat config (Using the native apr libs) Executor name=tomcatThreadPool namePrefix=catalina-exec- maxThreads=150 minSpareThreads=4/ Connector executor=tomcatThreadPool port=8009 secure=false protocol=AJP/1.3 enableLookups=false proxyPort=80 redirectPort=443 maxKeepAliveRequests=2000 tcpNoDelay=true keepAliveTimeout=1 connectionTimeout=60/ After running a few hits with ab to give it some load there are a very large number of connections between apache and tomcat in a TIME_WAIT status. Is this a common happening ? Is there something that can be configured to prevent this from appearing ? Thanks David -- -- - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --- -- To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: mod_proxy_ajp TIME_WAIT
I'm hoping to get it out the top of December :) On Nov 20, 2007, at 3:57 AM, David Cassidy wrote: Hi Jim !!! This is fantastic news ! When is 2.2.7 going to be released ? :) Many many thanks David On Mon, 2007-11-19 at 15:27 -0500, Jim Jagielski wrote: 2.2.6 has a nasty bug were AJP connections are being closed when they shouldn't. 2.2.7 will fix that. In the meantime, trying building httpd with USE_ALTERNATE_IS_CONNECTED defined as 0 (proxy_util.c). On Nov 19, 2007, at 9:07 AM, Rainer Jung wrote: Hi David, TIME_WAIT is a normal TCP state after a connection was successfully closed. Only one side of the connection goes into TIME_WAIT, namely the side that sent the first FIN. So since you've got httpd and Tomcat on the same server, you first need to find out, which side of the conection is in TIME_WAIT. In netstat, usually the left hand IP:PORT is the local side, and the right IP:PORT the remote side. In case the left pair of the TIME_WAIT line includes the port 8009, this would mean, that Tomcat closed the connection first, in case 8009 is on the right side, it would mean, that Apache httpd closed the connection first. Maybe you could show us some of the TIME_WAIT netstat lines. Both could be OK, so we could ask ourselves, if we expect such behaviour. In general AJP connections should be used persistently and only closed, if they have been idle for to long. Is the number of TIME_WAIT connections much larger, than the concurrency (-c) used with ab? Regards, Rainer David Cassidy wrote: Guys, I'm using mod_proxy in apache 2.2.6 with the ajp connector in tomcat. apache config - Proxy balancer://myclusterclear BalancerMember ajp://localhost:8009 route=server1 min=0 smax=1000 max=1000 keepalive=On /Proxy ProxyPass // balancer://myclusterclear/ stickysession=JSESSIONID|jsessionid Tomcat config (Using the native apr libs) Executor name=tomcatThreadPool namePrefix=catalina-exec- maxThreads=150 minSpareThreads=4/ Connector executor=tomcatThreadPool port=8009 secure=false protocol=AJP/1.3 enableLookups=false proxyPort=80 redirectPort=443 maxKeepAliveRequests=2000 tcpNoDelay=true keepAliveTimeout=1 connectionTimeout=60/ After running a few hits with ab to give it some load there are a very large number of connections between apache and tomcat in a TIME_WAIT status. Is this a common happening ? Is there something that can be configured to prevent this from appearing ? Thanks David - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: mod_proxy_ajp TIME_WAIT
Is this worker or prefork MPM? On Nov 15, 2007, at 4:03 AM, David Cassidy wrote: Guys, I'm using mod_proxy in apache 2.2.6 with the ajp connector in tomcat. apache config - Proxy balancer://myclusterclear BalancerMember ajp://localhost:8009 route=server1 min=0 smax=1000 max=1000 keepalive=On /Proxy ProxyPass // balancer://myclusterclear/ stickysession=JSESSIONID|jsessionid Tomcat config (Using the native apr libs) Executor name=tomcatThreadPool namePrefix=catalina-exec- maxThreads=150 minSpareThreads=4/ Connector executor=tomcatThreadPool port=8009 secure=false protocol=AJP/1.3 enableLookups=false proxyPort=80 redirectPort=443 maxKeepAliveRequests=2000 tcpNoDelay=true keepAliveTimeout=1 connectionTimeout=60/ After running a few hits with ab to give it some load there are a very large number of connections between apache and tomcat in a TIME_WAIT status. Is this a common happening ? Is there something that can be configured to prevent this from appearing ? Thanks David - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Upgrade from mod_jk to mod_proxy_ajp
On Nov 17, 2007, at 5:15 PM, Pid wrote: Gmail User wrote: On Nov 9, 2007 11:19 PM, Gmail User [EMAIL PROTECTED] wrote: Any ideas would be appreciated. Just a follow-up since I never got a reply to this--or Gmail is hiding replies from me again. As I found out, Tomcat always worked and going back to mod_jk on httpd-2.2.6 side fixed the problem. So either it is a mod_proxy_ajp or mod_proxy_balancer problem. Ed No replies yet. I'm using proxy_ajp/balancer with no issues either in upload or download. I'd suggest that you upgrade to the most recent version of Tomcat 5.5.25, (I think you said you have 5.5.15), as it does contain bug fixes, which may improve matters. I'm not sure who maintains mod_proxy stuff, but you may get better answers on the HTTPD list. Most likely, yeah... Even though I'm subscribed to [EMAIL PROTECTED], I don't follow it as much as [EMAIL PROTECTED] - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: mod_proxy or mod_jk?
It almost sounds like it's more a config issue than a module one... Using mod_proxy_ajp is nice because you use normal httpd directives (ProxyPass. etc..) to handle the stuff that TC needs to handle. On Nov 17, 2007, at 8:20 PM, Rocco Scappatura wrote: Hello. I would like to publish a Web application running under Tomcat. I'm using Apache 2 as Web server. Basically, I have two opportunities: 1) mod_jk 2) mod_proxy I've tried the first. So I discover that I ve: - Create an alias in httpd.conf so that al static pages are processed directly by Apache2. - Use JkMount directive so that path is mapped to worker (and so to Tomcat) I don't know I have well understod the concept, but I have noted that application doesn't work correcltly. For example, assuming that the path of the application is '/path'. When I accesst to http://hostname/ path all works fine. But if I access to http://hostname/path/subpath I get Visualizzation errors (It seems tome that it misses CSS.. and so on). I read that it is possible to use mod proxy. Now, I would like to know from mailing list if mod_proxy is the best choice or otherwise if I have to solve problem similiar to the one I ve pointed out above, and to use mod_jk. Thanks, rocsca - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: mod_proxy_ajp TIME_WAIT
2.2.6 has a nasty bug were AJP connections are being closed when they shouldn't. 2.2.7 will fix that. In the meantime, trying building httpd with USE_ALTERNATE_IS_CONNECTED defined as 0 (proxy_util.c). On Nov 19, 2007, at 9:07 AM, Rainer Jung wrote: Hi David, TIME_WAIT is a normal TCP state after a connection was successfully closed. Only one side of the connection goes into TIME_WAIT, namely the side that sent the first FIN. So since you've got httpd and Tomcat on the same server, you first need to find out, which side of the conection is in TIME_WAIT. In netstat, usually the left hand IP:PORT is the local side, and the right IP:PORT the remote side. In case the left pair of the TIME_WAIT line includes the port 8009, this would mean, that Tomcat closed the connection first, in case 8009 is on the right side, it would mean, that Apache httpd closed the connection first. Maybe you could show us some of the TIME_WAIT netstat lines. Both could be OK, so we could ask ourselves, if we expect such behaviour. In general AJP connections should be used persistently and only closed, if they have been idle for to long. Is the number of TIME_WAIT connections much larger, than the concurrency (-c) used with ab? Regards, Rainer David Cassidy wrote: Guys, I'm using mod_proxy in apache 2.2.6 with the ajp connector in tomcat. apache config - Proxy balancer://myclusterclear BalancerMember ajp://localhost:8009 route=server1 min=0 smax=1000 max=1000 keepalive=On /Proxy ProxyPass // balancer://myclusterclear/ stickysession=JSESSIONID|jsessionid Tomcat config (Using the native apr libs) Executor name=tomcatThreadPool namePrefix=catalina-exec- maxThreads=150 minSpareThreads=4/ Connector executor=tomcatThreadPool port=8009 secure=false protocol=AJP/1.3 enableLookups=false proxyPort=80 redirectPort=443 maxKeepAliveRequests=2000 tcpNoDelay=true keepAliveTimeout=1 connectionTimeout=60/ After running a few hits with ab to give it some load there are a very large number of connections between apache and tomcat in a TIME_WAIT status. Is this a common happening ? Is there something that can be configured to prevent this from appearing ? Thanks David - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Tomcat fronted with apache best practices?
On Oct 25, 2007, at 7:17 AM, Dragan Jotanovic wrote: Mark Thomas wrote: It all depends on your application. You need to profile it, understand what resources are required per user / session / request (which ever makes sense for your application) and then scale the system appropriately. Thanks for the reply Mark. But could you tell me at least about the ratio between apache's threads and tomcat's threads. Is it ok to put more threads to tomcat than to apache (i.e. 300 for tomcat and 250 for apache) or this number should be equal? It's basically wasted if Tomcat has more entities than Apache is able to provide. This assumes, of course, that the Apache server and Tomcat are stovepiped. - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Very Slow Startup with APR
On Aug 21, 2007, at 11:26 AM, Markus Schönhaber wrote:
Rainer Jung wrote:
There's an addition in tcnative 1.1.10:
http://svn.apache.org/viewvc/tomcat/connectors/trunk/jni/native/
src/ssl.c?view=diffrev=524725r1=524724r2=524725
=
=
--- tomcat/connectors/trunk/jni/native/src/ssl.c (original)
+++ tomcat/connectors/trunk/jni/native/src/ssl.c Sun Apr 1
22:22:42 2007
@@ -259,7 +259,7 @@
file = ssl_global_rand_file;
if (file == NULL)
-file = RAND_file_name(buffer, sizeof(buffer));
+return -1;
else if ((n = RAND_egd(file)) 0) {
return n;
}
Didn't check, but that might be the difference, concerning respecting
RANDFILE?
I'm not familiar enough with the tcnative or OpenSSL code to
understand
the change above just by looking at this snippet. But from Mladen's
comment it seems to me that this would *introduce* respect for
RANDFILE.
Am I wrong?
Well, the comment doesn't seem to match what the code is doing :)
I'm guessing that the problem the patch was trying to solve was
due to the /dev/random issue itself, so bypassing that
seemed a valid solution...
-
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Re: Very Slow Startup with APR
On Aug 22, 2007, at 11:32 AM, Markus Schönhaber wrote: 2. If tcnative 1.1.10 is used, set the environment variable RANDFILE to point to some random source which can be accessed without danger of blocking (for example /dev/urandom) or create a static random file in the home dir of the user Tomcat is run as. 3. Use tcnative 1.1.10. Yeah, although I'm not sure why the behavior was changed in the 1.1.10 timeframe, since maintaining the old behavior seemed like a more general result, unless, of course, the usage of RANDFILE wasn't known: RAND_file_name() generates a default path for the random seed file. buf points to a buffer of size num in which to store the filename. The seed file is $RANDFILE if that environment variable is set, $HOME/.rnd oth- erwise. If $HOME is not set either, or num is too small for the path name, an error occurs. Of course, this is all based on looking at just the patch file; I plan on actually looking over the whole ssl.c file to see if my understanding matches the actual codebase usage :) - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Very Slow Startup with APR
On Aug 21, 2007, at 10:02 AM, Rainer Jung wrote:
Followup to self:
There's an addition in tcnative 1.1.10:
Looks like this went through further refactoring in:
http://svn.apache.org/viewvc/tomcat/connectors/trunk/jni/native/
src/ssl.c?r1=524725r2=525163
I just checked HEAD on trunk and it *has* RAND_file_name() in there...
static int ssl_rand_load_file(const char *file)
{
char buffer[APR_PATH_MAX];
int n;
if (file == NULL)
file = ssl_global_rand_file;
if (file (strcmp(file, builtin) == 0))
return -1;
if (file == NULL)
file = RAND_file_name(buffer, sizeof(buffer));
if (file) {
if (strncmp(file, egd:, 4) == 0) {
if ((n = RAND_egd(file + 4)) 0)
return n;
else
return -1;
}
if ((n = RAND_load_file(file, -1)) 0)
return n;
}
return -1;
}
-
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Re: ajp through ProxyPass is sending HTTP HEAD requests as HTTPGET to servlets.
Added as PR: 43060
Thanks for the info and the analysis... I'll take a look
and tune as required.
On Aug 8, 2007, at 5:46 AM, Rainer Jung wrote:
Hi Chad,
yes, it looks like that's a bug in mod_proxy_ajp. You should log a
bug in bugzilla for httpd. I checked the code for Apache httpd
2.2.4 and also shortly for 2.2.x head and trunk.
The situation is as follows (you might include this in the bug
description):
Apache httpd decodes HTTP methods as method_number. HTTP HEAD and
GET get the same method_number. To make HEAD distinguishable form
GET, adiitionally header_only gets set for a HEAD request.
mod_proxy_ajp only decodes the method_number and doesn't check the
header_only flag. So every HEAD request gets forwarded as a GET
request.
In order to fix the forwarding, one has to improve
ajp_marshal_into_msgb() in ajp_header.c and also
ap_proxy_ajp_request(9 in mod_proxy_ajp.c. A patch against 2.2.4
could be close to the following (I didn't test, I didn't even
compile it):
Index: mod_proxy_ajp.c
===
--- mod_proxy_ajp.c (revision 563796)
+++ mod_proxy_ajp.c (working copy)
@@ -313,6 +313,16 @@
break;
case CMD_AJP13_SEND_BODY_CHUNK:
/* AJP13_SEND_BODY_CHUNK: piece of data */
+if (r-header_only) {
+ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, r-
server,
+ proxy: header only);
+isok = 0;
+/* Pass EOS bucket down the filter chain. */
+e = apr_bucket_eos_create(r-connection-
bucket_alloc);
+APR_BRIGADE_INSERT_TAIL(output_brigade, e);
+apr_brigade_cleanup(output_brigade);
+break;
+}
status = ajp_parse_data(r, conn-data, size, buff);
if (status == APR_SUCCESS) {
if (size == 0) {
Index: ajp_header.c
===
--- ajp_header.c(revision 563796)
+++ ajp_header.c(working copy)
@@ -224,6 +224,9 @@
r-method);
return AJP_EBAD_METHOD;
}
+if ((method == SC_M_GET) r-header_only) {
+method = SC_M_HEAD;
+}
is_ssl = (apr_byte_t) ap_proxy_conn_is_https(r-connection);
Regards,
Rainer
Chad Scholes wrote:
I am using Apache 2.2.3 and Tomcat 5.0. I use ProxyPass to ajp to
send Servlet requests from Apache to Tomcat and for some reason all
HEAD requests are being sent to my servlets as GET requests. I
probably don't have something setup correctly but I don't know what
would affect the HEAD request.
My Apache configuration for ProxyPass is set like:
Alias /qfsearch /var/lib/qfsearch/docs Location /qfsearch Allow
from all /Location ProxyPass /qfsearch
ajp://localhost:9009/qfsearch
mod_proxy and mod_rewrite are setup as:
IfModule mod_proxy.c Proxy * Order deny,allow Deny from all /
Proxy ProxyRequests Off /IfModule
IfModule mod_rewrite.c RewriteEngine On RewriteLog
/var/log/apache2/rewrite_log RewriteLogLevel 1 /IfModule
In the apache access log the request is getting to apache as a HEAD
request: 137.65.79.137 - - [06/Aug/2007:14:33:45 -0600] HEAD
/qfsearch/ClusterServlet?
server=qfsearch3.provo.novell.comtype=indexputname=duhputsubname=q
find.idxidxdatetime=1186176509000idxlocation=%2Fvar%2Flib%
2Fqfsearch%2FSites%2Fdefault%2Findexes%2Fduh%2F2007-08-03%3B
+15.28.29put=qfind.idxfilesize=11709498datetime=1186176509000do=c
anput
HTTP/1.1 503 - - Java/1.5.0
However, I have a servlet that overrides the service function and in
that call request.getMethod() and it is now returning GET not
HEAD.
If I call Tomcat directly then everything works fine
(request.getMethod() returns HEAD). This particular section of code
has been working for years with the JKMount command but now that we
have changed to the ProxyPass it is not working. If you have any
ideas what could be wrong I would appreciate the help!
Thanks you!! Chad
-
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
-
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Re: Quality check mod_jk 1.2.25-dev
So far, so good. +1 On Aug 3, 2007, at 2:40 AM, Rainer Jung wrote: Hi all, unfortunately we had to withdraw mod_jk 1.2.24. It had a serious regression bug. To ensure the quality of the new 1.2.25 we invite you to actively participate in testing. A code snapshot (revision 562250) is available at: http://people.apache.org/~rjung/mod_jk-dev/ It is in the same format as a release download, so easy to build. Under the same URL you can find the updated documentation. It would be really nice, if we could get some testing feedback from the community. Feel free to post any observations. Depending on your feedback we plan to tag the release next week. The most important changes after 1.2.24 are: - fix flushing regression bug - fix behaviour of fail_on_status - additional soft error mode for fail_on_status - bug fixes for nsapi plugin (see changelog) The full change log is available under: http://people.apache.org/~rjung/mod_jk-dev/docs/miscellaneous/ changelog.html Thanks for your valuable time! Regards, Rainer - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: iPlanet / SunONE web server tomcat connector connection re-use disabled
On Jul 6, 2007, at 4:45 AM, [EMAIL PROTECTED] wrote: QUESTION: Can anyone confirm or deny whether the Netscape connector should not have connection re-use enabled as the other connectors do. Some overview of any reason would also be much appreciated. It does not, but would be a good addition. I will look into what would be required to add that in. Thanks! - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: proxy_balancer_module modules/mod_proxy_balancer.so in httpd-2.0.52-28.ent.i386 ??
The balancer code is only part of httpd 2.2.x On Apr 11, 2007, at 4:01 AM, Paresh Mutha wrote: The feature I am looking for proxy_balancer_module modules/mod_proxy_balancer.so. Can some one tell me if this is available on RHEL4 ie in httpd-2.0.52-28.ent.i386https://rhn.redhat.com/network/software/ packages/details.pxt?pid=356268Apache HTTP Server ? Thanks, Paresh - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Quality check mod_jk 1.2.21-dev
On Feb 26, 2007, at 3:53 PM, Rainer Jung wrote: Hi Kirk, I never built for Sun Web Server, but I just saw the configure flag: --enable-netscape Did you ever try running configure with that one before doing the make? Yes, I added that at the 1.2.21-dev phase specifically to allow for the jk_types.h creation. It also prevents the other compilation error as well. - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Quality check mod_jk 1.2.21-dev
Let me know what you find. I had updated the configure.in file to add the --enable-netscape option and updated the BUILDING and Makefile.solaris files. I should likely update the netscape/README file with the notes from BUILDING... On Feb 26, 2007, at 4:42 PM, Kirk wrote: I will take a look at it. I did not see that this option, so I never knew to use it. If I were to try and document the process I am going through to compile, would that be of help to put as a solaris sunone build doc? finding information on the web is few and far between. Most people probably run mod_jk under apache from what I have noticed and all of the docs are geared towards that. The ones I can find for sunone are geared towards windows. I am sure between the emails you and I have traded in the past few weeks on my trials and tribulations, if I can get everything to work, I can write up some docs to contribute. Kirk On 2/26/07, Rainer Jung [EMAIL PROTECTED] wrote: Hi Kirk, I never built for Sun Web Server, but I just saw the configure flag: --enable-netscape Did you ever try running configure with that one before doing the make? Regards, Rainer - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Quality check mod_jk 1.2.21-dev
On Feb 26, 2007, at 11:11 AM, Rainer Jung wrote: Hi all, the next version of mod_jk is approaching its release. A code snapshot is available at http://people.apache.org/~rjung/mod_jk-dev/ It is in the same format as a release download, so easy to build. Under the same URL you can find the updated documentation. It would be nice, if we could get some testing feedback from the community. Feel free to post any observations. Depending on your feedback we plan to tag the release at the end of the week. So far so good... I haven't seen any problems with the snap. - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Compiling mod-jk plugin for SunOne on Solaris
On Feb 21, 2007, at 3:25 PM, Kirk wrote: There was a thread from February 1st on this same issue. I am having the same problem that person did, but I tried everything in the thread and still no luck. After I get mod_jk compiled I get this on server startup: failure: CORE3170: Configuration initialization failed: Error running init function load-modules: dlopen of /wamu/hr/sunone/plugins/mod_jk/nsapi_redirector.so failed (ld.so.1: webservd: fatal: relocation error: file /wamu/hr/sunone/plugins/mod_jk/nsapi_redirector.so: symbol __lshrdi3: referenced symbol not found) The one thing that I think is making a difference as compared to the person in the earlier thread is that gcc is not installed on the server I am trying to deploy on and I am not allowed to have it on there. it is not an option, don't ask. I tried static linking, but I have a feeling I am doing it wrong. I would download and use SunStudio. With Sun's own 'cc' you don't get these errors with gcc assuming that glib/gld will be pulling in these gcc/glib artifacts. The Makefile.solaris is updated in trunk (and thus in 1.2.21) with the cc params - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: meanings of -lapr-0 -lgcc -lc -lsocket -lnsl in Makefile while building nsapi_redirector.so
On Jan 31, 2007, at 1:36 AM, Zack Grafton wrote: Maulik, In the line: LD_SHAREDCMD=ld -G -fPIC -lapr-0 -lgcc -lc -lsocket -lnsl I can't tell which one is bold, but anyway, that line specifies which linker command to use, and the -l options specify the loading of a library. You should check the man page for 'ld'. And in the line: CC_CMD= gcc -DNET_SSL -DSOLARIS -D_REENTRANT -DXP_UNIX \ -DMCC_HTTPD -DSPAPI20 -Wall \ -fPIC The -Wall option is telling the compiler to give you all the warnings it can provide. I'd recommend not using gcc at all, otherwise it's possible (in fact likely) that you'll run into a relocation error when using with SunONE (missing __lshrdi3). Instead use Sun Studio. Also, the Makefile.solaris seems broken as well (looking into it and will fix soon) so just do a cp ../common/*.c . cp ../common/*.h . while in ./netscape and the build should proceed OK. - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Compiling mod-jk plugin for SunOne on Solaris
On Jan 31, 2007, at 7:30 PM, Rainer Jung wrote: Try the following two files to compile. If this will work, we can find out how to automate them. common/jk_types.h: common/portable.h: All done. Fixed on trunk, I added --enable-netscape which allows configure to continue without requiring any Apache src... so now these files are built and one can then go ahead and build the netscape redirector... - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Compiling mod-jk plugin for SunOne on Solaris
mod_jk.conf is an Apache-specific config file (it contains the various mod_jk Apache directives) and is therefore not usable under SunONE. On Feb 2, 2007, at 11:38 AM, Maulik S wrote: How can we put entry in obj.conf of sun one web server so that it knows to refer mod_jk.conf file like we put the similar entry in httpd.conf ? Thanks Maulik Jim Jagielski [EMAIL PROTECTED] 02/02/2007 09:28 PM Please respond to Tomcat Users List users@tomcat.apache.org To Tomcat Users List users@tomcat.apache.org cc Subject Re: Compiling mod-jk plugin for SunOne on Solaris On Jan 31, 2007, at 7:30 PM, Rainer Jung wrote: Try the following two files to compile. If this will work, we can find out how to automate them. common/jk_types.h: common/portable.h: All done. Fixed on trunk, I added --enable-netscape which allows configure to continue without requiring any Apache src... so now these files are built and one can then go ahead and build the netscape redirector... - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] ForwardSourceID:NT2302 =-=-= Notice: The information contained in this e-mail message and/or attachments to it may contain confidential or privileged information. If you are not the intended recipient, any dissemination, use, review, distribution, printing or copying of the information contained in this e-mail message and/or attachments to it are strictly prohibited. If you have received this communication in error, please notify us by reply e-mail or telephone and immediately and permanently delete the message and any attachments. Thank you - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Apache 2.2.3 Tomcat 5.5.20 - mod_jk or proxy?
On Nov 16, 2006, at 9:13 AM, Rainer Jung wrote: Hi Michael, I didn't want to shoot at you, and yes, mod_jk documentation could be much better. Assuming it's up to date :) - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Apache 2.2.3 Tomcat 5.5.20 - mod_jk or proxy?
On Nov 15, 2006, at 5:42 PM, Caldarale, Charles R wrote: From: Rainer Jung [mailto:[EMAIL PROTECTED] Subject: Re: Apache 2.2.3 Tomcat 5.5.20 - mod_jk or proxy? If you want to use mod_proxy, it is important to know, that most documentation for mod_proxy_balancer is contained in apaches documentation page for mod_proxy, not on the page for mod_proxy_balancer :) My brain 'urts! (Spoken with a thick Yorkshire accent :-) Why? Let's see, I want to use mod_proxy's ProxyPass. I should look someplace other than mod_proxy docs for that info :) - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: load balancing with controlled failover
This is expected to be added to the proxy module, but in a way which is more inline with expectations for a specific proxy server (whether serving ajp or http or anything else). On Nov 1, 2006, at 5:39 AM, Rainer Jung wrote: Hi Gary, from my understanding of the code mod_proxy(_balancer) at the moment is not able to do that. There are status settings disable and stopped one can set, but at the moment disbled and stopped behave the same. I didn't really try, but I derive that from looking at the code. This holds true for version 2.2.3, the head of branch 2.2 and trunk as well. I remember some mail on httpd-dev, that this is known and will be corrected. The module mod_jk also has the concept of disable and stop. For mod_jk disable means, that requests with sessions on a disabled target still get routed there, but requests without a session do not get routed to a disabled target. So if your sessions are relatively short, you can considerably decrease the number of remaining sessions on a target by disabling it some time before your maintenance. I'm sure, this behaviour will come to mod_proxy too, but it looks like it's not there yet. Anybody: please correct me if I'm wrong. If you are going to use mod_jk, please get the latest release 1.2.19. It's important to know, that mod_jk can only handle ajp backends. Regards Gary Feltham schrieb: Hi, I have a load balancing setup using Apache 2.2.2 (Win32) and 2 instances of Tomcat 5.5.15 and 5.5.17. So far I have been able to establish a successful load balancing using sticky sessions with the following config: ProxyPass /test balancer://testcluster stickysession=JSESSIONID nofailover=On Proxy balancer://testcluster BalancerMember ajp://127.0.0.1:18009/test smax=5 route=node01 BalancerMember ajp://127.0.0.1:28009/test smax=5 route=node02 /Proxy I am not wanting to setup a tomcat cluster for this deployment but have 2 independant instances of tomcat running independant sessions. Currently this is also setup to not failover if an instance goes down. For instance node01 is shutdown, the status is: LoadBalancer Status for balancer://testcluster StickySession Timeout FailoverAttemptsMethod JSESSIONID 0 1 byrequests Worker URL Route RouteRedir Factor Status ajp://127.0.0.1:18009/test node01 1 Err ajp://127.0.0.1:28009/test node02 1 Ok All expected and a request to node 1 results in a 503 response. My question therefore is: Within the context of a scheduled down time such as redeployment of the application or reboot of the server I would like to be able to control closure of the load balancer. For example, node 1 is targeted to be shutdown for maintenance, currently I have 10 user sessions on that instance and say 9 on node 2. If new users join then the load balancer will evenly distribute to each node per request. What I want to control is that each NEW user should only go to node 2, then each session on node 1 will expire eventually leaving 0 sessions on node 1. Node 1 can then be removed cleanly for maintenance and its status set as disabled. Is there a current method of performing this in either mod_proxy or mod_jk - I don't mind which but would like to gain that control? Many thanks, Gary Feltham - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: mod_jk 1.2.16 release candidate: ready to test
+1 - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Tomcat as a standalone webserver. Why not?
On Jun 2, 2006, at 12:27 PM, Mladen Turk wrote: Jim Jagielski wrote: Web Servers are web servers primarily, focused on HTTP, compliance, speed and capability. Use the right tool for the right job :) Agreed. If you only need a web server, use a web server. I think that the question is not whether to replace the web server, but whether the web server is needed for delivering the static content in cases where there is already a Tomcat. In that case the APR can be used. Agreed. Although for simple static content, using web server caching can result in even better performance as well... Most just a web server web servers have robust caching built in (as well as flexible proxying as well). The subject line does say Why not? right? :) - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: SSL with Tomcat and Apache..IE problems
Another possible issue is the session cookie information, which IE has problems with when doing simple HTTP redirects. On May 27, 2006, at 1:05 PM, Rizwan Merchant wrote: We are running tomcat 5.5.16 on Fedora Core 4 OS. We just installed apache2.0 as a front to serve the pages using the mod_jk connector. There are 2 apps on tomcat (virtual hosting), one of which needs to be SSL enabled (lets say app1 and app2, app2 is the one that needs to be SSL enabled). Everything seems to be working fine on FireFox, both apps can be accessed fine. When we access www.app1.com pages are served as expected, and when we access www.app2.com the browser detects the certificate and switches to https But things are not well when it comes to IE. www.app1.com works the same as FF, and the app can be accessed. But when we try to access www.app2.com, IE shows the certificate and asks if we would like to proceed. When we click on 'Yes', the browser cannot find the app after that and returns Page cannot be displayed error. Also, directly accessing the https site by using the URL https:// www.app2.com:8443 works fine on IE as well. so its basically the switching from http to https for app2 that doesnt seem to work. I dont understand why this works on FF but not on IE..! I hope someone can shed some light on this. I can post the httpd.conf , server.xml and workers.properties files if that helps.. Thanks, -Riz. - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Tomcat as a standalone webserver. Why not?
IMO, if you need to move out of pure Java in your Java Web Server to get acceptable performance, then why use it in the first place? Plus, if you are concerned about the security of Apache (cause it's nasty C) and therefore want to use a Java Web Server, then using JNI means you've left that warm and safe place, since you are no longer safe in a pure Java environment. Web Servers are web servers primarily, focused on HTTP, compliance, speed and capability. Use the right tool for the right job :) - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: This page contains secure and non secure elements (was mod_jk : connection aborted or network problems, but apache and tomcat are on the same machine??)
On May 8, 2006, at 3:44 PM, Francis Galiegue wrote: OK, I have some more information... The whole webapp is served through mod_ssl, as such (in the webapp specific config file): Not sure if this was already mentioned, but check to make sure that all resources are either relative or else use the https: scheme. If the returned content has even one img src or css link that points to a http: link, then the error will occur. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: why use mod_jk?
On Feb 24, 2006, at 10:11 AM, Brad O'Hearne wrote: Question below: On Feb 24, 2006, at 2:05 AM, Bill Barker wrote: Brad O'Hearne [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED] mod_proxy_ajp? Yet another twist. Its just hard for me to believe that how do I integrate tomcat and apache httpd? is such a mystery / unknown. This seems like it would be question #1 on any Tomcat FAQ. So where can I found out more about mod_proxy_ajp. Is there a Tomcat resource which explains the configuration of it? Nope, since it all under the Httpd project :). You can start with: http://httpd.apache.org/docs/2.2/mod/mod_proxy.html, and then move on to http://httpd.apache.org/docs/2.2/mod/mod_proxy_ajp.html. The simplest configuration looks like: ProxyPass /myapp ajp://localhost:8009/myapp Ok, I understand what it is trying to do here. But I assume there is a connector that has to be loaded in Tomcat to enable listening for the ajp protocol on port 8009, no? Is there documentation about this anywhere? On the Tomcat side, there is no difference (really) between whether the web server is using mod_jk or mod_proxy_ajp. Both use AJP for the link, so you'd use the AJP connector. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: mod_proxy_balancer: how to define failover (only)/hot standby behavior?
Actually, dev@httpd.apache.org is best, since that is where the development of this module is being done. I have changed the email headers accordingly. A sort of warm standby is something that I had planned to work into the balancer code post 2.2.1. On Jan 24, 2006, at 11:14 AM, [EMAIL PROTECTED] wrote: Hello, using Apache 2.2.0/mod_proxy_balancer, is it possible to configure a proxy balancer with two balancer members, where one of the two only gets the requests, if the other one fails? In mod_jk that was possible using local_worker_only, but with mod_proxy_balancer I have not yet understood how to define such behavior (defining loadfactor=0 would be a way, probably working right away, but is definded to be a number between 1 and 100). As far as I understand at the moment, it is only possible to define an almost-only-hot-standby-behavior, where the failover-backend gets 1/100 of all requests.. Thanks in advance and best regards, Andreas P.S.: I posted the question to the apache-httpd-users mailing list 3 days ago, but it seems to fit better to here..I would post the answer there, if I got one here. Dieses Dokument ist vertraulich und ausschliesslich fuer den Adressaten bestimmt. Falls Sie diese E-Mail versehentlich bekommen haben, informieren Sie uns bitte unverzueglich und loeschen Sie diese Nachricht von Ihrem Computer. Jegliche Art von Reproduktion, Verbreitung, Vervielfaeltigung, Modifikation, Verteilung und/oder Publikation dieser E-Mail Nachricht ist untersagt. Die in dieser E-Mail enthaltenen Angaben und Erklaerungen sind unverbindlich. Haftungsansprueche des Empfaengers jeglicher Art werden ausgeschlossen. Die GZS schliesst ausser fuer den Fall von Vorsatz oder grober Fahrlaessigkeit die Haftung fuer jeglichen Verlust oder Schaeden durch virenbefallene Software oder E-Mails aus. -- - This message contains confidential information and is intended only for the named individual. If you are not the named addressee, you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately by e-mail if you have received this message in error and delete this e-message from your system. No reliance may be placed on this message without written confirmation of its contents from an authorized representative. GZS accepts no liability for loss or damage caused by software viruses except in case of gross negligence or willful behaviour. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
