Am 22.03.2018 um 11:58 schrieb Martin Knoblauch:
Hi,
we have this annoying problem that although Tomcat workers are set to DIS
state in mod_jk, there are new connections being opened. This prevents us
from "idle down" Tomcats in a timely fashion. This hurts when a restart is
needed. While our empathy for human clients is pretty limited, we care a
lot about our automated workloads :-)
Our setup: Apache 2.4.x frontend -> mod_jk(1.2.42) balancer, sticky
sessions -> a bunch of Tomcat 7 (yes I know. Oldie but Goldie :-) workers.
As far as I understand, the problem arises with HTTP(S) clients that cache
the session cookies. If such a client tries to open a new connection to the
backend, the old cookie passes to a DIS worker even if it is no longer
valid on the Tomcat side. Tomcat/Application then sees that the cookie is
not valid and doles out a new cookie which then allows the new connection
to be established.
My idea is now to delete existing session cookies for certain request
pattern on the Apache frontend. If it works, it should force mod_jk to a
new ACT Tomcat. But I am nor really fond of messing with the Apache
configuration, as the reason lies on the mod_jk/Tomcat side.
So if anybody has another suggestion I would love to hear it. Before I
forget, changing the application itself is not an option.
Either your idea, or - if those unwanted new request flows start with a
specific URL, e.g. a login - mark those URLs specifically as not using
the cookie. If you are using a uriworkermap.properties, look for
"sticky_ignore" below
http://tomcat.apache.org/connectors-doc/reference/uriworkermap.html#Rule%20extensions.
If you are instead using JkMount style maps, look for JK_STICKY_IGNORE
in
http://tomcat.apache.org/connectors-doc/reference/apache.html#Advanced%20Environment%20Variables.
Whenever you set the Apache environment variable JK_STICKY_IGNORE during
a request execution, mod_jk will ignore the cookie and distribute like
if it didn't see one. Such environment variables (different from Unix
environment variables) can be set e.g. with mod_setenvif based on
request properties and also with mod_rewrite as a [E=] side effect.
But that would only help if you can describe request properties that
alow you to decide - based on the request alone - whether the cookie
needs to be ignored or not. You can use any request info including all
headers for that decision. What is not possible, is to first check,
whether the session is valid.
You could also write a filter that checks the cookie for validity in
Tomcat and if it is not valid, reply with a self-referential redirect
including a Set-Cookie-Header that deletes the cookie. This filter
should be written, such that it does not itself create a new session.
HTH,
Rainer
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
