Re: Do I Need Network NameSpaces to Solve This Tomcat+Connector/J Problem?
https://tldp.org/LDP/solrhe/Securing-Optimizing-Linux-RH-Edition-v1.3/chap6sec70.html Mentions “tcp and udp traffic” it seems across all processes On Thu, Dec 30, 2021 at 11:49 AM Eric Robinson wrote: > José, > > > -Original Message- > > From: José Cornado > > Sent: Thursday, December 30, 2021 12:00 PM > > To: Tomcat Users List > > Subject: Re: Do I Need Network NameSpaces to Solve This > > Tomcat+Connector/J Problem? > > > > But they do not get a corresponding database instance? > > > > They do. Each tomcat instance has a corresponding database instance > listening on its own dedicated port. Even so, we've seen cases where all > the available client ports are exhausted. > > This raises the question, does the Linux ip_local_port_range shown here... > > $ cat /proc/sys/net/ipv4/ip_local_port_range > 32768 61000 > > ...apply globally, or on a per-socket basis? I would think that it should > apply per socket, but in practice it seems to be a global limitation. > > -Eric > > > Disclaimer : This email and any files transmitted with it are confidential > and intended solely for intended recipients. If you are not the named > addressee you should not disseminate, distribute, copy or alter this email. > Any views or opinions presented in this email are solely those of the > author and might not represent those of Physician Select Management. > Warning: Although Physician Select Management has taken reasonable > precautions to ensure no viruses are present in this email, the company > cannot accept responsibility for any loss or damage arising from the use of > this email or attachments. >
Re: Do I Need Network NameSpaces to Solve This Tomcat+Connector/J Problem?
But they do not get a corresponding database instance? On Thu, Dec 30, 2021 at 10:51 AM Eric Robinson wrote: > José, > > > Is this setup going to be open to the world or just a big organization? > A big > > organization would put a cap on the number of users. Then maybe they > > could divide those between the tomcat instances thus the db server. > > > > It's a SaaS solution, where each customer organization gets its own tomcat > instance. > > -Eric > > > > Disclaimer : This email and any files transmitted with it are confidential > and intended solely for intended recipients. If you are not the named > addressee you should not disseminate, distribute, copy or alter this email. > Any views or opinions presented in this email are solely those of the > author and might not represent those of Physician Select Management. > Warning: Although Physician Select Management has taken reasonable > precautions to ensure no viruses are present in this email, the company > cannot accept responsibility for any loss or damage arising from the use of > this email or attachments. >
Re: Do I Need Network NameSpaces to Solve This Tomcat+Connector/J Problem?
Is this setup going to be open to the world or just a big organization? A big organization would put a cap on the number of users. Then maybe they could divide those between the tomcat instances thus the db server. On Thu, Dec 30, 2021 at 4:24 AM Mark Thomas wrote: > On 29/12/2021 21:04, Eric Robinson wrote: > > > > > My question is, is there a better way? > > I can only think of variations on a theme. > > The ~64k limit assumes client IP, server IP and server port remain > constant. i.e. just client port is varying. > > That suggests there is a single IP for the database server and that it > is listening on a single port. > > You are currently varying client IP. Varying server IP is unlikely to be > any different in terms of ease of management etc. > > There may be more mileage in getting the database server to listen on > more than one port. It depends how the database sever is structured. If > it can have multiple listeners all passing connections to the same > database instance then adding db listeners might be a simpler way to > manage this. > > Mark > > - > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > >
Re: Do I Need Network NameSpaces to Solve This Tomcat+Connector/J Problem?
Your problem seems to be in the client-to-db server side of things. Not tomcat as a server. On Wed, Dec 29, 2021 at 2:11 PM Eric Robinson wrote: > We want to run a large number of tomcat instances on the same server > without virtualization or containerization. Each instance is executed from > its own folder tree and listens on its own unique TCP port. Each instance > will run code that connects to a backend database server to send queries > that are triggered by JSP calls from users. We’ve done this successfully > with up to 120 instances of tomcat running on the same server while > avoiding the overhead of virtualization and the complexity of containers. > Based on our experience over the past decade, we know that we could > potentially host 500 or more separate tomcat instances on the same server > without running into performance problems. So now we want to make it 500 > parallel instances. > > > > Here’s the problem. When tomcat initiates an outbound connection (for > example, with Connector/J to query a backend database) it establishes a > socket, and the socket has a client port. With thousands of users making > requests that require the tomcat services to query back end databases, the > OS can easily run out of available client ports to allocate to sockets. To > avoid that problem, we can assign multiple IPs to the server and use the > localSocketAddress property of Connector/J to group tomcats such that only > a subset of them each use the same source IP. Then each group will have its > own range of 64,000-ish client ports. I’ve tested this and it works. > > > > My question is, is there a better way? > > > > > > <113> > > > Disclaimer : This email and any files transmitted with it are confidential > and intended solely for intended recipients. If you are not the named > addressee you should not disseminate, distribute, copy or alter this email. > Any views or opinions presented in this email are solely those of the > author and might not represent those of Physician Select Management. > Warning: Although Physician Select Management has taken reasonable > precautions to ensure no viruses are present in this email, the company > cannot accept responsibility for any loss or damage arising from the use of > this email or attachments. >
Re: log4j
Also, it may make more sense to code log4j into your app. If you change servers the logging goes with it. Best, J On Fri, May 18, 2018 at 8:06 AM M. Mannawrote: > Hi Chris, > > How r u planning to use Log4j (or log4j2, which solves a lot of performance > issues for 1.2.x)? > > Are you bridging with SLF4J or or using directly? > > All log4j configuration are automatically discovered and configured > provided that you have set up your appplication log4j properties file > correctly. > > Tomcat doesn't do anything specific to log4j-related setup. There is a > logging properties file in /conf/ which are for JULI logging, as a bare > minimum OOB setup for catalina. > > If you can perhaps clarify your use case, others can advise better. > > regards, > > On 18 May 2018 at 14:49, Cheltenham, Chris > wrote: > > > Hello, > > > > > > > > How do I configure Tomcat 8.5.x to use log4j? > > > > > > > > Is there a good document to follow? > > > > > > > > I am not very familiar with java but it looks like you configure to logs > > to accept java logging for Tomcat. > > > > > > > > > > > > === > > > > Thank You; > > > > Chris Cheltenham > > Technology Services > > The School District of Philadelphia > > > > Work # 215-400-5025 > > Cell # 215-301-6571 > > >
Does StandardWrapperValve create new instances of servlets?
I am studying the following diagram: https://tomcat.apache.org/tomcat-9.0-doc/architecture/ requestProcess/request-process.png And I have the following question: is StandardWrapperValve in charge of creating new instances of servlets? If I wanted to intercept servlet instance(s) prior to service, am I looking the right place? Thanks a lot!