Re: AJP vs HTTP connectors?
Eric B. wrote: I was listening to a webinar on spring source by Filip Hanik Mark Thomas regarding tuning Tomcat for production in which they indicate that the Http connector is recommended vs an AJP connector (http://www.springsource.com/node/555). I downloaded this webinar and watched/listened to it yesterday. It was excellent. Thanks Filip and Mark. I found it very informative and plan to use the things I learned from it. The only downside is that since the site requires you have to give your info, you get marketing email from SpringSource. I should have given a bogus email address but I didn't think to. We don't use Spring here. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: AJP vs HTTP connectors?
Hi all. Jumping in a bit late, but... You have 3 options for plugging TC into Apache's URL space: 1. mod_proxy + mod_proxy_http 2. mod_proxy + mod_proxy_ajp 3. mod_jk Solution 1 is a simple proxy, works like a charm, except for one thing - it WILL NOT give you the identity of authenticated user. So, if you are using Apache for some fancy (or less fancy) authentication, TC will know nothing about it. The connection will be from Apache web server, as far as TC can say. Options 2 and 3 WILL pass the information about authenticated user (if any), so you will be able to issue request.getRemoteUser() and get user identifier, whatever it is. Option 2 is prefered, as of late, for it's setup simplicity, but I'm not sure where it stands in regard to balancing. mod_jk is relatively more complex to setup, but it gives a bit more control. Do you need the control is questionable. I've seen both 2 and 3 work OK. Nix. From: Caldarale, Charles R chuck.caldar...@unisys.com To: Tomcat Users List users@tomcat.apache.org Sent: Monday, February 2, 2009 10:12:57 PM Subject: RE: AJP vs HTTP connectors? From: Gregor Schneider [mailto:rc4...@googlemail.com] Subject: Re: AJP vs HTTP connectors? hm, since I'd like to avoid to browse through the whole webinar: what are the benefits / advantages / disadvantages? I'd like to know as well, since I watched the same webinar when it was presented, and don't remember anything specific about not using AJP. (Or maybe I just tuned that part out.) - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: AJP vs HTTP connectors?
On 02.02.2009 21:20, Eric B. wrote: I was listening to a webinar on spring source by Filip Hanik Mark Thomas regarding tuning Tomcat for production in which they indicate that the Http connector is recommended vs an AJP connector (http://www.springsource.com/node/555). My question, then becomes, if someone wants to use Tomcat to serve up pages behind Apache Httpd, how to configure it to use the http connector? So far, the only thing I found is to use proxy/reverse proxy which is slow and can be problematic. To date, I've always been using mod_jk with AJP connector, but is there a better/preferred way to do this? I'll make a couple of comments, but keep in mind that I might be biased towards mod_jk. Historically a few years ago Mladen Turk, who at that time more or less was the only remaining active committer on mod_jk and who is also a committer to httpd, initiated porting mod_jk to the mod_proxy framework, which he did as I remember mostly together with Jean Frederic Clere. Some initial goals were: a) creating a bigger developer community b) making the module available by default with httpd c) creating a more unified configuration style d) making the code easier by using the APR libraries Goals a), c) and d) have been achieved. Concerning b) one can have some doubts, because although all configuration is done in httpd style configuration files, you also end up with long attribute lists when actually defining the workers. The configuration complexity for complex production environments doesn't go away. Another thing turned out to be more important: The porting to mod_proxy was done at about the time of version 1.2.15 of mod_jk and got its first production release with httpd 2.2.0. Now the release policy of httpd has to be very conservative. The thing runs the majority of the web and you really need to be very careful not breaking it. So any bundled evmodule can only improve very slowly once it is in a production release of httpd. This changes whenever httpd gets a major update, like expected this year (2.4 comes closer). On the contrary I had the opportunity to join Mladen in the development of mod_jk shortly after the mod_proxy_ajp port, and together we were able to add a lot of features and to release a lot of versions. Triggered by this improved dynamics more developers contributed enhancements and patches. So we are now at version 1.2.27, though release pace somewhat slowed down recently. So though mod_jk and mod_proxy_ajp/mod_proxy_balancer once were very close, mod_jk moved faster. Don't get me wrong: a lot of people were happy with mod_jk 1.2.15 and are very happy with mod_proxy_ajp. Especially if your setup doesn't get too complex and if you already have some basic familiarity with mod_proxy, it's a good choice. I hope we will find time to merge back our mod_jk improvements to mod_proxy before 2.4 gets released. mod_jk can still be the faster moving target, but it would be nice to merge back soon. So what does all that mean? I expect that neither mod_proxy_http, nor mod_proxy_ajp or mod_jk do differ very much in performance on modern hardware. I think the differences in robustness are not very huge. mod_jk has some more features, but in simple setups you won't need them. Whichever way you go, for a good result you really need to read carefully through the various configuration options and try to understand the consequences. None of the modules provides an excellent result in a high-performance or complex architecture situation by default. At the end it comes down to knowledge. BTW: This is the Tomcat users list. People here might be a bit more focused towards mod_jk. You can also ask around on the httpd list to check out the opinion of that community. Regards, Rainer - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: AJP vs HTTP connectors?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Filip, Filip Hanik - Dev Lists wrote: So if you are using something that is working, don't even consider switching just cause some dude on a webinar told you so. Yeah, especially some dude named ... oh, wait. ;) Care to comment on an as-yet-unconfigured system? For instance, if you were starting from scratch, would you recommend one approach to the other, and why? Thanks, - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkmLbMUACgkQ9CaO5/Lv0PBP6QCeOdr41fJj0np/uLNTxnghIE0E SBIAnAmLtjDB9oKqXhHzYy9yzC4HTVOJ =bi6o -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: AJP vs HTTP connectors?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Mark, Mark Thomas wrote: The (very) short version is: mod_proxy_ajp is not as stable as mod_jk. I'm a longtime user of mod_jk and, having had the unfortunate experience of trying to migrate from mod_jk to mod_proxy_ajp, I can say that mod_proxy_ajp is either not able to be configured in such complex ways, or the configuration is different enough as to be unintelligible by a seasoned mod_jk user. I suspect that use of mod_proxy_http is likely to give you the same problems with a complex configuration. Specifically, I need to map some URI patterns to one Tomcat instance, while mapping other URIs within the same URI space (like /foo/bar/bas.do to one Tomcat and then /foo/*.do to some other one), and I was unable to get this working with mod_proxy_ajp. Since the configuration for mod_proxy_ajp and mod_proxy_http are virtually the same (except for the use of the ajp:// protocol), I suspect the same thing to be true for mod_proxy_http. - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkmLbk8ACgkQ9CaO5/Lv0PCvxQCZAVxuL4EngfoRoiUHxwUkI3yX AiwAn3UymHzguxdRxyB6yk68E687Z7kY =fxmx -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: AJP vs HTTP connectors?
-Original Message- From: André Warnier [mailto:a...@ice-sa.com] Sent: 03 February 2009 19:35 To: Tomcat Users List Subject: Re: AJP vs HTTP connectors? Hi. Maybe slightly off-topic, but having a moment of blues and lack of inspiration/motivation about working on what I should really be working on, and just in the spirit of communicating a user experience... We have also been very happy with modjk and it has always just worked for us. It allows us a lot of configuration flexibility as well as the ability to programmatically stop start load balancer worker members via the web interface. I have utilized this to write a deployment script that disables a node while upgrading it giving us zero downtime and zero errors. On a good day we process about 7M transactions on one of our clusters and modjk works don't even break a sweat under this volume. CPU usage is also so low as to be legible on the apache host. I believe modjk is also the recommended connector by JBoss for JBoss-Apachehttpd interaction. The support on the list is excellent. Regards __ This email has been scanned by the MessageLabs Email Security System. For more information please visit http://www.messagelabs.com/email __ - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: AJP vs HTTP connectors?
I have a Tomcat cluster with mod_jk and another one with mod_proxy_http, and I'm quite happy with both. Just in case somebody is interested, this guy wrote a blog post about configuring apache with mod_proxy_http: http://www.darkcoding.net/software/goodbye-mod_jk-hello-mod_proxy/ Although he says goodbye mod_jk, hello mod_proxy, he doesn't really justify why... On Tue, 2009-02-03 at 20:34 +0100, André Warnier wrote: Hi. Maybe slightly off-topic, but having a moment of blues and lack of inspiration/motivation about working on what I should really be working on, and just in the spirit of communicating a user experience... We are using Apache and Tomcat to provide an application, both on-site and in ASP mode, in total on about 50 different hosts right now. Our Apache/Tomcat setup is quite simple, and in fact just about the only original reason for which we are using Tomcat, is that one part of our application, which we get from another supplier, requires it as part of the interface to a back-end database system. What we do on that database system is demanding from a system point of view, but not really stressful from a Tomcat or Apache/Tomcat connector point of view. By that I mean that we do not have thousands of concurrent requests to Tomcat, it's more like 10-100 at the most. Neither do we need load-balancing or anything sophisticated like that, and we usually run just one Apache and one Tomcat on a single host. (Not always, just most of the time). We run this about 80% under Linux, 10% other Unixes, 10% Windows. Because we started this several years ago, we use mod_jk 1.2.x as a connector, as it was then the only connector available, and the setup was the same under Windows and Unix/Linux. All of this to say that in all these years, I guess a reasonable number of hundreds of thousands (or millions) of requests have been processed through mod_jk, and we have never had any significant problem with it. I had a problem a couple of months ago, due to a valid but peculiar configuration of mine (I tend to use SetHandler jakarta-servlet in Apache, rather than the more usual JkMount); I submitted the problem on this list and it elicited an immediate response, and a fix by Rainer Jung within the next 24h (at the most). Even more recently, I had a customer problem in which basically mod_jk was not involved at all, but where the mod_jk log proved a very valuable source for tracking down the problem, and this list also proved a valuable source of information and suggestions. I have had a look at mod_proxy_ajp, but did not find the available documentation very enlightening, nor the potential gains evident, and since indeed it seems to use the same AJP connector on the Tomcat side, and since we are basically happy with mod_jk, and since I am a great believer in the wisdom of the if it ain't broke, don't fix it maxim, I did not really pursue it very deeply. That is not to say that mod_proxy_ajp is not good, I just never tried it. Of course all that is also not to say that mod_jk might not be the right tool in other circumstances. But as far as we are concerned, I would state it like this : if a customer would come to us saying that they had a problem with our application, the mod_jk module would be among the very last pieces which I would suspect of being involved in the problem. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org -- Pieter Temmerman email: ptemmerman@sadiel.es skype: ptemmerman.sadiel SADIEL TECNOLOGÍAS DE LA INFORMACIÓN, S.A. http://www.sadiel.es. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: AJP vs HTTP connectors?
Mark Thomas ma...@apache.org wrote in message news:4987ccc4.3080...@apache.org... The (very) short version is: mod_proxy_ajp is not as stable as mod_jk. mod_jk and mod_proxy_http are prety much neck and neck. mod_proxy_http has a very slight edge on average but on a case by case basis either may be the better choice. Is there any documentation / howtos available for securely setting up mod_proxy_http and/or mod_proxy_ajp with tomcat? The little that I know/remember about mod_proxy_http is that if you're not careful, you can end up with some major security holes in your installation. I did a quick cursory search and found enormous references to setting up mod_jk; there doesn't seem to be as much ref material for either mod_proxy_http or mod_proxy_ajp. However, all this begs the question - what is the difference between mod_jk which communicates via AJP and mod_proxy_ajp? Doesn't mod_proxy_ajp just communicate via the AJP protocol as well? In which case, isn't that tantamount to having the same issues/considerations as the AJP protocol in the first place? Thanks, Eric - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: AJP vs HTTP connectors?
Filip Hanik - Dev Lists devli...@hanik.com wrote in message news:49876e0d.4020...@hanik.com... first and foremost, always apply ol' grandpa's logic The famous quote is if it ain't broke, don't fix it So if you are using something that is working, don't even consider switching just cause some dude on a webinar told you so. Under most circumstances, I would agree with you. But given that it was Mark Thomas, and not just some dude, giving the webinar, I didn't disregard it. Eric - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: AJP vs HTTP connectors?
On Tue, Feb 3, 2009 at 7:38 AM, Eric B. ebe...@hotmail.com wrote: Is there any documentation / howtos available for securely setting up mod_proxy_http and/or mod_proxy_ajp with tomcat? The little that I know/remember about mod_proxy_http is that if you're not careful, you can end up with some major security holes in your installation. Do you have any references to substantiate that? Because a quick google turns up *one* reference to a DoS attack vulnerability in Apache httpd 2.0 -- which requires the attacker to *own* the system being proxied to, an unlikely scenario IMHO. And for the record I prefer mod_proxy_http because I can monitor all active production connectors with standard http requests using e.g. Nagios, as well as manually check with a browser. So I'd definitely be interested in hearing more about any other known vulnerabilities. H* -- Hassan Schroeder hassan.schroe...@gmail.com - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: AJP vs HTTP connectors?
Hassan Schroeder hassan.schroe...@gmail.com wrote in message news:4eedb92a0902030808n399c1107x90207c3edb9d9...@mail.gmail.com... On Tue, Feb 3, 2009 at 7:38 AM, Eric B. ebe...@hotmail.com wrote: Is there any documentation / howtos available for securely setting up mod_proxy_http and/or mod_proxy_ajp with tomcat? The little that I know/remember about mod_proxy_http is that if you're not careful, you can end up with some major security holes in your installation. Do you have any references to substantiate that? Offhand, no. I played with mod_proxy a couple of years ago for some project (don't even remember what), and at the time, remember reading that incorrectly configuring it could be hazardous. More specifically than that, my memory fails. It is very possible that whatever security issues there were have been resolved. Unless anyone else has any knowledge about this? Thanks, Eric - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: AJP vs HTTP connectors?
Hi. Maybe slightly off-topic, but having a moment of blues and lack of inspiration/motivation about working on what I should really be working on, and just in the spirit of communicating a user experience... We are using Apache and Tomcat to provide an application, both on-site and in ASP mode, in total on about 50 different hosts right now. Our Apache/Tomcat setup is quite simple, and in fact just about the only original reason for which we are using Tomcat, is that one part of our application, which we get from another supplier, requires it as part of the interface to a back-end database system. What we do on that database system is demanding from a system point of view, but not really stressful from a Tomcat or Apache/Tomcat connector point of view. By that I mean that we do not have thousands of concurrent requests to Tomcat, it's more like 10-100 at the most. Neither do we need load-balancing or anything sophisticated like that, and we usually run just one Apache and one Tomcat on a single host. (Not always, just most of the time). We run this about 80% under Linux, 10% other Unixes, 10% Windows. Because we started this several years ago, we use mod_jk 1.2.x as a connector, as it was then the only connector available, and the setup was the same under Windows and Unix/Linux. All of this to say that in all these years, I guess a reasonable number of hundreds of thousands (or millions) of requests have been processed through mod_jk, and we have never had any significant problem with it. I had a problem a couple of months ago, due to a valid but peculiar configuration of mine (I tend to use SetHandler jakarta-servlet in Apache, rather than the more usual JkMount); I submitted the problem on this list and it elicited an immediate response, and a fix by Rainer Jung within the next 24h (at the most). Even more recently, I had a customer problem in which basically mod_jk was not involved at all, but where the mod_jk log proved a very valuable source for tracking down the problem, and this list also proved a valuable source of information and suggestions. I have had a look at mod_proxy_ajp, but did not find the available documentation very enlightening, nor the potential gains evident, and since indeed it seems to use the same AJP connector on the Tomcat side, and since we are basically happy with mod_jk, and since I am a great believer in the wisdom of the if it ain't broke, don't fix it maxim, I did not really pursue it very deeply. That is not to say that mod_proxy_ajp is not good, I just never tried it. Of course all that is also not to say that mod_jk might not be the right tool in other circumstances. But as far as we are concerned, I would state it like this : if a customer would come to us saying that they had a problem with our application, the mod_jk module would be among the very last pieces which I would suspect of being involved in the problem. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: AJP vs HTTP connectors?
Eric B. wrote: Filip Hanik - Dev Lists devli...@hanik.com wrote in message news:49876e0d.4020...@hanik.com... first and foremost, always apply ol' grandpa's logic The famous quote is if it ain't broke, don't fix it So if you are using something that is working, don't even consider switching just cause some dude on a webinar told you so. Under most circumstances, I would agree with you. But given that it was Mark Thomas, and not just some dude, giving the webinar, I didn't disregard it. Thanks for the vote of confidence. If memory serves me correctly, Filip gave that webinar with me (or it might have been one of the ones where I did Europe and he did the US). Anyway, Filip makes a very good point. If it ain't broke, don't fix it should be the first consideration. Mark - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: AJP vs HTTP connectors?
Eric B. wrote: However, all this begs the question - what is the difference between mod_jk which communicates via AJP and mod_proxy_ajp? Doesn't mod_proxy_ajp just communicate via the AJP protocol as well? In which case, isn't that tantamount to having the same issues/considerations as the AJP protocol in the first place? I don't tend to work on the mod_jk / mod_proxy_ajp code so others will be able to give you more detail. mod_proxy_ajp is a port of mod_jk to the mod_proxy_* framework. It added mod_proxy_balancer and mod_proxy_ajp. Both use the AJP protocol and the Tomcat connector is exactly the same. The main issue is that bugs tend to get fixed faster in mod_jk so it is generally more stable. That said, the code changes faster in mod_jk so there is also a greater risk of a regression. Overall, general experience to date has shown mod_jk to be a better choice than mod_proxy_ajp. Mark - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: AJP vs HTTP connectors?
Eric B. wrote: My question, then becomes, if someone wants to use Tomcat to serve up pages behind Apache Httpd, how to configure it to use the http connector? So far, the only thing I found is to use proxy/reverse proxy which is slow and can be problematic. To date, I've always been using mod_jk with AJP connector, but is there a better/preferred way to do this? Use mod_proxy (mod_proxy_http specifically). - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: AJP vs HTTP connectors?
hm, since I'd like to avoid to browse through the whole webinar: what are the benefits / advantages / disadvantages? actually we've been quite happy with mod_jk, that's why I'm wondering Rgds Gregor -- just because your paranoid, doesn't mean they're not after you... gpgp-fp: 79A84FA526807026795E4209D3B3FE028B3170B2 gpgp-key available @ http://pgpkeys.pca.dfn.de:11371 - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: AJP vs HTTP connectors?
From: Gregor Schneider [mailto:rc4...@googlemail.com] Subject: Re: AJP vs HTTP connectors? hm, since I'd like to avoid to browse through the whole webinar: what are the benefits / advantages / disadvantages? I'd like to know as well, since I watched the same webinar when it was presented, and don't remember anything specific about not using AJP. (Or maybe I just tuned that part out.) - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: AJP vs HTTP connectors?
Gregor Schneider rc4...@googlemail.com wrote in message news:a2d59f0d0902021308v6f80a37btca0380933436c...@mail.gmail.com... hm, since I'd like to avoid to browse through the whole webinar: what are the benefits / advantages / disadvantages? actually we've been quite happy with mod_jk, that's why I'm wondering That's why I'm wondering the same thing as well. They don't say much except that AJP is less configurable and more difficult to debug since it is a binary protocol, it doesn't perform any better than the HTTP/1.1 protocol and that they do not recommend its use. Other than that, they don't say much about it, so I find myself wondering as well. I've been using mod_jk for several years now, but am looking at a brand new deployment (new servers, new app, new cluster, etc), so I was wondering myself if it was worth looking at different ways to connect to apache. The only other thing I found was mod_proxy, but from what I gathered quickly, is that it is not as reliable and slower. Anyone have any ideas? Thanks, Eric - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: AJP vs HTTP connectors?
What I do now is that mod_proxy is not all that easy to configure and offers quite some possibilities to open a leak if you don't know exactly what you're doing. Besides, I'm not aware that mod_proxy offers any loadbalancing features, but maybe I'm missing something here. And, last not least: Rainer Jung, one of the maintainers (the maintainer?) of mod_jk is within this list is gives a superb support, and updates to mod_jk are deployed on a very frequent basis. Therefore, for me no reason at all to change a running system. A new system I've setup recently now runs completely without Apache HTTPD, therefore using the APR, so no need for either one of mod_proxy or mod_jk (ok: we've got a hardware-loadbalancer ;) ) Rgds Gregor -- just because your paranoid, doesn't mean they're not after you... gpgp-fp: 79A84FA526807026795E4209D3B3FE028B3170B2 gpgp-key available @ http://pgpkeys.pca.dfn.de:11371 - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: AJP vs HTTP connectors?
argl... - 4gimme my typos - I need an after-editor for this mailinglist - duuuh...! -- just because your paranoid, doesn't mean they're not after you... gpgp-fp: 79A84FA526807026795E4209D3B3FE028B3170B2 gpgp-key available @ http://pgpkeys.pca.dfn.de:11371 - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: AJP vs HTTP connectors?
first and foremost, always apply ol' grandpa's logic The famous quote is if it ain't broke, don't fix it So if you are using something that is working, don't even consider switching just cause some dude on a webinar told you so. That should take you 90% of the way. The rest is understanding the technology. Filip Caldarale, Charles R wrote: From: Gregor Schneider [mailto:rc4...@googlemail.com] Subject: Re: AJP vs HTTP connectors? hm, since I'd like to avoid to browse through the whole webinar: what are the benefits / advantages / disadvantages? I'd like to know as well, since I watched the same webinar when it was presented, and don't remember anything specific about not using AJP. (Or maybe I just tuned that part out.) - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: AJP vs HTTP connectors?
uhm, basically you're right, however, i wouldn't consider mark thomas some dude ;) rgds gregor Am 02.02.2009 um 23:05 schrieb Filip Hanik - Dev Lists devli...@hanik.com : first and foremost, always apply ol' grandpa's logic The famous quote is if it ain't broke, don't fix it So if you are using something that is working, don't even consider switching just cause some dude on a webinar told you so. That should take you 90% of the way. The rest is understanding the technology. Filip Caldarale, Charles R wrote: From: Gregor Schneider [mailto:rc4...@googlemail.com] Subject: Re: AJP vs HTTP connectors? hm, since I'd like to avoid to browse through the whole webinar: what are the benefits / advantages / disadvantages? I'd like to know as well, since I watched the same webinar when it was presented, and don't remember anything specific about not using AJP. (Or maybe I just tuned that part out.) - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: AJP vs HTTP connectors?
Eric B. wrote: Gregor Schneider rc4...@googlemail.com wrote in message news:a2d59f0d0902021308v6f80a37btca0380933436c...@mail.gmail.com... hm, since I'd like to avoid to browse through the whole webinar: what are the benefits / advantages / disadvantages? actually we've been quite happy with mod_jk, that's why I'm wondering That's why I'm wondering the same thing as well. They don't say much except that AJP is less configurable and more difficult to debug since it is a binary protocol, it doesn't perform any better than the HTTP/1.1 protocol and that they do not recommend its use. Other than that, they don't say much about it, so I find myself wondering as well. I've been using mod_jk for several years now, but am looking at a brand new deployment (new servers, new app, new cluster, etc), so I was wondering myself if it was worth looking at different ways to connect to apache. The only other thing I found was mod_proxy, but from what I gathered quickly, is that it is not as reliable and slower. Anyone have any ideas? The (very) short version is: mod_proxy_ajp is not as stable as mod_jk. mod_jk and mod_proxy_http are prety much neck and neck. mod_proxy_http has a very slight edge on average but on a case by case basis either may be the better choice. Of course, as mod_proxy_ajp improves the balance will change. For the record I used mod_proxy_ajp quite happily with httpd and a two node Tomcat cluster on a production system without any issues for over a year in a previous job. In the end, YMMV - use what works for you. Mark - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
