Re: Using EL expressions in an ObjectFactory
On 20/09/2013 02:38, Esmond Pitt wrote: Mark Can I direct your attention to java.beans.Statement and java.beans.Expression. They already do all the matching you're talking about. I took a look (I even committed it [1]) and they do work well apart from the handling of varargs. For example foo.bar(a, b, c, d) is not matched to Foo.bar(String, String...) Unfortunately, we need the vararg handling and I couldn't see an easy way to get this to work so I reverted the change and went back to the manual matching. I'd be very happy to see this working. If someone wants to look at the patch below and see if they can tweak it so all the unit tests pass then I'd be happy to take another look. Mark [1] http://svn.apache.org/r1523988 EJP Forward to the list as per Marks' request. -Original Message- From: Mark Thomas [mailto:ma...@apache.org] Sent: Tuesday, 17 September 2013 12:02 AM To: Tomcat Users List Subject: Re: Using EL expressions in an ObjectFactory On 16/09/2013 14:43, Xavier Dury wrote: I built tomcat from trunk (rev 1523639) and I'm having the same issue I had with glassfish EL implementation when using overloaded methods: javax.el.ELException: Cannot convert ./ of type class java.lang.String to class java.net.URI at org.apache.el.lang.ELSupport.coerceToType(ELSupport.java:482) at org.apache.el.ExpressionFactoryImpl.coerceToType(ExpressionFactoryImpl.java: 48) at javax.el.ELContext.convertToType(ELContext.java:473) at org.apache.el.lang.EvaluationContext.convertToType(EvaluationContext.java:15 5) at javax.el.ELUtil.invokeConstructor(ELUtil.java:261) at javax.el.StaticFieldELResolver.invoke(StaticFieldELResolver.java:203) at javax.el.CompositeELResolver.invoke(CompositeELResolver.java:256) at org.apache.el.parser.AstFunction.getValue(AstFunction.java:138) at org.apache.el.ValueExpressionImpl.getValue(ValueExpressionImpl.java:188) at javax.el.ELProcessor.getValue(ELProcessor.java:129) at javax.el.ELProcessor.eval(ELProcessor.java:115) at org.apache.naming.factory.ExpressionFactoryTest.elImplementationShould Work(ExpressionFactoryTest.java:43) So I guess it's normal behaviour, isn't it? I don't think EL spec does mandate implementations to make their best effort to find a suitable method when invoking overloaded methods. My intention with the Tomcat EL implementation is to replicate, as far as possible, the matching process that the Java compiler uses. If you open a bug and include a test case along the lines of this one[1], I'll take a look. Mark [1] http://svn.apache.org/viewvc/tomcat/trunk/test/javax/el/TestUtil.java?view=a nnotate - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: mod_jk not changes IP of hostname when occurs changing of IP on DNS
Tiago Braga wrote: In apache, the module mod_jk not changes IP of hostname when occurs changing of IP on DNS. Version of apache: Server version: Apache/2.2.15 (Unix) Server built: Aug 2 2013 08:02:15 Version mod_jk: 1.2.37 Example: workers.properties worker.portalconsultoras_prd.type=ajp13 worker.portalconsultoras_prd.host=hostexample.com.br worker.portalconsultoras_prd.port=8009 This configuration works fine. But, when occurs change ip in the host name in DNS, the module md_jk starts fail to connect. Follow below the log of mod_jk: [Wed Sep 18 12:00:33 2013] [5315:140659824723936] [info] jk_open_socket::jk_connect.c (627): connect to 107.xx.xx.220:8009 failed (errno=115) [Wed Sep 18 12:00:33 2013] [5315:140659824723936] [info] ajp_connect_to_endpoint::jk_ajp_common.c (995): Failed opening socket to (107.xx.xxx.220:8009) (errno=115) [Wed Sep 18 12:00:33 2013] [5315:140659824723936] [error] ajp_send_request::jk_ajp_common.c (1630): (portalconsultoras_prd) connecting to backend failed. Tomcat is probably not started or is listening on the wrong port (errno=115) I would like a configuration of apache that avoid this problem. Looking for the solutions in google, have turn on the HostnameLookups, but is inefficient. .. and has nothing to do at all with the issue that you have. HostnameLookups (in Apache httpd), as far as I remember, is only for logging the *origin* of a request. The basic issue here is this : The mod_jk connector is written in such a way that it is very fast in transmitting requests from Apache httpd to Tomcat (we are talking ms or less). If each time it transmits a request to Tomcat, it had to do a DNS lookup before, this would be terrible for performance (a DNS lookup can take many many milliseconds). So it does not do that. With your configuration, it does a lookup once, when it reads its configuration, and then it caches the result (the IP address) and re-uses that cached IP address for all subsequent requests. There is nothing that you should or could change about that, otherwise the response time of your application is going to be just terrible. Now the question becomes another one : it is quite unusual for a Tomcat server (and any server) to be bound to an IP address that changes. Why is that the case here ? Explain your configuration and the context a bit more, if you want better help. Note : as a shortcut, if both your Apache httpd and your Tomcat are on the same host, then just do this : worker.portalconsultoras_prd.host=127.0.0.1 (and make sure that the AJP Connector in Tomcat is listening on that address). - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
setenv.sh issue
Hi All, When i am declaring variables in my $CATALINA_BASE/bin/setenv.sh file , they are not getting exported :- eg:- export NAME=e1 export ID=22 But when i am declaring the same variables in $CATALINA_BASE/bin/startup.sh in following manner these are getting exported properly:- eg:- export CATALINA_OPTS=-DNAME=e1 -DID=22 Kindly suggest what is the issue in this thanks Vicky
Re: setenv.sh issue
Vicky, On 20.9.2013 11:32, vicky wrote: Hi All, When i am declaring variables in my $CATALINA_BASE/bin/setenv.sh file , they are not getting exported :- eg:- export NAME=e1 export ID=22 But when i am declaring the same variables in $CATALINA_BASE/bin/startup.sh in following manner these are getting exported properly:- eg:- export CATALINA_OPTS=-DNAME=e1 -DID=22 Kindly suggest what is the issue in this When you say varibles, do you mean Java system properties or OS environment variables? If you need to set Java system properties, use: export CATALINA_OPTS=-DNAME=e1 -DID=22 If you want to export OS environment variables use: export NAME=e1 export ID=22 In either way, refrain from modifying startup.sh, but use setenv.sh. Regards, Ognjen - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: setenv.sh issue
Thanks Ognjen . I need to set certain application specific enviornment variables ,pls suggest what is the best way of doing that. eg:- configuring enviornment variable for LOG4j file path eg:export path=/tc/amps/logs does above entry will be sufficient for defining in setenv.sh Thanks Vicky From: Ognjen Blagojevic ognjen.d.blagoje...@gmail.com To: Tomcat Users List users@tomcat.apache.org Sent: Friday, 20 September 2013 3:42 PM Subject: Re: setenv.sh issue Vicky, On 20.9.2013 11:32, vicky wrote: Hi All, When i am declaring variables in my $CATALINA_BASE/bin/setenv.sh file , they are not getting exported :- eg:- export NAME=e1 export ID=22 But when i am declaring the same variables in $CATALINA_BASE/bin/startup.sh in following manner these are getting exported properly:- eg:- export CATALINA_OPTS=-DNAME=e1 -DID=22 Kindly suggest what is the issue in this When you say varibles, do you mean Java system properties or OS environment variables? If you need to set Java system properties, use: export CATALINA_OPTS=-DNAME=e1 -DID=22 If you want to export OS environment variables use: export NAME=e1 export ID=22 In either way, refrain from modifying startup.sh, but use setenv.sh. Regards, Ognjen - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: Using EL expressions in an ObjectFactory
Hi, I updated the github project to use tomcat-jasper-el:8.0.0-RC3 (found here [1]). Now the maven project compiles and passes all tests out of the box (without resorting to build tomcat aside). [1] https://repository.apache.org/content/repositories/orgapachetomcat-080/ From: kal...@hotmail.com To: users@tomcat.apache.org Subject: RE: Using EL expressions in an ObjectFactory Date: Mon, 16 Sep 2013 16:34:20 +0200 I found the problem: I was using javax.el:javax.el-api:3.0.0 as EL api jar... now, if I use the el-api provided by tomcat, everything works fine. Xavier Subject: Re: Using EL expressions in an ObjectFactory From: dmik...@gopivotal.com Date: Mon, 16 Sep 2013 10:05:14 -0400 To: users@tomcat.apache.org On Sep 16, 2013, at 9:43 AM, Xavier Dury kal...@hotmail.com wrote: I built tomcat from trunk (rev 1523639) and I'm having the same issue I had with glassfish EL implementation when using overloaded methods: javax.el.ELException: Cannot convert ./ of type class java.lang.String to class java.net.URI at org.apache.el.lang.ELSupport.coerceToType(ELSupport.java:482) at org.apache.el.ExpressionFactoryImpl.coerceToType(ExpressionFactoryImpl.java:48) at javax.el.ELContext.convertToType(ELContext.java:473) at org.apache.el.lang.EvaluationContext.convertToType(EvaluationContext.java:155) at javax.el.ELUtil.invokeConstructor(ELUtil.java:261) at javax.el.StaticFieldELResolver.invoke(StaticFieldELResolver.java:203) at javax.el.CompositeELResolver.invoke(CompositeELResolver.java:256) at org.apache.el.parser.AstFunction.getValue(AstFunction.java:138) at org.apache.el.ValueExpressionImpl.getValue(ValueExpressionImpl.java:188) at javax.el.ELProcessor.getValue(ELProcessor.java:129) at javax.el.ELProcessor.eval(ELProcessor.java:115) at org.apache.naming.factory.ExpressionFactoryTest.elImplementationShouldWork(ExpressionFactoryTest.java:43) So I guess it's normal behaviour, isn't it? No. Your example works fine for me, rev# 1523651. public class ElFileTest { @Test public void testElAndFile() throws IOException { ELProcessor proc = new ELProcessor(); proc.getELManager().importClass(java.io.File); File f = (File) proc.eval(File('./')); Assert.assertEquals(new File(./).getCanonicalPath(), f.getCanonicalPath()); } } Dan I don't think EL spec does mandate implementations to make their best effort to find a suitable method when invoking overloaded methods. Xavier Subject: Re: Using EL expressions in an ObjectFactory From: dmik...@gopivotal.com Date: Mon, 16 Sep 2013 07:48:33 -0400 To: users@tomcat.apache.org On Sep 16, 2013, at 3:03 AM, Xavier Dury kal...@hotmail.com wrote: Hi, I switched to org.apache.tomcat:tomcat-jasper-el:8.0.0-RC1 as javax.el 3.0 implementation and tested with the following code: ELProcessor processor = new ELProcessor(); processor.getELManager().importClass(java.io.File); processor.eval(File('./')); but I get the following error: javax.el.ELException: Function ':File' not found at org.apache.el.parser.AstFunction.getValue(AstFunction.java:136) at org.apache.el.ValueExpressionImpl.getValue(ValueExpressionImpl.java:188) at javax.el.ELProcessor.getValue(ELProcessor.java:129) at javax.el.ELProcessor.eval(ELProcessor.java:115) at org.apache.naming.factory.ExpressionFactoryTest.elImplementationShouldWork(ExpressionFactoryTest.java:43) Are methods importClass, importStatic and importPackage on ELManager already implemented in apache EL? Sorry, I don't think I was clear enough in my last response. This does not work with Tomcat 8.0.0-RC1, but has been fixed (see the bug I referenced earlier). You'll need to either build and use Tomcat trunk or wait until the next RC release is available. Dan Regards, Xavier Subject: Re: Using EL expressions in an ObjectFactory From: dmik...@gopivotal.com Date: Fri, 13 Sep 2013 15:38:29 -0400 To: users@tomcat.apache.org On Sep 13, 2013, at 3:27 AM, Xavier Dury kal...@hotmail.com wrote: When I try the following: ELProcessor processor = new ELProcessor(); processor.getELManager().importClass(java.io.File); processor.eval(File('./')); I get javax.el.ELException: java.lang.IllegalArgumentException: Cannot convert ./ of type class java.lang.String to class java.net.URI. I'm using glassfish javax.el 3.0 implementation for my tests. Maybe the problem comes from this specific implementation. Yes, that would be the problem. I've noticed the same behavior w/GlassFish's EL 3.0 implementation. Try building Tomcat trunk and using it's implementation or using the next Tomcat 8 RC when it's available. Neither should have that problem. Dan Subject: Re: Using EL expressions in an ObjectFactory From: dmik...@gopivotal.com Date: Thu,
Re: mod_jk not changes IP of hostname when occurs changing of IP on DNS
Hi! Thank you very much for your help. I'm using the AWS. So, i created an instance Linux with Apache, that send request to ELB (Elastic Load Balance in AWS) by mod_jk, this ELB sends request to instance Linux with Jboss. The ELB contains a fix host, but the IP can change any time. Do you understand the my configuration? On Fri, Sep 20, 2013 at 5:17 AM, André Warnier a...@ice-sa.com wrote: Tiago Braga wrote: In apache, the module mod_jk not changes IP of hostname when occurs changing of IP on DNS. Version of apache: Server version: Apache/2.2.15 (Unix) Server built: Aug 2 2013 08:02:15 Version mod_jk: 1.2.37 Example: workers.properties worker.portalconsultoras_prd.**type=ajp13 worker.portalconsultoras_prd.**host=hostexample.com.br worker.portalconsultoras_prd.**port=8009 This configuration works fine. But, when occurs change ip in the host name in DNS, the module md_jk starts fail to connect. Follow below the log of mod_jk: [Wed Sep 18 12:00:33 2013] [5315:140659824723936] [info] jk_open_socket::jk_connect.c (627): connect to 107.xx.xx.220:8009 failed (errno=115) [Wed Sep 18 12:00:33 2013] [5315:140659824723936] [info] ajp_connect_to_endpoint::jk_**ajp_common.c (995): Failed opening socket to (107.xx.xxx.220:8009) (errno=115) [Wed Sep 18 12:00:33 2013] [5315:140659824723936] [error] ajp_send_request::jk_ajp_**common.c (1630): (portalconsultoras_prd) connecting to backend failed. Tomcat is probably not started or is listening on the wrong port (errno=115) I would like a configuration of apache that avoid this problem. Looking for the solutions in google, have turn on the HostnameLookups, but is inefficient. .. and has nothing to do at all with the issue that you have. HostnameLookups (in Apache httpd), as far as I remember, is only for logging the *origin* of a request. The basic issue here is this : The mod_jk connector is written in such a way that it is very fast in transmitting requests from Apache httpd to Tomcat (we are talking ms or less). If each time it transmits a request to Tomcat, it had to do a DNS lookup before, this would be terrible for performance (a DNS lookup can take many many milliseconds). So it does not do that. With your configuration, it does a lookup once, when it reads its configuration, and then it caches the result (the IP address) and re-uses that cached IP address for all subsequent requests. There is nothing that you should or could change about that, otherwise the response time of your application is going to be just terrible. Now the question becomes another one : it is quite unusual for a Tomcat server (and any server) to be bound to an IP address that changes. Why is that the case here ? Explain your configuration and the context a bit more, if you want better help. Note : as a shortcut, if both your Apache httpd and your Tomcat are on the same host, then just do this : worker.portalconsultoras_prd.**host=127.0.0.1 (and make sure that the AJP Connector in Tomcat is listening on that address). --**--**- To unsubscribe, e-mail: users-unsubscribe@tomcat.**apache.orgusers-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org -- Atenciosamente, Tiago Braga Machado
Re: MaxClients and maxThreads
Is this a hard limit ? So if there are 4 cores there can only be 800 concurrent clients. None of our banks is calculating this like this and some have Apache and JBoss on the same machine which further limits the threads. Appreciate any help. Thanks, Mohan From: mohan.radhakrish...@polarisft.com To: users@tomcat.apache.org Date: 09/19/2013 05:56 PM Subject:MaxClients and maxThreads Hi, I am following the instructions in https://access.redhat.com/site/articles/15786 to tune MaxClients in httpd.conf and maxThreads in JBoss Tomcat. The recommended value of maxThreads is 200 per CPU, so here we assume the server is a single core machine. If it had been quad core we could push that value to 800 or more depending on RAM and other machine specs. The total threads is an aggregate value. If Apache and JBOSS are on the same server, and that server has four cores, then you would halve the maxThreads and MaxClients to 400 each. I have this question. Does this mean that maxThreads and MaxClients should both be equal to each other ? My configuration is this. Machine 1 - JBoss and Apache(2 cores) Machine 2 - JBoss(2 cores) So even though Machine 2 can use about 400 threads(200 x 2 ) it is limited by MaxClients in Machine 1 which should be only 200. Is that correct ? It is a bottleneck. Thanks, Mohan This e-Mail may contain proprietary and confidential information and is sent for the intended recipient(s) only. If by an addressing or transmission error this mail has been misdirected to you, you are requested to delete this mail immediately. You are also hereby notified that any use, any form of reproduction, dissemination, copying, disclosure, modification, distribution and/or publication of this e-mail message, contents or its attachment other than by its intended recipient/s is strictly prohibited. Visit us at http://www.polarisFT.com This e-Mail may contain proprietary and confidential information and is sent for the intended recipient(s) only. If by an addressing or transmission error this mail has been misdirected to you, you are requested to delete this mail immediately. You are also hereby notified that any use, any form of reproduction, dissemination, copying, disclosure, modification, distribution and/or publication of this e-mail message, contents or its attachment other than by its intended recipient/s is strictly prohibited. Visit us at http://www.polarisFT.com
Re: MaxClients and maxThreads
On Sep 20, 2013, at 9:27 AM, mohan.radhakrish...@polarisft.com wrote: Is this a hard limit ? No. So if there are 4 cores there can only be 800 concurrent clients. None of our banks is calculating this like this and some have Apache and JBoss on the same machine which further limits the threads. Appreciate any help. Hi, I am following the instructions in https://access.redhat.com/site/articles/15786 to tune MaxClients in httpd.conf and maxThreads in JBoss Tomcat. The recommended value of maxThreads is 200 per CPU, so here we assume the server is a single core machine. If it had been quad core we could push that value to 800 or more depending on RAM and other machine specs. The total threads is an aggregate value. If Apache and JBOSS are on the same server, and that server has four cores, then you would halve the maxThreads and MaxClients to 400 each. Don't base your performance tuning on values you found in an article online. The author of this article has no idea what kind of hardware you are running, what your application is doing or what your needs are for the application. By these metrics, I should setup 800 threads on a quad core system, but if my application is only supporting 10 users that's way too many. Examine your needs, set the values you think will work and then load test to see how things perform. Adjust the settings further based on your load testing results. Dan I have this question. Does this mean that maxThreads and MaxClients should both be equal to each other ? My configuration is this. Machine 1 - JBoss and Apache(2 cores) Machine 2 - JBoss(2 cores) So even though Machine 2 can use about 400 threads(200 x 2 ) it is limited by MaxClients in Machine 1 which should be only 200. Is that correct ? It is a bottleneck. Thanks, Mohan This e-Mail may contain proprietary and confidential information and is sent for the intended recipient(s) only. If by an addressing or transmission error this mail has been misdirected to you, you are requested to delete this mail immediately. You are also hereby notified that any use, any form of reproduction, dissemination, copying, disclosure, modification, distribution and/or publication of this e-mail message, contents or its attachment other than by its intended recipient/s is strictly prohibited. Visit us at http://www.polarisFT.com This e-Mail may contain proprietary and confidential information and is sent for the intended recipient(s) only. If by an addressing or transmission error this mail has been misdirected to you, you are requested to delete this mail immediately. You are also hereby notified that any use, any form of reproduction, dissemination, copying, disclosure, modification, distribution and/or publication of this e-mail message, contents or its attachment other than by its intended recipient/s is strictly prohibited. Visit us at http://www.polarisFT.com - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: any update on an anticipated release date for 7.0.43?
-Original Message- From: Bob DeRemer [mailto:bob.dere...@thingworx.com] Sent: Tuesday, September 17, 2013 12:28 PM To: Tomcat Users List Subject: RE: any update on an anticipated release date for 7.0.43? -Original Message- From: Mark Thomas [mailto:ma...@apache.org] Sent: Tuesday, September 17, 2013 11:49 AM To: Tomcat Users List Subject: Re: any update on an anticipated release date for 7.0.43? On 17/09/2013 15:53, Bob DeRemer wrote: Has a decision (even tentative) been made on when 7.0.43 GA (w/ jsr 356) will release? Just curious if this will be before the end of September. The native release this was blocked by has now happened. Running the unit tests has identified a series of problems with WebSocket and the APR/native connector on Windows. I think these are fixed but I need to wait for the unit test runs to complete. Literally as I typed the last sentence the Windows tests finished and they passed. Woot! I'll be tagging 8.0.0-RC2 in the next few hours. I expect Violeta will be tagging 7.0.43 either later today or early tomorrow. Awesome - thx for the update! -bob Is it still looking good for a 7.0.43 release this week? I noticed nothing has been tagged yet, so didn't know if there were some problems uncovered that need to be fixed. thx Mark - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: any update on an anticipated release date for 7.0.43?
On Sep 20, 2013, at 9:18 AM, Bob DeRemer wrote: -Original Message- From: Bob DeRemer [mailto:bob.dere...@thingworx.com] Sent: Tuesday, September 17, 2013 12:28 PM To: Tomcat Users List Subject: RE: any update on an anticipated release date for 7.0.43? -Original Message- From: Mark Thomas [mailto:ma...@apache.org] Sent: Tuesday, September 17, 2013 11:49 AM To: Tomcat Users List Subject: Re: any update on an anticipated release date for 7.0.43? On 17/09/2013 15:53, Bob DeRemer wrote: Has a decision (even tentative) been made on when 7.0.43 GA (w/ jsr 356) will release? Just curious if this will be before the end of September. The native release this was blocked by has now happened. Running the unit tests has identified a series of problems with WebSocket and the APR/native connector on Windows. I think these are fixed but I need to wait for the unit test runs to complete. Literally as I typed the last sentence the Windows tests finished and they passed. Woot! I'll be tagging 8.0.0-RC2 in the next few hours. I expect Violeta will be tagging 7.0.43 either later today or early tomorrow. Awesome - thx for the update! -bob Is it still looking good for a 7.0.43 release this week? I noticed nothing has been tagged yet, so didn't know if there were some problems uncovered that need to be fixed. 7.0.43 was tagged about 6 hours before you sent this message :-): http://svn.apache.org/repos/asf/tomcat/tc7.0.x/tags/TOMCAT_7_0_43/ There is also currently a vote happening on the developer mailing list as to its stability and whether to release: http://tomcat.markmail.org/thread/yjx2p5n62k2mdcrt The Tomcat team encourages people willing to test proposed Tomcat releases before they are published to join the developer mailing list, download the proposed release, test it out, and report back any issues that they believe should block the release, if any, in the form of a non-binding vote on the release. Hope this helps, Nick smime.p7s Description: S/MIME cryptographic signature
Re: mod_jk not changes IP of hostname when occurs changing of IP on DNS
On 09/19/2013 06:41 PM, Tiago Braga wrote: In apache, the module mod_jk not changes IP of hostname when occurs changing of IP on DNS. Do a graceful restart of httpd when address changes. Unfortunately like some said, we can either do a DNS lookup every time which would be a performance disaster or cache it and reuse (like we do). So graceful restart will cache a new DNS address. Anyhow, I'd suggest you use fixed IP addresses for your backend servers anyhow. Regards -- ^TM - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
I want to redirect the https traffic of apache to tomcat. Such that we can configure SSL certificate on each tomcat instance.
Hi All Hope every one is doing good! Aim: I want to redirect the https traffic of apache to tomcat. Such that we can configure SSL certificate on each tomcat instance. Please Help me on this ASAP *1) **Configuration in /etc/httpd/conf/httpd.conf* Listen 174.132.121.115:80 http://174.132.121.115/ Listen 174.132.121.115:443 JkWorkersFile conf/workers.properties JkLogFile logs/mod_jk.log JkShmFile /var/log/httpd/mod_jk.shm JkWatchdogInterval 30 JkLogLevel info JkLogLevel debug JkExtractSSL On JkHTTPSIndicator HTTPS VirtualHost 174.132.121.115:80 http://174.132.121.115/ ServerAdmin ramara...@mmgs.com ServerName 174.132.121.115 JkMount / loadbalancer JkMount /* loadbalancer JkMount /status jkstatus /VirtualHost VirtualHost 174.132.121.115:443 ServerName 174.132.121.115 JkMount / loadbalancerssl JkMount /* loadbalancerssl SetEnv JkHTTPSIndicator On JkMount /status jkstatus JkOptions +ForwardKeySize +ForwardURICompat -ForwardDirectories /VirtualHost *2) **Configuration in /etc/httpd/conf/workers.properties* worker.list=loadbalancer,jkstatus,loadbalancerssl #Configuration to Show Status of Load balancer worker.jkstatus.type=status #Trippro BE Load Balancer Nodes worker.tpbe1.type=ajp13 worker.tpbe1.host=174.132.121.115 worker.tpbe1.port=8023 worker.tpbe1.lbfactor=1 worker.tpbe1.socket_timeout=210 worker.tpbe2.type=ajp13 worker.tpbe2.host=174.132.121.115 worker.tpbe2.port=8028 worker.tpbe2.lbfactor=1 worker.tpbe2.socket_timeout=210 worker.tpbe1ssl.type=ajp13 worker.tpbe1ssl.host=174.132.121.115 worker.tpbe1ssl.port=8022 worker.tpbe1ssl.lbfactor=1 worker.tpbe1ssl.socket_timeout=210 worker.tpbe2ssl.type=ajp13 worker.tpbe2ssl.host=174.132.121.115 worker.tpbe2ssl.port=8027 worker.tpbe2ssl.lbfactor=1 worker.tpbe2ssl.socket_timeout=210 3) Tomcat Configuration a) TBE1 Tomcat Instance Server.xml config !-- Define an AJP 1.3 Connector on port 8023 for http traffic-- Connector port=8023 address=174.132.121.115 protocol=AJP/1.3 redirectPort=8022 / !-- Define an AJP 1.3 Connector on port 8024 for https traffic-- Connector port=8022 protocol=AJP/1.3 maxThreads=500 scheme=https secure=true SSLEnabled=true connectionTimeout=6 proxyPort=443 keystoreFile=/opt/certificates/star-trippro/trippro.keystore keystorePass=Tr!pPro clientAuth=false sslProtocol=TLS/ Engine name=Catalina defaultHost=TPBE1 jvmRoute=tpbe1 b) TBE2 Tomcat Instance Server.xml config !-- Define an AJP 1.3 Connector on port 8028 for http traffic-- Connector port=8028 address=174.132.121.115 protocol=AJP/1.3 redirectPort=8027 / !-- Define an AJP 1.3 Connector on port 8024 for https traffic-- Connector port=8027 address=174.132.121.115 protocol=AJP/1.3 maxThreads=500 scheme=https secure=true SSLEnabled=true connectionTimeout=6 proxyPort=443 keystoreFile=/opt/certificates/star-trippro/trippro.keystore keystorePass=Tr!pPro clientAuth=false sslProtocol=TLS/ Engine name=Catalina defaultHost=TPBE2 jvmRoute=tpbe2 -- Best Regards A.Venkateswara Rao 9246665067 Qualcomm INDIA PVT. LTD http://www.qualcomm.co.in/ Hyderabad
Re: setenv.sh issue
On 9/20/2013 4:14 AM, vicky wrote: Thanks Ognjen . I need to set certain application specific enviornment variables ,pls suggest what is the best way of doing that. eg:- configuring enviornment variable for LOG4j file path eg:export path=/tc/amps/logs does above entry will be sufficient for defining in setenv.sh Thanks Vicky From: Ognjen Blagojevic ognjen.d.blagoje...@gmail.com To: Tomcat Users List users@tomcat.apache.org Sent: Friday, 20 September 2013 3:42 PM Subject: Re: setenv.sh issue Vicky, On 20.9.2013 11:32, vicky wrote: Hi All, When i am declaring variables in my $CATALINA_BASE/bin/setenv.sh file , they are not getting exported :- eg:- export NAME=e1 export ID=22 But when i am declaring the same variables in $CATALINA_BASE/bin/startup.sh in following manner these are getting exported properly:- eg:- export CATALINA_OPTS=-DNAME=e1 -DID=22 Kindly suggest what is the issue in this When you say varibles, do you mean Java system properties or OS environment variables? If you need to set Java system properties, use: export CATALINA_OPTS=-DNAME=e1 -DID=22 If you want to export OS environment variables use: export NAME=e1 export ID=22 In either way, refrain from modifying startup.sh, but use setenv.sh. Regards, Ognjen Part of my setenv.sh: JAVA_OPTS=-Dlog4j.home=$CATALINA_BASE/logs \ -Dderby.system.home=$CATALINA_BASE/databases export JAVA_OPTS Note that both of these could (should) probably go in CATALINA_OPTS. . . . . just my two cents. /mde/ - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: any update on an anticipated release date for 7.0.43?
From: Nick Williams [mailto:nicho...@nicholaswilliams.net] Sent: Friday, September 20, 2013 10:48 AM To: Tomcat Users List Subject: Re: any update on an anticipated release date for 7.0.43? On Sep 20, 2013, at 9:18 AM, Bob DeRemer wrote: -Original Message- From: Bob DeRemer [mailto:bob.dere...@thingworx.com] Sent: Tuesday, September 17, 2013 12:28 PM To: Tomcat Users List Subject: RE: any update on an anticipated release date for 7.0.43? -Original Message- From: Mark Thomas [mailto:ma...@apache.org] Sent: Tuesday, September 17, 2013 11:49 AM To: Tomcat Users List Subject: Re: any update on an anticipated release date for 7.0.43? On 17/09/2013 15:53, Bob DeRemer wrote: Has a decision (even tentative) been made on when 7.0.43 GA (w/ jsr 356) will release? Just curious if this will be before the end of September. The native release this was blocked by has now happened. Running the unit tests has identified a series of problems with WebSocket and the APR/native connector on Windows. I think these are fixed but I need to wait for the unit test runs to complete. Literally as I typed the last sentence the Windows tests finished and they passed. Woot! I'll be tagging 8.0.0-RC2 in the next few hours. I expect Violeta will be tagging 7.0.43 either later today or early tomorrow. Awesome - thx for the update! -bob Is it still looking good for a 7.0.43 release this week? I noticed nothing has been tagged yet, so didn't know if there were some problems uncovered that need to be fixed. 7.0.43 was tagged about 6 hours before you sent this message :-): http://svn.apache.org/repos/asf/tomcat/tc7.0.x/tags/TOMCAT_7_0_43/ There is also currently a vote happening on the developer mailing list as to its stability and whether to release: http://tomcat.markmail.org/thread/yjx2p5n62k2mdcrt The Tomcat team encourages people willing to test proposed Tomcat releases before they are published to join the developer mailing list, download the proposed release, test it out, and report back any issues that they believe should block the release, if any, in the form of a non-binding vote on the release. Hope this helps, Nick That's great. I had checked right before emailing, but turns out my browser cached the tags URL and 43 didn't show up. I will definitely pull down/build it and let you know if we have any problems. -bob
Re: mod_jk not changes IP of hostname when occurs changing of IP on DNS
Hi, I would like be automatic. Thanks. On Fri, Sep 20, 2013 at 12:29 PM, Mladen Turk mt...@apache.org wrote: On 09/19/2013 06:41 PM, Tiago Braga wrote: In apache, the module mod_jk not changes IP of hostname when occurs changing of IP on DNS. Do a graceful restart of httpd when address changes. Unfortunately like some said, we can either do a DNS lookup every time which would be a performance disaster or cache it and reuse (like we do). So graceful restart will cache a new DNS address. Anyhow, I'd suggest you use fixed IP addresses for your backend servers anyhow. Regards -- ^TM --**--**- To unsubscribe, e-mail: users-unsubscribe@tomcat.**apache.orgusers-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org -- Atenciosamente, Tiago Braga Machado
Re: APR Connector questions
Chris, Thanks for correcting the misdirected reply. Do you mean it's not working under load, or you haven't yet tried it under load? I mean I haven't tested it under load yet. One of the main reasons for choosing APR is is that I was under the impression it's good at serving large static files. My site has some large swf files - one is ~8mb (it's a game site). The docs on APR say, When APR is enabled, the HTTP connector will use sendfile for handling large static files (all such files will be sent asynchronously using high performance kernel level calls), and will use a socket poller for keepalive, increasing scalability of the server. Your recommendation is NIO is comparable to APR in non-ssl performance (as above for large static files) and more stable, and it would be better to switch to that? Thanks again, Alec On Thu, Sep 19, 2013 at 1:56 PM, Jeffrey Janner jeffrey.jan...@polydyne.com wrote: -Original Message- From: Christopher Schultz [mailto:ch...@christopherschultz.net] Sent: Thursday, September 19, 2013 12:38 PM To: Tomcat Users List Cc: Tomcat Random Subject: Re: APR Connector questions -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Alec, Please keep discussions on the mailing lists so others can benefit from them. On 9/19/13 12:01 PM, Tomcat Random wrote: The answer for am I going to be using SSL is maybe. It's not mandatory, but would be nice for an admin area of the site. I already built the tcnative stuff and APR is working, but not under load. Do you mean it's not working under load, or you haven't yet tried it under load? I'm using APR because it was my understanding there was a big performance increase when using Tomcat without a proxy/web server in front of it. I just have Tomcat with my IP tables redirecting 80-8080. APR and NIO performance are comparably to each other, SSL excepted. If you are talking about using SSL only for admin access (which is usually fairly limited in scope/traffic), then I wouldn't worry about the performance difference. One could argue that any site that requires login should be 100% SSL- protected, but I know nothing about your requirements. +1 2500 users might not require 2500- simultaneous connections. True, and it occurs to me, sort of noobishly, where would you look for reporting simultaneous connections? You can use JMX to get lots of information about the connectors. You'll have to probe periodically and build-up a trend graph to understand your actual traffic. http://wiki.apache.org/tomcat/FAQ/Monitoring And once you know that number, back to my original question, how many maxthreads/acceptCounts? The acceptCount is just the TCP backlog. Setting this higher than the default is only helpful if you have huge transaction volume bursts and your transactions are fairly short. If you can't handle 200 transactions waiting in the TCP accept queue pretty quickly, it's not going to help to raise that number to 1000. If you experience huge bursts of traffic that your app can handle with a short delay -- AND if you absolutely don't want to give any clients connection refused errors -- then raising the acceptCount is appropriate. I haven't seen a normal webapp that has ever required changing from the default, but my experience may not match the type of business you are in. As for maxThreads, that depends upon your load, the type of hardware you have, the length of your transactions, and the CPU load you expect will be required for your webapp. If your webapp is fairly CPU-bound (which I've found to be fairly rare) and you have a limited number of physical CPUs, raising the maxThreads limit buys you nothing: it may be worse than lowering it because you just end up running many threads at once and thrash the CPU. If you have a primarily I/O-bound app (most that I've seen... e.g. stuff that uses back-end databases for most requests) than raising the maxThreads can serve more requests... but then remember that your database must be able to handle the load as well. Having 1000 worker threads with a DB connection pool of size=10 means lots of waiting threads. Just how rare are the APR catastrophes? I don't have much data on frequency of occurrences just what I can see in BZ for the Tomcat Connectors project. Let's just say that over the past 8 or so years, I've yet to have it happen to me, and I am supporting dozens of Tomcat instances across a half-dozen systems with each Tomcat having 5 or 6 hosts each. Then again, I'm running under Windows and the tcnative is built for me by the good guys on the Tomcat Dev Team. Is it something a tomcat restart can fix? You don't have a choice: the JVM goes down immediately and you *must* restart Tomcat. That's what I meant by catastrophic. Yes, unfortunately, anything that causes a crash at the native code level is
Re: mod_jk not changes IP of hostname when occurs changing of IP on DNS
On 09/20/2013 07:29 PM, Tiago Braga wrote: Hi, I would like be automatic. The only thing we can do is to make directive for expiring the resolved address cache entry after some timeout. This however would not solve the random DNS change I think that this random is not actually random but rather happens on some interval. Regards -- ^TM - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: setenv.sh issue
Vicky, On 9/20/2013 4:14 AM, vicky wrote: I need to set certain application specific enviornment variables ,pls suggest what is the best way of doing that. eg:- configuring enviornment variable for LOG4j file path 1. Please, don't top post. 2. I doubt log4j will read any environment variables, and Stackoverflow confirms my doubts: http://stackoverflow.com/questions/201188/using-system-environment-variables-in-log4j-xml-configuration 3. Make sure you understand the difference: http://stackoverflow.com/questions/7054972/java-system-properties-and-environment-variables 4. Configure log4j using Java system properties, just like Mark suggested: Mark: JAVA_OPTS=-Dlog4j.home=$CATALINA_BASE/logs \ -Dderby.system.home=$CATALINA_BASE/databases export JAVA_OPTS Note that both of these could (should) probably go in CATALINA_OPTS. -Ognjen - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: APR Connector questions
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Alec, On 9/20/13 2:03 PM, Tomcat Random wrote: Chris, Thanks for correcting the misdirected reply. Do you mean it's not working under load, or you haven't yet tried it under load? I mean I haven't tested it under load yet. One of the main reasons for choosing APR is is that I was under the impression it's good at serving large static files. My site has some large swf files - one is ~8mb (it's a game site). The docs on APR say, When APR is enabled, the HTTP connector will use sendfile for handling large static files (all such files will be sent asynchronously using high performance kernel level calls), and will use a socket poller for keepalive, increasing scalability of the server. The NIO connector also supports sendfile, and avoids blocking I/O for keepalives. Your recommendation is NIO is comparable to APR in non-ssl performance (as above for large static files) and more stable, and it would be better to switch to that? I'm suggesting that NIO might be a comparable choice to APR with the added benefit of removing some complexity (that of installing a native library) to your deployment. - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.14 (Darwin) Comment: GPGTools - http://gpgtools.org Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQIcBAEBCAAGBQJSPRk7AAoJEBzwKT+lPKRYv5oP/1JZhzlnNfhPI7LLPJKegf5T Nk1Hd5DDPLoa58ihhnntQ0le0dOK6x+6LcktoIr1qvP9q2IiBupwF2HRnW4okW9O Db3p4vr0/9IioRPCkHpEcG6J+JR0L93SEDucqFpLQCAaR6x9Yc/ziGqO241sPhJD 5BmEBPBi+Kl+OD+UNhrMpyzNKf/zdmzjJu7oMl97DS6kNmx6gf2rvEwBS2Iec6xV NgfzqQ/6faSIsFv5AseHIXmYkZcifyegUYemQt+ZtNs7z9C0rx7Gd1Hh6ls2mjlG WD4Y2yILg8WouDZXJXEhGU5Pq65iVCoYPTWTF4tvJS0aU4AYVx5opiSZNeZy6vGl UAsX7lpTDgQ/VXfEOHmslvZsHorkOnh6z9CcVDtjcZYf+mFouGy3CXJROTcUizJg pzwghiT4jX9xcUWaf13CjuqBMo5SwsSqkkf4HY2vFDBDfn70bIG8k+FdjjTjKjv1 hZwkGc4Ysc0h0b2vKCYgI78fwydDvdnoNEJ50IONP6coxo4fSdaFCaFCQ/gXKVLG puMVkbE5WAkgxFBcM0zms5U9oqAQ2ZnwlGMB6tM1/GvnIQYgAiqqDVgEwm/wbWct XYxPIHakMXtJZRPY5lECQzmbHMZX4HnJ/si53lKQ2JeT79JC+Pesox0fNobU2eD1 K5Wu5Y96NL5F+Frl3wOE =9/4N -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org