Re: upgraded fedora and mod_jk will not work
PS - the answer to my original question about which linux ports had to be enabled is: 80 (if you want another machine to get at the port) - the other four ports are internal and do not need firewall access (8005, 8009, 8080, 8443) over and out on this one.
Re: upgraded fedora and mod_jk will not work
Andre and all - problem fixed. Since the only thing that REALLY changed was Fedora 14 -> Fedora 16, I should have guessed it was not in httpd or tomcat. The problem was fedora's over fastidious security policies. It was fedora that was stopping the shared memory writes and fedora that was stopping read access to this and that. I cleared about 20 "troubleshooter" problems and all web applications work fine with no more complaints about shared memory writing Thanks to you all (and thanks to my sub-conscious which woke me up at 2am to say - LOOK AT FEDORA fool). :=] PS - I hate these new hidden security policies. It is really hard to see what is happening and figure what to fix (even with the help you get from the troubleshooter). From: André Warnier To: Tomcat Users List Sent: Friday, March 23, 2012 1:33 PM Subject: Re: upgraded fedora and mod_jk will not work Ray Holme wrote: > I have recently upgraded from Fedora 14 to Fedora 16. I am testing 4 tomcat > applications on the local web (and one plain apache app.) on one box (no > other tricks like multiple servers ...). The below should pretty well > describe everything I think matters. > > I was running Tomcat 6.0.29 and then 6.0.35 on Fedora 14 and am now trying > the latter on 16 - there were no changes in the apache-tomcat directory for > the new release (NONE _ just restored it and tomcat comes up with it's normal > chatter). Nut my release is pretty vanilla - after unpacking the gzip'd > tomcat tar file I added the 4 webapps; the .xml files for each under > conf/Catalina ... and added the DB driver .jar to the lib directory (symbolic > linked) - then it worked fine (under fedora 14) > > I downloaded and built the newest mod_jk.so (tomcat-connectors-1.2.33) from > src (had to strip final binary to make it work at all - not mentioned). I > still have the old one if need be and yes I tried it too. > > I installed the mod_jk.so in /usr/lib64/httpd/modules with the rest of them > (the Apache mod_jk online docs seems a little old here but were helpful). > > I modified the workers.properties (removed cache stuff which apache > complained of as dead). Here is what I have left: > > --- > # workers.properties - ajp13 > workers.tomcat_home=/opt/apache <-- obsolete, delete line > workers.java_home=/usr/java/jdk <-- obsolete, delete line > ps=/ <- maybe obsolete too, don't remember > # > # List workers > worker.list=wrkr > # > # Define wrkr > worker.wrkr.port=8009 > worker.wrkr.host=localhost > worker.wrkr.type=ajp13 > worker.wrkr.socket_timeout=300 <-- I wouldn't do that, unless you have a > specific reason to specify this. > --- > > I have an /etc/rc.d/rc.local file which should bring up httpd, THEN tomcat. > Tomcat comes up fine (the logs look fine), but httpd never comes up till I > manually run the same script after login. I know the script ran from boot > time but it leaves NO complaints as I added an echo line to it and a "clean" > script for /etc/httpd/logs which did definitely run (until I am up, I want > fresh error files, maybe even after that). > Not sure I understand all of that, but it doesn't seem to be a Tomcat problem. You should try to find out why httpd doesn't start when run from the boot script during boot. Maybe you are trying to access something that the boot environment doesn't have yet, but that is available later when you run it by hand ? (like some filesystem which only gets mounted later on ?) > Question 1: is the order right? (httpd then tomcat) > or should I bring up tomcat before httpd?? Probably better tomcat first. Otherwise, if a request comes in, Apache+mod_jk will try to connect to tomcat, tomcat won't be there yet, and you'll get errors. > pause between? Depends how long Tomcat and your applications need to start up and be ready to answer requests. > 1.1 - is the java home right or should it be /usr/java? > - these were both dead wrong under fedora 14 (and it worked) > as it pointed to /usr/java/jdk1.6.something and I have >/usr/java/jdk1.7.. > and the tomcat_home was wrong too. They are correct now (both >are symbolic links > to the real place so I don't do that again). Not surprising that it worked while being wrong, because these parameters are obsolete and just ignored. > > I have carefully modified the http.conf file to be identical to what I had > before with identical lines about worker properties. For the sake of > completeness - here are the mods to the orginal httpd.conf (minus the comment > lines
Re: upgraded fedora and mod_jk will not work
Andre - good information. Thanks but still in the weeds here. > Depends how long Tomcat and your applications need to start up and be ready > to answer requests. makes sense. since httpd is NOT coming up on boot as it should, I will make it second with a preceding sleep and background the whole thing - maybe that will fix it: (sleep 10; S96httpd start) & THAT WORKS fine. httpd is now up correctly after a boot. YEA! Not surprising that it worked while being wrong, because these parameters are obsolete and just ignored. :=[ (thanks) >You don't seem to be using load balancing workers, so basically you don't care. >But the error message may indicate that Apache httpd is not able to write that >file, in that location. >Does that directory even exist ? (logfiles usually go to somewhere like >/var/log/*. /etc/hhtpd/logs is somewhat unusual.) Thanks again. It turns out that /etc/httpd/logs is a symbolic link to /var/httpd/log (feel better?). However as I did mention later in the original mail message- two files are created and are of size 0. So it can write, but is not happy. Without the new line about the shared memory in httpd.conf - httpd complained even more that it did not like it but would default. Will correct the line to point directly and not use the link. (no effect, but makes better sense to me) ls -l /var/log/httpd ... -rw-r--r--. 1 root root 0 Mar 23 09:27 jk-runtime-status.3686 -rw-r--r--. 1 root root 0 Mar 23 09:27 jk-runtime-status.3690 ... I did pull the mod_jk.so release suggested 1.2.32. It also needed to be stripped after the install. But it did not help - see below. THIS IS THE CRUX OF THE PROBLEM - STILL! >> [info] ajp_connect_to_endpoint::jk_ajp_common.c (992): Failed opening socket >> to (127.0.0.1:8009) (errno=13) >> [error] ajp_send_request::jk_ajp_common.c (1621): (wrkr) connecting to >> backend failed. Tomcat is probably not started or is listening on the wrong >> port (errno=13) >> [info] ajp_service::jk_ajp_common.c (2614): (wrkr) sending request to tomcat >> failed (recoverable), because of error during request sending (attempt=1) >> [info] jk_open_socket::jk_connect.c (627): connect to 127.0.0.1:8009 failed >> (errno=13) >That's probably because you start httpd before tomcat, as explained earlier. >Tomcat has not opened its AJP socket 8009 yet, so httpd+mod_jk cannot connect >to it. You could be right, but a) these MESSAGES do not happen until both tomcat and httpd are up and I try to get to the application in a browser b) under prior releases of fedora (14, 12, 8) I was able to start httpd hugely later and it worked - no complaints (sometimes it came up by itself, sometimes not - I like this rc.local way better) NOPE, in this case you did not hit the ball out of the park. I remain stuck with httpd thinking tomcat is NOT talking. Since I have done almost nothing to configure tomcat as you noticed with ssl, I am baffled. But thanks, you did solve one or two issues and explained a couple more.
Re: upgraded fedora and mod_jk will not work
> (had to strip final binary to make it work at all - not mentioned) What do you mean? I mean that the built binary was NOT stripped and would not work (apache complained about loading it - sorry I forgot the message). I simply did "strip mod_jk.so" and the size went down by a factor of 4 and then it worked. WORKED being a kind of funny word in this case. It loaded but did not work.
Re: upgraded fedora and mod_jk will not work
Note : you /do/ get bonus points for providing the versions of what you're using. Not everyone does that. And you also got an immediate reward, in the form of Chuck's and Konstantin's warnings about your mod_jk version (which could have caused you severe problems later, had you not mentioned it). - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: upgraded fedora and mod_jk will not work
Ray Holme wrote: I have recently upgraded from Fedora 14 to Fedora 16. I am testing 4 tomcat applications on the local web (and one plain apache app.) on one box (no other tricks like multiple servers ...). The below should pretty well describe everything I think matters. I was running Tomcat 6.0.29 and then 6.0.35 on Fedora 14 and am now trying the latter on 16 - there were no changes in the apache-tomcat directory for the new release (NONE _ just restored it and tomcat comes up with it's normal chatter). Nut my release is pretty vanilla - after unpacking the gzip'd tomcat tar file I added the 4 webapps; the .xml files for each under conf/Catalina ... and added the DB driver .jar to the lib directory (symbolic linked) - then it worked fine (under fedora 14) I downloaded and built the newest mod_jk.so (tomcat-connectors-1.2.33) from src (had to strip final binary to make it work at all - not mentioned). I still have the old one if need be and yes I tried it too. I installed the mod_jk.so in /usr/lib64/httpd/modules with the rest of them (the Apache mod_jk online docs seems a little old here but were helpful). I modified the workers.properties (removed cache stuff which apache complained of as dead). Here is what I have left: --- # workers.properties - ajp13 workers.tomcat_home=/opt/apache <-- obsolete, delete line workers.java_home=/usr/java/jdk <-- obsolete, delete line ps=/ <- maybe obsolete too, don't remember # # List workers worker.list=wrkr # # Define wrkr worker.wrkr.port=8009 worker.wrkr.host=localhost worker.wrkr.type=ajp13 worker.wrkr.socket_timeout=300 <-- I wouldn't do that, unless you have a specific reason to specify this. --- I have an /etc/rc.d/rc.local file which should bring up httpd, THEN tomcat. Tomcat comes up fine (the logs look fine), but httpd never comes up till I manually run the same script after login. I know the script ran from boot time but it leaves NO complaints as I added an echo line to it and a "clean" script for /etc/httpd/logs which did definitely run (until I am up, I want fresh error files, maybe even after that). Not sure I understand all of that, but it doesn't seem to be a Tomcat problem. You should try to find out why httpd doesn't start when run from the boot script during boot. Maybe you are trying to access something that the boot environment doesn't have yet, but that is available later when you run it by hand ? (like some filesystem which only gets mounted later on ?) Question 1: is the order right? (httpd then tomcat) or should I bring up tomcat before httpd?? Probably better tomcat first. Otherwise, if a request comes in, Apache+mod_jk will try to connect to tomcat, tomcat won't be there yet, and you'll get errors. pause between? Depends how long Tomcat and your applications need to start up and be ready to answer requests. 1.1 - is the java home right or should it be /usr/java? - these were both dead wrong under fedora 14 (and it worked) as it pointed to /usr/java/jdk1.6.something and I have /usr/java/jdk1.7.. and the tomcat_home was wrong too. They are correct now (both are symbolic links to the real place so I don't do that again). Not surprising that it worked while being wrong, because these parameters are obsolete and just ignored. I have carefully modified the http.conf file to be identical to what I had before with identical lines about worker properties. For the sake of completeness - here are the mods to the orginal httpd.conf (minus the comment lines) - I had to add a JkShmFile line to my old conf file to remove one startup complaint from the newer httpd mod_jk. Listen 192.168.101.101:80 ... LoadModule jk_module modules/mod_jk.so JkWorkersFi le /etc/httpd/conf/workers.properties JkLogFile /var/log/httpd/mod_jk.log JkLogLevel info JkShmFile /etc/httpd/logs/jk.shm JkLogStampFormat "[%a %b %d %H:%M:%S %Y] JkOptions +ForwardKeySize +ForwardURICompat -ForwardDirectories JkRequestLogFormat "%w %V %T" JkMount /ledger wrkr JkMount /ledger/* wrkr ### 3 other app line sets like the above 2 lines are cut for brevity So I start httpd manually now and it says "OK", but the log files do not say this. Here are the log messages (without the leading dates) and cutting duplicates error_log -> [notice] mod_python: Creating 4 session mutexes based on 256 max processes and 0 max threads. Question 2: I suspect this might be OK (in earlier fedora too), why "0" max? - zero is small, is this a problem at all? Don't know. That's something you should ask the "mod_python" guys. ssl_error_log-> [warn] RSA server certificate CommonName (CN) `localhost.localdomain' does NOT match server name!? Question 3: Also seen in earlier ssl_error_logs, but I am
Re: upgraded fedora and mod_jk will not work
2012/3/23 Ray Holme : > I downloaded and built the newest mod_jk.so (tomcat-connectors-1.2.33) from > src (had to strip final binary to make it work at all - not mentioned). I > still have the old one if need be and yes I tried it too. 1.2.33 is known to be broken and causes core in httpd in certain configurations. The voting for 1.2.35 is currently in progress - you can find download link in the VOTE thread on the dev@ list if you wanna give it a try. > (had to strip final binary to make it work at all - not mentioned) What do you mean? > > Question 1: is the order right? (httpd then tomcat) > or should I bring up tomcat before httpd?? > pause between? It should work either way. Best regards, Konstantin Kolinko - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: upgraded fedora and mod_jk will not work
> From: Ray Holme [mailto:rayho...@yahoo.com] > Subject: upgraded fedora and mod_jk will not work > I downloaded and built the newest mod_jk.so (tomcat-connectors-1.2.33) Oops - please read the headline in the docs: "The Apache Tomcat team wishes to draw your attention to stability issues that have been identified with the recent mod_jk 1.2.33 release. If you have not yet upgraded to mod_jk 1.2.33 we recommend that you wait for the mod_jk 1.2.34 release which is currently in progress. If you have upgraded and are experienced issues we recommend that you downgrade to mod_jk 1.2.32 until mod_jk 1.2.34 is available. "We apologise for any inconvenience." http://tomcat.apache.org/connectors-doc/ - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
upgraded fedora and mod_jk will not work
I have recently upgraded from Fedora 14 to Fedora 16. I am testing 4 tomcat applications on the local web (and one plain apache app.) on one box (no other tricks like multiple servers ...). The below should pretty well describe everything I think matters. I was running Tomcat 6.0.29 and then 6.0.35 on Fedora 14 and am now trying the latter on 16 - there were no changes in the apache-tomcat directory for the new release (NONE _ just restored it and tomcat comes up with it's normal chatter). Nut my release is pretty vanilla - after unpacking the gzip'd tomcat tar file I added the 4 webapps; the .xml files for each under conf/Catalina ... and added the DB driver .jar to the lib directory (symbolic linked) - then it worked fine (under fedora 14) I downloaded and built the newest mod_jk.so (tomcat-connectors-1.2.33) from src (had to strip final binary to make it work at all - not mentioned). I still have the old one if need be and yes I tried it too. I installed the mod_jk.so in /usr/lib64/httpd/modules with the rest of them (the Apache mod_jk online docs seems a little old here but were helpful). I modified the workers.properties (removed cache stuff which apache complained of as dead). Here is what I have left: --- # workers.properties - ajp13 workers.tomcat_home=/opt/apache workers.java_home=/usr/java/jdk ps=/ # # List workers worker.list=wrkr # # Define wrkr worker.wrkr.port=8009 worker.wrkr.host=localhost worker.wrkr.type=ajp13 worker.wrkr.socket_timeout=300 --- I have an /etc/rc.d/rc.local file which should bring up httpd, THEN tomcat. Tomcat comes up fine (the logs look fine), but httpd never comes up till I manually run the same script after login. I know the script ran from boot time but it leaves NO complaints as I added an echo line to it and a "clean" script for /etc/httpd/logs which did definitely run (until I am up, I want fresh error files, maybe even after that). Question 1: is the order right? (httpd then tomcat) or should I bring up tomcat before httpd?? pause between? 1.1 - is the java home right or should it be /usr/java? - these were both dead wrong under fedora 14 (and it worked) as it pointed to /usr/java/jdk1.6.something and I have /usr/java/jdk1.7.. and the tomcat_home was wrong too. They are correct now (both are symbolic links to the real place so I don't do that again). I have carefully modified the http.conf file to be identical to what I had before with identical lines about worker properties. For the sake of completeness - here are the mods to the orginal httpd.conf (minus the comment lines) - I had to add a JkShmFile line to my old conf file to remove one startup complaint from the newer httpd mod_jk. Listen 192.168.101.101:80 ... LoadModule jk_module modules/mod_jk.so JkWorkersFile /etc/httpd/conf/workers.properties JkLogFile /var/log/httpd/mod_jk.log JkLogLevel info JkShmFile /etc/httpd/logs/jk.shm JkLogStampFormat "[%a %b %d %H:%M:%S %Y] JkOptions +ForwardKeySize +ForwardURICompat -ForwardDirectories JkRequestLogFormat "%w %V %T" JkMount /ledger wrkr JkMount /ledger/* wrkr ### 3 other app line sets like the above 2 lines are cut for brevity So I start httpd manually now and it says "OK", but the log files do not say this. Here are the log messages (without the leading dates) and cutting duplicates error_log -> [notice] mod_python: Creating 4 session mutexes based on 256 max processes and 0 max threads. Question 2: I suspect this might be OK (in earlier fedora too), why "0" max? - zero is small, is this a problem at all? ssl_error_log-> [warn] RSA server certificate CommonName (CN) `localhost.localdomain' does NOT match server name!? Question 3: Also seen in earlier ssl_error_logs, but I am not using SSL at all YET and I don't like errors. I cannot find where it is picking up localhost.localdomain at all. I would correct that if I knew. I have tried adding this alias on the line with my real hostname in /etc/hosts but that does no good. SO, is this a problem? Whether or not it is, can I fix it? mod_jk.log -> THESE ARE ALL NEW TO FEDORA 16 and the real problem I think [error] init_jk::mod_jk.c (3348): Initializing shm:/etc/httpd/logs/jk.shm.2384 errno=13. Load balancing workers will not function properly. ... [info] ajp_connect_to_endpoint::jk_ajp_common.c (992): Failed opening socket to (127.0.0.1:8009) (errno=13) [error] ajp_send_request::jk_ajp_common.c (1621): (wrkr) connecting to backend failed. Tomcat is probably not started or is listening on the wrong port (errno=13) [info] ajp_service::jk_ajp_common.c (2614): (wrkr) sending request to tomcat failed (recoverable), because of error during request sending (attempt=1) [info] jk_open_socket::jk_connect.c (627): connect to 127.0.0.1:8
