> -----Message d'origine----- > De�: Robert Charbonneau [mailto:[EMAIL PROTECTED] > Envoy�: vendredi 31 octobre 2003 06:17 > ��: Tomcat Users Mailing List > Objet�: Opinions > > Does anyone have an opinion of Tomcat running in a very high traffic > environment, let's say, 100K - 500K unique visits/day? > > I'm also wondering about the possibility of running a Tomcat server > standalone > as opposed to using mod_jk.so with Apache to mount webapps with. > Would this > be more stable, and is there any loss to me if I *don't* use Apache?
I have several tomcat standalone applications with more than one connection per second. It works well. I had to be carefull with: o JITC bug in IBM 1.4.1 Jvm on hyperthreaded machines (SIG11) o Silly name lookup at IBM Jvm startup (it needs to know the name for all the interfaces up on the machine or it SIG11. Even if your tomcat has nothing to do with the interfaces, event if you need administrative unnamed (DNS, Hosts) interfaces). This does not happen with Sun Jvm. o Memory leaks (in java servlets or Jvm or both) o Tomcat 4.1.27 bug when running at the MaxConnector limit (workaroundable) Those applications are wap and web applications, mainly. Total traffic is about 30Mb/s (up to 40) all day. I am in the process of migrating to a LinuxVirtualServer architecture for load balancing and failover. It works well. I have to say that tomcat is not so easy to share between nodes. I had to do at least one modification to catalina.sh (introducing a CATALINA_LOGS). The CATALINA_BASE is shared netween nodes (via NFS) and I need one catalina.out for each node. So... Oh, and last but not least, I didn't find a privilege separation method in tomcat (like in apache or ssh or postfix, or...). Perhaps am I wrong, but, if you want tomcat to run in unpriviledge environment, you have to make it bind to a public port (say 8080). I use iptables to redirect connections from 80 to 8080: If you have only one tomcat running on the server, you can use: /sbin/iptables -t nat -A PREROUTING -i lo -p tcp --dport 80 -j REDIRECT --to-ports 8080 For more than one (one IP for one tomcat is required), you have to deal with DNAT: /sbin/iptables -t nat -A PREROUTING -d 1.2.3.4 -p tcp -m tcp --dport 80 -j DNAT --to-destination 1.2.3.4:8080 This way, you don't have to put any port number in URLs. Ho. I just see that it is all linux related... I don't have any experience in Windows. Sorry. In fact, with a minimal of Unix/Linux sysadmin knowledge, tomcat become spretty scalable. Fran�ois. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
