try with a regular tcp loadbalancer like pen (http://siag.nu/) first, otherwise you are debugging a whole stack at once.
so use pen, and your two tomcats, try failover and go from there. also, enable debugging for your logging, and a lot more will be spit out in the logs Filip ----- Original Message ----- From: "Richard Mixon (qwest)" <[EMAIL PROTECTED]> To: <[email protected]> Sent: Wednesday, January 26, 2005 4:37 PM Subject: JK, Session Replication/Clustering, SSL and failover in Tomcat 5 I am trying to get JK 1.2.8 (within Apache 2.0.52 SSL build) to fail over to my remaining Tomcat 5.5.7 instance when the first instance is brought down (e.g. for maintenance or due to an actual failure). The application uses container managed authentication (CMA) and obviously sessions. I have two questions/problems. Thanks so much for any ideas/help you can provide. 1) If I set sticky_session=True then the loadbalancer worker distributes requests among the two workers just fine. If I shut down one Tomcat instance, it redirects me to the second - but I am prompted to login again. This makes me think that session replication is not occurring. How can I check that session replication is happening (is there a log settings)? I thought it must be at first as I was getting the following in my tomcat logs: >From srv1: INFO main org.apache.coyote.http11.Http11Protocol - Initializing Coyote HTTP/1.1 on http-8080 INFO main org.apache.catalina.startup.Catalina - Initialization processed in 875 ms INFO main org.apache.catalina.core.StandardService - Starting service Catalina INFO main org.apache.catalina.core.StandardEngine - Starting Servlet Engine: Apache Tomcat/5.5.7 INFO main org.apache.catalina.core.StandardHost - XML validation disabled INFO main org.apache.catalina.cluster.tcp.SimpleTcpCluster - Cluster is about to start INFO main org.apache.catalina.cluster.mcast.McastService - Sleeping for 2000 secs to establish cluster membership INFO main org.apache.catalina.cluster.deploy.FarmWarDeployer - Cluster FarmWarDeployer started. INFO main org.apache.coyote.http11.Http11Protocol - Starting Coyote HTTP/1.1 on http-8080 INFO main org.apache.jk.common.ChannelSocket - JK2: ajp13 listening on /0.0.0.0:8009 INFO main org.apache.jk.server.JkMain - Jk running ID=0 time=0/31 config=null INFO main org.apache.catalina.storeconfig.StoreLoader - Find registry server-registry.xml at classpath resource INFO main org.apache.catalina.startup.Catalina - Server startup in 6016 ms INFO Cluster-MembershipReceiver org.apache.catalina.cluster.tcp.SimpleTcpCluster - Replication member added:org.apache.catalina.cluster.mcast.McastMember[tcp://192.168.1.140: 4002,192.168.1.140,4002, alive=16] >From srv2: INFO main org.apache.coyote.http11.Http11Protocol - Initializing Coyote HTTP/1.1 on http-9080 INFO main org.apache.catalina.startup.Catalina - Initialization processed in 1250 ms INFO main org.apache.catalina.core.StandardService - Starting service Catalina INFO main org.apache.catalina.core.StandardEngine - Starting Servlet Engine: Apache Tomcat/5.5.7 INFO main org.apache.catalina.core.StandardHost - XML validation disabled INFO main org.apache.catalina.cluster.tcp.SimpleTcpCluster - Cluster is about to start INFO main org.apache.catalina.cluster.mcast.McastService - Sleeping for 2000 secs to establish cluster membership INFO Cluster-MembershipReceiver org.apache.catalina.cluster.tcp.SimpleTcpCluster - Replication member added:org.apache.catalina.cluster.mcast.McastMember[tcp://192.168.1.140: 4001,192.168.1.140,4001, alive=5578] INFO main org.apache.catalina.cluster.deploy.FarmWarDeployer - Cluster FarmWarDeployer started. INFO main org.apache.coyote.http11.Http11Protocol - Starting Coyote HTTP/1.1 on http-9080 INFO main org.apache.jk.common.ChannelSocket - JK2: ajp13 listening on /0.0.0.0:9009 INFO main org.apache.jk.server.JkMain - Jk running ID=0 time=0/31 config=null INFO main org.apache.catalina.storeconfig.StoreLoader - Find registry server-registry.xml at classpath resource INFO main org.apache.catalina.startup.Catalina - Server startup in 6313 ms 2) If I set sticky_session=False I am unable to login, failing with an HTTP Status 408. Here's the sequence: a) Issue a request to a protected resource that will trigger form-based authentication (CMA). JK worker loadbalancer sends this request to the first worker, "srv1". b) After I fill in the authentication/login form I press submit. Now JK worker loadbalancer send this request to worker "srv2" and I end up with this error respons: HTTP Status 408 - The time allowed for the login process has been exceeded... Here are my configuration files (or pieces): FILE: piece form httpd.conf <IfModule mod_jk.c> JkWorkersFile conf/workers.properties JkLogStampFormat "[%a %b %d %H:%M:%S %Y] " JkLogFile logs/mod_jk.log # Log level to be used by mod_jk: debug, info, warn error or trace JkLogLevel debug JkOptions +ForwardKeySize +ForwardURICompat -ForwardDirectories JkExtractSSL on JkHTTPSIndicator HTTPS JkSESSIONIndicator SSL_SESSION_ID JkCIPHERIndicator SSL_CIPHER JkCERTSIndicator SSL_CLIENT_CERT </IfModule> FILE: workers.properties # workers.properties - # workers.tomcat_home=c:/jakarta-tomcat-5.5.7 workers.java_home=C:/jdk1.5.0_01 ps=/ # # Define one worker for each tomcat instance, plus one # to handle the load balancing. # worker.list=loadbalancer worker.srv1.port=8009 worker.srv1.host=localhost worker.srv1.type=ajp13 worker.srv1.lbfactor=100 worker.srv1.sticky_session=False worker.srv1.local_worker=0 worker.srv2.port=9009 worker.srv2.host=localhost worker.srv2.type=ajp13 worker.srv2.lbfactor=100 worker.srv2.sticky_session=False worker.srv2.local_worker=0 worker.loadbalancer.type=lb worker.loadbalancer.sticky_session=False worker.loadbalancer.balanced_workers=srv1,srv2 worker.loadbalancer.local_worker_only=1 FILE: piece from server.xml on "srv1" (note: I do not want automated deployment so I watchEnabled="false", I do not want farm deployment to occur) <Cluster className="org.apache.catalina.cluster.tcp.SimpleTcpCluster" managerClassName="org.apache.catalina.cluster.session.D eltaManager" expireSessionsOnShutdown="true" useDirtyFlag="true" notifyListenersOnReplication="true"> <Membership className="org.apache.catalina.cluster.mcast.McastServic e" mcastAddr="228.0.0.4" mcastPort="45564" mcastFrequency="500" mcastDropTime="3000"/> <Receiver className="org.apache.catalina.cluster.tcp.ReplicationLi stener" tcpListenAddress="auto" tcpListenPort="4001" tcpSelectorTimeout="100" tcpThreadCount="6"/> <Sender className="org.apache.catalina.cluster.tcp.ReplicationTr ansmitter" replicationMode="pooled" ackTimeout="15000"/> <Valve className="org.apache.catalina.cluster.tcp.ReplicationValve" filter=".*\.gif;.*\.js;.*\.jpg;.*\.png;.*\.htm;.*\.ht ml;.*\.css;.*\.txt;"/> <Deployer className="org.apache.catalina.cluster.deploy.FarmWarDeployer" tempDir="c:/jakarta-tomcat-5.5.7/temp" deployDir="c:/jakarta-tomcat-5.5.7/webapps" watchDir="c:/jakarta-tomcat-5.5.7-deployer/build/w ebapp" watchEnabled="false"/> </Cluster> FILE: piece from server.xml on "srv2" <Cluster className="org.apache.catalina.cluster.tcp.SimpleTcpCluster" managerClassName="org.apache.catalina.cluster.session.D eltaManager" expireSessionsOnShutdown="true" useDirtyFlag="true" notifyListenersOnReplication="true"> <Membership className="org.apache.catalina.cluster.mcast.McastServic e" mcastAddr="228.0.0.4" mcastPort="45564" mcastFrequency="500" mcastDropTime="3000"/> <Receiver className="org.apache.catalina.cluster.tcp.ReplicationLi stener" tcpListenAddress="auto" tcpListenPort="4002" tcpSelectorTimeout="100" tcpThreadCount="6"/> <Sender className="org.apache.catalina.cluster.tcp.ReplicationTr ansmitter" replicationMode="pooled" ackTimeout="15000"/> <Valve className="org.apache.catalina.cluster.tcp.ReplicationValve" filter=".*\.gif;.*\.js;.*\.jpg;.*\.png;.*\.htm;.*\.ht ml;.*\.css;.*\.txt;"/> <Deployer className="org.apache.catalina.cluster.deploy.FarmWarDeployer" tempDir="c:/jakarta-tomcat-5.5.7b/temp" deployDir="c:/jakarta-tomcat-5.5.7b/webapps" watchDir="c:/jakarta-tomcat-5.5.7-deployer/build/w ebapp" watchEnabled="false"/> </Cluster> Thanks again - Richard --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
