Hi Can you share the Apache HTTPD set with mod_jk config with us (I assume you run that in a separate Docker container)? Please don't share any sensitive config like passwords, keys, etc, just the basics of what we'd need to reproduce the error you're seeing. We'd be happy to take a look.
There was a recent change in Tomcat where you need to set a secret both in the Tomcat/TomEE config, and on the mod_jk side. Checking that the AJP port is open and accessible to HTTPD, and that the secret is set on both sides would be my first step in troubleshooting this. The recent changes in AJP were to mitigate CVE-2020-1938 - some details are here:https://nvd.nist.gov/vuln/detail/CVE-2020-1938 and there are a number of writeups about the vulnerability on the web. Its worth a read and understanding the changes. Jon On Tue, Jul 21, 2020 at 10:43 AM Marco DE BOOIJ <[email protected]> wrote: > I had set-up TomEE (8.0.1) in Docker and Apache2 with mod_jk and it > worked. After a crash I lost all configurations. After re-installing > Linux (Mint 20) I re-created the TomEE 8.0.2 container (from tomitribe > on github with 11-jre but the 8-jre has the same problem) and configured > Apache2 (2.4.41) with the mod_jk (1.2.46-1). > > I created the container (as before) with docker run -it --name tomee -p > 8109:8009 -p 8180:8080 -p 8543:8443 -e TZ=Europe/Brussels -v > /srv/local/tomee:/srv/local/tomee tomee-8.0.2 > > When I access the applications through the TomEE port I get the reply > but when I go through Apache2 I get a "502 Bad Gateway The proxy server > received an invalid response from an upstream server". In the mod_jk.log > I find: > > [Fri Jul 17 11:09:27.272 2020] [1075:140607154546432] [debug] > ajp_get_endpoint::jk_ajp_common.c (3357): (ajp13_worker) acquired > connection pool slot=0 after 0 retries > [Fri Jul 17 11:09:27.272 2020] [1075:140607154546432] [debug] > ajp_marshal_into_msgb::jk_ajp_common.c (681): (ajp13_worker) ajp > marshaling done > [Fri Jul 17 11:09:27.272 2020] [1075:140607154546432] [debug] > ajp_service::jk_ajp_common.c (2588): processing ajp13_worker with 2 retries > [Fri Jul 17 11:09:27.272 2020] [1075:140607154546432] [debug] > ajp_send_request::jk_ajp_common.c (1719): (ajp13_worker) no usable > connection found, will create a new one. > [Fri Jul 17 11:09:27.273 2020] [1075:140607154546432] [debug] > jk_open_socket::jk_connect.c (674): socket TCP_NODELAY set to On > [Fri Jul 17 11:09:27.273 2020] [1075:140607154546432] [debug] > jk_open_socket::jk_connect.c (798): trying to connect socket 17 to > 127.0.0.1:8109 > [Fri Jul 17 11:09:27.273 2020] [1075:140607154546432] [debug] > jk_open_socket::jk_connect.c (824): socket 17 [127.0.0.1:44262 -> > 127.0.0.1:8109] connected > [Fri Jul 17 11:09:27.273 2020] [1075:140607154546432] [debug] > ajp_connection_tcp_send_message::jk_ajp_common.c (1264): sending to > ajp13 pos=4 len=462 max=8192 > [Fri Jul 17 11:09:27.273 2020] [1075:140607154546432] [debug] > ajp_send_request::jk_ajp_common.c (1779): (ajp13_worker) request body to > send 0 - request body to resend 0 > [Fri Jul 17 11:09:27.273 2020] [1075:140607154546432] [debug] > jk_shutdown_socket::jk_connect.c (931): About to shutdown socket 17 > [errno=107] > [Fri Jul 17 11:09:27.273 2020] [1075:140607154546432] [debug] > jk_shutdown_socket::jk_connect.c (940): Failed sending SHUT_WR for > socket 17 [errno=107] > [Fri Jul 17 11:09:27.273 2020] [1075:140607154546432] [info] > ajp_connection_tcp_get_message::jk_ajp_common.c (1347): (ajp13_worker) > can't receive the response header message from tomcat, network problems > or tomcat (127.0.0.1:8109) is down (errno=104) > [Fri Jul 17 11:09:27.273 2020] [1075:140607154546432] [debug] > ajp_abort_endpoint::jk_ajp_common.c (818): (ajp13_worker) aborting > endpoint with socket 17 > [Fri Jul 17 11:09:27.273 2020] [1075:140607154546432] [error] > ajp_get_reply::jk_ajp_common.c (2256): (ajp13_worker) Tomcat is down or > refused connection. No response has been sent to the client (yet) > [Fri Jul 17 11:09:27.273 2020] [1075:140607154546432] [info] > ajp_service::jk_ajp_common.c (2775): (ajp13_worker) sending request to > tomcat failed (recoverable), (attempt=1) > [Fri Jul 17 11:09:27.273 2020] [1075:140607154546432] [debug] > ajp_service::jk_ajp_common.c (2624): (ajp13_worker) retry 1, sleeping > for 100 ms before retrying > > I only commented out the AJP 1.3 connector part from the server.xml > without changing. I changed the port in workers.properties to 8109. > > On the internet I found old problems but these should have been solved > in the version that I use. Did anybody had this problem and solved it? > >
