Fronting Tomcat with Apache Httpd Mladen Turk Red Hat, Inc.

Slides:



Advertisements
Similar presentations
What all is there Inside the Apache web server. These slides are part of study material of LAMP course. Course conducted by Prof Rocky Jagtiani – Technical.
Advertisements

Internet Information Server 6.0. IIS 6.0 Enhancements  Fundamental changes, aimed at: Reliability & Availability Reliability & Availability Performance.
Apache Performance Tuning Part 2: Scaling Out Sander Temme.
Module 5: TLS and SSL 1. Overview Transport Layer Security Overview Secure Socket Layer Overview SSL Termination SSL in the Hosted Environment Load Balanced.
Introducing Apache Tomcat 6 Mladen Turk Red Hat, Inc.
Network+ Guide to Networks, Fourth Edition
Clustering and load balancing with Apache 2.2 mod_proxy
Highly Available Central Services An Intelligent Router Approach Thomas Finnern Thorsten Witt DESY/IT.
Apache Performance Tuning Part 2: Scaling Out Sander Temme.
Technical Architectures
Module 8: Concepts of a Network Load Balancing Cluster
Load Balance of Tomcat with Apache by George Fu, UCCS CS 526 Semester Project Spring 2009.
Scalability and planning for growth 1WUCM1. Content management issues Structural – Naming (e.g. file, URL) policy – File and directory naming needs: invent/design/borrow.
Chris Shuster 4/29/2009 1Chris Shuster.  Application Servers ◦ Backend processing platform. ◦ Multiple platforms, operating system and architecture.
SPUD A Distributed High Performance Publish-Subscribe Cluster Uriel Peled and Tal Kol Guided by Edward Bortnikov Software Systems Laboratory Faculty of.
Lesson 1: Configuring Network Load Balancing
Network+ Guide to Networks, Fourth Edition Chapter 1 An Introduction to Networking.
Content Delivery Networks. History Early 1990s sees 100% growth in internet traffic per year 1994 o Netscape forms and releases their first browser.
APACHE WEBSERVER.
Apache Jakarta Tomcat Suh, Junho. Road Map Tomcat Overview Tomcat Overview History History What is Tomcat? What is Tomcat? Servlet Container.
Chapter 22 Web Hosting and Internet Servers Xuanxuan Su.
Tomcat Celsina Bignoli History of Tomcat Tomcat is the result of the integration of two groups of developers. – JServ, an open source.
Apache Architecture. How do we measure performance? Benchmarks –Requests per Second –Bandwidth –Latency –Concurrency (Scalability)
Christopher M. Pascucci Basic Structural Concepts of.NET Browser – Server Interaction.
22-Aug-15 | 1 |1 | Help! I need more servers! What do I do? Scaling a PHP application.
Additional SugarCRM details for complete, functional, and portable deployment.
Installing and Configuring Tomcat A quick guide to getting things set up on Windows.
Basics of the HTTP Protocol and Apache Web Server Brandon Checketts.
Server Load Balancing. Introduction Why is load balancing of servers needed? If there is only one web server responding to all the incoming HTTP requests.
Network+ Guide to Networks, Fourth Edition Chapter 1 An Introduction to Networking.
Chapter 4: Core Web Technologies
Web application architecture
Implementing ISA Server Publishing. Introduction What Are Web Publishing Rules? ISA Server uses Web publishing rules to make Web sites on protected networks.
Global NetWatch Copyright © 2003 Global NetWatch, Inc. Factors Affecting Web Performance Getting Maximum Performance Out Of Your Web Server.
APEX power! Alan Arentsen brought to you by GlassFish.
© Blackboard, Inc. All rights reserved. Deploying Tomcat Clusters in an Advanced Blackboard TM Environment Speaker: Steve Feldman Director, Software Performance.
The Power of mod_proxy Proxy servers, load balancers and how to implement with Apache HTTP Server.
CS 493/693: Distributed Systems Programming V. “Juggy” Jagannathan CSEE, West Virginia University March 21, 2005.
1 Apache. 2 Module - Apache ♦ Overview This module focuses on configuring and customizing Apache web server. Apache is a commonly used Hypertext Transfer.
Windows Azure Conference 2014 Deploy your Java workloads on Windows Azure.
Apache Performance Tuning Part 2: Scaling Out Sander Temme.
Module 11: Implementing ISA Server 2004 Enterprise Edition.
Apache Web Server. Aim of this section –Introduce you to workings of the most common webserver –Give you a little experience in role of webmaster Configuring.
The mod_proxy_balancer Cookbook A module overview with practical solutions to common problems Daniel Ruggeri.
Server Performance, Scaling, Reliability and Configuration Norman White.
The Intranet.
Homework 02 NAT 、 DHCP 、 Firewall 、 Proxy. Computer Center, CS, NCTU 2 Basic Knowledge  DHCP Dynamically assigning IPs to clients  NAT Translating addresses.
Apache HTTP Server from 10,000 feet An open source Apache feature overview and discussion.
Measuring the Capacity of a Web Server USENIX Sympo. on Internet Tech. and Sys. ‘ Koo-Min Ahn.
Full and Para Virtualization
Cloud Computing Computer Science Innovations, LLC.
IBM Http Server Basic Administration. CONTENTS Web server IHS How does IHS differ from Apache Basic configurations Advanced Configurations Performance.
Internet Information Server 6.0 & new management features.
JBOSS Online Training. Introduction to JBOSS Red Hat JBoss Middleware leverages community powered enlighten innovation and standalone open source application.
VIRTUAL SERVERS Chapter 7. 2 OVERVIEW Exchange Server 2003 virtual servers Virtual servers in a clustering environment Creating additional virtual servers.
Fault – Tolerant Distributed Multimedia Streaming Web Application By Nirvan Sagar – Srishti Ganjoo – Syed Shahbaaz Safir
1 Super/Ultra-Basic Load-Balancing Introduction For AFNOG 2012 Joel Jaeggli.
Presented by Michael Rainey South Mississippi Linux Users Group
NWCLUG 04/06/2010 Jared Moore L A M P.
NAT、DHCP、Firewall、FTP、Proxy
Lab A: Planning an Installation
The Intranet.
Apache web server Quick overview.
Affinity Depending on the application and client requirements of your Network Load Balancing cluster, you can be required to select an Affinity setting.
Web Development Web Servers.
Tomcat Celsina Bignoli
Securing the Network Perimeter with ISA 2004
Introducing Apache Tomcat 6 Mladen Turk Red Hat, Inc.
Apache Performance Tuning
Apache Performance Tuning
Presentation transcript:

Fronting Tomcat with Apache Httpd Mladen Turk Red Hat, Inc.

Agenda Introduction Using mod_jk Using mod_proxy

Typical architecture Enterprise information systems Heterogeneous environment Multiple data sources (static/dynamic)

Typical architecture Apache Httpd in front Requests for dynamic information or interaction with back-end data sources go through web server to app server mod_jk or mod_proxy Apache HTTPD Apache Tomcat JBoss AS Geronimo

Enterprise IS problems Applications are time consuming Process client data, access the database, do some calculations and present the data back to the client. Within ½ of second to achieve user perception of a working application High concurrency The entire family of your manager will participate in testing Add more CPU power Buy faster hardware Add more boxes Security Share applications with Intranet Use Intranet data

Simple configuration Separate content Web server delivers static content Application server delivers dynamic content

Secure generic configuration Secure your data Put the web server in DMZ Handle security with Web server

High availability configuration Add more application servers Failover in case of failure Add more boxes Handle more clients

Apache HTTPD Architecture Threaded Windows, Netware MaxClients Parent process Listener Socket Child process T1 T2 Tn

Apache HTTPD Architecture Prefork Unixes StartServers MaxClients Parent process Listener Socket Child process Child process Child process

Apache HTTPD Architecture Semi-threaded (worker) Unixes (Apache 2 and up) ThreadsPerChild MaxClients Parent process Listener Socket Child process T1 T2 Tn Child process T1 T2 Tn

Tomcat Architecture maxThreads AJP Connector HTTP Connector SSL Server Service Engine Host Context Context 1 2 3 4

Tomcat architecture Thread context switch latency Limits the number of concurrent connections Limit 250 per CPU – (empirical) Depends on the OS and JVM very bad on Windows (kernel limit on 64 event objects) T1 T2 Processing Latency

Getting the most out of integration Do you need that? Additional configuration Additional maintenance Need to build the connector on your own Additional point of failure Define your needs Application response time Number of concurrent users Network throughput

Getting the most out of integration Define your topology Application servers Web servers Static content delivery Clustering Sessions Caching Failover Load balancing

Getting the most out of Integration Separate content Do not mix application and native web server content Separate applications Do not mount /* Do not mount /*.jsp Use native SSL Much faster then JSSE Can use hardware accelerators

Getting the most out of Integration Do you need SSL between web and application server? Paranoid IT department Understand the problem Encryption is done twice Tomcat Apache HTTPD mod_ssl NIC 1 NIC 2 NIC 1 Firewall/443 Firewall/8009

Fronting with mod_jk Apache Tomcat project Use current stable (1.2.22) Supported Apache Httpd servers Apache 1.33+ Apache 2.0.47+ Apache 2.2/2.3 (*)

mod_jk architecture Uses AJP 1.3 protocol Integrated load balancer Binary custom protocol Constant connection pool No need to parse HTTP headers twice All preprocessing is done in Apache httpd Integrated load balancer Sticky sessions Failover Domain model clustering

mod_jk Architecture <Connector … protocol=“AJP/1.3"/> worker.tomcat.type=ajp13 AJP Protocol <Connector … protocol=“AJP/1.3"/> Tomcat MaxClients ThreadsPerChild maxThreads AJP protocol is reusable. Mod_jk opens a pool of connections to Tomcat.

mod_jk Load balancer Architecture worker.host1.type=ajp13 AJP13 AJP/1.3 jvmRoute=“host1” worker.host2.type=ajp13 AJP13 AJP/1.3 jvmRoute=“host2” worker.balancer.type=lb worker.balancer. balance_workers=host1,host2

Using mod_jk Understand configuration httpd.conf server.xml <IfModule worker.c> StartServers 2 MaxClients 150 MinSpareThreads 25 MaxSpareThreads 75 ThreadsPerChild 25 MaxRequestsPerChild 0 </IfModule> <Service name=“Catalina”> <!-- A AJP 1.3 Connector on port 8009 --> <Connector port=“8009” address=“100.101.102.103” enableLookups="false" redirectPort=“8443” debug=“0“ maxThreads=“150” minSpareThreads=“25” protocol=“AJP/1.3”/> <Engine name=“standalone” defaultHost=“localhost” jvmRoute=“host1”> workers.properties worker.host1.type=ajp13 worker.host1.port=8009 worker.host1.host=100.101.102.103 worker.host1.connection_pool_size=25

Clustering with mod_jk Without sticky sessions Session replication exists between Tomcat nodes Sticky sessions No session replication Session replication between domains Force sticky sessions Domain clustering Allows buddy replication Split the nodes into groups Use with large clusters Tomcat cluster does only allow session replication to all nodes in the cluster. Once you work with more than 3-4 nodes there is too much overhead and risk in replicating sessions to all nodes.

mod_jk with Session replication No need for session affinity Requests can be served with any node Tomcat session replication node1 mod_jk worker.cluster.type=lb Session replication worker.node1.type=ajp13 worker.node2.type=ajp13 node2

mod_jk Sticky sessions Session affinity mark JSESSIOND defined as part of spec. <Engine name="jboss.web" defaultHost="localhost" jvmRoute="node1"> node1 JSESSIONID=XXX.node1 mod_jk worker.cluster.type=lb Session replication worker.node1.type=ajp13 worker.node2.type=ajp13 node2

mod_jk Domain clustering Large number of nodes <Engine name=“Standalone" defaultHost="localhost" jvmRoute="domain1"> node1 node2 JSESSIONID=XXX.domain1 mod_jk worker.cluster.type=lb worker.domain1.type=ajp13 node3 node4 worker.domain2.type=ajp13

mod_jk Hot standby In case of failure Takes the load only if all other nodes fail node1 mod_jk worker.cluster.type=lb worker.node1.type=ajp13 worker.node2.disabled=True worker.node2.type=ajp13 node2

Handle high concurrency Use connectionTimeout in AJP/1.3 connector Actually this is KeepAlive timeout Closes inactive connections Firewalls not passing FIN packets Multiple Apache Httpd front ends Use connect_timeout Sends small packet to check the Tomcats availability to serve requests Can be replaced with socket_timeout Use prepost_timeout Needed with connectionTimeout set Detects closed connections by Tomcat

mod_jk Dynamic Configuration Web based management Allows dynamic management VirtualHost limited workers.properties worker.list=jkstatus,... ... worker.jkstatus.type=status httpd.conf <Location /jkstatus/> JkMount jkstatus Order deny,allow Deny from all Allow from 127.0.0.1 </Location>

Using mod_proxy Part of standard Apache httpd distribution No need to build additional module Better integration with other modules (mod_rewrite) Only way to have SSL communication with Tomcat Using mod_ssl Requires custom filter in Tomcat to get the original certificates Requires additional headers for original client certificates Uses http protocol Standard protocol No connection problems

mod_proxy for Apache Httpd 2.2 Rewritten mod_proxy Connection pool capabilities Option to separate MaxThreadsPerChild and connection pool size More protocol AJP 1.3 protocol support mod_proxy_ajp Integrated load balancer mod_proxy_balancer Protocol independent Session affinity support Multiple strategies

mod_proxy Architecture Shared memory runtime data Each child is aware of the connection status Parent process Listener Socket Child process Scoreboard Worker #1 Worker #1 status elected read transferred … Worker #2 Worker #n On the picture you can see the internal mod_proxy architecture. All runtime data is held inside the httpd’s scoreboard or shared memory. This enables to dynamically manage the workers and to collect the runtime data from all the child process. This fixes the common problem with previous mod_proxy causing constant connection delays if the connection to the remote can not be established or is broken. With shared memory the first connection to the remote that fails, will update the worker’s status flag in the shared memory. The consecutive requests on different child processes will in that case skip the useless connection attempts on a already dead node. Child process Worker #2 Worker #1 Worker #n Worker #2 Worker #n

mod_proxy Load balancing Virtual proxy Like any other protocol but prefixed as balancer:// Contains 1 … n protocol workers LoadModule balancer_module modules/mod_proxy_balancer.so <Proxy balancer://cluster> BalancerMember http://remote:port … </Proxy> ProxyPass /examples balancer://cluster/examples

Why Apache Httpd with Tomcat? Pros Can serve static content faster compared to standalone Tomcat. Supports PHP, CGI etc via modules in addition to the ability to route JSP/Servlet requests to tomcat. Can load balance requests between multiple instances of tomcat. Also provide session stickiness. Cons Needs additional effort to setup. Dynamic Content (JSP/Servlets) in a heavy traffic scenario may be a bottleneck, due to the tunnelling that happens between apache and tomcat. Native code tightly coupled to the operating system.

Links Apache Httpd Tomcat Mod_jk Support Google http://httpd.apache.org/ Tomcat http://tomcat.apache.org/ Mod_jk http://tomcat.apache.org/connectors-docs Support Apache Httpd mailing lists http://httpd.apache.org/lists.html Tomcat users mailing list http://tomcat.apache.org/lists.html Google

Q & A

Fronting Tomcat with Apache Httpd was presented to you by Mladen Turk Fronting Tomcat with Apache Httpd was presented to you by

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.