[Resin-interest] Watchdog loglevel
Hi We're running Resin 3.1.11 (soon to be 3.1.12 in the next servicewindow) in our production environment, and a few days ago we had an app that was restarted several times by the watchdog - with no apparent reason. The watchdog-log contains this: [2013/02/08 11:17:46.478] WatchdogProcess[Watchdog[results],1] stopping Resin [2013/02/08 11:17:46.478] WatchdogProcess[Watchdog[results],2] starting Resin [2013/02/08 11:20:37.256] WatchdogProcess[Watchdog[results],2] stopping Resin [2013/02/08 11:20:37.256] WatchdogProcess[Watchdog[results],3] starting Resin [2013/02/08 11:23:24.221] WatchdogProcess[Watchdog[results],3] stopping Resin [2013/02/08 11:23:24.221] WatchdogProcess[Watchdog[results],4] starting Resin There was a lot of regular and normal activity in our apps stdout-log before and inbetween all the restarts, but nothing that - in our opinion - should cause a restart by the watchdog. The JVM log has no mention of problems (performing CMS and young generation GC as expected) and load on the server was also low - no automatic stacktraces were taken. We have been running with the same resin configuration, app codebase and OS software-stack for a long time, so we are quite baffeled, as this struck us as lightning from a clear sky. Is there any way of getting more verbose output about the watchdog and what it decides to do? We tried setting logger name=com.caucho level=fine/ and restarting Resin completely (not just a restart of the JVM), but that did not seem to help. Regards, Jens Dueholm Christensen Survey IT ___ resin-interest mailing list resin-interest@caucho.com http://maillist.caucho.com/mailman/listinfo/resin-interest
Re: [Resin-interest] Watchdog loglevel
On 2/12/13 1:50 AM, Jens Dueholm Christensen wrote: Hi We're running Resin 3.1.11 (soon to be 3.1.12 in the next servicewindow) in our production environment, and a few days ago we had an app that was restarted several times by the watchdog -- with no apparent reason. The watchdog-log contains this: [2013/02/08 11:17:46.478] WatchdogProcess[Watchdog[results],1] stopping Resin [2013/02/08 11:17:46.478] WatchdogProcess[Watchdog[results],2] starting Resin [2013/02/08 11:20:37.256] WatchdogProcess[Watchdog[results],2] stopping Resin [2013/02/08 11:20:37.256] WatchdogProcess[Watchdog[results],3] starting Resin [2013/02/08 11:23:24.221] WatchdogProcess[Watchdog[results],3] stopping Resin [2013/02/08 11:23:24.221] WatchdogProcess[Watchdog[results],4] starting Resin There was a lot of regular and normal activity in our apps stdout-log before and inbetween all the restarts, but nothing that -- in our opinion -- should cause a restart by the watchdog. The JVM log has no mention of problems (performing CMS and young generation GC as expected) and load on the server was also low -- no automatic stacktraces were taken. Well, remember that the watchdog itself doesn't normally shutdown Resin on errors. Resin exits itself and the watchdog just starts a new instance. (Resin 4.0 communicates the reason better to the watchdog through exit codes.) So the problem is in the Resin instance itself. Are there hs_err* files or something similar? -- Scott We have been running with the same resin configuration, app codebase and OS software-stack for a long time, so we are quite baffeled, as this struck us as lightning from a clear sky. Is there any way of getting more verbose output about the watchdog and what it decides to do? We tried setting logger name=com.caucho level=fine/ and restarting Resin completely (not just a restart of the JVM), but that did not seem to help. Regards, *Jens Dueholm Christensen *Survey IT ___ resin-interest mailing list resin-interest@caucho.com http://maillist.caucho.com/mailman/listinfo/resin-interest ___ resin-interest mailing list resin-interest@caucho.com http://maillist.caucho.com/mailman/listinfo/resin-interest
[Resin-interest] which version of ActiveMQ works with Resin 3.1?
Hello, I was wondering if anyone has tried the latest version of ActiveMQ 5.x with Resin 3.1? Does Resin support only a particular version of ActiveMQ or will any version of ActiveMQ work with any version of Resin? Thank you, Sadhana -- View this message in context: http://old.nabble.com/which-version-of-ActiveMQ-works-with-Resin-3.1--tp35015859p35015859.html Sent from the Resin mailing list archive at Nabble.com. ___ resin-interest mailing list resin-interest@caucho.com http://maillist.caucho.com/mailman/listinfo/resin-interest
Re: [Resin-interest] which version of ActiveMQ works with Resin 3.1?
On 2/12/13 1:07 PM, Sadhana Jain wrote: Hello, I was wondering if anyone has tried the latest version of ActiveMQ 5.x with Resin 3.1? Does Resin support only a particular version of ActiveMQ or will any version of ActiveMQ work with any version of Resin? There shouldn't be a version dependency, particularly if you use the non-JCA version. -- Scott Thank you, Sadhana ___ resin-interest mailing list resin-interest@caucho.com http://maillist.caucho.com/mailman/listinfo/resin-interest
Re: [Resin-interest] BEAST SSL Attack
On a whim we looked to see if there was a new snapshot, and there was, so we tried it. Looks like the honor-cipher-code addition is working great. We were able to get it to show that we are compliant - so we will be doing more internal testing to make sure the snapshot is stable enough and then we will roll it out. Thanks a bunch! Aaron From: resin-interest-boun...@caucho.com [mailto:resin-interest-boun...@caucho.com] On Behalf Of Aaron Freeman Sent: Friday, January 18, 2013 10:09 AM To: 'General Discussion for the Resin application server' Subject: Re: [Resin-interest] BEAST SSL Attack OK, just keep us posted. Thanks, Aaron From: resin-interest-boun...@caucho.com [mailto:resin-interest-boun...@caucho.com] On Behalf Of Paul Cowan Sent: Friday, January 18, 2013 10:01 AM To: General Discussion for the Resin application server Subject: Re: [Resin-interest] BEAST SSL Attack On Jan 18, 2013, at 10:18 AM, Aaron Freeman aaron.free...@layerz.com wrote: We're getting scanned today. Any hope on this? I just tested that Resin snapshot - the honor-cipher-order is not in that jar. I think there was a mistake in the SCM checkin or Scott may have built the archive to soon. We'll try to put up a new snapshot today/soon, but I'm not certain it's possible with various other bug fixes in progress. Thanks, Paul Thanks, Aaron From: mailto:resin-interest-boun...@caucho.com resin-interest-boun...@caucho.com [mailto:resin- mailto:interest-boun...@caucho.com interest-boun...@caucho.com] On Behalf Of Aaron Freeman Sent: Monday, January 14, 2013 2:01 PM To: 'General Discussion for the Resin application server' Subject: Re: [Resin-interest] BEAST SSL Attack Still needing a little assistance on this one. Thanks, Aaron From: mailto:resin-interest-boun...@caucho.com resin-interest-boun...@caucho.com [mailto:resin- mailto:interest-boun...@caucho.com interest-boun...@caucho.com] On Behalf Of Aaron Freeman Sent: Thursday, January 10, 2013 2:12 PM To: 'General Discussion for the Resin application server' Subject: Re: [Resin-interest] BEAST SSL Attack Hmm, we were able to swap out jsse for openssl and get that working without any issues using the snapshot you recommend below. However when we add honor-cipher-order under the openssl node, we get this error: [root@alpha bin]# ./www.sh start /opt/sendthisfile/server/conf/www.xml:80: honor-cipher-order is an unexpected tag (parent openssl starts at 75). 78: passwordpassword/password 79: cipher-suite!aNULL:!eNULL:!EXPORT:!DSS:!DES:RC4-SHA:RC4-MD5:ALL/cipher-su ite 80: honor-cipher-ordertrue/honor-cipher-order 81: /openssl 82: /http openssl syntax: ( (@ca-certificate-file | ca-certificate-file)? (@ca-certificate-path | ca-certificate-path)? (@ca-revocation-file | ca-revocation-file)? (@ca-revocation-path | ca-revocation-path)? (@certificate-file | certificate-file) (@certificate-chain-file | certificate-chain-file)? (@certificate-key-file | certificate-key-file)? (@cipher-suite | cipher-suite)? (@crypto-device | crypto-device)? (@password | password) (@protocol | protocol)? (@session-cache | session-cache)? (@session-cache-timeout | session-cache-timeout)? (@unclean-shutdown | unclean-shutdown)? (@verify-client | verify-client)? (@verify-depth | verify-depth)?) From the configuration, this is the version of OpenSSL we are on: OPENSSL : OpenSSL 0.9.8e-fips-rhel5 01 Jul 2008 include : /usr/include lib : libraries : -lssl -lcrypto Any ideas? Thanks, Aaron ___ resin-interest mailing list resin-interest@caucho.com http://maillist.caucho.com/mailman/listinfo/resin-interest