Am 05.09.2011 15:18, schrieb Marvin Addison:
Seems like a good day for a holy war. A good holy war always starts
out with a controversial if not inflammatory statement or claim:
Tomcat alone is sufficient as an enterprise servlet container and
nothing further is needed for an adequate HA solution in most cases.
Perhaps more controversial is an unstated implication: Apache httpd
has _no_ place in most enterprise HA setups for serving Spring-based
Web applications like CAS.
+1
With the following 3 conditions:
- Tomcat native libs available (ssl perfomance like apache and simply
faster all around)
- A dedicated subdomain for cas. Not just for cookie security but also
for simplicity (no rewrite or something necessary)
- A modern linux that allows a user process (tomcat user) to bind below
port 1024 without running as root
= superior performance per request (latency) with minimal resources
necessary.
This point of view is relevant for CAS users since I'm planning to
discuss system architecture generally and servlet container
configuration specifically as part of a chapter on HA considerations
for the new CAS User Manual. I plan to make the above statement a
thesis of the discussion.
I would really support this thesis since it goes back to one of the
theorems of HA: Use less components that can break.
I would even go so far as to recommend a simple hot(cold) standby and no
clustering at all. Clustering is pretty hip these days but i would
really opt for a solid hot standby especially if you are no pro around
clustering apps. Maybe a share session storage like JPA or even risk
drop a session once in a while (in Memory tickets). For most people
simplicity is the key to HA. This also allows easier development, actual
failover testing! and updates. But thats just me ;)
I'm hopeful the above statement is provocative enough to stimulate
some discussion on the matter; I'm particularly eager for dissenting
opinions. I would be especially grateful if you could back up you
opinions with analysis and/or data.
Sorry but no dissent from me. :(
I have run a big cas environment (JPA backend) with as little 128MB
given to tomcat and no problems. The performance is just amazing without
anything in front but i have no more numbers i could throw around.
The only time the machine actually broke a sweat was when a rogue cas
client made all kinds of clients do a sustained 2000
(login+validations)/s DoS attack by accident on the server. (one vmware
debian 1 core 1GB ram) The server survived but was just slow until we
noticed the massive peak on the mrtg graph. No throtteling was available
back then :(
Regards,
Joachim
--
You are currently subscribed to [email protected] as:
[email protected]
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
