Hi Mark,
Thanks for your reply, here I'm attaching server.xml file in this email.
actually we are running MHA for mysql where we can spin up new db server
and add to the cluster or change the IP of db server without impacting
end user. our application is running on both tomcat and jboss we switch
whenever we want, Recently we have noticed that when we replaced the db
server, jboss is able to detect the dns change and sends connection
requests to new IP where as tomcat sending connection requests to the old
IP and throws tons of error.
Since we can't test this in real time in prod, we were able to replicate
this test env.
tried with simple java program where it polls the host name while I'm
changing the IP address of the server in DNS. I'm able to see the new IP
address imminently when I change that IP in DNS. this confirms that java
security setting looks fine, the same in-house application works in jboss
when we change the IP of DB server but tomcat behaving differently. I ran
out of options to figure out where is the problem.
Thanks
Niranjan
On Tue, Jun 14, 2016 at 4:04 AM, Mark Thomas <ma...@apache.org> wrote:
> On 13/06/2016 19:21, Niranjan Babu Bommu wrote:
> > Hi All,
> >
> > I have an issue with tomcat dns cache ttl,
>
> That simply is not possible. Tomcat doesn't cache DNS entries.
>
> > where if I change the IP address
> > of the database, tomcat still sending connection requests to an old IP
> > until I restart tomcat,
>
> Now that sounds like a better start to the problem description. You are
> going to need to expand on that. A lot.
>
> Tomcat doesn't use a database by default so is this really a Tomcat
> issue or an application issue? How is the database configured? Is
> connection pooling being used? How are you confirming connection
> requests are being directed to the old IP address? Define "restart Tomcat".
>
> Mark
>
> > this is not the case with Jboss. I verified in java
> > security, this what we have in java.
> >
> > #networkaddress.cache.ttl=-1
> >
> > since this property has been disabled, by default ttl will be 30 sec,
> jboss
> > 7 is respecting this value, but not tomcat.
> >
> > so far I have tried these things in tomcat.
> >
> > https://bz.apache.org/bugzilla/show_bug.cgi?id=33226
> >
> > neither of these settings is not working in tomcat
> >
> > -Dnetworkaddress.cache.ttl=0 or -Dsun.net.inetaddr.ttl=0
> >
> >
> > java version "1.7.0_60"
> > tomcat-7.0.56
> > os centos 6.
> >
> > can someone please help me out to fix this issue
> >
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: users-h...@tomcat.apache.org
>
>
--
*Thanks*
*Niranjan*
*+1 781.956.6900*
<?xml version='1.0' encoding='utf-8'?>
<!--
Licensed to the Apache Software Foundation (ASF) under one or more
contributor license agreements. See the NOTICE file distributed with
this work for additional information regarding copyright ownership.
The ASF licenses this file to You under the Apache License, Version 2.0
(the "License"); you may not use this file except in compliance with
the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
-->
<!-- Note: A "Server" is not itself a "Container", so you may not
define subcomponents such as "Valves" at this level.
Documentation at /docs/config/server.html
-->
<Server port="8005" address="10.192.100.145" shutdown="SHUTDOWN">
<!-- Security listener. Documentation at /docs/config/listeners.html
<Listener className="org.apache.catalina.security.SecurityListener" />
-->
<!--APR library loader. Documentation at /docs/apr.html -->
<Listener className="org.apache.catalina.core.AprLifecycleListener" SSLEngine="on" />
<!--Initialize Jasper prior to webapps are loaded. Documentation at /docs/jasper-howto.html -->
<Listener className="org.apache.catalina.core.JasperListener" />
<!-- Prevent memory leaks due to use of particular java/javax APIs-->
<Listener className="org.apache.catalina.core.JreMemoryLeakPreventionListener" />
<Listener className="org.apache.catalina.mbeans.GlobalResourcesLifecycleListener" />
<Listener className="org.apache.catalina.core.ThreadLocalLeakPreventionListener" />
<!-- Global JNDI resources
Documentation at /docs/jndi-resources-howto.html
-->
<GlobalNamingResources>
<!-- Editable user database that can also be used by
UserDatabaseRealm to authenticate users
-->
<Resource name="UserDatabase" auth="Container"
type="org.apache.catalina.UserDatabase"
description="User database that can be updated and saved"
factory="org.apache.catalina.users.MemoryUserDatabaseFactory"
pathname="conf/tomcat-users.xml" />
<Resource name="jdbc/DS"
auth="Container"
type="javax.sql.DataSource"
factory="org.apache.tomcat.jdbc.pool.DataSourceFactory"
testWhileIdle="true"
testOnBorrow="true"
testOnReturn="false"
validationQuery="SELECT 1"
validationInterval="30000"
timeBetweenEvictionRunsMillis="30000"
maxActive="100"
minIdle="10"
maxWait="10000"
initialSize="10"
removeAbandonedTimeout="60"
removeAbandoned="true"
logAbandoned="true"
minEvictableIdleTimeMillis="300000"
jmxEnabled="true"
jdbcInterceptors="ConnectionState;StatementFinalizer;ResetAbandonedTimer"
username="db1"
password="db1"
driverClassName="com.mysql.jdbc.Driver"
url="jdbc:mysql://db1.local/db1?useServerPrepStmts=false&useOldAliasMetadataBehavior=true"/>
</GlobalNamingResources>
<!-- A "Service" is a collection of one or more "Connectors" that share
a single "Container" Note: A "Service" is not itself a "Container",
so you may not define subcomponents such as "Valves" at this level.
Documentation at /docs/config/service.html
-->
<Service name="Catalina">
<!--The connectors can use a shared executor, you can define one or more named thread pools-->
<!--
<Executor name="tomcatThreadPool" namePrefix="catalina-exec-"
maxThreads="150" minSpareThreads="4"/>
-->
<Executor name="cThreadPool" namePrefix="catalina-exec-"
maxThreads="650"
minSpareThreads="50"
maxIdleTime="60000"/>
<!-- A "Connector" represents an endpoint by which requests are received
and responses are returned. Documentation at :
Java HTTP Connector: /docs/config/http.html (blocking & non-blocking)
Java AJP Connector: /docs/config/ajp.html
APR (HTTP/AJP) Connector: /docs/apr.html
Define a non-SSL HTTP/1.1 Connector on port 8080
-->
<Connector port="8080" protocol="HTTP/1.1"
address="10.192.100.145"
executor="cThreadPool"
connectionTimeout="20000"
redirectPort="8443"
server="Apache" />
<!-- A "Connector" using the shared thread pool-->
<!--
<Connector executor="tomcatThreadPool"
port="8080" protocol="HTTP/1.1"
connectionTimeout="20000"
redirectPort="8443" />
-->
<!-- Define a SSL HTTP/1.1 Connector on port 8443
This connector uses the JSSE configuration, when using APR, the
connector should be using the OpenSSL style configuration
described in the APR documentation -->
<Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true"
address="10.192.100.145"
executor="cThreadPool" scheme="https" secure="true"
keystoreFile="/deploy/webapp/conf/keystore"
keystorePass="letmein1"
sslProtocol="TLSv1"
server="Apache" />
<!-- An Engine represents the entry point (within Catalina) that processes
every request. The Engine implementation for Tomcat stand alone
analyzes the HTTP headers included with the request, and passes them
on to the appropriate Host (virtual host).
Documentation at /docs/config/engine.html -->
<!-- You should set jvmRoute to support load-balancing via AJP ie :
<Engine name="Catalina" defaultHost="localhost" jvmRoute="jvm1">
-->
<Engine name="Catalina" defaultHost="localhost" jvmRoute="uat1">
<!--For clustering, please take a look at documentation at:
/docs/cluster-howto.html (simple how to)
/docs/config/cluster.html (reference documentation) -->
<!--
<Cluster className="org.apache.catalina.ha.tcp.SimpleTcpCluster"/>
-->
<!-- Use the LockOutRealm to prevent attempts to guess user passwords
via a brute-force attack -->
<Realm className="org.apache.catalina.realm.LockOutRealm">
<!-- This Realm uses the UserDatabase configured in the global JNDI
resources under the key "UserDatabase". Any edits
that are performed against this UserDatabase are immediately
available for use by the Realm. -->
<Realm className="org.apache.catalina.realm.UserDatabaseRealm"
resourceName="UserDatabase"/>
</Realm>
<Host name="localhost" appBase="webapps"
unpackWARs="true" autoDeploy="true" copyXML="true">
<!-- SingleSignOn valve, share authentication between web applications
Documentation at: /docs/config/valve.html -->
<!--
<Valve className="org.apache.catalina.authenticator.SingleSignOn" />
-->
<!-- Access log processes all example.
Documentation at: /docs/config/valve.html
Note: The pattern used is equivalent to using pattern="common" -->
<Valve className="org.apache.catalina.valves.AccessLogValve" directory="logs"
prefix="localhost_access_log." suffix=".txt"
pattern="%h %l %u %t "%r" %s %b" />
<Context path="" allowLinking="true">
<ResourceLink name="jdbc/DS"
global="jdbc/DS"
auth="Container"
type="javax.sql.DataSource" />
</Context>
</Host>
</Engine>
</Service>
</Server>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
