(Sorry didn't mean to send please check this email for additional info) So.. Thank you for those help me understand the NIO vs BIO in tomcat 7.. I made those changes things have improved quite a bit. I am still experiencing some weirdness that I have tried to understand but can't get a handle on it.
Quick overview.. --Proxies-- Apache Proxies (2) - The end user terminates SSL at the proxy/edge The proxies use HTTPS/SSL to reverse proxy back to the tomcat server. --/Proxies-- PXY1 & 2 configs for prefork mode. <IfModule prefork.c> StartServers 30 MinSpareServers 15 MaxSpareServers 30 ServerLimit 400 MaxClients 400 MaxRequestsPerChild 4000 </IfModule> --Tomcat server-- (1) Apache terminates SSL over the top of Tomcat on the same server. Reverse proxies to the tomcat server using NIO AJP connectors. --/Tomcat server-- Tomcat apache prefork mode config: <IfModule prefork.c> StartServers 8 MinSpareServers 5 MaxSpareServers 20 ServerLimit 800 MaxClients 800 MaxRequestsPerChild 4000 </IfModule> Typical vhost config for a given tenant would look like this.. <someuser.conf> <VirtualHost 10.10.10.26:443> ServerAdmin ad...@company.com ServerName somewhere.somedomain.com ProxyPass / ajp://localhost:8126/ retry=3 DirectoryIndex index.php index.html index.htm # if not specified, the global error log is used ErrorLog "|/usr/sbin/rotatelogs /home/someuser/website/logs/ somewhere.somedomain.com-error_log_%Y%m%d 86400" CustomLog "|/usr/sbin/rotatelogs /home/someuser/website/logs/ somewhere.somedomain.com-access_log_%Y%m%d 86400" combined # log IP addresses HostnameLookups Off UseCanonicalName Off ServerSignature off SSLEngine on SSLCertificateFile /etc/ssl/ssl.crt/somewhere.somedomain.com.crt # Server Private Key: SSLCertificateKeyFile /etc/ssl/ssl.key/somewhere.somedomain.com.key SSLCertificateChainFile /etc/ssl/ssl.crt/somewhere. somedomain-chain.com.crt </VirtualHost> </someuser.conf> Typical tomcat connector thread config : <Connector port="8126" protocol="org.apache.coyote.ajp.AjpNioProtocol" redirectPort="8443" maxThreads="300" /> We are operating a multi-tenant environment. As of right now, we have somewhere around 20 tomcat instances on a large machine of which only a handful are "busy". It used to be that when any one of them experienced a blocking issue. Every one of them went down. All of their AJP connector threads would rise until the system because tomcat was unresponsive. So far that appears for the most part to be addressed... However... When an issue is experienced. The site(s) experiencing the issue(s) going down doesn't seem to bring down any of the other sites. (w00t! w00t!) But the httpd connections for each site all still climb together. (Please see attached graph) Again no outage is experienced buy as demonstrated by the graph attached to this message. That graph is from zabbix using a custom metric that checks every 3 mins.. It does the following for each virtual host / tomcat instances For user25 : UserParameter=somewebsite.constats,sudo -tt /bin/netstat -ntp | grep EST | grep httpd | grep ':8125' | wc -l UserParameter=somewebsite2.constats,sudo -tt /bin/netstat -ntp | grep EST | grep httpd | grep ':8126' | wc -l So there is virtually no way they can be getting mixed up. Not to mention that there are a few that do not experience a rise in connections. Thoughts? Anyone? Thanks in advance.
--------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org