On 31/01/2019 11:45, Vinu Vibhu Sobhana wrote:
> Hai Mark,
>
> For your valid comment please for one more point mentioned in the trail mail..
>
>
> On Tue, Jan 29, 2019 at 4:11 PM Vinu Vibhu Sobhana <vvsv...@gmail.com> wrote:
>>
>> Hai Mark
>>
>> One more small clarity required on the previous reply with respective
>> to the below point.
>>
>> You can use the FarmWarDeployer if you wish but you don't have to.
>> Generally, the right answer here will be driven by how your organisation
>> manages files on servers.
>>
>>>>>> Ok..If Iam having a load-balancer serving 2 tomcat instances configured
>>>>>> with autoDeploy="true" and unpackWARs="false" in their server.xml
>>>>>> respectively, running on two separate VMs. Also, Iam having a common
>>>>>> share such as NFS folder mounted on both servers. This share folder
>>>>>> contains a single folder named prod_webapps which contains all the
>>>>>> required application war files that needs to be deployed on both tomcat
>>>>>> servers.
>>
>> Can I have this prod_webapps folder soft-linked to both
>> tomcat1/webapps folder and tomact2/webapps folder, so that we can have
>> a centralized webapps deployment folder. Is this possible? Will this
>> scenario feasible for Production deployment?
That is likely to be problematic if automatic deployment is enabled.
If you must use softlinks, just soft-link the WAR.
Personally, I would just copy the files.
Mark
>>
>> Thank You
>> Vinu VS
>>
>> On Tue, Jan 29, 2019 at 3:43 PM Mark Thomas <ma...@apache.org> wrote:
>>>
>>> On 29/01/2019 06:56, Vinu Vibhu Sobhana wrote:
>>>> Hai Mark,
>>>>
>>>> Please find my comments on the reply sent earlier as some points are
>>>> still remain unclear.
>>>>
>>>>> I have been assigned a new project that requires a web application to
>>>>> be hosted using Tomcat-Cluster, as it is expected to receive high
>>>>> traffic.
>>>> High traffic may be a justification for load-balancing. It is not a
>>>> justification for session replication.
>>>>
>>>>>>> Since we would be receiving high traffic it was decided to go with
>>>>>>> multiple instances of tomcat using a load-balancer.
>>>>
>>>> Why 2 instances per VM rather than one larger instance per VM?
>>>>>>> So for this point it is understood that it is best that we put only one
>>>>>>> instance per VM (with large hardware resource). Iam I correct. Will the
>>>>>>> same scenario be applicable while using physical machine. ie one Tomcat
>>>>>>> instance per machine. What about the resource limitation (ie. any
>>>>>>> memory allocation pool for a JVM, etc.) required that must be noted.
>>>
>>> The right configuration will depend on the app. Generally, for a well
>>> written app one JVM per VM will be the best choice but only testing will
>>> tell for sure.
>>>
>>>>> Point 1
>>>> Don't use any clustering at all.
>>>>
>>>>>>> This point was not clear at all. Are you suggesting that we configure
>>>>>>> Tomcat instances without cluster and configure the load balancer with
>>>>>>> session management and stickiness features to manage sessions??
>>>
>>> Yes. Don;t use clustering unless you really need it.
>>>
>>>>> Point 2
>>>> N/A since clustering is not required.
>>>>
>>>>>>> If clustering is required for other scenarios, then please comment on
>>>>>>> this point how should we deploy applications using Tomcat Manager App
>>>>>>> on FarmWarDeployer folder
>>>
>>> You can use the FarmWarDeployer if you wish but you don't have to.
>>> Generally, the right answer here will be driven by how your organisation
>>> manages files on servers.
>>>
>>>>> Point 3
>>>> No.
>>>>>>> This means that there is mo method to collect the errors for individual
>>>>>>> domain when VirtualHost element is enabled. If there is any work-around
>>>>>>> please suggest. Also will the catalina.out log contains errors for
>>>>>>> these VirtualHost element?
>>>
>>> There is no workaround.
>>>
>>> A well written application should not be writing anything to catalina.out
>>>
>>>>> Point 8
>>>> Configure the load-balancer to use sticky sessions. You'll need to do
>>>> that anyway if clustering is removed.
>>>>
>>>>>>> With respect to my project specification mentioned in point 8, you have
>>>>>>> suggested to go with a load-balancer serving 2 tomcat instances, each
>>>>>>> running on two separate VMs with enough resources. Moreover, these
>>>>>>> tomcat instances are NOT to be in Clustered State and the session must
>>>>>>> be managed by an external Load-balancer using Stick bit mode enable. Is
>>>>>>> it correct?.
>>>
>>> Yes.
>>>
>>>> Is Tomcat CPU intrinsic or Memory?
>>>
>>> I don't understand the question.
>>>
>>> Mark
>>>
>>>> --
>>>> Thank You
>>>> Vinu VS
>>>>
>>>>
>>>> On Mon, Jan 28, 2019 at 3:00 PM Mark Thomas <ma...@apache.org> wrote:
>>>>>
>>>>> On 28/01/2019 07:25, Vinu Vibhu Sobhana wrote:
>>>>>> Hai
>>>>>>
>>>>>> First of all Iam new to Tomcat-Cluster and hence I apologize if my
>>>>>> doubts are wrong.
>>>>>>
>>>>>> I have been assigned a new project that requires a web application to
>>>>>> be hosted using Tomcat-Cluster, as it is expected to receive high
>>>>>> traffic.
>>>>>
>>>>> High traffic may be a justification for load-balancing. It is not a
>>>>> justification for session replication.
>>>>>
>>>>>> So, I have configured a Tomcat-Cluster with 4 Tomcat
>>>>>> instances (ie 2 - Tomcat instances running on 2 VMs each), where they
>>>>>> shall receive hits its through a load-balancer. As I new to
>>>>>> Tomcat-Cluster, I have to clear some points before approving the
>>>>>> project to go on-line.
>>>>>
>>>>> Why 2 instances per VM rather than one larger instance per VM?
>>>>>
>>>>>>
>>>>>> My queries are :
>>>>>>
>>>>>> 1. The Clustering of Tomcat currently configured is using the Delta
>>>>>> Manger for managing session replications. Is it the correct choice or
>>>>>> should I go for Backup Manger or any third party session management
>>>>>> software such as memcache or redis.
>>>>>
>>>>> Don't use any clustering at all.
>>>>>
>>>>>> 2. While using Tomcat-Cluster, can we use/configure the Tomcat Manager
>>>>>> App to deploy applications on FarmWarDeployer folder or is there any
>>>>>> other method to do so.
>>>>>
>>>>> N/A since clustering is not required.
>>>>>
>>>>>> 3. Virtual Host entry has been implemented for our project domain
>>>>>> "webportal.xyz.in" where only the access logs are getting logged to
>>>>>> "webportal.xyz.in_access_log". Is there any means by which I can
>>>>>> receive the error-logs also for this domain on a separate file.
>>>>>
>>>>> No.
>>>>>
>>>>>> 4. Is there any method to tune/tweak my current server.xml file so
>>>>>> that clustering method can be done globally rather than applying
>>>>>> individually on every Host entry with different ports.
>>>>>
>>>>> No. Each instance needs to be configured individually. You can use
>>>>> templating. With careful configuration you can have a commons server.xml
>>>>> with ${...} property replacement for all the instance specific settings
>>>>> that are then configured in catalina.properties
>>>>>
>>>>>> 5. How to enable SSL for Tomcat-Cluster. Should I need to install SSL
>>>>>> Certificates on all 4 tomcat instances or only on the Load-balancer.
>>>>>
>>>>> Either works. The right solution depends on your security requirements.
>>>>> Note: If you terminate TLS at the load-balancer you need to be very
>>>>> careful to make sure that the Tomcat instances are able to determine
>>>>> which requests were received over TLS and which were not else you are
>>>>> likely to have a bunch of security holes - mainly around cookie/session
>>>>> handling.
>>>>>
>>>>>> 6. What all parameters needs to be checked/considered for tuning the
>>>>>> Tomcat / Tomcat-Cluster instance while hosting any Project on
>>>>>> Production environment.
>>>>>
>>>>> All of them. Each application is unique. There is no "makeItFaster"
>>>>> attribute.
>>>>>
>>>>>> 7. Is there any service reload option present for tomcat, ie. similar
>>>>>> to the one present in apache where the sessions doesn't get
>>>>>> invalidated while tuning/updating the server config files.
>>>>>
>>>>> Yes. It is enabled by default.
>>>>> http://tomcat.apache.org/tomcat-9.0-doc/config/manager.html#Persistence_Across_Restarts
>>>>>
>>>>>> 8. One of the issue noted was that one of the security feature
>>>>>> implemented for this projects stopped working while moving to
>>>>>> Tomcat-Cluster environment.
>>>>>>
>>>>>> Our application uses java spring mvc
>>>>>> "<spring.version>4.3.5.RELEASE</spring.version>,
>>>>>> <spring.security.version>4.2.0.RELEASE</spring.security.version>"
>>>>>> where it is configured to allow only one time login for all users
>>>>>> until their current login session expires or have been invalidated.
>>>>>> ie. if multiple logins are done, only the last login will be active
>>>>>> all the rest gets automatically logged-out. it was implemented for
>>>>>> some customer security reasons. This was working fine while running on
>>>>>> a single Tomcat instance. But while deploying on a Clustered instance
>>>>>> it is not working unless if the same user logs into the same tomcat
>>>>>> instance of the cluster. Is there any solution to this problem or
>>>>>> should the developers needs to reconfigure the application to meets
>>>>>> Tomcat-Clusters concepts.
>>>>>
>>>>> Configure the load-balancer to use sticky sessions. You'll need to do
>>>>> that anyway if clustering is removed.
>>>>>
>>>>> Mark
>>>>>
>>>>>
>>>>>>
>>>>>> Please find the server.xml and context.xml for one of my Tomcat
>>>>>> instances present in Cluster mentioned below.
>>>>>>
>>>>>> server.xml
>>>>>> #############
>>>>>> <?xml version="1.0" encoding="UTF-8"?>
>>>>>> <Server port="8105" shutdown="SHUTDOWN">
>>>>>> <Listener
>>>>>> className="org.apache.catalina.startup.VersionLoggerListener" />
>>>>>> <!-- <Listener
>>>>>> className="org.apache.catalina.core.AprLifecycleListener"
>>>>>> SSLEngine="on" /> -->
>>>>>> <Listener
>>>>>> className="org.apache.catalina.core.JreMemoryLeakPreventionListener"
>>>>>> />
>>>>>> <Listener
>>>>>> className="org.apache.catalina.mbeans.GlobalResourcesLifecycleListener"
>>>>>> />
>>>>>> <Listener
>>>>>> className="org.apache.catalina.core.ThreadLocalLeakPreventionListener"
>>>>>> />
>>>>>> <GlobalNamingResources>
>>>>>> <Resource name="UserDatabase" auth="Container"
>>>>>> type="org.apache.catalina.UserDatabase" description="User database
>>>>>> that can be updated and saved"
>>>>>> factory="org.apache.catalina.users.MemoryUserDatabaseFactory"
>>>>>> pathname="conf/tomcat-users.xml" />
>>>>>> </GlobalNamingResources>
>>>>>> <Service name="Catalina">
>>>>>> <Connector port="8080" protocol="HTTP/1.1"
>>>>>> connectionTimeout="20000" />
>>>>>> <Connector port="8109" protocol="AJP/1.3" />
>>>>>> <Engine name="Catalina" defaultHost="localhost" jvmRoute="jvm1">
>>>>>> <Realm className="org.apache.catalina.realm.LockOutRealm">
>>>>>> <Realm
>>>>>> className="org.apache.catalina.realm.UserDatabaseRealm"
>>>>>> resourceName="UserDatabase" />
>>>>>> </Realm>
>>>>>> <Host name="localhost" appBase="webapps" unpackWARs="true"
>>>>>> autoDeploy="true">
>>>>>> <!--##################################################
>>>>>> LOCALHOST TOMCAT CLUSTERED BEGIN
>>>>>> ########################################### -->
>>>>>> <Cluster
>>>>>> className="org.apache.catalina.ha.tcp.SimpleTcpCluster"
>>>>>> channelSendOptions="4" channelStartOptions="3">
>>>>>> <Channel
>>>>>> className="org.apache.catalina.tribes.group.GroupChannel">
>>>>>> <Receiver
>>>>>> className="org.apache.catalina.tribes.transport.nio.NioReceiver"
>>>>>> address="web1.xyz.in" port="4000" autoBind="9" selectorTimeout="5000"
>>>>>> maxThreads="6" />
>>>>>> <Sender
>>>>>> className="org.apache.catalina.tribes.transport.ReplicationTransmitter">
>>>>>> <Transport
>>>>>> className="org.apache.catalina.tribes.transport.nio.PooledParallelSender"
>>>>>> />
>>>>>> </Sender>
>>>>>> <Interceptor
>>>>>> className="org.apache.catalina.tribes.group.interceptors.TcpPingInterceptor"
>>>>>> />
>>>>>> <Interceptor
>>>>>> className="org.apache.catalina.tribes.group.interceptors.TcpFailureDetector"
>>>>>> />
>>>>>> <Interceptor
>>>>>> className="org.apache.catalina.tribes.group.interceptors.MessageDispatchInterceptor"
>>>>>> />
>>>>>> <Interceptor
>>>>>> className="org.apache.catalina.tribes.group.interceptors.StaticMembershipInterceptor">
>>>>>> <Member
>>>>>> className="org.apache.catalina.tribes.membership.StaticMember"
>>>>>> port="4001" securePort="-1" host="web1.xyz.in" domain="local-cluster"
>>>>>> uniqueId="{2,3,4,5,6,7,8,9,10,11,12,13,14,15,0,1}" />
>>>>>> <Member
>>>>>> className="org.apache.catalina.tribes.membership.StaticMember"
>>>>>> port="4000" securePort="-1" host="web2.xyz.in" domain="local-cluster"
>>>>>> uniqueId="{2,3,4,5,6,7,8,9,10,11,12,13,14,15,0,1}" />
>>>>>> <Member
>>>>>> className="org.apache.catalina.tribes.membership.StaticMember"
>>>>>> port="4001" securePort="-1" host="web2.xyz.in" domain="local-cluster"
>>>>>> uniqueId="{2,3,4,5,6,7,8,9,10,11,12,13,14,15,0,1}" />
>>>>>> </Interceptor>
>>>>>> </Channel>
>>>>>> <Valve
>>>>>> className="org.apache.catalina.ha.tcp.ReplicationValve" filter="" />
>>>>>> <Valve
>>>>>> className="org.apache.catalina.ha.session.JvmRouteBinderValve" />
>>>>>> <ClusterListener
>>>>>> className="org.apache.catalina.ha.session.ClusterSessionListener" />
>>>>>> <Deployer
>>>>>> className="org.apache.catalina.ha.deploy.FarmWarDeployer"
>>>>>> tempDir="/usr/local/tomcat-cluster/tomcat1/temp/"
>>>>>> deployDir="/usr/local/tomcat-cluster/tomcat1/webapps/"
>>>>>> watchDir="/usr/local/tomcat-cluster/tomcat1/watchdir/"
>>>>>> watchEnabled="true" />
>>>>>> </Cluster>
>>>>>> <!--##################################################
>>>>>> LOCALHOST TOMCAT CLUSTERED END
>>>>>> ########################################### -->
>>>>>> <Valve
>>>>>> className="org.apache.catalina.valves.AccessLogValve" directory="logs"
>>>>>> prefix="localhost_access_log" suffix=".txt" pattern="%h %l %u %t
>>>>>> &quot;%r&quot; %s %b" />
>>>>>> </Host>
>>>>>>
>>>>>> <Host name="webportal.xyz.in" appBase="webportal_webapps"
>>>>>> unpackWARs="true" autoDeploy="true">
>>>>>> <Alias>www.webportal.xyz.in</Alias>
>>>>>> <!--##################################################
>>>>>> webportal.xyz.in TOMCAT CLUSTERED BEGIN
>>>>>> ########################################### -->
>>>>>> <Cluster
>>>>>> className="org.apache.catalina.ha.tcp.SimpleTcpCluster"
>>>>>> channelSendOptions="4" channelStartOptions="3">
>>>>>> <Channel
>>>>>> className="org.apache.catalina.tribes.group.GroupChannel">
>>>>>> <Receiver
>>>>>> className="org.apache.catalina.tribes.transport.nio.NioReceiver"
>>>>>> address="web1.xyz.in" port="5000" autoBind="9" selectorTimeout="5000"
>>>>>> maxThreads="6" />
>>>>>> <Sender
>>>>>> className="org.apache.catalina.tribes.transport.ReplicationTransmitter">
>>>>>> <Transport
>>>>>> className="org.apache.catalina.tribes.transport.nio.PooledParallelSender"
>>>>>> />
>>>>>> </Sender>
>>>>>> <Interceptor
>>>>>> className="org.apache.catalina.tribes.group.interceptors.TcpPingInterceptor"
>>>>>> />
>>>>>> <Interceptor
>>>>>> className="org.apache.catalina.tribes.group.interceptors.TcpFailureDetector"
>>>>>> />
>>>>>> <Interceptor
>>>>>> className="org.apache.catalina.tribes.group.interceptors.MessageDispatchInterceptor"
>>>>>> />
>>>>>> <Interceptor
>>>>>> className="org.apache.catalina.tribes.group.interceptors.StaticMembershipInterceptor">
>>>>>> <Member
>>>>>> className="org.apache.catalina.tribes.membership.StaticMember"
>>>>>> port="5001" securePort="-1" host="web1.xyz.in" domain="web-cluster"
>>>>>> uniqueId="{2,3,4,5,6,7,8,9,10,11,12,13,14,15,0,1}" />
>>>>>> <Member
>>>>>> className="org.apache.catalina.tribes.membership.StaticMember"
>>>>>> port="5000" securePort="-1" host="web2.xyz.in" domain="web-cluster"
>>>>>> uniqueId="{2,3,4,5,6,7,8,9,10,11,12,13,14,15,0,1}" />
>>>>>> <Member
>>>>>> className="org.apache.catalina.tribes.membership.StaticMember"
>>>>>> port="5001" securePort="-1" host="web2.xyz.in" domain="web-cluster"
>>>>>> uniqueId="{2,3,4,5,6,7,8,9,10,11,12,13,14,15,0,1}" />
>>>>>> </Interceptor>
>>>>>> </Channel>
>>>>>> <Valve
>>>>>> className="org.apache.catalina.ha.tcp.ReplicationValve" filter="" />
>>>>>> <Valve
>>>>>> className="org.apache.catalina.ha.session.JvmRouteBinderValve" />
>>>>>> <ClusterListener
>>>>>> className="org.apache.catalina.ha.session.ClusterSessionListener" />
>>>>>> <Deployer
>>>>>> className="org.apache.catalina.ha.deploy.FarmWarDeployer"
>>>>>> tempDir="/usr/local/tomcat-cluster/tomcat1/temp/"
>>>>>> deployDir="/usr/local/tomcat-cluster/tomcat1/webportal_webapps/"
>>>>>> watchDir="/usr/local/tomcat-cluster/tomcat1/webportal_webapps_watchdir/"
>>>>>> watchEnabled="true" />
>>>>>> </Cluster>
>>>>>> <!--##################################################
>>>>>> webportal.xyz.in TOMCAT CLUSTERED END
>>>>>> ########################################### -->
>>>>>> <Valve
>>>>>> className="org.apache.catalina.valves.AccessLogValve" directory="logs"
>>>>>> prefix="webportal.xyz.in_access_log" suffix=".txt" pattern="%h %l %u
>>>>>> %t &quot;%r&quot; %s %b" />
>>>>>> </Host>
>>>>>> </Engine>
>>>>>> </Service>
>>>>>> </Server>
>>>>>> #############
>>>>>>
>>>>>> context.xml
>>>>>> #############
>>>>>> <?xml version="1.0" encoding="UTF-8"?>
>>>>>> <Context>
>>>>>> <WatchedResource>WEB-INF/web.xml</WatchedResource>
>>>>>> <WatchedResource>${catalina.base}/conf/web.xml</WatchedResource>
>>>>>> <Manager className="org.apache.catalina.ha.session.DeltaManager"
>>>>>> expireSessionsOnShutdown="false"
>>>>>> notifyListenersOnReplication="true"/>
>>>>>> </Context>
>>>>>> #############
>>>>>>
>>>>>
>>>>>
>>>>> ---------------------------------------------------------------------
>>>>> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
>>>>> For additional commands, e-mail: users-h...@tomcat.apache.org
>>>>>
>>>>
>>>>
>>>
>>>
>>> ---------------------------------------------------------------------
>>> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
>>> For additional commands, e-mail: users-h...@tomcat.apache.org
>>>
>>
>>
>> --
>> Thank You
>>
>> Best regards
>> Vinu Vibhu Sobhana
>>
>> Disclaimer: This e-mail and any files transmitted with it are intended
>> for the named addresses only and may contain privileged and
>> confidential information. If you have received this e-mail in error,
>> please notify the sender by e-mail reply immediately and delete it
>> from your system. You may not copy this message and its attachments or
>> disclose its contents to any other person, use it for any purpose or
>> store it by any means. Any form of reproduction, dissemination,
>> copying, disclosure, modification, distribution and / or publication
>> of this message without the prior written consent of the author of
>> this e-mail is strictly prohibited. Although this e-mail and its
>> attachments are believed to be free from virus, it is the
>> responsibility of the recipient to ensure that they are virus free.
>
>
>
> --
> Thank You
>
> Best regards
> Vinu Vibhu Sobhana
>
> Disclaimer: This e-mail and any files transmitted with it are intended
> for the named addresses only and may contain privileged and
> confidential information. If you have received this e-mail in error,
> please notify the sender by e-mail reply immediately and delete it
> from your system. You may not copy this message and its attachments or
> disclose its contents to any other person, use it for any purpose or
> store it by any means. Any form of reproduction, dissemination,
> copying, disclosure, modification, distribution and / or publication
> of this message without the prior written consent of the author of
> this e-mail is strictly prohibited. Although this e-mail and its
> attachments are believed to be free from virus, it is the
> responsibility of the recipient to ensure that they are virus free.
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: users-h...@tomcat.apache.org
>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
