-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Bill,
This is fun. On 6/13/2011 3:58 PM, Bill Miller wrote: >>> Enlighten me: what is "the" reason that this is common practice? > > The most obvious reason for having HTTP server in front of an > Application Server (Tomcat) is that there are many things that you > can do at/in the HTTP server that you don't have available to you > inside Tomcat. Fair enough, but you shouldn't just throw httpd in the mix because those features are available. You should only turn to Apache httpd when you actually need one of those features. I'm just suggesting that httpd/Tomcat as a "standard setup" is a thing of the past. Sure, lots of people do it, but lots of those people shouldn't be doing it. > Things like: > -Caching > -Proxy > -Load balancing > -Static image serving (much more economical because the HTTP server > is much lighter "weight" than a JVM/App server) Really? What benchmarking have you done? Because I have benchmarked httpd against Tomcat's NIO and APR connectors and I can tell you that Tomcat scales just as well (better under certain conditions). Why shouldn't it? It's the same code in the case of APR. Here's my data and writeup: http://people.apache.org/~schultz/ApacheCon%20NA%202010/ > -etc... Wait, there's /more/? You must be right, then. > The most common/safest configuration is the HTTP server being > directly available to the internet and the Application Servers being hidden > behind firewalls with only 1 port per IP address forwarded through the > firewall. The safest usable configuration has the application servers not directly accessible from the Internet, or any other dangerous place. There's no reason that a full-blown http server has to be in between them. Load balancers, proxies, etc. are all other options that are equally viable. > Also if you want to do clustering with failover or sequential updates > it is better to have something in front of the actual application > server that doesn't need to be changed much. Agreed, but there's no reason for that thing to be httpd. > HTTP servers are also much more efficient at processing HTTP > connections and HTTPS traffic than Application Servers. References, please? You do know that the APR connector runs the same code as Apache httpd, right? Note that I didn't benchmark HTTPS speeds for the above presentation, though my expectation is that JSSE will be easily out-performed by both Apache httpd and Tomcat/APR, unless some JSSE-friendly hardware SSL acceleration is available (which would presumably be usable by OpenSSL, anyway, probably giving the slight edge back to httpd/APR/OpenSSL). > Besides, if you want an outage message, where would you serve that > from if not from an HTTP server? Load balancer, proxy, etc. You don't have to use Apache httpd + mod_jk or whatever just to get a "down" page showing when you are having an outage. - -chris -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAk32i60ACgkQ9CaO5/Lv0PAuhwCgwW2eeB/PgcDUSTLWwQAcV5bm usQAnj9NeFpA80ZrFXrtQGNCI1l5g47u =/2yD -----END PGP SIGNATURE----- --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org