Category Archives: apache

Tomcat loadbalance using mod_jk part-2

How to maintain session in tomcat with load balance?
We alredy seen that how to implement load balance with tomcat.
In this process there is a problem that tomcat cant maintain session during load balance.
Session is a key value pair. Session will be created if there is no session id in request header.
Once session is created it will send with response and the session value will be set in client browser.
Http is a stateless protocal so server cant find the session directly. So it will read the session id from request and the session id will be checked with group of session id. If id matches the same session id will be maintained else new session id will be created.
So for ever request new session id will be created. This problem will be resolved if the preceding request are dispatched to same tomcat or all tomcat’s should have same session id. Here request will be dispatched to different tomcat instance in round robin method.
There is two way to resolve this session issue. Those are Session Affinity/Sticky Session and Session Replication.

Session Affinity/Sticky Session:
if you have many instances of tomcat (eg: tomcat1 & tomcat2) and you start session on tomcat1, the subsequent requests will be forwarded to tomcat1 as long as tomcat1 running an up (you never reach tomcat2). It means that if tomcat1 now is down, then your subsequent request will be forwarded to tomcat2, with a different session (a new session created at tomcat1 for you). This is not very good because if your application responding on tomcat1, then moved to tomcat2, session data will be lost. Usually Sticky session is achieved in simple load balancing of Apache server in front of tomcat servers.
Session Replication:
Session replication, means you will have the same session id regardless of your first or subsequent requests served by tomcat1 or tomcat2. It means that you session will be duplicated on both tomcat1 and tomcat2. Sometimes you served by tomcat1, sometimes you served tomcat2, although none of them is down. Usually this is achieved when tomcat cluster is created.

How to implement Session Affinity?
Session Affinity means redirecting all the reequests to the same tomcte.
Tomcat configuration file (conf/server.xml) contains a tag called has a property jvmRoute.
Session Affinity will be configured by assigning the tomcat instance name to this property.
So each and every session id will contain its tomcat instance name at end. So load balancer will easily find that to which tomcat instance the requests should be dispatched.
eg). {Session-id}.tomcat1
Sample Engine Tag:-

directory=”c:\\cluster\shareddir”
/>

Note : – The above lines should be added in all tomcat’s context.xml file.
Here,
org.apache.catalina.session.PersistentManager is the class for Persistant Manager.
org.apache.catalina.session.FileStore is the class reperacents type of persistant manager.
directory – reperacentsfile path in the local machine.
Lets test the Manager :-
Create a jsp file to test which tomcat receives request.
# Create file Test/sestest.jsp
Note: create for each instance and change the tomcat instance name above

<%@page language="java" %>

Session serviced by tomcat1

<% session.setAttribute("abc","abc");%>

Session ID <%= session.getId() %>
Created on <%= session.getCreationTime() %>


  1. Open a browser to http:///examples/jsp/sesstest.jsp
  2. Click a number of times, you should stay with the same instance (sticky session working)
  3. Shutdown an instance
  4. Retest using the browser and hopefully it should pickup the other instance but have the same session ID
JDBC Store :-
Similarly in JDBC store session details will be stored in database. Here i am going to use mysql database. You can use any RDBMS database.
Make sure that table is already created in database to store session.
Samle Query to create Table :-
create table tomcat_sessions (
session_id varchar(100) not null primay key,
valid_session char(1) not null,
max_inactive int not null,
last_access bigint not null,
app_context varchar(255),
session_data meduimlob,
KEY kapp_context(app_context)
);
Sample Context.xml configuration :-
connectionURL=”jdbc:mysql://localhost/datadisk?user=tomcat&password=tomcat”
driverName=”com.mysql.jdbc.Driver”
sessionIdCol=”session_id”
sessionValidCol=”valid_session”
sessionMaxInactiveCol=”max_inactive”
sessionLastAccessCol=”last_access”
sessionTable=”tomcat_sessions”
sessionAppCol=”app_context”
sessionDataCol=”session_data”
/>

Lets test the Manager :-
Do the previous steps to test jdbc store.
3. Delta Manager :-
In Delta Manager once session is created for session for any tomcat instance, this session will be copied to all tomcat instances. So that all tomcats will have same session id. If current tomcat instant goes off , any off the tomcat will receive’s the furthor request. Since all tomcat have same session, data will not be lost and no more session will be created.
But its not a good approch for large size cluster. Because every time it copies the session to all the tomcat instances. So it will take more time.
To setup Deta Manager we has to follow these steps :-

1. Enable the Web Application as distributable
We need to make the our web application distribuable. its simple add tag in web.xml file. In according to servlet specification tag in web.xml mention that any container to consider this application can work in distributed environment

example :-
Add any of this tag in web.xml file.

or

2. Add Entries in conf/server.xml filefor all instances.

we can add this tag in either inside the tag or tag.

notifyListenersOnReplication=”true”/>


address=”228.0.0.8″
bind=”192.168.0.1″
port=”45564″
frequency=”500″
dropTime=”3000″ />

port=”4200″
autoBind=”100″
selectorTimeout=”5000″
maxThreads=”6″ />






filter=”.*\.gif;.*\.js;.*\.jpg;.*\.htm;.*\.html;.*\.txt;” />

tempDir=”D:/cluster/temp/war-temp/”
deployDir=”D:/cluster/temp/war-deploy/”
watchDir=”D:/cluster/temp/war-listen/”
watchEnabled=”false” />



Note: the port in bold is the one you need to change for each instance

here most of the code are boiler plate code. just copy and paste. if we need we can customize. for example we can change the multicat address and port number.

hereManager tag define the delta manager. Delta manager meansreplicateto all instances.


Tomcat Clustering use the Apache Tribes communication framework. This group commnicationframeworkis responsible for dynamicmembership(usingmulticast) , send andreceivethe session delta information usinguni-cast(normal TCP connection).


address=”228.0.0.4
port=”45564
frequency=”500″
dropTime=”3000″/>
This is Membership definition. here address is multicast address. we can pick any address from Class D address range (224.0.0.0 to 239.255.255.255)and any port number.

Each and every tomcat send the heart beat signal to multicast address inperiodic(frequency) interval. all other tomcat whose joined the multicast address they canreceivethese signals and add the membership to the cluster. if heat beat signal is notrevivesomeparticularinterval(dropTime) from any one of the tomcat, then we need to consider that tomcat is failed.

Note:-
All tomcat instances which is part of the clustering, should have same multicast address and port number.




here sender use the PooledParallelSender have pooled connections to use the send the session informationconcurrently. so its speedup the session replication process.


address=”auto”
port=”4000
autoBind=”100″
selectorTimeout=”5000″
maxThreads=”6″/>
here we define which port Receiver can bind and used for receiving the session replicate information. here two properties are important. address and port. here address is ur system IP address and port is any unused port. hereaddress=”auto” its automatically pick the system IP address.

we have some interceptor
TcpFailureDetector-Its ensure that instance are dead. In some case multicast messages are delayed, all tomcat instances are think about that tomcat is dead. but this interceptor to make tcp unicast to failed tomcat and ensure that instances is actually failed or not.

another important listener is JvmRouteSessionIDBinderListener.

JvmRouteSessionIDBinderListener  take care to change the client session id to tomcat2 when failure is occurred  so load balancer redirect to tomcat2 without confusing.

3. Enable Multicast routing: –

In Linux Environment most of the system kernel is capable to process the multicast address. but we need to add route entry in kernel routing table.
sudo route add -net 224.0.0.0 netmask 240.0.0.0 dev eth0

here eth0 is myEthernetinterface. so changeaccordingto your interface
Inmulticastaddress is belong to Class D address Range(224.0.0.0 to 239.255.255.255). so we inform to kernel if any oneaccessthese address then it goes through eth0 interface.
Note :-
make sure that the element is commented out.

4.Backup Manager :-
Backup Manager is replicate the copy of session data to exactly one other tomcat instances. This big difference between both managers. here which tomcat creates that is primary copy of the session. and another tomcat whose hold the replicate session is backup copy. If any one of the tomcat is down.
To setup a persistent session manager you must comment out the element in each instance, this disables the In-Memory replication mechanism, then add a context.xml file to each instance with the below.
The setup process of backup manager is same as Delta manager. except we need to mention the Manager as BacupManager (org.apache.catalina.ha.session.DeltaManager)  inside element.

Sample :-


address=”228.0.0.8″
bind=”192.168.0.1″
port=”45564″
frequency=”500″
dropTime=”3000″ />

port=”4200″
autoBind=”100″
selectorTimeout=”5000″
maxThreads=”6″ />






filter=”.*\.gif;.*\.js;.*\.jpg;.*\.htm;.*\.html;.*\.txt;” />

tempDir=”D:/cluster/temp/war-temp/”
deployDir=”D:/cluster/temp/war-deploy/”
watchDir=”D:/cluster/temp/war-listen/”
watchEnabled=”false” />


Tomcat Load Balance using Apache and mod_jk.

What is load balance?
Load balance means dispatching the request between two or more tomcats.
Here all the tomcats which are wants to participante in the load balance will be grouped.
The Group of tomcat is called as tomcat clusters.
What is the need of load balance and tomcat cluster?
Mostly servers will run in single machine. There is a posibility anytime that machine can go down due to any os correption or harderware failure. So if it happens you cant access the server anymore.
So your site will be completely down. To resolve this we need tomcat cluster with load balance.
If any server goes down, the whole network will not go down. That is, if Load balancer receives any error message form a server it will redirect the request to the any of the remaining server. The servers in clusters will be selected using round robin method.
How to resolve the communication problem?
There is a way, By implementing load balancer you can resolve this issue. This load balancer will be added in from of all tomcat clusters. Here all the request and response will go through the load balancer.
So load balance will take care about dispatching the requests between tomcats which are in cluster.
There are Two effective load balancers are available.
  1. Apache http server
  2. Nginx
In this tutorial we are going to see Load balance using Apache Http Server.
What are the Software’s are required for Apache load balance?
  1. Apache Http server
  2. mod_jk
  3. tomcat cluster (many instances).
First install all the required softwares. In two different way you can install these, by using source code or apt-get. Using source code is always good because you can install only required things and at user specified place.
Here we are going to see how to build and install using source code.
How to install Apache Http Server?
First download the httpd server source code from http://httpd.apache.org/ then extract it and install.
You cant directly install using source code, you have to build to make Make file to install.
Steps to build:-
./configure –prefix=/usr/local/apache –enable-rewrite=shared–enable-proxy=shared
make
sudo make install

here
–prefix is the location where it is going to install in the machine.
–enable-rewrite and –enable-proxy options to enable these module in shared mode. These modules are not needed now. but we need in future for rewrite theURLbefore handover to next chain of servers and load-balancing support.
How to install mod_jk?
By using Apache http server alone we cant do load balance. Because by default Apache wont support AJP connector (ajp protocall).
So we need a linker to connect Apache web server and Ajp protocall. So here mod_jk going to be only a linker between appach and ajp protocall.
download the mod_jk connector module from http://tomcat.apache.org/download-connectors.cgiextract it and follow the given steps to build.
cd tomcat-connectors-1.2.37-src/native
./configure –with-apxs=/usr/local/apache/bin/apxs
make
sudo make install
here–with-apxsoption to specify where apxs module is located. so weneedto giveApachehttpd server location.
nowmod_jk.sofiles is created on modules directory in apache installed location (/usr/local/apache/modules)
How to configure mod_jk connector?
You have to do two thinks to configure mod_jk.
  1. Creating workers.properties file
  2. Configure mod_jk connector in apache httpd.conf file.
How to create workers.properties file?
Get into apache/conf folder and create workers.properties file.
Why workers.properties?
Its a configuration file to make communicate between tomcat and ajp protocal using mod_jk connector.
sample workers.properties :-

worker.list=balancer,stat

worker.tomcat1.type=ajp13
worker.tomcat1.port=8009
worker.tomcat1.host=localhost
worker.tomcat2.type=ajp13
worker.tomcat2.port=8010
worker.tomcat2.host=localhost
worker.tomcat3.type=ajp13
worker.tomcat3.port=8011
worker.tomcat3.host=localhost
worker.balancer.type=lb
worker.balancer.balance_workers=tomcat1,tomcat2,tomcat3

worker.stat.type=status

type is ajp13, port is ajp port and host is tomcat instance.
Here tomcat name and balancer name is user defined names. So you can give any name whatever you want.
balancer type is lb. Its a special type for load balance.

Status property is optional. It is used to get the load balance status and logs.
All requests are received by balancer and those are handled and dispached by balance_workers.
Because balance_workers have all tomcat instances names which are participating in load balance.
Actually to forward the requests to the balance_workers we need to configure httpd.conf file.
Do refer the following line if you need more details abt workers.properties file.
How to configure httpd.conf file?
File path of httpd.conf is apache/conf/httpd.conf
Just add these following lines at the end of httpd.conf file.
JkWorkersFile conf/workers.properties
JkLogFile logs/mod_jk.log
JkLogLevel emerg
JkLogStampFormat “[%a %b %d %H:%M:%S %Y] ”
JkOptions +ForwardKeySize +ForwardURICompat -ForwardDirectories
JkRequestLogFormat “%w %V %T”

JkMount / balancer
JkMount /status stat

* JkWorkersFile will represent the location of the workers.properties file.
* LoadModule is used to load mod_jk.so module.
The last 2 lines are important.
JkMount /status stat means any request to match the /status then that request forward to stat worker. Its status type worker. so its shows status of load balancer.
JkMount /* balancer this line matches all the request, so all request is forward to balancer worker. In balancer worker is uses the round robin algorithm to distribute the request to other tomcat instances.
What about tomcat instance failover?
There is a default property called worker.maintain.
Every 60 seconds worker.maintain will send request to update the status of the all tomcat instances. If worker.maintain didnt not receive respone from any instance it will update the status as fail.
This process will be continued. If it receives any response from instance’s it will update the status to ok.
Thats it. Try it.. if u get any doubt please do let me know.

Apache Virtual Hosts

Source From :-

Running several name-based web sites on a single IP address.

Your server has a single IP address, and multiple aliases (CNAMES) point to this machine in DNS. You want to run a web server for www.example.com and www.example.org on this machine.

Note

Creating virtual host configurations on your Apache server does not magically cause DNS entries to be created for those host names. You must have the names in DNS, resolving to your IP address, or nobody else will be able to see your web site. You can put entries in your hosts file for local testing, but that will work only from the machine with those hosts entries.

# Ensure that Apache listens on port 80
Listen 80
<VirtualHost *:80>
DocumentRoot /www/example1
ServerName www.example.com

# Other directives here
VirtualHost>

<VirtualHost *:80>
DocumentRoot /www/example2
ServerName www.example.org

# Other directives here
VirtualHost>

The asterisks match all addresses, so the main server serves no requests. Due to the fact that the virtual host with ServerName www.example.com is first in the configuration file, it has the highest priority and can be seen as the default or primary server. That means that if a request is received that does not match one of the specified ServerName directives, it will be served by this first VirtualHost.

Note

You can, if you wish, replace * with the actual IP address of the system, when you don’t care to discriminate based on the IP address or port.
However, it is additionally useful to use * on systems where the IP address is not predictable – for example if you have a dynamic IP address with your ISP, and you are using some variety of dynamic DNS solution. Since * matches any IP address, this configuration would work without changes whenever your IP address changes.

The above configuration is what you will want to use in almost all name-based virtual hosting situations. The only thing that this configuration will not work for, in fact, is when you are serving different content based on differing IP addresses or ports.

Name-based hosts on more than one IP address.

Note

Any of the techniques discussed here can be extended to any number of IP addresses.

The server has two IP addresses. On one (172.20.30.40), we will serve the “main” server, server.example.com and on the other (172.20.30.50), we will serve two or more virtual hosts.

Listen 80

# This is the "main" server running on 172.20.30.40
ServerName server.example.com
DocumentRoot /www/mainserver

<VirtualHost 172.20.30.50>
DocumentRoot /www/example1
ServerName www.example.com

# Other directives here ...
VirtualHost>

<VirtualHost 172.20.30.50>
DocumentRoot /www/example2
ServerName www.example.org

# Other directives here ...
VirtualHost>

Any request to an address other than 172.20.30.50 will be served from the main server. A request to 172.20.30.50 with an unknown hostname, or no Host: header, will be served from www.example.com.

Serving the same content on different IP addresses (such as an internal and external address).

The server machine has two IP addresses (192.168.1.1 and 172.20.30.40). The machine is sitting between an internal (intranet) network and an external (internet) network. Outside of the network, the name server.example.com resolves to the external address (172.20.30.40), but inside the network, that same name resolves to the internal address (192.168.1.1).
The server can be made to respond to internal and external requests with the same content, with just one VirtualHost section.

<VirtualHost 192.168.1.1 172.20.30.40>
DocumentRoot /www/server1
ServerName server.example.com
ServerAlias server
VirtualHost>

Now requests from both networks will be served from the same VirtualHost.

Note:

On the internal network, one can just use the name server rather than the fully qualified host name server.example.com.
Note also that, in the above example, you can replace the list of IP addresses with *, which will cause the server to respond the same on all addresses.

Running different sites on different ports.

You have multiple domains going to the same IP and also want to serve multiple ports. The example below illustrates that the name-matching takes place after the best matching IP address and port combination is determined.

Listen 80
Listen 8080

<VirtualHost 172.20.30.40:80>
ServerName www.example.com
DocumentRoot /www/domain-80
VirtualHost>

<VirtualHost 172.20.30.40:8080>
ServerName www.example.com
DocumentRoot /www/domain-8080
VirtualHost>

<VirtualHost 172.20.30.40:80>
ServerName www.example.org
DocumentRoot /www/otherdomain-80
VirtualHost>

<VirtualHost 172.20.30.40:8080>
ServerName www.example.org
DocumentRoot /www/otherdomain-8080
VirtualHost>

IP-based virtual hosting

The server has two IP addresses (172.20.30.40 and 172.20.30.50) which resolve to the names www.example.com and www.example.org respectively.

Listen 80

<VirtualHost 172.20.30.40>
DocumentRoot /www/example1
ServerName www.example.com
VirtualHost>

<VirtualHost 172.20.30.50>
DocumentRoot /www/example2
ServerName www.example.org
VirtualHost>

Requests for any address not specified in one of the directives (such as localhost, for example) will go to the main server, if there is one.

Mixed port-based and ip-based virtual hosts

The server machine has two IP addresses (172.20.30.40 and 172.20.30.50) which resolve to the names www.example.com and www.example.org respectively. In each case, we want to run hosts on ports 80 and 8080.

Listen 172.20.30.40:80
Listen 172.20.30.40:8080
Listen 172.20.30.50:80
Listen 172.20.30.50:8080

<VirtualHost 172.20.30.40:80>
DocumentRoot /www/example1-80
ServerName www.example.com
VirtualHost>

<VirtualHost 172.20.30.40:8080>
DocumentRoot /www/example1-8080
ServerName www.example.com
VirtualHost>

<VirtualHost 172.20.30.50:80>
DocumentRoot /www/example2-80
ServerName www.example.org
VirtualHost>

<VirtualHost 172.20.30.50:8080>
DocumentRoot /www/example2-8080
ServerName www.example.org
VirtualHost>

Mixed name-based and IP-based vhosts

Any address mentioned in the argument to a virtualhost that never appears in another virtual host is a strictly IP-based virtual host.

Listen 80
<VirtualHost 172.20.30.40>
DocumentRoot /www/example1
ServerName www.example.com
VirtualHost>

<VirtualHost 172.20.30.40>
DocumentRoot /www/example2
ServerName www.example.org
VirtualHost>

<VirtualHost 172.20.30.40>
DocumentRoot /www/example3
ServerName www.example.net
VirtualHost>

# IP-based
<VirtualHost 172.20.30.50>
DocumentRoot /www/example4
ServerName www.example.edu
VirtualHost>

<VirtualHost 172.20.30.60>
DocumentRoot /www/example5
ServerName www.example.gov
VirtualHost>

Using Virtual_host and mod_proxy together

The following example allows a front-end machine to proxy a virtual host through to a server running on another machine. In the example, a virtual host of the same name is configured on a machine at 192.168.111.2. The ProxyPreserveHost On directive is used so that the desired hostname is passed through, in case we are proxying multiple hostnames to a single machine.

<VirtualHost *:*>
ProxyPreserveHost On
ProxyPass / http://192.168.111.2/
ProxyPassReverse / http://192.168.111.2/
ServerName hostname.example.com
VirtualHost>

Using _default_ vhosts

_default_ vhosts for all ports

Catching every request to any unspecified IP address and port, i.e., an address/port combination that is not used for any other virtual host.

<VirtualHost _default_:*>
DocumentRoot /www/default
VirtualHost>

Using such a default vhost with a wildcard port effectively prevents any request going to the main server.
A default vhost never serves a request that was sent to an address/port that is used for name-based vhosts. If the request contained an unknown or no Host: header it is always served from the primary name-based vhost (the vhost for that address/port appearing first in the configuration file).
You can use AliasMatch or RewriteRule to rewrite any request to a single information page (or script).

_default_ vhosts for different ports

Same as setup 1, but the server listens on several ports and we want to use a second _default_ vhost for port 80.

<VirtualHost _default_:80>
DocumentRoot /www/default80
# ...
VirtualHost>

<VirtualHost _default_:*>
DocumentRoot /www/default
# ...
VirtualHost>

The default vhost for port 80 (which must appear before any default vhost with a wildcard port) catches all requests that were sent to an unspecified IP address. The main server is never used to serve a request.

_default_ vhosts for one port

We want to have a default vhost for port 80, but no other default vhosts.

<VirtualHost _default_:80>
DocumentRoot /www/default
...
VirtualHost>

A request to an unspecified address on port 80 is served from the default vhost. Any other request to an unspecified address and port is served from the main server.
Any use of * in a virtual host declaration will have higher precedence than _default_.

Migrating a name-based vhost to an IP-based vhost

The name-based vhost with the hostname www.example.org (from our name-based example, setup 2) should get its own IP address. To avoid problems with name servers or proxies who cached the old IP address for the name-based vhost we want to provide both variants during a migration phase.
The solution is easy, because we can simply add the new IP address (172.20.30.50) to the VirtualHost directive.

Listen 80
ServerName www.example.com
DocumentRoot /www/example1

<VirtualHost 172.20.30.40 172.20.30.50>
DocumentRoot /www/example2
ServerName www.example.org
# ...
VirtualHost>

<VirtualHost 172.20.30.40>
DocumentRoot /www/example3
ServerName www.example.net
ServerAlias *.example.net
# ...
VirtualHost>

The vhost can now be accessed through the new address (as an IP-based vhost) and through the old address (as a name-based vhost).

Using the ServerPath directive

We have a server with two name-based vhosts. In order to match the correct virtual host a client must send the correct Host: header. Old HTTP/1.0 clients do not send such a header and Apache has no clue what vhost the client tried to reach (and serves the request from the primary vhost). To provide as much backward compatibility as possible we create a primary vhost which returns a single page containing links with an URL prefix to the name-based virtual hosts.

<VirtualHost 172.20.30.40>
# primary vhost
DocumentRoot /www/subdomain
RewriteEngine On
RewriteRule . /www/subdomain/index.html
# ...
VirtualHost>

<VirtualHost 172.20.30.40>
DocumentRoot /www/subdomain/sub1
ServerName www.sub1.domain.tld
ServerPath /sub1/
RewriteEngine On
RewriteRule ^(/sub1/.*) /www/subdomain$1
# ...
VirtualHost>

<VirtualHost 172.20.30.40>
DocumentRoot /www/subdomain/sub2
ServerName www.sub2.domain.tld
ServerPath /sub2/
RewriteEngine On
RewriteRule ^(/sub2/.*) /www/subdomain$1
# ...
VirtualHost>

Due to the ServerPath directive a request to the URL http://www.sub1.domain.tld/sub1/ is always served from the sub1-vhost.
A request to the URL http://www.sub1.domain.tld/ is only served from the sub1-vhost if the client sent a correct Host: header. If no Host: header is sent the client gets the information page from the primary host.
Please note that there is one oddity: A request to http://www.sub2.domain.tld/sub1/ is also served from the sub1-vhost if the client sent no Host: header.
The RewriteRule directives are used to make sure that a client which sent a correct Host: header can use both URL variants, i.e., with or without URL prefix.