Comments on Configuring Tomcat5 and Apache2 with Virtual Hosts using mod_jk
Configuring Tomcat5 and Apache2 with Virtual Hosts using mod_jk This tutorial explains how I was able to setup a web server in order to support Java Server Pages (JSP) and Servlets using virtually hosted websites. The ultimate goal is to provide instructions on how to incorporate JSP/Servlet support on the ISPConfig web hosting software. I felt it was necessary to provide this first segment separately for those that do not wish to use the ISPConfig web hosting control panel.
9 Comment(s)
Comments
Great article! It will be very helpful for those people using Apache and tomcat to handle JSP etc.
The newly released Apache server 2.2 includes AJP Proxy support by default and other new features, I haven't tried it, but I think it should ease the configuration bridging apache and tomcat using the jk module. maybe you can look into it and give us another wonderful HOWTO :)
thank you!
for me, the easy to overlook part is that, apache forward the request to tomcat ajp1.3 connector port 8009(by default), not the container service port 8080(most of the time).
so workers.properties should be carefully as,
worker.worker1.type=ajp13
worker.worker1.host=localhost
worker.worker1.port=8009
The "Debian-way" of using the JVM would be to convert it to an deb first. This is very simple
apt-get install mpkg-j2sdk
Then simply
mpkg-j2sdk jdk-1_5_0_06-linux-i586.bin
afterwards you can install the correspondig deb by doing a
dpkg -i jdk...deb
- JDK is not a requirement anymore, you only need JRE. From Tomcat web site:
"Tomcat 5.5 uses the Eclipse JDT Java compiler for compiling JSP pages. This means you no longer need to have the complete Java Development Kit (JDK) to run Tomcat, but a Java Runtime Environment (JRE) is sufficient. The Eclipse JDT Java compiler is bundled with the binary Tomcat distributions."
- One other thing that you should add in your howto is to configure Tomcat to run as a non-root user. The default is to run as root which is not secure, should tomcat be compromised, and not required, as tomcat listen to port 8080. You will find below an example of init.d file.
Regards,
Gaël
#!/bin/sh
#
# tomcat This shell script takes care of starting and stopping
# tomcat.
# description: tomcat is a servlet/JSP engine, which can be used
# standalone or in conjunction with Apache
### BEGIN INIT INFO
# Provides: Tomcat
# Required-Start: $local_fs $network $remote_fs apache2
# Required-Stop: $local_fs $network $remote_fs apache2
# Default-Start: 3 5
# Default-Stop: 0 1 2 6
# Short-Description: Tomcat
# Description: Tomcat
### END INIT INFO
RETVAL=0
# See how we were called.
case "$1" in
start)
# Start daemons.
echo -n "Starting tomcat: "
cd ~tomcat
su - tomcat -c '/opt/jakarta/tomcat/bin/catalina.sh start'
RETVAL=$?
[ $RETVAL -eq 0 ] && touch /var/lock/subsys/tomcat
echo
;;
stop)
# Stop daemons.
echo -n "Shutting down tomcat: "
cd ~tomcat
su - tomcat -c '/opt/jakarta/tomcat/bin/catalina.sh stop'
RETVAL=$?
[ $RETVAL -eq 0 ] && rm -f /var/lock/subsys/tomcat
echo
;;
restart)
$0 stop
$0 start
RETVAL=$?
;;
*)
echo "Usage: tomcat {start|stop|restart}"
exit 1
esac
exit $RETVAL
I appreciate your efforts and that you share your work with others.
But if you use Debian why don't you do things the Debian way and reduce your howto to around 5 "apt-get install" statements and a reference to /usr/share/doc/libapache2-mod-jk?
Cheers
mod_jk has a bevy of options that should, in general, be set in workers.properties in order to tune the connection to Apache as well as Tomcat. By default it's pretty wide open as far as connections and timeouts are concerned; it's very easy for Apache to accept way, way way more load than Tomcat sitting behind it can handle. Here are some of the important ones I've found and what I typically set them to, the actual reading of the docs is left up to you. :)
# Specify the size of the open connection cache.
worker.ajp13.cachesize=1
worker.ajp13.retries=3
# below are in seconds
worker.ajp13.cache_timeout=60
worker.ajp13.socket_timeout=30
worker.ajp13.recycle_timeout=60
# Advanced ping-pong options
# 0 (full recovery)
# 1 (don't recover if tomcat failed after getting the request)
# 2 (don't recover if tomcat failed after sending the headers to client)
# 3 (don't recover if tomcat failed getting the request or after sending
# the headers to client).
worker.ajp13.recovery_options=0
# below are in milliseconds
worker.ajp13.prepost_timeout=5000
worker.ajp13.connect_timeout=5000
# under load it can take awhile to get a reply when doing an initial JSP compile
worker.ajp13.reply_timeout=60000
great article, man! helped me a lot and the best thing is that it actually works)
Thank you for the very good article. Besides the valuable configuration hints you are providing I took benefit from the advanced worker properties posted by Anonymous on Mon, 2006-03-06 21:59.
I want to add that for "heavy" load on the tomcat workers it can be necessary to increase to maximum amount of threads. I specifiied that in each of the server.xml of my tomcats
<Connector-Toddy (info (the-at) tinyimage (the-dot) com)
port="8009"
enableLookups="false" redirectPort="8443" protocol="AJP/1.3"
useBodyEncodingForURI="false" URIEncoding="UTF-8"
maxThreads="350" minSpareThreads="25" maxSpareThreads="75" />
This has been very successful for many people: http://blog.beplacid.net/2007/11/20/howto-apache-2-tomcat-5525-and-mod_jk-under-debian/