Traditional Java EE (JEE) app servers bring complexity to the mix. In addition, they are costly and consume a lot of resources. Forrester wrote an article in 2011 about the costs saying, “Use Apache Tomcat. It is free.” IDC’s research from 2011 points how enterprises are moving “toward lower-cost application platforms that shift them closer to private, public, and hybrid cloud offerings.” Of course, you can find plenty of historical posts and debates from practitioners on costs and resources from past years.
So, if you are looking at middleware support for mobile apps, in-memory databases, auto- scaling, and virtual/cloud infrastructure, then you might want to check out our webinar coming up on Thursday, October 25th. In this session, we will cover quite a bit about vFabric tc Server:
Tomcat supports multiple instances, and you should consider installing Tomcat so that a single binary runtime directory supports multiple instances as a means of adhering to security best practices.
While the documentation on multiple instances is in the RUNNNING.txt file at the root of the Tomcat binary distribution file hierarchy, many people aren’t necessarily aware of the feature or why you might use it. To provide some insight, let’s look at how this functionality works and provide some insight to the related best practice for security.
Secure Socket Layer, or SSL, certificates are frequently used to confirm the identity of a server before consuming its services and to secure communications with the server. Typically, when an Apache web server is used to load balance requests to one or more Apache Tomcat servers (including VMware’s commercial version, tc Server), the SSL encryption and certificate authentication is terminated at the web server. Communication between the Apache web server and Tomcat is then trusted and in clear text.
However, there are organizational security policies and B2B scenarios that could mandate secure communication between Apache web server and Tomcat. Furthermore, it could be important to restrict access to Tomcat to known instances of Apache web server.
This tutorial will provide details for a configuration option that enables SSL communication and client certificate authentication between Apache Web Server and Tomcat.
At a high level, this tutorial provides instructions to
13 months ago today marked the initial release of the Apache Tomcat 7 beta. Proving itself to be very backwards compatible with Apache Tomcat 6, Tomcat 7 is wealth of add-on features and bug fixes that purely builds on the success of Tomcat 6. Many of these features were not around 13 months ago, many of which we have covered here including:
Originally presented in the SpringSource S2F Forum in Amsterdam, Mark Thomas recorded a new update on the overall status of the Tomcat 7 project for the Tomcat Expert community. This update is slightly more current and gives good insight as to what is now in Tomcat 7 and what will be coming (and how to influence what gets worked on!). Some interesting points Mark brings up:
Our configuration consists of the following components (all of them are running on a single Windows Server 2003 machine):
We are load testing the server with relatively simple requests.
It seems that under load (~8000 requests we are sending per minute from our load simulator) - we have a delay between apache web server and the mod_jk component.
Make sure you configure both Apache httpd and mod_jk to handle the traffic.
This means, the number of threads(workers) that httpd has will impact your system.
Also, in high concurrency, how you configure KeepAlive is important. There is a chance that Apache is using its threads waiting for the next request on idle connections, while active connections are not being handled.
Posting your configuration files may be a good idea.
With special thanks to Mark Thomas, ASF/VMware for reviewing.
This document will describe all of the necessary pre-requisites to get started in developing, customizing and contributing to the Apache Tomcat Project. The reader will have a broad overview of what is involved, and learn the process by which they will get a better understand of how the internals of how the Apache Tomcat application server works. Those new to the Apache Tomcat project, or contributing to an open source project may find this article helpful.
Apache Tomcat is the de-facto, open-source application server. It is distributed under the Apache License, Version 2.0 and is true open source. Many organizations use Tomcat as their production's application server, and it is enterprise grade even in its open source form. Over half of Fortune 500 companies use Apache Tomcat as their platform for their production business websites, including notables such as E-Trade.com, Walmart.com, and The Weather Channel. There are commercially supported versions of Apache Tomcat as well. In this how-to article, we will use the open source version as an example.
Setting up Apache Web Server and Tomcat Application Server for load balancing using mod_proxy_balancer.
This example uses mod_proxy_balancer as the load balancer. This configuration is useful for applications that are stateless and therefore do not require clustering or sticky-sessions. For more information, you can also check the page:
For development and operations teams, a presentation that covers performance tuning Tomcat and the JVM alongside configuration options, load balancing, and more.
In this webinar, Apache Tomcat committers Mark Thomas and Filip Hanik discuss performance tuning Apache Tomcat for your production environment. This webinar focuses on Tuning Tomcat and the JVM to correctly handle your application including usage patterns, hardware and network topology. You’ll learn when and how to apply the different tuning and configuration options as well as understanding load balancers and how they can impact your configuration settings. Also discussed: the impact of clustering and replication on your environment.
For development and operations teams, a presentation to improve software development with Spring and Tomcat.
Spring is commonly found within enterprises and helps companies better manage complexities in the software development processTomcat has also become ubiquitous within the enterprise.
Understanding mod_jk, mod_proxy, and mod_proxy_ajp
There are three main modules available for connecting Apache to Tomcat:
This module has the load balancing capability that was not supported in mod_proxy prior to Apache 2.2. The use of mod_proxy_ajp is preferred over mod_jk for Apache 2.2 or later.
For further documentation on mod_jk, see the official documentation as provided by the Apache Software Foundation:
Working with mod_jk: http://tomcat.apache.org/tomcat-3.3-doc/mod_jk-howto.html