Using Apache reverse proxy tomacat

Origins

In most production environments, basically using Java programs, which facilitates the production of a variety of application middleware, there are probably several, tomcat as the most famous open source Servlet container, JBoss is also open source, and has a management interface, mainly Redhat, While WebLogic is Oracle's commercial middleware, Webspare is IBM's commercial middleware, and several others, such as Jetty,resin, are less used.

When installing Tomcat, each time you first need to install the JDK, provide the JVM virtual machine, JRE running environment, so every time you install the JDK, there are several options, the production environment is basically used OPENJDK, does not produce copyright issues, Oracle's JDK is typically used in the development environment. After installing the JDK, it is common to output an environment variable of java_home.

In Java, the JVM is also divided into several, one is Oracle's Jrokit virtual machine, mainly used on WebLogic, one is IBM's J9 virtual machine, mainly used in IBM Webspare; one is the hotspot, Mainly used in openjdk above.

In the production environment, the servlet changes for,Tomcat--webspare--jboss, small when using open source, because of free, slowly become larger, because maintenance problems, become charged; getting bigger, and taking the open source, because free. the predecessor used the WebLogic.

configuring Apache Anti-generation Tomcat

When using Apache reverse proxy tomcat to provide services, the main request model is as follows:

The client browser sends an HTTP request to Apache, then Apache proxies the user's request to the back-end Tomcat server, which can use the HTTP protocol or the AJP protocol when the Apache is reversed, while the AJP protocol is more efficient than HTTP , the AJP protocol is generally used.

Apache in the reverse proxy, there must be several modules, specifically as follows:

[Email protected] extra]# httpd-m |grep proxy proxy_module (shared) proxy_connect_module (shared) Proxy_ftp_module (shar ED) proxy_http_module (shared) proxy_scgi_module (shared) proxy_ajp_module (shared) proxy_balancer_module (shared) Syntax OK

In the compile installation, the default is not to install the module of the agent, in the compile time can add options,--enable-proxy,--enable-proxy-http,--ENABLE-PROXY-AJP, if the installation is complete, can also adopt the mechanism of DSO, use command Apxs-ica mod_proxy.c to carry on dynamic loading module.

The main configuration files for Apache are as follows:

[email protected] extra]# cat httpd-vhosts.conf namevirtualhost *:80<virtualhost *:80>    documentroot "/usr/ Local/apache/htdocs "    ServerName www.kel.com     serveralias kel.com    proxyvia on    proxyrequests Off    Proxypreservehost on     proxypass/status!    Proxypass  /ajp://192.168.1.238:8009/    proxypassreverse  /ajp://192.168.1.238:8009/    #ProxyPass  /http://192.168.1.238:8080/    #ProxyPassReverse  /http://192.168.1.238:8080/    errorlog "logs/ Www.kel.com-error_log "    customlog" Logs/www.kel.com-access_log "common</virtualhost><location/ status>    SetHandler server-status    Order allow,deny allow from    all</location>

　　

In the configuration file, the main parameters are described as follows: servername represents the host name, mainly used to differentiate the virtual host, Proxyvia is mainly to add header response information to HTTP, indicating that after the Apache server, proxyrequests Mainly refers to the use of the forward proxy or reverse proxy, off means that the response agent is used, proxypreserverhost indicates whether to reverse the host name to the back-end host, when Tomcat has multiple virtual hosts, need to open, Proxypass is mainly used to indicate the response agent to the backend of which host, when using an exclamation point, the expression is not anti-generation, direct response from Apache, need to reverse the time, need to write on the backend protocol, hostname and port number, Proxypass is mainly to solve the problem of redirection, The other two is the log information, Serveralias represents the host alias, with this name can also be accessed, the status is mainly used to view Apache status page information.

To view the default listener process for Tomcat:

[Email protected] ~]# ps-ef|grep javaroot3166     1  0  -: ,pts/0    xx:xx: -/usr/java/latest/bin/java-djava.util.logging.config.file=/usr/local/tomcat/conf/logging.properties
-djava.util.logging.manager=org.apache.juli.classloaderlogmanager-djdk.tls.ephemeraldhkeysize=2048-djava.protocol.handler.pkgs=org.apache.catalina.webresources
-classpath/usr/local/tomcat/bin/bootstrap.jar:/usr/local/tomcat/bin/tomcat-juli.jar-dcatalina.Base=/usr/local/tomcat-dcatalina.home=/usr/local/tomcat
-djava.io.tmpdir=/usr/local/tomcat/temp Org.apache.catalina.startup.Bootstrap startroot3219   863  0  -:xxpts/0    xx:xx:xxgrep java[[email protected]~]# netstat-tnlp|grep javatcp0      0:::8080:::* LISTEN3166/Java TCP0      0:: FFFF:127.0.0.1:8005:::* LISTEN3166/Java TCP0      0:::8009:::* LISTEN3166/Java [[email protected]~]# pstree-p3166|WC-L +

As you can see above, the default Tomcat listens on three ports, which is three connector connector, where 8080 uses the HTTP protocol, which is used primarily to accept user request responses, and 8005 listens for local localhost addresses, primarily to manage the Tomcat process , while 8009 is using the AJP protocol. When using Apache for anti-generation, you can see the configuration file, when using the HTTP protocol to reverse the use of the port is 8080, when using the AJP protocol, the use of the port is 8009. You can see that Tomcat has 40 threads open by default.

To view the commands used by the management process:

[[Email protected] ~]# telnet 127.0.0.1 8005 (directly close Tomcat service) Trying 127.0.0.1...Connected to 127.0.0.1.Escape character are ' ^] '. Shutdownconnection closed by foreign host. [[email protected] ~]# ps-ef|grep javaroot      3244   863  0 18:13 pts/0    00:00:00 grep java

Test

Using Web page testing, the main changes to the hosts ' domain name resolution address when using Web page testing:

? View the response header information as follows (you will see the header information added in Apache in the instructions Proxyvia):

? When the Tomcat service is closed, the server response is as follows:

[Email protected] ~]# curl-i http://www.kel.comHTTP/1.1 503 Service temporarily Unavailabledate:sat, Sep 2017 22:27: Panax Notoginseng gmtconnection:closecontent-type:text/html; Charset=iso-8859-1

?
When viewing the response code, the status code is 503, indicating that the service is temporarily unavailable, which can be used as a problem in the production environment.

? Apache,apache as the most classic Web server, occupy the market share, so big, the syntax is too complex, and nginx compared to an underground in the sky, when the static and dynamic separation, nginx more suitable, in the use and tomcat combination, Apache is a good point, after all, is the product of Apache, more easy to combine, and have a special protocol AJP to carry out the transmission.

? httpd was originally complex, and IBM also made a webspare, commonly known as was, the way is to use httpd, and then turned into IHS, the syntax becomes more complex, in the reverse proxy load balancing, it is a lump of excrement, do not want to spit groove, However, many people pursue stability, say webspare, but when using the cluster, the experience is not so good.

? using Nginx, a more simple and easy-to-use Web server.

• OPS Linux and Python

The Web server statistics are as follows:

?

Using Apache reverse proxy tomacat