Apache Tomcat is a J2EE servlet container. Originating from the Jakarta project, Tomcat is now a main project of the Apache Foundation. Tomcat implements Sun Microsystems’ servlet and JSP specifications. It includes tools for configuration and management, but can also be configured by editing XML configuration files. Since Tomcat includes an internal HTTP server, it is also considered an HTTP server. Tomcat is also considered an application server.
Errors were encountered during execution:
tomcat5.5
E: Sub-process /usr/bin/dpkg returned an error code (1)
Installation of package failed. Attempting to recover:
Setting up tomcat5.5 (5.5.20-2) ...
Starting Tomcat servlet engine: tomcat5.5invoke-rc.d: initscript tomcat5.5, action "start" failed.
dpkg: error processing tomcat5.5 (--configure):
the post-installation script returned an exit status error code 1
Errors were encountered during execution:
tomcat5.5
Press Enter to continue.
Then you’ll need to analyze the logs:
1
2
3
4
5
6
7
> tail /var/lib/tomcat5.5/logs/catalina_`date +%Y-%m-%d`.log
The java-gcj-compat-dev environment currently doesn't support a security manager. Please check the TOMCAT5_SECURITY variable in /etc/default/tomcat5.5.
Using CATALINA_BASE: /var/lib/tomcat5.5
Using CATALINA_HOME: /usr/share/tomcat5.5
Using CATALINA_TMPDIR: /var/lib/tomcat5.5/temp
Using JRE_HOME: /usr/lib/jvm/java-gcj
The java-gcj-compat-dev environment currently doesn't support a security manager. Please check the TOMCAT5_SECURITY variable in /etc/default/tomcat5.5.
I think that’s clear enough. We need to edit the /etc/default/tomcat5.5 file to replace:
TOMCAT5_SECURITY=yes
with:
TOMCAT5_SECURITY=no
Of course, this involves some risks (I won’t pretend to know what they are and haven’t had time to look into the issue). Now let’s restart the installation:
1
apt-get install tomcat5.5
And for those who want to install the admin tools:
# Run Tomcat as this user ID. Not setting this or leaving it blank will use the# default of tomcat55.TOMCAT5_USER=tomcat55
# The home directory of the Java development kit (JDK). You need at least# JDK version 1.4. If JAVA_HOME is not set, some common directories for# the Sun JDK, various J2SE 1.4 versions, and the free runtimes# java-gcj-compat-dev and kaffe are tried.JAVA_HOME=/usr/lib/jvm/java-6-sun
# Directory for per-instance configuration files and webapps. It contain the# directories conf, logs, webapps, work and temp. See RUNNING.txt for details.# Default: /var/lib/tomcat5.5#CATALINA_BASE=/var/lib/tomcat5.5# Arguments to pass to the Java virtual machine (JVM).JAVA_OPTS="-Djava.awt.headless=true -Xms512m -Xmx512m"# Java compiler to use for translating JavaServer Pages (JSPs). You can use all# compilers that are accepted by Ant's build.compiler property.#JSP_COMPILER=jikes# Use the Java security manager? (yes/no, default: yes)# WARNING: Do not disable the security manager unless you understand# the consequences!# NOTE: java-gcj-compat-dev currently doesn't support a security# manager.TOMCAT5_SECURITY=no
For security reasons, uncomment the TOMCAT5_USER line as shown above.
It’s sometimes useful to redirect Apache to Tomcat to simplify the URL for end users and allow Tomcat to not manage connections directly. You can also use mod_proxy (which is increasingly being used instead of mod_jk).
Download this file, extract it and add it to your 2 Tomcat instances. Now the demo page is accessible in load-balanced mode at http://server-apache/demo/jsp/test.jsp. You’ll get something like this:
date of the day: Tue Nov 06 13:46:19 CET 2012
param message: null
session ID: C706F51B9ACAB96A10CCDACCADEA9026
node: /var/lib/tomcat6
List object in session:
Try stopping one Tomcat server and you’ll see it switch to the other :-)
Let’s use the manager interface to see the status of your servers: http://server-apache/jk-manager/:
You can see here that the Tomcat servers are enabled and functional. If one of them goes down, it will show an ‘ERR’ error. You’ll then need to click on the ‘R’ hyperlink to reset its status. The load balancer will accept sending requests to it again. There’s also another menu that allows you to properly take a Tomcat node out of service by clicking on ‘Edit this attribute for all members: Activation’:
Then update the states by clicking on the ‘Update balancer’ button.
To set up clustering2, you’ll normally need Load Balancing. With clustering, you can share your application sessions across Tomcat servers. The advantage is that if you lose one machine, the sessions will be present on other machines and the user won’t notice anything. Of course, the applications in question must be developed to handle this kind of mechanism.
To test session replication, add this small application that will allow you to test sessions, download this file.
To set up clustering, edit the following file and add this line just before the end:
1
2
3
[...]
<distributable/></web-app>
Then let’s edit the server section and add a cluster block in the Engine section:
[...]
<!-- You should set jvmRoute to support load-balancing via AJP ie:
<Engine name="Catalina" defaultHost="localhost" jvmRoute="jvm1">
--><Enginename="Catalina1"defaultHost="localhost"jvmRoute="worker2"><!--For clustering, please take a look at documentation at:
/docs/cluster-howto.html (simple how to)
/docs/config/cluster.html (reference documentation) --><!--
<Cluster className="org.apache.catalina.ha.tcp.SimpleTcpCluster"/>
--><ClusterclassName="org.apache.catalina.ha.tcp.SimpleTcpCluster"channelSendOptions="8"><ManagerclassName="org.apache.catalina.ha.session.DeltaManager"expireSessionsOnShutdown="false"notifyListenersOnReplication="true"/><ChannelclassName="org.apache.catalina.tribes.group.GroupChannel"><MembershipclassName="org.apache.catalina.tribes.membership.McastService"address="228.0.0.4"port="45564"frequency="1000"dropTime="30000"/><ReceiverclassName="org.apache.catalina.tribes.transport.nio.NioReceiver"address="auto"port="4000"autoBind="100"selectorTimeout="5000"maxThreads="6"/><SenderclassName="org.apache.catalina.tribes.transport.ReplicationTransmitter"><TransportclassName="org.apache.catalina.tribes.transport.nio.PooledParallelSender"timeout="60000"/></Sender><InterceptorclassName="org.apache.catalina.tribes.group.interceptors.TcpFailureDetector"/><InterceptorclassName="org.apache.catalina.tribes.group.interceptors.MessageDispatch15Interceptor"/></Channel><ValveclassName="org.apache.catalina.ha.tcp.ReplicationValve"filter=".*\.gif;.*\.js;.*\.jpg;.*\.htm;.*\.html;.*\.txt;"/><DeployerclassName="org.apache.catalina.ha.deploy.FarmWarDeployer"tempDir="D:/cluster/temp/war-temp/"deployDir="D:/cluster/temp/war-deploy/"watchDir="D:/cluster/temp/war-listen/"watchEnabled="false"/><ClusterListenerclassName="org.apache.catalina.ha.session.ClusterSessionListener"/></Cluster>[...]
For the engine name, use different names for each node in the cluster. I won’t detail all the options here but leave you to check the resources of this page or the official site. Just know that this configuration allows multiple nodes and replicates sessions to all nodes (DeltaManager). It’s possible to do a simple backup by changing the className of the manager.
Restart your Tomcat servers, which will synchronize with each other via multicast. To test, use your load balancer to open this URL: http://tomcat-lb/clustertest/jsp/myjsp.jsp. And then? Well, it’s simple, you’ll see something like this:
date of the day: Sat Nov 17 21:33:58 CET 2012
param message: null
session ID: E7FFB32D3EDEF512C118ACDCC7FB4255.worker2
node: /var/www/tomcat7
List object in session:
Do a SIGKILL (kill -9) on the worker2 instance. The load balancer will do its job of routing all connections to another worker and the session number (session ID) will be identical. It won’t have changed even though you’ve switched servers :-)
Tomcat can have problems stopping on a vserver. Since I haven’t found the solution, I set the service to load last at boot and shutdown to prevent it from blocking the shutdown of other services: