Yes, I can do that, but Spring-security switches back and forth http/https depending upon the security-configuration in webapp, that's why I have not removed it.
What do you mean by your worker members should appear in workers.properties? File: workers.properties worker.list=loadbalancer worker.server1.port=8010 worker.server1.host=localhost worker.server1.type=ajp13 worker.server2.port=8011 worker.server2.host=localhost worker.server2.type=ajp13 worker.server1.lbfactor=1 worker.server2.lbfactor=1 worker.loadbalancer.type=lb worker.loadbalancer.balance_workers=server1,server2 worker.loadbalancer.method=B worker.loadbalancer.sticky_session_force=false worker.loadbalancer.sticky_session=false On Wed, Dec 9, 2015 at 5:31 PM, Mikel Ibiricu <jlumi...@gmail.com> wrote: > Hi > > I was reading your previous message and Andre's reply and I could not > figured out why you don't manage https certificates in Apache Httpd and > take all its configuration out of the tomcats. > > Second way, not sure about that, it's been a while since the last time I > used a load balancer, but should not the load balancer worker members > appear in the workers.properties' worker_list? > > Regards, > Mikel > El 09/12/2015 17:24, "Kernel freak" <kernelfr...@gmail.com> escribió: > > > Hello friends, > > > > I am working on a server-configuration in which I would like to setup > > load-balancing with fail-over. Unfortunately, I am not having much luck > > with the process. I will be posting my updated config, so it is easier to > > understand. Kindly have a look. > > > > First Tomcat's server.xml : > > > > > > <Connector port="443" enableLookups="false" protocol="HTTP/1.1" > > >> SSLEnabled="true" maxThreads="200" compression="force" > > >> compressionMinSize="1024" scheme="https" secure="true" > > clientAuth="false" > > >> sslProtocol="TLS" > > >> keystoreFile="keystore.jks" keystorePass="PASSWORD" > URIEncoding="utf-8" > > >> compressableMimeType="text/html,text/xml,text/plain,text/css,text/ > > >> javascript,application/x-javascript,application/javascript" > > >> /> > > >> // I didn't remove the above connector, as I didn't knew how to use > > SSL > > >> with load-balancing and fail-over. > > >> > > > > > >> <Connector port="8010" protocol="AJP/1.3" redirectPort="443" > > >> URIEncoding="utf-8" > > >> compressableMimeType="text/html,text/xml,text/plain,text/css,text/ > > >> javascript,application/x-javascript,application/javascript" > > >> /> > > >> > > > <Engine name="Catalina" defaultHost="localhost" jvmRoute="server1"> > > > > > > <Host name="localhost" appBase="webapps" > > > unpackWARs="true" autoDeploy="true"> > > > <Cluster className="org.apache.catalina.ha.tcp.SimpleTcpCluster" > > > channelSendOptions="8"> > > > > > > <Manager > > className="org.apache.catalina.ha.session.DeltaManager" > > > expireSessionsOnShutdown="false" > > > notifyListenersOnReplication="true"/> > > > > > > <Channel > > > className="org.apache.catalina.tribes.group.GroupChannel"> > > > <Membership > > > className="org.apache.catalina.tribes.membership.McastService" > > > address="228.0.0.4" // What kind of address is > > > this? > > > port="45564" > > > frequency="500" > > > dropTime="3000"/> > > > <Receiver > > > className="org.apache.catalina.tribes.transport.nio.NioReceiver" > > > address="148.251.151.18" > > > port="4000" > > > autoBind="100" > > > selectorTimeout="5000" > > > maxThreads="6"/> > > > > > > <Sender > > > > className="org.apache.catalina.tribes.transport.ReplicationTransmitter"> > > > <Transport > > > > > > className="org.apache.catalina.tribes.transport.nio.PooledParallelSender"/> > > > </Sender> > > > <Interceptor > > > > > > className="org.apache.catalina.tribes.group.interceptors.TcpFailureDetector"/> > > > <Interceptor > > > > > > className="org.apache.catalina.tribes.group.interceptors.MessageDispatch15Interceptor"/> > > > </Channel> > > > </Cluster> </Host> > > > > > > > > > Second tomcat config : > > > > > > > > <Connector port="443" enableLookups="false" protocol="HTTP/1.1" > > > SSLEnabled="true" maxThreads="200" compression="force" > > > compressionMinSize="1024" scheme="https" secure="true" > > > clientAuth="false" sslProtocol="TLS" > > > keystoreFile="keystore.jks" keystorePass="PAssword" > > > URIEncoding="utf-8" > > > compressableMimeType="text/html,text/xml,text/plain,text/css,text/ > > > javascript,application/x-javascript,application/javascript" > > > /> > > > <Connector port="8011" protocol="AJP/1.3" redirectPort="443" > > > URIEncoding="utf-8" > > > compressableMimeType="text/html,text/xml,text/plain,text/css,text/ > > > javascript,application/x-javascript,application/javascript" > > > /> <Engine name="Catalina" defaultHost="localhost" > jvmRoute="server2"> > > > // The cluster config same as above, only the above stuff has changed. > > > > > > > workers.properties : > > > > worker.list=loadbalancer > > > worker.server1.port=8010 > > > worker.server1.host=localhost > > > worker.server1.type=ajp13 > > > > > > worker.server2.port=8011 > > > worker.server2.host=localhost > > > worker.server2.type=ajp13 > > > > > > worker.server1.lbfactor=1 > > > worker.server2.lbfactor=1 > > > > > > worker.loadbalancer.type=lb > > > worker.loadbalancer.balance_workers=server1,server2 > > > worker.loadbalancer.method=B > > > worker.balancer.sticky_session=true > > > > > > > > > 000-defaults in sites-enabled > > > > JkMountCopy On > > > <Proxy balancer://mycluster> > > > BalancerMember ajp://localhost:8010 route=server1 > > connectiontimeout=10 > > > BalancerMember ajp://localhost:8011 route=server2 > > connectiontimeout=10 > > > > > > ProxySet stickysession=JSESSIONID|jsessionid > > > Order Deny,Allow > > > Deny from none > > > Allow from all > > > > > > </Proxy> > > > > > > <VirtualHost *:80> > > > ProxyRequests off > > > > > > ProxyPass /balancer-manager ! > > > ProxyPass / balancer://mycluster/ > > > ProxyPassReverse / balancer://mycluster/ > > > </VirtualHost> > > > > > > <Location /balancer-manager> > > > SetHandler balancer-manager > > > > > > Order Deny,Allow > > > Deny from none > > > Allow from all > > > </Location> > > > > > > > > > This added in apache2.conf : > > > > JkWorkersFile /etc/apache2/workers.properties > > > > > > JkMount /* loadbalancer > > > > > > > > > Now, when both the tomcat versions are online, then I have no issues, but > > as soon as one tomcat goes down, then the whole setup dies. What am I > doing > > wrong. Also, if I remove connector for 443, should I also remove the > > redirectPort in AJP connector. Kindly let me know. Thank you. > > >
