Hi Christopher, On Wed, Jan 17, 2018 at 10:41 PM, Christopher Schultz <ch...@christopherschultz.net> wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA256 > > Suvendu, > > Which version of Tomcat? >
Tomcat version is 7.0.55 > On 1/17/18 8:20 AM, Suvendu Sekhar Mondal wrote: >> I am seeing one issue. Under high load sporadically one web >> service call fails with: "java.net.SocketTimeoutException: Read >> timed out" after 60 Sec mark. >> >> In our app, httpd routes requests to 8888 then it get redirected >> to 8889. > > Can you be very explicit about what you mean by "redirect", here? I was talking about auto redirection from 8888 to 8889 by Catalina. >> Connector which listens on 8888 has connectionTimeout=20000 but the >> one which listens to 8889 does not have any connectionTimeout set >> explicitly. As per doc, default connectionTimeout value 60 Sec will >> be set for connector which listens on 8889 - and that is playing a >> role here. Do you think this assumption is correct? >> >> Here are the connector properties: <Connector port="8888" >> protocol="HTTP/1.1" connectionTimeout="20000" redirectPort="8889" >> /> > > So you are probably expecting that all HTTP traffic to :8888 will be > redirected to HTTPS over :8889? > Yes. > How long does the redirect take? > I do not know how to measure redirection time. Please let me know if there any mechanism to trace it. > Under heavy load, you might be running out of threads depending upon a > lot of factors, such as what kind of protocol and endpoint are > actually being used. It looks like you are using the APR connector > (due to SSLCertificateFile) which has some positive attributes with > request to scalability while NIO would probably be the best choice if > possible. > > It's got terrible performance, though, unless you use the OpenSSL > provider (which requires Tomcat 8.5 or later). > >> <Connector port="8889" SSLCertificateFile="C:/mycer.cer" >> SSLCertificateKeyFile="C:\mykey.key" SSLEnabled="true" >> acceptCount="100" clientAuth="false" disableUploadTimeout="true" >> enableLookups="false" keystoreFile="conf/.keystore" >> maxHttpHeaderSize="8192" maxSavePostSize="-1" maxThreads="200" >> minSpareThreads="20" protocol="HTTP/1.1" scheme="https" >> secure="true" sslProtocol="TLS1.2" >> compressableMimeTypes="text/html,text/xml,text/plain,application/json" >> >> > compressionMinSize="2048" >> compression="force" threadPriority="6" /> > > When you say "high load", what kind of load are you talking about, > specifically? > > You may simply have too much traffic for your existing hardware to > handle. No amount of configuration can fix that. > - -chris We have 9 JVMs. As per current setting, per JVM max concurrency can reach up-to 300(maxThreads="200"+acceptCount="100"). Issue was reported when 2300 users on the system. So, I think it is not a case of thread exhaustion but something else. Most possibly few JVMs were under stress due to uneven load balancing(we have stickysession). This issue just came to me and all resource usage data are gone. I have asked for re-run so that I can analyze it properly. Let's see. :) Back to my original question, in case of HTTP to HTTPS auto redirection, Connector properties set for the later will be finally applied to the request - is that a correct statement? Thanks! Suvendu --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
