Hi John, John Moore schrieb: > > I have a cluster of Tomcat 5.5 servers that are running Apache 2.2 to > serve static content; mod_jk 1.2.25 connector is used. I am considering > adding apache servers in separate corners of the country to serve the > static content closer to the user. I can not copy Tomcat to each of > these locations. I was thinking of routing the ajp traffic through an > OpenVPN SSL tunnel to the existing tomcat servers. We did some tests and > were surprised that there seemed to be a decent performance increase. > > Has anyone had any successes, failures, or gotcha’s doing this?
No real experience. I heard from a couple of people, who had problems with the stability of the tunnel. So using Cping/Cpong etc. could be important here. Read the Timeouts docs page http://tomcat.apache.org/connectors-doc/generic_howto/timeouts.html especially the parts related to firewalls (a dropped VPN tunnel might behave similarly to an idle connection drop by a firewall). > Would mod_jk solution use less bandwidth than something like mod_proxy > to redirect the tomcat-destined http/s requests? I would not expect, that AJP13 gives a big bandwidth benefit. Since you are talking about dynamic content only, usually we are in the region of about 5-20KB per request, and the savings from the binary encoded HTTP headers should be well below 1KB. On the other hand AJP13 response packets have a little overhead, so I would expect well below 10% reduction in needed bandwidth. > > Any suggestions on stopping user access to a Apache if AJP link to > Tomcat drops? What do you mean by stop? Presenting well-defined error pages? In case mod_jk can not reach Tomcat it should return a 503, sometimes a 504. You can define a customized ErrorDocument in httpd for this case. I would always include an lb worker between Apache and even a single Tomcat, because this enables you to get better state information via a status worker. > Thanks, > John Regards, Rainer --------------------------------------------------------------------- To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
