Apache Httpd 2.2.x proxying request to Tomcat 8

Add below entries to /etc/httpd/conf.d/tomcat.conf:

SetEnv force-proxy-request-1.0 1
SetEnv proxy-nokeepalive 1
SetEnv proxy-initial-not-pooled 1
RequestHeader unset Expect early

ProxyPass “/abc” “balancer://mycluster/”
<Proxy balancer://mycluster>
ProxySet failonstatus=502,503 maxattempts=100
BalancerMember ajp://host1:9999 timeout=10 retry=10 ping=10 disablereuse=on keepalive=on
BalancerMember ajp://host2:9999 timeout=10 retry=10 ping=10 disablereuse=on keepalive=on
BalancerMember ajp://host3:9999 timeout=10 retry=10 ping=10 disablereuse=on keepalive=on
</Proxy>

 

Some explanation:

SetEnv force-proxy-request-1.0 1
SetEnv proxy-nokeepalive 1
– Force the request to use HTTP/1.0 with no keepalive.

SetEnv proxy-initial-not-pooled 1
– If this variable is set, no pooled connection will be reused if the client request is the initial request on the frontend connection. This avoids the “proxy: error reading status line from remote server” error message caused by the race condition that the backend server closed the pooled connection after the connection check by the proxy and before data sent by the proxy reached the backend. It has to be kept in mind that setting this variable downgrades performance, especially with HTTP/1.0 clients.

RequestHeader unset Expect early
– The issue is that some clients set the Expect header and only send the request headers before a PUT or POST of data. This allows the server to respond with errors/redirects/security violations prior to the client sending the request body (PUT or POST data). Apparently some clients does not wait until it gets a response and just pushes out the body of the request, which results in the 417 error.
http://stackoverflow.com/questions/3889574/apache-and-mod-proxy-not-handling-http-100-continue-from-client-http-417

 

ProxySet failonstatus=502,503 maxattempts=10
failonstatus – A single or comma-separated list of HTTP status codes. Will force the worker into error state when the backend returns any status code in the list
maxattempts – Maximum number of failover attempts before giving up.

BalancerMember ajp://host1:9999 timeout=10 retry=10 ping=10 disablereuse=on keepalive=on
timeout – maximum time to wait for a free worker. The default is to not wait.
retry – Connection pool worker retry timeout in seconds. If the connection pool worker to the backend server is in the error state, Apache httpd will not forward any requests to that server until the timeout expires. This enables to shut down the backend server for maintenance and bring it back online later. A value of 0 means always retry workers in an error state with no timeout.
ping – Delay in seconds to wait for the reply of “ping test” to the backend
disablereuse – force mod_proxy to immediately close a connection to the backend after being used
keepalive – This parameter should be used when you have a firewall between your Apache httpd and the backend server, which tends to drop inactive connections. This flag will tell the Operating System to send KEEP_ALIVE messages on inactive connections and thus prevent the firewall from dropping the connection

References:

https://bz.apache.org/bugzilla/show_bug.cgi?format=multiple&id=57520

https://httpd.apache.org/docs/current/mod/mod_proxy.html

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s