This week's book giveaway is in the Clojure forum.
We're giving away four copies of Clojure in Action and have Amit Rathore and Francis Avila on-line!
See this thread for details.
Win a copy of Clojure in Action this week in the Clojure forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Reason(s) to Front Tomcat with Apache

 
Gregg Bolinger
GenRocket Founder
Ranch Hand
Posts: 15302
6
Chrome IntelliJ IDE Mac OS X
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I'm wondering what the valid reasons are these days for fronting a web application running in Tomcat with Apache (httpd). Any truly static content we're delivering from AmazonS3. It just seems to me that Apache is just an extra process at this point when every bit of traffic is forwarded to Tomcat. Any insight is appreciated.
 
Bear Bibeault
Author and ninkuma
Marshal
Pie
Posts: 64188
83
IntelliJ IDE Java jQuery Mac Mac OS X
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
A number of places I worked did this simply because Apache was deemed faster (rightly? Not sure.) than Tomcat at serving static resources. If the static resources come from somewhere else, that reasoning falls through.

Another place needed PHP support.

But most of the time I think that the reason is "We've always done it that way."
 
Gregg Bolinger
GenRocket Founder
Ranch Hand
Posts: 15302
6
Chrome IntelliJ IDE Mac OS X
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
The only other reason I can think of is that on our dev/staging servers we added basic auth in the apache config to lock down access to the application since they are public domains. This security is completely seperate from the web applications security. And I don't know how to do that in Tomcat.
 
Bear Bibeault
Author and ninkuma
Marshal
Pie
Posts: 64188
83
IntelliJ IDE Java jQuery Mac Mac OS X
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I think the place I'm doing some contract work for fronts with Apache for those types of security facilities. (But I tend to distrust the reasonings of the outfit that they're using for their IT as they've proven themselves to be the Marx Brothers on more than one occasion.)
 
Rob Spoor
Sheriff
Pie
Posts: 20381
46
Chrome Eclipse IDE Java Windows
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
The only reason we've done it is to add load balancing to Tomcat.
 
Gregg Bolinger
GenRocket Founder
Ranch Hand
Posts: 15302
6
Chrome IntelliJ IDE Mac OS X
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Rob Spoor wrote:The only reason we've done it is to add load balancing to Tomcat.


Can you expand on that?
 
Koen Aerts
Ranch Hand
Posts: 344
Java Linux Oracle
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I've used Apache http server mainly to do load balancing, to handle ssl certificates and to implement rewrite rules. For some smaller web sites I'm using only Tomcat.
 
Ulf Dittmer
Rancher
Pie
Posts: 42966
73
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Ssl termination, load balancing and apache modules like php, rewrite and others (if you need those).
 
Rob Spoor
Sheriff
Pie
Posts: 20381
46
Chrome Eclipse IDE Java Windows
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Gregg Bolinger wrote:
Rob Spoor wrote:The only reason we've done it is to add load balancing to Tomcat.


Can you expand on that?

We have a clustered application (purchased) but it isn't load balanced. We put an Apache HTTPD server in front of it with mod_jk acting as load balancer. Our worker.properties file:
Any hit to the Apache server will end up at either of the two Tomcat instances, with session persistence enabled.
 
Tim Holloway
Saloon Keeper
Pie
Posts: 17625
39
Android Eclipse IDE Linux
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Perhaps the most important reason to put Apache in front of Tomcat is that Apache can safely receive on port 80 and 443 without running as root. Tomcat cannot. So if you want to use the standard ports, proxy Tomcat or open up a major security vulnerability.

The idea that Apache can serve static content faster than Tomcat is one that needs to be taken out back and shot. Up until about Tomcat 4, yes, that was true, but reportedly since then improvements in Tomcat mean that there's little difference. If in doubt (and if it's important), measure, but this is mainly a bit of obsolete wisdom, that like all obsolete wisdom does more harm than good.

Other reasons for running Apache as a front for Tomcat:

* "One stop shopping" for multiple Tomcat servers running different apps
* load balancing for multiple Tomcat servers running the same apps
* Proxy access to Tomcat servers behind a firewall
* Normalization of URLs to hide the normal port and application context paths. General URL rewriting.
* More "One stop shopping". You can run a mix of J2EE and non-J2EE apps (cgi, PHP, Python and so forth) all from the same host.
 
I agree. Here's the link: http://aspose.com/file-tools
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic