tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Nikola Milutinovic <Nikola.Milutino...@ev.co.yu>
Subject Re: Systems Architecture Pros and Cons
Date Thu, 13 Oct 2005 11:02:47 GMT
Peter Johnson wrote:

> Nix, I am fully aware of all of this (regarding security permissions 
> etc) ... I am not trying to solve a problem but rather open a 
> discussion with the community on how people prefer to structure their 
> systems. Some run only Tomcat, some run multiple servers with Apache 
> and Tomcat, some tier the Apache and Tomcat services.
>
> I was trying to open a discussion as to what people do and why.


And you did :-) I'm sorry if my reply sounded grumpy (did it?). I guess 
I misinterpreted your intention for open discussion.

> My approach is usually to run Apache and Tomcat in separate tiers as I 
> feel the ~50-100ms delay introduced by doing so is negligible to the 
> security gains. I also feel that aspects of data management etc are 
> easier and more secure under this approach. I use the Apache layer to 
> handle SSL termination, compression, URL rewriting and caching leaving 
> the application and Tomcat clean to perform the business logic. This 
> is just my opinion though.


OK. I run TC standalone in test environment, but our production server 
has Apache front-end coupled via mod_jk2 (at that time, JK2 was thought 
to inherit the throne) with TC. The versions of the software are a bit 
out of date, but I cannot upgrade at this moment.

If you separate Apache tier from the TC tier, you can impose more strict 
security rules on the system and make it easier for you to isolate a 
compromized system. I totally agrre with your reasons for running Apache 
as a front-end. What you need is really best done with Apache and that 
was my reasoning, as well. Not to forget that running TC as non-root 
user and binding to TCP:80 has it's amount of work. Plus, I wanted to 
have GSSAPI authentication and TC cannot do that. I guess nobody is even 
considering implementing that in TC. And why should they? If both Apache 
and IIS can hadle it transparently to TC, that is the way to go.

Personally, I'd go for N+M solution. I'd start with one Apache box and 
one or two TC boxes and see how they handle load. I'd be ready to throw 
in additional servers as demand grows. The reason why I said two TCs is, 
well, it would be nice to have configs ready and tested for clustering. 
Without clustering TCs I don't think you can a cluster wide session. 
That would mean no load balancing as well.

Whether or not to go for load balancing depends on how well, or if at 
all, you can partition and devide your applications. You could dedicate 
one TC for one app and the otehr for app2. That could lead TC servers 
being unequally utilised, of course.

I think that the best approach is to put your IS on paper, plan ahead 
and implement it, but be prepared to add, remove, change and, generally, 
refactor your solution. Same applies to building Java (or any other) 
applications. That is a pro-active approach that will win.

Nix.

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message