tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Peter Crowther" <Peter.Crowt...@melandra.com>
Subject RE: Basic question - Ingterating Tomcat with Apache
Date Mon, 24 Sep 2007 10:50:36 GMT
> From: albrecht andrzejewski [mailto:albrecht.andrzejewski@ema.fr] 
> I think tomcat stand alone is
> -> easier to deploy.
> And that's all.

There are also fewer things to fail, and a smaller learning curve for
your system administrators (if they don't already know Apache httpd and
the JK connector).

> I think apache as a front end is a more flexible and secure solution.
> -> if apache fails, tomcat is not affected

... but is inaccessible.  This is a failure mode you don't have with
just a Tomcat.

> -> if tomcat fails, apache can redirect request to another tomcat

True.  How often do you expect this failure mode?

> -> when you serve static content juste like image of your 
> site and all  
> static text part , javascripts, etc ( i mean... dynamic content is  
> often just an hour ticking at the top of the page!) apche can better  
> handle the request and serve them quickier (with cache).

There have been a couple of benchmarks on this, most recently by Peter
Lin (available at
http://tomcat.apache.org/articles/benchmark_summary.pdf).  They showed
that Tomcat 5.0 and higher are sufficiently efficient at serving static
content that you'll saturate your network before you run out of
resources on the server.  Peter saturated a 100Mbit/s LAN connection.

> Am i wrong ?  As i have currently nothing pre-installed on it... and  
> it would be fine to know what you are thinking about it. You seem to  
> be pro vanilla tomcat... But just let us know WHEN pure 
> tomcat has to be choosen !

Vanilla Tomcat never *has* to be chosen.  I like systems with fewer
moving parts - they're generally simpler to manage, more robust and
easier to debug when they go wrong.  And security-wise, I'd much rather
put a proper firewall in front of a web server than rely on httpd to
catch all the possible attacks!

You may have other reasons to add httpd.  Unless you have very slow
boxes and very fast network connections, speed of serving static content
is not a valid reason.  I'd never assume httpd is any more secure than
Tomcat, so security (to me) is not a valid reason.  You may want to put
httpd in front, simply so that you can load-balance and scale Tomcats as
your application grows - that's a valid reason if you don't want to use
a hardware load-balancer, and plenty of folks load-balance that way,
including some quite large sites with quite demanding SLAs.  Just make
sure you know what you're gaining by adding the extra system!

		- Peter

---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message