More on infrastructure: apache, tomcat and roller

It occurred to me that I should mention how I got my tomcat + roller setup done for my home website.

Firstly, you need to make sure your web server has an appropriate linkage to a web application server, such as `Tomcat`_. Sun provides `Apache`_ versions 1.3 and 2.0 with Solaris Express, along with Tomcat v5.

With Apache 1.3 you can use the plugin along with mod_rewrite or mod_proxy in order to redirect webapp requests to the correct port. Here’s what I configured with v1.3:

# to re-direct to :8000/roller/page/jmcp
RewriteEngine  on
RewriteRule     /blog
RewriteRule     /roller [L]

I didn’t want to use v1.3 though, so I tried the bundled v2.0 instead. That uses a slightly different AJP/1.3 redirection process, for which you need mod_jk. This isn’t included with the bundled version, so you need to pull it down and build it yourself.

LoadModule jk_module libexec/
JkWorkersFile /etc/apache2/
JkLogFile     /etc/apache2/logs/mod_jk.log
JkLogLevel    info
# Select the log format
JkLogStampFormat "[%a %b %d %H:%M:%S %Y] "
# JkOptions indicate to send SSL KEY SIZE,
JkOptions     +ForwardKeySize +ForwardURICompat -ForwardDirectories
# JkRequestLogFormat set the request format
JkRequestLogFormat     "%w %V %T"
# Send everything for context /examples to worker named worker1 (ajp13)
#JkMount  /examples/* worker1
JkMount /blog/* ajp13
JkMount /roller ajp13
JkMount /roller/* ajp13

That didn’t really work for me either, unfortunately. I kept seeing errors like these:

[Fri Sep 01 21:03:12 2006] [296262:0000] [info]  mod_jk.c (1978): Service error=0 for worker=ajp13
[Fri Sep 01 21:03:18 2006] [296263:0000] [info]  jk_ajp_common.c (1178): Socket 15 is not connected any more (errno=-1)
[Fri Sep 01 21:03:18 2006] [296263:0000] [info]  jk_ajp_common.c (1202): Error sending request. Will try another pooled connection
[Fri Sep 01 21:03:18 2006] [296263:0000] [info]  jk_ajp_common.c (1224): All endpoints are disconnected or dead
[Fri Sep 01 21:03:18 2006] [296263:0000] [info]  jk_ajp_common.c (1783): Sending request to tomcat failed,  recoverable operation attempt=1
[Fri Sep 01 21:03:18 2006] [296263:0000] [error] jk_ajp_common.c (1794): Error connecting to tomcat. Tomcat is probably not started or is listening on the wrong port. worker=ajp13 failed

which meant that nearly 50% of requests to any webapp run by tomcat would fail to respond with a error about excess load. Clearly bogus, but a pain in the rear nonetheless.

So I ditched both in favour of pulling down apache httpd v2.2.3 and tomcat v5.5.17. (I also grabbed OpenSSL and installed it in /opt/local).

The successful configure line that I used for building apache is

CFLAGS='-xlibmil -xlibmopt -xO5'
CXXFLAGS='-xlibmil -xlibmopt -xO5'
#requires openssl in /opt/local/lib
LD_LIBRARY_PATH=/opt/local/lib:$LD_LIBRARY_PATH ./configure --prefix=/scratch/web/apache/2.2.3 \
--enable-modules=all --enable-file-cache --enable-cache --enable-dbd \
--enable-deflate --enable-ldap --enable-mime-magic --enable-expires --enable-headers \
--enable-usertrack --enable-unique-id --enable-version --enable-proxy --enable-proxy-connect \
--enable-proxy-ftp --enable-proxy-http --enable-proxy-ajp --enable-proxy-balancer --enable-ssl \
--enable-http --enable-dav --enable-info --enable-cgi --enable-vhost-alias --enable-imagemap \
--enable-speling --enable-rewrite --enable-so --with-mpm=prefork --with-ssl=/opt/local \
--enable-authnz-ldap --with-ldap --disable-static-support --enable-static-htpasswd=no \
--enable-static-htdigest=no --enable-static-rotatelogs=no --enable-static-logresolve=no \
--enable-static-htdbm=no --enable-static-ab=no --enable-static-checkgid=no

Note: if you enable the “–enable-v4-mapped” option then you’ll get messages like this one:

[Mon Sep 04 07:52:06 2006] [warn] (128)Network is unreachable: connect to listener on [::]:80

So, with apache 2.2.3 built and installed I added these lines to my httpd.conf file:

ProxyPass               /roller         ajp://localhost:8009/roller
ProxyPassReverse        /roller         ajp://localhost:8009/roller
ProxyPass               /blog           ajp://localhost:8009/roller/page/jmcp
ProxyPassReverse        /blog           ajp://localhost:8009/roller/page/jmcp

Right, so that’s apache done, what about tomcat?

I pulled down a pre-built version (Java is great :>) and installed it in my desired location (/scratch/web/tomcat/tomcat). Drawing on the existing shell script /etc/rc3.d/S50apache I set CATALINA_HOME=/scratch/web/tomcat/tomcat, ditto for CATALINA_BASE and made sure that user webservd is the one which runs tomcat and apache. I had to chmod some of the directories under /scratch/web for that to work correctly first.

In order to enable the JVM server mode (better for long running processes), I edited $CATALINE_HOME/bin/, adding

##### jmcp start
CATALINA_OPTS="-Xms64m -server"
##### jmcp end

up the top of the script.

Then it was time to get roller happening.

Grab a copy of roller from the Download Page.There is a reasonably good installation guide published at the Roller Wiki site, and I used that quite extensively.

You need a backend db to store the blog entries and a few other things. The default that Roller uses is MySQL, but you can also use Oracle or postgresql. Since I’ve used PostgreSQL more than the others (and Sun bundles it and MySQL with Solaris Express) I figured I’d see how easy it would be to use it.

Once I’d created a postgres db (called roller) and started it, I had to create the various tables that roller needs.

There is a createdb.sql script supplied under $ROLLER/WEB-INF/dbscripts/postgresql which was a good start for this. However, it didn’t do all of the requisite GRANT operations, so I had to do those manually from within pg_ctl. (I was sure I’d noted them down somewhere, but I can’t lay my hands on the file).

That done, I then had to create a roller.xml file to deploy in tomcat’s $CATALINA_HOME/conf/Catalina/`hostname`/ directory.

Courtesy of the Wiki installation guide, I found a section labelled “Example for Tomcat 5.5.X Users” on which I based my deployment descriptor:

<Context path="/roller" docbase="/scratch/web/tomcat/roller" debug="0">
<Resource name="jdbc/rollerdb" auth="Container" type="javax.sql.DataSource">
maxWait="3000" />
<!-- If you want e-mail features, un-comment the section below -->
<!--<br/>  <Resource name="mail/Session" auth="Container" type="javax.mail.Session"<br/>"" /> < br/>  -->

You must ensure that you’ve got the db-specific JDBC connector jar installed under $CATALINA_HOME/common/lib. In my case, the package SUNWpostgr-jdbc contains /usr/share/java/postgresql.jar which was exactly what I needed.

I then started up tomcat and apache, connected to and enjoyed seeing the login screen for roller.

After a day or so I remembered that I should get some SMF manifests together rather than shell scripts. So with thanks to Chris Gerhard amongst others I hacked up some manifests for postgres, tomcat and apache. +--------------+----------+----------------+ | service name | manifest | service script | +==============+==========+================+ | apache223 | | | +-----------+----------------------------------------------------------------------------------------------+-----------------------------------------------------------------------------------------------+ | tomcat | | | +--------+-------------------------------------------------------------------------------------------+------------------------------------------------------------------------------------------+ | postgres | | | +----------+---------------------------------------------------------------------------------------------+--------------------------------------------------------------------------------------------+

Edit the paths in the xml and shell scripts to suit your installation, then copy the scripts to the correct location, and run svccfg import /path/to/each/manifest followed by a quick svcadm enable svcname… and you should be good to go.

Technorati Tags: `tomcat`_, roller, `apache`_, postgresql, Solaris, OpenSolaris, infrastructure

System Message: WARNING/2 (<string>, line 195); backlink

Duplicate explicit target name: "tomcat".

System Message: WARNING/2 (<string>, line 196); backlink

Duplicate explicit target name: "apache".

Docutils System Messages

System Message: ERROR/3 (<string>, line 4); backlink

Duplicate target name, cannot be used as a unique reference: "tomcat".

System Message: ERROR/3 (<string>, line 4); backlink

Duplicate target name, cannot be used as a unique reference: "apache".

System Message: ERROR/3 (<string>, line 177); backlink

Duplicate target name, cannot be used as a unique reference: "tomcat".

System Message: ERROR/3 (<string>, line 177); backlink

Duplicate target name, cannot be used as a unique reference: "apache".