February 2015 - mod_cluster-issues

[JBoss JIRA] (MODCLUSTER-402) Balancer shutdown, AS:OutOfMemoryError: unable to create new native thread

by RH Bugzilla Integration (JIRA)

[ https://issues.jboss.org/browse/MODCLUSTER-402?page=com.atlassian.jira.pl... ] RH Bugzilla Integration commented on MODCLUSTER-402: ---------------------------------------------------- Michal Babacek <mbabacek(a)redhat.com> changed the Status of [bug 1094159|https://bugzilla.redhat.com/show_bug.cgi?id=1094159] from NEW to CLOSED > Balancer shutdown, AS:OutOfMemoryError: unable to create new native thread > -------------------------------------------------------------------------- > > Key: MODCLUSTER-402 > URL: https://issues.jboss.org/browse/MODCLUSTER-402 > Project: mod_cluster > Issue Type: Bug > Affects Versions: 1.2.8.Final > Environment: HP-UX ia64, HP JDK 1.7 > Reporter: Michal Babacek > Assignee: Michal Babacek > Priority: Critical > Fix For: 1.2.11.Final > > Attachments: OOM-server.logs.zip > > > # start Apache HTTP Server with mod_cluster > # start EAP 6.3 worker 1, jvmroute: jboss-eap-6.3 > # start EAP 6.3 worker 2, jvmroute: jboss-eap-6.3-2 > # stop 1. > # let 2. and 3. trying to contact the balancer > # OOM > See two detailed logs for both machines: [^OOM-server.logs.zip]. > At the moment, I'm not sure it was really mod_cluster's fault, due to the JGroups messages. I have a hunch it might be linked to the new JBossWeb NIO... > Assigning to myself for investigation. -- This message was sent by Atlassian JIRA (v6.3.11#6341)

9 years, 10 months

1
0
0 / 0

[JBoss JIRA] (MODCLUSTER-400) Failover with SSL breaks sticky sessions on HP-UX v11.3, hpws22

by RH Bugzilla Integration (JIRA)

[ https://issues.jboss.org/browse/MODCLUSTER-400?page=com.atlassian.jira.pl... ] RH Bugzilla Integration commented on MODCLUSTER-400: ---------------------------------------------------- Michal Babacek <mbabacek(a)redhat.com> changed the Status of [bug 1093848|https://bugzilla.redhat.com/show_bug.cgi?id=1093848] from NEW to CLOSED > Failover with SSL breaks sticky sessions on HP-UX v11.3, hpws22 > --------------------------------------------------------------- > > Key: MODCLUSTER-400 > URL: https://issues.jboss.org/browse/MODCLUSTER-400 > Project: mod_cluster > Issue Type: Bug > Affects Versions: 1.2.8.Final > Environment: HP-UX v11.3, hpuxws22Apache B.2.2.15.15 HP-UX Apache-based Web Server, libaprutil-1.sl.3.9, libapr-1.sl.4.2 > Reporter: Michal Babacek > Assignee: Jean-Frederic Clere > Priority: Critical > Fix For: 1.2.11.Final > > Attachments: hp-ux_error_log-ajp-failover.zip, hp-ux_error_log-ssl-failover.zip, rhel_error_log-ssl-failover.zip > > > Failover with SSL breaks sticky sessions on HP-UX v11.3, hpws22 > With the following configuration on a single box: > {panel:title=mod_cluster.conf| borderStyle=dashed} > {code} > MemManagerFile "/hell/workspace/hpws22/apache/cache/mod_cluster" > ServerName 10.16.92.191:2081 > <IfModule manager_module> > Listen 10.16.92.191:8745 > LogLevel debug > <VirtualHost 10.16.92.191:8745> > ServerName 10.16.92.191:8745 > <Directory /> > Order deny,allow > Deny from all > Allow from all > </Directory> > KeepAliveTimeout 60 > MaxKeepAliveRequests 0 > ServerAdvertise on > AdvertiseFrequency 5 > ManagerBalancerName qacluster > AdvertiseGroup 224.0.3.47:23364 > EnableMCPMReceive > SSLEngine on > SSLProtocol all -SSLv2 -SSLv3 > SSLCipherSuite "EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM EECDH+ECDSA+SHA384 EECDH+ECDSA+SHA256 EECDH+aRSA+SHA384 EECDH+aRSA+SHA256 EECDH+aRSA+RC4 EECDH EDH+aRSA RC4 !aNULL !eNULL !LOW !3DES !MD5 !EXP !PSK !SRP !DSS" > SSLHonorCipherOrder on > SSLCertificateFile /vault/certs/server.crt > SSLCertificateKeyFile /vault/certs/server.key > SSLCACertificateFile /vault/certs/myca.crt > SSLProxyEngine On > SSLVerifyDepth 10 > <Location /mcm> > SetHandler mod_cluster-manager > Order deny,allow > Deny from all > Allow from all > </Location> > </VirtualHost> > </IfModule> > {code} > {panel} > {panel:title=standalone-ha.xml| borderStyle=dashed} > {code} > +++ > <subsystem xmlns="urn:jboss:domain:web:2.1" native="false"> > <connector name="https" protocol="HTTP/1.1" socket-binding="https" scheme="https" enabled="true" secure="true"> > <ssl name="https" ca-certificate-file="/vault/certs/ca-cert.jks" certificate-key-file="/vault/certs/client-cert-key.jks" certificate-file="/vault/certs/client-cert-key.jks" password="tomcat" verify-client="false" key-alias="javaclient" > cipher-suite="SSL_RSA_WITH_DES_CBC_SHA,SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA,SSL_RSA_WITH_3DES_EDE_CBC_SHA,SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA,SSL_RSA_EXPORT_WITH_RC4_40_MD5,SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA,SSL_RSA_WITH_RC4_128_SHA,SSL_RSA_WITH_NULL_MD5,SSL_DHE_RSA_WITH_DES_CBC_SHA,SSL_DH_anon_EXPORT_WITH_RC4_40_MD5,SSL_DH_anon_WITH_3DES_EDE_CBC_SHA,SSL_DH_anon_WITH_RC4_128_MD5,SSL_RSA_WITH_RC4_128_MD5,SSL_DHE_DSS_WITH_DES_CBC_SHA,SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA,SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA,SSL_DH_anon_WITH_DES_CBC_SHA,SSL_RSA_WITH_NULL_SHA,SSL_RSA_EXPORT_WITH_DES40_CBC_SHA" protocol="TLS"/> > </connector> > <connector name="ajp" protocol="AJP/1.3" scheme="http" socket-binding="ajp"/> > <connector name="http" protocol="HTTP/1.1" scheme="http" socket-binding="http"/> > <virtual-server name="default-host" enable-welcome-root="true"> > <alias name="localhost"/> > <alias name="example.com"/> > </virtual-server> > </subsystem> > +++ > <subsystem xmlns="urn:jboss:domain:modcluster:1.2"> > <mod-cluster-config connector="https" advertise-socket="modcluster"> > <dynamic-load-provider> > <load-metric type="busyness"/> > </dynamic-load-provider> > <ssl ca-certificate-file="/vault/certs/ca-cert.jks" certificate-key-file="/vault/certs/client-cert-key.jks" password="tomcat" key-alias="javaclient" > cipher-suite="SSL_RSA_WITH_DES_CBC_SHA,SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA,SSL_RSA_WITH_3DES_EDE_CBC_SHA,SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA,SSL_RSA_EXPORT_WITH_RC4_40_MD5,SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA,SSL_RSA_WITH_RC4_128_SHA,SSL_RSA_WITH_NULL_MD5,SSL_DHE_RSA_WITH_DES_CBC_SHA,SSL_DH_anon_EXPORT_WITH_RC4_40_MD5,SSL_DH_anon_WITH_3DES_EDE_CBC_SHA,SSL_DH_anon_WITH_RC4_128_MD5,SSL_RSA_WITH_RC4_128_MD5,SSL_DHE_DSS_WITH_DES_CBC_SHA,SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA,SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA,SSL_DH_anon_WITH_DES_CBC_SHA,SSL_RSA_WITH_NULL_SHA,SSL_RSA_EXPORT_WITH_DES40_CBC_SHA" protocol="TLS"/> > </mod-cluster-config> > </subsystem> > +++ > {code} > {panel} > One gets the following weird session loss. This log [^hp-ux_error_log-ssl-failover.zip] covers the undermentioned test servlet output: > {code} > echo -e "`date` `curl https://10.16.92.191:8745/clusterbench/requestinfo --cert /vault/certs/client.crt --key /vault/certs/client.key --cacert /vault/certs/myca.crt --insecure -c cookiefile.txt -b cookiefile.txt 2> /dev/null`"; > {code} > {code} > Wed, Apr 30, 2014 11:50:11 AM Request URI: /clusterbench/requestinfo > Headers: {host=10.16.92.191:8544, user-agent=curl/7.30.0, accept=*/*, cookie=JSESSIONID=vjZSMs4fZ8j0h+VIQ-GLAz+F.jboss-eap-6.3, x-forwarded-for=10.16.92.191, x-forwarded-host=10.16.92.191:8745, x-forwarded-server=10.16.92.191, connection=Keep-Alive} > Host header: 10.16.92.191:8544 > JVM route: jboss-eap-6.3 > Session ID: vjZSMs4fZ8j0h+VIQ-GLAz+F.jboss-eap-6.3 > Session isNew: false > Wed, Apr 30, 2014 11:50:13 AM Request URI: /clusterbench/requestinfo > Headers: {host=10.16.92.191:8544, user-agent=curl/7.30.0, accept=*/*, cookie=JSESSIONID=vjZSMs4fZ8j0h+VIQ-GLAz+F.jboss-eap-6.3, x-forwarded-for=10.16.92.191, x-forwarded-host=10.16.92.191:8745, x-forwarded-server=10.16.92.191, connection=Keep-Alive} > Host header: 10.16.92.191:8544 > JVM route: jboss-eap-6.3 > Session ID: vjZSMs4fZ8j0h+VIQ-GLAz+F.jboss-eap-6.3 > Session isNew: false > -- stop jboss-eap-6.3 -- (the same behavior with jvm kill) -- > Wed, Apr 30, 2014 11:50:18 AM Request URI: /clusterbench/requestinfo > Headers: {host=10.16.92.191:8645, user-agent=curl/7.30.0, accept=*/*, cookie=JSESSIONID=vjZSMs4fZ8j0h+VIQ-GLAz+F.jboss-eap-6.3, x-forwarded-for=10.16.92.191, x-forwarded-host=10.16.92.191:8745, x-forwarded-server=10.16.92.191, connection=Keep-Alive} > Host header: 10.16.92.191:8645 > JVM route: jboss-eap-6.3-2 > Session ID: tYnoHJhX73UYrr3QCaUikR9h.jboss-eap-6.3-2 > Session isNew: true > Wed, Apr 30, 2014 11:50:20 AM Request URI: /clusterbench/requestinfo > Headers: {host=10.16.92.191:8645, user-agent=curl/7.30.0, accept=*/*, cookie=JSESSIONID=tYnoHJhX73UYrr3QCaUikR9h.jboss-eap-6.3-2, x-forwarded-for=10.16.92.191, x-forwarded-host=10.16.92.191:8745, x-forwarded-server=10.16.92.191, connection=Keep-Alive} > Host header: 10.16.92.191:8645 > JVM route: jboss-eap-6.3-2 > Session ID: tYnoHJhX73UYrr3QCaUikR9h.jboss-eap-6.3-2 > Session isNew: false > {code} > One could note that in the moment of fail-over from worker {{jboss-eap-6.3}} to worker {{jboss-eap-6.3-2}}, the original session {{vjZSMs4fZ8j0h+VIQ-GLAz+F}} had been lost and a new one, {{tYnoHJhX73UYrr3QCaUikR9h}} was created. > If we comment out all the SSL settings and switch to the AJP connector, the failover seems all right though (see the [^hp-ux_error_log-ajp-failover.zip]): > {code} > Wed, Apr 30, 2014 12:04:11 PM Request URI: /clusterbench/requestinfo > Headers: {user-agent=curl/7.30.0, host=10.16.92.191:8745, accept=*/*, cookie=JSESSIONID=v-hPRQD5FsZUAqZa3ZxRBXIF.jboss-eap-6.3} > Host header: 10.16.92.191:8745 > JVM route: jboss-eap-6.3 > Session ID: v-hPRQD5FsZUAqZa3ZxRBXIF.jboss-eap-6.3 > Session isNew: false > -- stop jboss-eap-6.3 -- (the same behavior with jvm kill) -- > Wed, Apr 30, 2014 12:04:14 PM Request URI: /clusterbench/requestinfo > Headers: {user-agent=curl/7.30.0, host=10.16.92.191:8745, accept=*/*, cookie=JSESSIONID=v-hPRQD5FsZUAqZa3ZxRBXIF.jboss-eap-6.3} > Host header: 10.16.92.191:8745 > JVM route: jboss-eap-6.3-2 > Session ID: v-hPRQD5FsZUAqZa3ZxRBXIF.jboss-eap-6.3-2 > Session isNew: false > {code} > Note that the session {{hPRQD5FsZUAqZa3ZxRBXIF}} remained the same during the failover, only a new jvmRoute were appended. > The most bewildering thing is that this behavior is specific to {{hpuxws22Apache B.2.2.15.15 HP-UX Apache-based Web Server}}, > i.e., I've carefully followed the same scenario with the same config on RHEL 6 x86_64, Apache/2.2.22 and the session is kept both with AJP and HTTPS connectors (see [^rhel_error_log-ssl-failover.zip]). > {code} > Fri May 2 09:47:13 EDT 2014 Request URI: /clusterbench/requestinfo > Headers: {host=192.168.122.204:8443, user-agent=curl/7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7 NSS/3.14.3.0 zlib/1.2.3 libidn/1.18 libssh2/1.4.2, accept=*/*, cookie=JSESSIONID=wdeSdhbahzVweKc5F9mUprJr.jboss-eap-6.3, x-forwarded-for=192.168.122.204, x-forwarded-host=192.168.122.204:8847, x-forwarded-server=192.168.122.204, connection=Keep-Alive} > Host header: 192.168.122.204:8443 > JVM route: jboss-eap-6.3 > Session ID: wdeSdhbahzVweKc5F9mUprJr.jboss-eap-6.3 > Session isNew: false > -- stop jboss-eap-6.3 -- (the same behavior with jvm kill) -- > Fri May 2 09:47:16 EDT 2014 Request URI: /clusterbench/requestinfo > Headers: {host=192.168.122.204:8544, user-agent=curl/7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7 NSS/3.14.3.0 zlib/1.2.3 libidn/1.18 libssh2/1.4.2, accept=*/*, cookie=JSESSIONID=wdeSdhbahzVweKc5F9mUprJr.jboss-eap-6.3, x-forwarded-for=192.168.122.204, x-forwarded-host=192.168.122.204:8847, x-forwarded-server=192.168.122.204, connection=Keep-Alive} > Host header: 192.168.122.204:8544 > JVM route: jboss-eap-6.3-2 > Session ID: wdeSdhbahzVweKc5F9mUprJr.jboss-eap-6.3-2 > Session isNew: false > {code} > To date, I don't have any more info to share. -- This message was sent by Atlassian JIRA (v6.3.11#6341)

9 years, 10 months

1
0
0 / 0

[JBoss JIRA] (MODCLUSTER-402) Balancer shutdown, AS:OutOfMemoryError: unable to create new native thread

by Michal Babacek (JIRA)

[ https://issues.jboss.org/browse/MODCLUSTER-402?page=com.atlassian.jira.pl... ] Michal Babacek resolved MODCLUSTER-402. --------------------------------------- Resolution: Cannot Reproduce Bug I can't reproduce it with mod_clustrer 1.2.10+ any more, EAP 6.4 Beta. I'll reopen the Jira if it ever occurs again. > Balancer shutdown, AS:OutOfMemoryError: unable to create new native thread > -------------------------------------------------------------------------- > > Key: MODCLUSTER-402 > URL: https://issues.jboss.org/browse/MODCLUSTER-402 > Project: mod_cluster > Issue Type: Bug > Affects Versions: 1.2.8.Final > Environment: HP-UX ia64, HP JDK 1.7 > Reporter: Michal Babacek > Assignee: Michal Babacek > Priority: Critical > Fix For: 1.2.11.Final > > Attachments: OOM-server.logs.zip > > > # start Apache HTTP Server with mod_cluster > # start EAP 6.3 worker 1, jvmroute: jboss-eap-6.3 > # start EAP 6.3 worker 2, jvmroute: jboss-eap-6.3-2 > # stop 1. > # let 2. and 3. trying to contact the balancer > # OOM > See two detailed logs for both machines: [^OOM-server.logs.zip]. > At the moment, I'm not sure it was really mod_cluster's fault, due to the JGroups messages. I have a hunch it might be linked to the new JBossWeb NIO... > Assigning to myself for investigation. -- This message was sent by Atlassian JIRA (v6.3.11#6341)

9 years, 10 months

1
0
0 / 0

[JBoss JIRA] (MODCLUSTER-402) Balancer shutdown, AS:OutOfMemoryError: unable to create new native thread

by Michal Babacek (JIRA)

[ https://issues.jboss.org/browse/MODCLUSTER-402?page=com.atlassian.jira.pl... ] Michal Babacek updated MODCLUSTER-402: -------------------------------------- Bugzilla Update: (was: Perform) > Balancer shutdown, AS:OutOfMemoryError: unable to create new native thread > -------------------------------------------------------------------------- > > Key: MODCLUSTER-402 > URL: https://issues.jboss.org/browse/MODCLUSTER-402 > Project: mod_cluster > Issue Type: Bug > Affects Versions: 1.2.8.Final > Environment: HP-UX ia64, HP JDK 1.7 > Reporter: Michal Babacek > Assignee: Michal Babacek > Priority: Critical > Fix For: 1.2.11.Final > > Attachments: OOM-server.logs.zip > > > # start Apache HTTP Server with mod_cluster > # start EAP 6.3 worker 1, jvmroute: jboss-eap-6.3 > # start EAP 6.3 worker 2, jvmroute: jboss-eap-6.3-2 > # stop 1. > # let 2. and 3. trying to contact the balancer > # OOM > See two detailed logs for both machines: [^OOM-server.logs.zip]. > At the moment, I'm not sure it was really mod_cluster's fault, due to the JGroups messages. I have a hunch it might be linked to the new JBossWeb NIO... > Assigning to myself for investigation. -- This message was sent by Atlassian JIRA (v6.3.11#6341)

9 years, 10 months

1
0
0 / 0

[JBoss JIRA] (MODCLUSTER-400) Failover with SSL breaks sticky sessions on HP-UX v11.3, hpws22

by Michal Babacek (JIRA)

[ https://issues.jboss.org/browse/MODCLUSTER-400?page=com.atlassian.jira.pl... ] Michal Babacek resolved MODCLUSTER-400. --------------------------------------- Resolution: Cannot Reproduce Bug I can't reproduce it with mod_clustrer 1.2.10+ any more, EAP 6.4 Beta. I'll reopen the Jira if it ever occurs again. > Failover with SSL breaks sticky sessions on HP-UX v11.3, hpws22 > --------------------------------------------------------------- > > Key: MODCLUSTER-400 > URL: https://issues.jboss.org/browse/MODCLUSTER-400 > Project: mod_cluster > Issue Type: Bug > Affects Versions: 1.2.8.Final > Environment: HP-UX v11.3, hpuxws22Apache B.2.2.15.15 HP-UX Apache-based Web Server, libaprutil-1.sl.3.9, libapr-1.sl.4.2 > Reporter: Michal Babacek > Assignee: Jean-Frederic Clere > Priority: Critical > Fix For: 1.2.11.Final > > Attachments: hp-ux_error_log-ajp-failover.zip, hp-ux_error_log-ssl-failover.zip, rhel_error_log-ssl-failover.zip > > > Failover with SSL breaks sticky sessions on HP-UX v11.3, hpws22 > With the following configuration on a single box: > {panel:title=mod_cluster.conf| borderStyle=dashed} > {code} > MemManagerFile "/hell/workspace/hpws22/apache/cache/mod_cluster" > ServerName 10.16.92.191:2081 > <IfModule manager_module> > Listen 10.16.92.191:8745 > LogLevel debug > <VirtualHost 10.16.92.191:8745> > ServerName 10.16.92.191:8745 > <Directory /> > Order deny,allow > Deny from all > Allow from all > </Directory> > KeepAliveTimeout 60 > MaxKeepAliveRequests 0 > ServerAdvertise on > AdvertiseFrequency 5 > ManagerBalancerName qacluster > AdvertiseGroup 224.0.3.47:23364 > EnableMCPMReceive > SSLEngine on > SSLProtocol all -SSLv2 -SSLv3 > SSLCipherSuite "EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM EECDH+ECDSA+SHA384 EECDH+ECDSA+SHA256 EECDH+aRSA+SHA384 EECDH+aRSA+SHA256 EECDH+aRSA+RC4 EECDH EDH+aRSA RC4 !aNULL !eNULL !LOW !3DES !MD5 !EXP !PSK !SRP !DSS" > SSLHonorCipherOrder on > SSLCertificateFile /vault/certs/server.crt > SSLCertificateKeyFile /vault/certs/server.key > SSLCACertificateFile /vault/certs/myca.crt > SSLProxyEngine On > SSLVerifyDepth 10 > <Location /mcm> > SetHandler mod_cluster-manager > Order deny,allow > Deny from all > Allow from all > </Location> > </VirtualHost> > </IfModule> > {code} > {panel} > {panel:title=standalone-ha.xml| borderStyle=dashed} > {code} > +++ > <subsystem xmlns="urn:jboss:domain:web:2.1" native="false"> > <connector name="https" protocol="HTTP/1.1" socket-binding="https" scheme="https" enabled="true" secure="true"> > <ssl name="https" ca-certificate-file="/vault/certs/ca-cert.jks" certificate-key-file="/vault/certs/client-cert-key.jks" certificate-file="/vault/certs/client-cert-key.jks" password="tomcat" verify-client="false" key-alias="javaclient" > cipher-suite="SSL_RSA_WITH_DES_CBC_SHA,SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA,SSL_RSA_WITH_3DES_EDE_CBC_SHA,SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA,SSL_RSA_EXPORT_WITH_RC4_40_MD5,SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA,SSL_RSA_WITH_RC4_128_SHA,SSL_RSA_WITH_NULL_MD5,SSL_DHE_RSA_WITH_DES_CBC_SHA,SSL_DH_anon_EXPORT_WITH_RC4_40_MD5,SSL_DH_anon_WITH_3DES_EDE_CBC_SHA,SSL_DH_anon_WITH_RC4_128_MD5,SSL_RSA_WITH_RC4_128_MD5,SSL_DHE_DSS_WITH_DES_CBC_SHA,SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA,SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA,SSL_DH_anon_WITH_DES_CBC_SHA,SSL_RSA_WITH_NULL_SHA,SSL_RSA_EXPORT_WITH_DES40_CBC_SHA" protocol="TLS"/> > </connector> > <connector name="ajp" protocol="AJP/1.3" scheme="http" socket-binding="ajp"/> > <connector name="http" protocol="HTTP/1.1" scheme="http" socket-binding="http"/> > <virtual-server name="default-host" enable-welcome-root="true"> > <alias name="localhost"/> > <alias name="example.com"/> > </virtual-server> > </subsystem> > +++ > <subsystem xmlns="urn:jboss:domain:modcluster:1.2"> > <mod-cluster-config connector="https" advertise-socket="modcluster"> > <dynamic-load-provider> > <load-metric type="busyness"/> > </dynamic-load-provider> > <ssl ca-certificate-file="/vault/certs/ca-cert.jks" certificate-key-file="/vault/certs/client-cert-key.jks" password="tomcat" key-alias="javaclient" > cipher-suite="SSL_RSA_WITH_DES_CBC_SHA,SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA,SSL_RSA_WITH_3DES_EDE_CBC_SHA,SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA,SSL_RSA_EXPORT_WITH_RC4_40_MD5,SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA,SSL_RSA_WITH_RC4_128_SHA,SSL_RSA_WITH_NULL_MD5,SSL_DHE_RSA_WITH_DES_CBC_SHA,SSL_DH_anon_EXPORT_WITH_RC4_40_MD5,SSL_DH_anon_WITH_3DES_EDE_CBC_SHA,SSL_DH_anon_WITH_RC4_128_MD5,SSL_RSA_WITH_RC4_128_MD5,SSL_DHE_DSS_WITH_DES_CBC_SHA,SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA,SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA,SSL_DH_anon_WITH_DES_CBC_SHA,SSL_RSA_WITH_NULL_SHA,SSL_RSA_EXPORT_WITH_DES40_CBC_SHA" protocol="TLS"/> > </mod-cluster-config> > </subsystem> > +++ > {code} > {panel} > One gets the following weird session loss. This log [^hp-ux_error_log-ssl-failover.zip] covers the undermentioned test servlet output: > {code} > echo -e "`date` `curl https://10.16.92.191:8745/clusterbench/requestinfo --cert /vault/certs/client.crt --key /vault/certs/client.key --cacert /vault/certs/myca.crt --insecure -c cookiefile.txt -b cookiefile.txt 2> /dev/null`"; > {code} > {code} > Wed, Apr 30, 2014 11:50:11 AM Request URI: /clusterbench/requestinfo > Headers: {host=10.16.92.191:8544, user-agent=curl/7.30.0, accept=*/*, cookie=JSESSIONID=vjZSMs4fZ8j0h+VIQ-GLAz+F.jboss-eap-6.3, x-forwarded-for=10.16.92.191, x-forwarded-host=10.16.92.191:8745, x-forwarded-server=10.16.92.191, connection=Keep-Alive} > Host header: 10.16.92.191:8544 > JVM route: jboss-eap-6.3 > Session ID: vjZSMs4fZ8j0h+VIQ-GLAz+F.jboss-eap-6.3 > Session isNew: false > Wed, Apr 30, 2014 11:50:13 AM Request URI: /clusterbench/requestinfo > Headers: {host=10.16.92.191:8544, user-agent=curl/7.30.0, accept=*/*, cookie=JSESSIONID=vjZSMs4fZ8j0h+VIQ-GLAz+F.jboss-eap-6.3, x-forwarded-for=10.16.92.191, x-forwarded-host=10.16.92.191:8745, x-forwarded-server=10.16.92.191, connection=Keep-Alive} > Host header: 10.16.92.191:8544 > JVM route: jboss-eap-6.3 > Session ID: vjZSMs4fZ8j0h+VIQ-GLAz+F.jboss-eap-6.3 > Session isNew: false > -- stop jboss-eap-6.3 -- (the same behavior with jvm kill) -- > Wed, Apr 30, 2014 11:50:18 AM Request URI: /clusterbench/requestinfo > Headers: {host=10.16.92.191:8645, user-agent=curl/7.30.0, accept=*/*, cookie=JSESSIONID=vjZSMs4fZ8j0h+VIQ-GLAz+F.jboss-eap-6.3, x-forwarded-for=10.16.92.191, x-forwarded-host=10.16.92.191:8745, x-forwarded-server=10.16.92.191, connection=Keep-Alive} > Host header: 10.16.92.191:8645 > JVM route: jboss-eap-6.3-2 > Session ID: tYnoHJhX73UYrr3QCaUikR9h.jboss-eap-6.3-2 > Session isNew: true > Wed, Apr 30, 2014 11:50:20 AM Request URI: /clusterbench/requestinfo > Headers: {host=10.16.92.191:8645, user-agent=curl/7.30.0, accept=*/*, cookie=JSESSIONID=tYnoHJhX73UYrr3QCaUikR9h.jboss-eap-6.3-2, x-forwarded-for=10.16.92.191, x-forwarded-host=10.16.92.191:8745, x-forwarded-server=10.16.92.191, connection=Keep-Alive} > Host header: 10.16.92.191:8645 > JVM route: jboss-eap-6.3-2 > Session ID: tYnoHJhX73UYrr3QCaUikR9h.jboss-eap-6.3-2 > Session isNew: false > {code} > One could note that in the moment of fail-over from worker {{jboss-eap-6.3}} to worker {{jboss-eap-6.3-2}}, the original session {{vjZSMs4fZ8j0h+VIQ-GLAz+F}} had been lost and a new one, {{tYnoHJhX73UYrr3QCaUikR9h}} was created. > If we comment out all the SSL settings and switch to the AJP connector, the failover seems all right though (see the [^hp-ux_error_log-ajp-failover.zip]): > {code} > Wed, Apr 30, 2014 12:04:11 PM Request URI: /clusterbench/requestinfo > Headers: {user-agent=curl/7.30.0, host=10.16.92.191:8745, accept=*/*, cookie=JSESSIONID=v-hPRQD5FsZUAqZa3ZxRBXIF.jboss-eap-6.3} > Host header: 10.16.92.191:8745 > JVM route: jboss-eap-6.3 > Session ID: v-hPRQD5FsZUAqZa3ZxRBXIF.jboss-eap-6.3 > Session isNew: false > -- stop jboss-eap-6.3 -- (the same behavior with jvm kill) -- > Wed, Apr 30, 2014 12:04:14 PM Request URI: /clusterbench/requestinfo > Headers: {user-agent=curl/7.30.0, host=10.16.92.191:8745, accept=*/*, cookie=JSESSIONID=v-hPRQD5FsZUAqZa3ZxRBXIF.jboss-eap-6.3} > Host header: 10.16.92.191:8745 > JVM route: jboss-eap-6.3-2 > Session ID: v-hPRQD5FsZUAqZa3ZxRBXIF.jboss-eap-6.3-2 > Session isNew: false > {code} > Note that the session {{hPRQD5FsZUAqZa3ZxRBXIF}} remained the same during the failover, only a new jvmRoute were appended. > The most bewildering thing is that this behavior is specific to {{hpuxws22Apache B.2.2.15.15 HP-UX Apache-based Web Server}}, > i.e., I've carefully followed the same scenario with the same config on RHEL 6 x86_64, Apache/2.2.22 and the session is kept both with AJP and HTTPS connectors (see [^rhel_error_log-ssl-failover.zip]). > {code} > Fri May 2 09:47:13 EDT 2014 Request URI: /clusterbench/requestinfo > Headers: {host=192.168.122.204:8443, user-agent=curl/7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7 NSS/3.14.3.0 zlib/1.2.3 libidn/1.18 libssh2/1.4.2, accept=*/*, cookie=JSESSIONID=wdeSdhbahzVweKc5F9mUprJr.jboss-eap-6.3, x-forwarded-for=192.168.122.204, x-forwarded-host=192.168.122.204:8847, x-forwarded-server=192.168.122.204, connection=Keep-Alive} > Host header: 192.168.122.204:8443 > JVM route: jboss-eap-6.3 > Session ID: wdeSdhbahzVweKc5F9mUprJr.jboss-eap-6.3 > Session isNew: false > -- stop jboss-eap-6.3 -- (the same behavior with jvm kill) -- > Fri May 2 09:47:16 EDT 2014 Request URI: /clusterbench/requestinfo > Headers: {host=192.168.122.204:8544, user-agent=curl/7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7 NSS/3.14.3.0 zlib/1.2.3 libidn/1.18 libssh2/1.4.2, accept=*/*, cookie=JSESSIONID=wdeSdhbahzVweKc5F9mUprJr.jboss-eap-6.3, x-forwarded-for=192.168.122.204, x-forwarded-host=192.168.122.204:8847, x-forwarded-server=192.168.122.204, connection=Keep-Alive} > Host header: 192.168.122.204:8544 > JVM route: jboss-eap-6.3-2 > Session ID: wdeSdhbahzVweKc5F9mUprJr.jboss-eap-6.3-2 > Session isNew: false > {code} > To date, I don't have any more info to share. -- This message was sent by Atlassian JIRA (v6.3.11#6341)

9 years, 10 months

1
0
0 / 0

[JBoss JIRA] (MODCLUSTER-400) Failover with SSL breaks sticky sessions on HP-UX v11.3, hpws22

by Michal Babacek (JIRA)

[ https://issues.jboss.org/browse/MODCLUSTER-400?page=com.atlassian.jira.pl... ] Michal Babacek updated MODCLUSTER-400: -------------------------------------- Bugzilla Update: (was: Perform) > Failover with SSL breaks sticky sessions on HP-UX v11.3, hpws22 > --------------------------------------------------------------- > > Key: MODCLUSTER-400 > URL: https://issues.jboss.org/browse/MODCLUSTER-400 > Project: mod_cluster > Issue Type: Bug > Affects Versions: 1.2.8.Final > Environment: HP-UX v11.3, hpuxws22Apache B.2.2.15.15 HP-UX Apache-based Web Server, libaprutil-1.sl.3.9, libapr-1.sl.4.2 > Reporter: Michal Babacek > Assignee: Jean-Frederic Clere > Priority: Critical > Fix For: 1.2.11.Final > > Attachments: hp-ux_error_log-ajp-failover.zip, hp-ux_error_log-ssl-failover.zip, rhel_error_log-ssl-failover.zip > > > Failover with SSL breaks sticky sessions on HP-UX v11.3, hpws22 > With the following configuration on a single box: > {panel:title=mod_cluster.conf| borderStyle=dashed} > {code} > MemManagerFile "/hell/workspace/hpws22/apache/cache/mod_cluster" > ServerName 10.16.92.191:2081 > <IfModule manager_module> > Listen 10.16.92.191:8745 > LogLevel debug > <VirtualHost 10.16.92.191:8745> > ServerName 10.16.92.191:8745 > <Directory /> > Order deny,allow > Deny from all > Allow from all > </Directory> > KeepAliveTimeout 60 > MaxKeepAliveRequests 0 > ServerAdvertise on > AdvertiseFrequency 5 > ManagerBalancerName qacluster > AdvertiseGroup 224.0.3.47:23364 > EnableMCPMReceive > SSLEngine on > SSLProtocol all -SSLv2 -SSLv3 > SSLCipherSuite "EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM EECDH+ECDSA+SHA384 EECDH+ECDSA+SHA256 EECDH+aRSA+SHA384 EECDH+aRSA+SHA256 EECDH+aRSA+RC4 EECDH EDH+aRSA RC4 !aNULL !eNULL !LOW !3DES !MD5 !EXP !PSK !SRP !DSS" > SSLHonorCipherOrder on > SSLCertificateFile /vault/certs/server.crt > SSLCertificateKeyFile /vault/certs/server.key > SSLCACertificateFile /vault/certs/myca.crt > SSLProxyEngine On > SSLVerifyDepth 10 > <Location /mcm> > SetHandler mod_cluster-manager > Order deny,allow > Deny from all > Allow from all > </Location> > </VirtualHost> > </IfModule> > {code} > {panel} > {panel:title=standalone-ha.xml| borderStyle=dashed} > {code} > +++ > <subsystem xmlns="urn:jboss:domain:web:2.1" native="false"> > <connector name="https" protocol="HTTP/1.1" socket-binding="https" scheme="https" enabled="true" secure="true"> > <ssl name="https" ca-certificate-file="/vault/certs/ca-cert.jks" certificate-key-file="/vault/certs/client-cert-key.jks" certificate-file="/vault/certs/client-cert-key.jks" password="tomcat" verify-client="false" key-alias="javaclient" > cipher-suite="SSL_RSA_WITH_DES_CBC_SHA,SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA,SSL_RSA_WITH_3DES_EDE_CBC_SHA,SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA,SSL_RSA_EXPORT_WITH_RC4_40_MD5,SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA,SSL_RSA_WITH_RC4_128_SHA,SSL_RSA_WITH_NULL_MD5,SSL_DHE_RSA_WITH_DES_CBC_SHA,SSL_DH_anon_EXPORT_WITH_RC4_40_MD5,SSL_DH_anon_WITH_3DES_EDE_CBC_SHA,SSL_DH_anon_WITH_RC4_128_MD5,SSL_RSA_WITH_RC4_128_MD5,SSL_DHE_DSS_WITH_DES_CBC_SHA,SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA,SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA,SSL_DH_anon_WITH_DES_CBC_SHA,SSL_RSA_WITH_NULL_SHA,SSL_RSA_EXPORT_WITH_DES40_CBC_SHA" protocol="TLS"/> > </connector> > <connector name="ajp" protocol="AJP/1.3" scheme="http" socket-binding="ajp"/> > <connector name="http" protocol="HTTP/1.1" scheme="http" socket-binding="http"/> > <virtual-server name="default-host" enable-welcome-root="true"> > <alias name="localhost"/> > <alias name="example.com"/> > </virtual-server> > </subsystem> > +++ > <subsystem xmlns="urn:jboss:domain:modcluster:1.2"> > <mod-cluster-config connector="https" advertise-socket="modcluster"> > <dynamic-load-provider> > <load-metric type="busyness"/> > </dynamic-load-provider> > <ssl ca-certificate-file="/vault/certs/ca-cert.jks" certificate-key-file="/vault/certs/client-cert-key.jks" password="tomcat" key-alias="javaclient" > cipher-suite="SSL_RSA_WITH_DES_CBC_SHA,SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA,SSL_RSA_WITH_3DES_EDE_CBC_SHA,SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA,SSL_RSA_EXPORT_WITH_RC4_40_MD5,SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA,SSL_RSA_WITH_RC4_128_SHA,SSL_RSA_WITH_NULL_MD5,SSL_DHE_RSA_WITH_DES_CBC_SHA,SSL_DH_anon_EXPORT_WITH_RC4_40_MD5,SSL_DH_anon_WITH_3DES_EDE_CBC_SHA,SSL_DH_anon_WITH_RC4_128_MD5,SSL_RSA_WITH_RC4_128_MD5,SSL_DHE_DSS_WITH_DES_CBC_SHA,SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA,SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA,SSL_DH_anon_WITH_DES_CBC_SHA,SSL_RSA_WITH_NULL_SHA,SSL_RSA_EXPORT_WITH_DES40_CBC_SHA" protocol="TLS"/> > </mod-cluster-config> > </subsystem> > +++ > {code} > {panel} > One gets the following weird session loss. This log [^hp-ux_error_log-ssl-failover.zip] covers the undermentioned test servlet output: > {code} > echo -e "`date` `curl https://10.16.92.191:8745/clusterbench/requestinfo --cert /vault/certs/client.crt --key /vault/certs/client.key --cacert /vault/certs/myca.crt --insecure -c cookiefile.txt -b cookiefile.txt 2> /dev/null`"; > {code} > {code} > Wed, Apr 30, 2014 11:50:11 AM Request URI: /clusterbench/requestinfo > Headers: {host=10.16.92.191:8544, user-agent=curl/7.30.0, accept=*/*, cookie=JSESSIONID=vjZSMs4fZ8j0h+VIQ-GLAz+F.jboss-eap-6.3, x-forwarded-for=10.16.92.191, x-forwarded-host=10.16.92.191:8745, x-forwarded-server=10.16.92.191, connection=Keep-Alive} > Host header: 10.16.92.191:8544 > JVM route: jboss-eap-6.3 > Session ID: vjZSMs4fZ8j0h+VIQ-GLAz+F.jboss-eap-6.3 > Session isNew: false > Wed, Apr 30, 2014 11:50:13 AM Request URI: /clusterbench/requestinfo > Headers: {host=10.16.92.191:8544, user-agent=curl/7.30.0, accept=*/*, cookie=JSESSIONID=vjZSMs4fZ8j0h+VIQ-GLAz+F.jboss-eap-6.3, x-forwarded-for=10.16.92.191, x-forwarded-host=10.16.92.191:8745, x-forwarded-server=10.16.92.191, connection=Keep-Alive} > Host header: 10.16.92.191:8544 > JVM route: jboss-eap-6.3 > Session ID: vjZSMs4fZ8j0h+VIQ-GLAz+F.jboss-eap-6.3 > Session isNew: false > -- stop jboss-eap-6.3 -- (the same behavior with jvm kill) -- > Wed, Apr 30, 2014 11:50:18 AM Request URI: /clusterbench/requestinfo > Headers: {host=10.16.92.191:8645, user-agent=curl/7.30.0, accept=*/*, cookie=JSESSIONID=vjZSMs4fZ8j0h+VIQ-GLAz+F.jboss-eap-6.3, x-forwarded-for=10.16.92.191, x-forwarded-host=10.16.92.191:8745, x-forwarded-server=10.16.92.191, connection=Keep-Alive} > Host header: 10.16.92.191:8645 > JVM route: jboss-eap-6.3-2 > Session ID: tYnoHJhX73UYrr3QCaUikR9h.jboss-eap-6.3-2 > Session isNew: true > Wed, Apr 30, 2014 11:50:20 AM Request URI: /clusterbench/requestinfo > Headers: {host=10.16.92.191:8645, user-agent=curl/7.30.0, accept=*/*, cookie=JSESSIONID=tYnoHJhX73UYrr3QCaUikR9h.jboss-eap-6.3-2, x-forwarded-for=10.16.92.191, x-forwarded-host=10.16.92.191:8745, x-forwarded-server=10.16.92.191, connection=Keep-Alive} > Host header: 10.16.92.191:8645 > JVM route: jboss-eap-6.3-2 > Session ID: tYnoHJhX73UYrr3QCaUikR9h.jboss-eap-6.3-2 > Session isNew: false > {code} > One could note that in the moment of fail-over from worker {{jboss-eap-6.3}} to worker {{jboss-eap-6.3-2}}, the original session {{vjZSMs4fZ8j0h+VIQ-GLAz+F}} had been lost and a new one, {{tYnoHJhX73UYrr3QCaUikR9h}} was created. > If we comment out all the SSL settings and switch to the AJP connector, the failover seems all right though (see the [^hp-ux_error_log-ajp-failover.zip]): > {code} > Wed, Apr 30, 2014 12:04:11 PM Request URI: /clusterbench/requestinfo > Headers: {user-agent=curl/7.30.0, host=10.16.92.191:8745, accept=*/*, cookie=JSESSIONID=v-hPRQD5FsZUAqZa3ZxRBXIF.jboss-eap-6.3} > Host header: 10.16.92.191:8745 > JVM route: jboss-eap-6.3 > Session ID: v-hPRQD5FsZUAqZa3ZxRBXIF.jboss-eap-6.3 > Session isNew: false > -- stop jboss-eap-6.3 -- (the same behavior with jvm kill) -- > Wed, Apr 30, 2014 12:04:14 PM Request URI: /clusterbench/requestinfo > Headers: {user-agent=curl/7.30.0, host=10.16.92.191:8745, accept=*/*, cookie=JSESSIONID=v-hPRQD5FsZUAqZa3ZxRBXIF.jboss-eap-6.3} > Host header: 10.16.92.191:8745 > JVM route: jboss-eap-6.3-2 > Session ID: v-hPRQD5FsZUAqZa3ZxRBXIF.jboss-eap-6.3-2 > Session isNew: false > {code} > Note that the session {{hPRQD5FsZUAqZa3ZxRBXIF}} remained the same during the failover, only a new jvmRoute were appended. > The most bewildering thing is that this behavior is specific to {{hpuxws22Apache B.2.2.15.15 HP-UX Apache-based Web Server}}, > i.e., I've carefully followed the same scenario with the same config on RHEL 6 x86_64, Apache/2.2.22 and the session is kept both with AJP and HTTPS connectors (see [^rhel_error_log-ssl-failover.zip]). > {code} > Fri May 2 09:47:13 EDT 2014 Request URI: /clusterbench/requestinfo > Headers: {host=192.168.122.204:8443, user-agent=curl/7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7 NSS/3.14.3.0 zlib/1.2.3 libidn/1.18 libssh2/1.4.2, accept=*/*, cookie=JSESSIONID=wdeSdhbahzVweKc5F9mUprJr.jboss-eap-6.3, x-forwarded-for=192.168.122.204, x-forwarded-host=192.168.122.204:8847, x-forwarded-server=192.168.122.204, connection=Keep-Alive} > Host header: 192.168.122.204:8443 > JVM route: jboss-eap-6.3 > Session ID: wdeSdhbahzVweKc5F9mUprJr.jboss-eap-6.3 > Session isNew: false > -- stop jboss-eap-6.3 -- (the same behavior with jvm kill) -- > Fri May 2 09:47:16 EDT 2014 Request URI: /clusterbench/requestinfo > Headers: {host=192.168.122.204:8544, user-agent=curl/7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7 NSS/3.14.3.0 zlib/1.2.3 libidn/1.18 libssh2/1.4.2, accept=*/*, cookie=JSESSIONID=wdeSdhbahzVweKc5F9mUprJr.jboss-eap-6.3, x-forwarded-for=192.168.122.204, x-forwarded-host=192.168.122.204:8847, x-forwarded-server=192.168.122.204, connection=Keep-Alive} > Host header: 192.168.122.204:8544 > JVM route: jboss-eap-6.3-2 > Session ID: wdeSdhbahzVweKc5F9mUprJr.jboss-eap-6.3-2 > Session isNew: false > {code} > To date, I don't have any more info to share. -- This message was sent by Atlassian JIRA (v6.3.11#6341)

9 years, 10 months

1
0
0 / 0

[JBoss JIRA] (MODCLUSTER-446) Change in AdvertiseSecurityKey on httpd side is ignored by running workers

by Michal Babacek (JIRA)

[ https://issues.jboss.org/browse/MODCLUSTER-446?page=com.atlassian.jira.pl... ] Michal Babacek updated MODCLUSTER-446: -------------------------------------- Issue Type: Feature Request (was: Bug) > Change in AdvertiseSecurityKey on httpd side is ignored by running workers > -------------------------------------------------------------------------- > > Key: MODCLUSTER-446 > URL: https://issues.jboss.org/browse/MODCLUSTER-446 > Project: mod_cluster > Issue Type: Feature Request > Affects Versions: 1.2.10.Final, 1.3.1.Beta1 > Reporter: Michal Babacek > Assignee: Jean-Frederic Clere > > While strengtening the test coverage and tying some loose ends, I encountered the following behaviour. It's always reproducible. Please, take a look at it and comment whether you consider it being a quite evil bug, or whether I'm just being full of ideas :-) > h3. Steps to reproduce > # Setup Apache HTTP Server *balancer* with {{AdvertiseSecurityKey karmYYY}} and start it. > # Setup *worker 1* with {{advertise-security-key="karmXXX"}} and start it. > # Setup *worker 2* with {{advertise-security-key="karmYYY"}} and start it. > # *worker 2* talks to *balancer*, that's cool. > # *worker 1* does not talk to *balancer*, that's cool. > # Stop *balancer*. Keep both workers running. > # Setup Apache HTTP Server *balancer* with {{AdvertiseSecurityKey karmXXX}} and start it. > # Now, I would expect that {{verifyDigest}} for *worker 2* ceases to match and that there will be only *worker 1* registered with the *balancer*. What actually happens is that _both_ *worker 1* and *worker 2* are registered with the *balancer* now. STATUS messages are being sent and processed, workers are in OK state. > I took a look at the differences between master and 1.2.10 branch, especially with regard to MODCLUSTER-338 and MODCLUSTER-337, but it bares no connection to this issue. 1.2.10.Final and 1.3.1.Beta1 exhibit the same kind of behaviour. > According to the log, the digest logic is sane, i.e. one gets: > {noformat} > [org.jboss.modcluster.advertise.impl.AdvertiseListenerImpl] (pool-1-thread-1) Advertise message digest verification failed for server 1a3825d7-e3df-4b5d-9838-52a3756284b0 > {noformat} > , but the worker keeps sending STATUS OK messages anyhow. > Would it make sense for the worker to "leave" the balancer if the digest is suddenly not matching? -- This message was sent by Atlassian JIRA (v6.3.11#6341)

9 years, 10 months

1
0
0 / 0

[JBoss JIRA] (MODCLUSTER-449) Implement ramp-up when starting new nodes

by Jean-Frederic Clere (JIRA)

[ https://issues.jboss.org/browse/MODCLUSTER-449?page=com.atlassian.jira.pl... ] Jean-Frederic Clere commented on MODCLUSTER-449: ------------------------------------------------ Actually any logic that can be done out of the native part is better. It needs to be switchable from the node CLI and go by node so in tyhe CONFIG message... The hack is to use the STATUS load value to reach what we want (AKA start with 0 and increase by time depending on the load of node while we are increasing). > Implement ramp-up when starting new nodes > ----------------------------------------- > > Key: MODCLUSTER-449 > URL: https://issues.jboss.org/browse/MODCLUSTER-449 > Project: mod_cluster > Issue Type: Feature Request > Components: Core & Container Integration (Java) > Reporter: Radoslav Husar > Assignee: Radoslav Husar > Priority: Critical > Fix For: 1.3.1.Beta3 > > > IIUC this has been a problem since inception. The problem is that the initial load stays in effect for performing load-balancing decisions until a new stat interval kicks in. > This effect is mitigated by load decay over time, but for the time a new node joins in, it can get overloaded upon startup. -- This message was sent by Atlassian JIRA (v6.3.11#6341)

9 years, 10 months

1
0
0 / 0

[JBoss JIRA] (MODCLUSTER-449) Implement ramp-up when starting new nodes

by Michal Babacek (JIRA)

[ https://issues.jboss.org/browse/MODCLUSTER-449?page=com.atlassian.jira.pl... ] Michal Babacek commented on MODCLUSTER-449: ------------------------------------------- Wouldn't it be better addressed in the native part? The problem is not the load number itself, it's the {{elected}} counter. I suggest treating "newcomers" gently in {{internal_find_best_byrequests}}. IMHO one could guess that info from a large discrepancy between the elected counters of other nodes and this new one. I'm gonna try to verify I'm not just being full of ideas... > Implement ramp-up when starting new nodes > ----------------------------------------- > > Key: MODCLUSTER-449 > URL: https://issues.jboss.org/browse/MODCLUSTER-449 > Project: mod_cluster > Issue Type: Feature Request > Components: Core & Container Integration (Java) > Reporter: Radoslav Husar > Assignee: Radoslav Husar > Priority: Critical > Fix For: 1.3.1.Beta3 > > > IIUC this has been a problem since inception. The problem is that the initial load stays in effect for performing load-balancing decisions until a new stat interval kicks in. > This effect is mitigated by load decay over time, but for the time a new node joins in, it can get overloaded upon startup. -- This message was sent by Atlassian JIRA (v6.3.11#6341)

9 years, 10 months

1
0
0 / 0

[JBoss JIRA] (MODCLUSTER-450) Reenable testMulticastSocketNoCrossTalk test

by Radoslav Husar (JIRA)

Radoslav Husar created MODCLUSTER-450: ----------------------------------------- Summary: Reenable testMulticastSocketNoCrossTalk test Key: MODCLUSTER-450 URL: https://issues.jboss.org/browse/MODCLUSTER-450 Project: mod_cluster Issue Type: Feature Request Affects Versions: 1.3.1.Beta2 Reporter: Radoslav Husar Assignee: Radoslav Husar Fix For: 1.3.1.Beta3 -- This message was sent by Atlassian JIRA (v6.3.11#6341)

9 years, 10 months

1
0
0 / 0

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

mod_cluster-issues February 2015