modcluster / mod_cluster Goto Github PK
View Code? Open in Web Editor NEWmod_cluster is an intelligent native Apache httpd-based and pure-Java Undertow-based load-balancer
Home Page: https://www.modcluster.io
License: Apache License 2.0
mod_cluster is an intelligent native Apache httpd-based and pure-Java Undertow-based load-balancer
Home Page: https://www.modcluster.io
License: Apache License 2.0
I tried to download every release available here even the 1.3.1 Beta2 unsuccessfully.
I tried to compile them manually or just downloading the binary "so" but everytime my httpd failed to start with this error message:
Can't locate API module structure `slotmem_module' in file /etc/httpd/modules/mod_cluster_slotmem.so: /etc/httpd/modules/mod_cluster_slotmem.so: undefined symbol: slotmem_module
others modules load correctly except for this one!
Is there a solution/workaround
Thanks a lot.
Hi guys, my
git request-pull 261a55d0 https://github.com/Karm/mod_cluster.wiki.git 261a55d0
generated this lovely message for you:
The following changes since commit 261a55d065b496baffb596ae2727dc43533b5006:
Apache HTTP Server configuration initial (2014-11-19 13:46:04 +0100)
are available in the git repository at:
https://github.com/Karm/mod_cluster.wiki.git master
for you to fetch changes up to 261a55d065b496baffb596ae2727dc43533b5006:
Apache HTTP Server configuration initial (2014-11-19 13:46:04 +0100)
----------------------------------------------------------------
Documentation @ http://docs.jboss.org/mod_cluster/1.3.0/html/native.building.html#d0e770 says to build from git master branch. Master branch does not contain the native source directories to build from as described in documentation. I was able to find the native sources directory in the 1.3.x branch and build from there. Not sure if the repo is functioning as expected and the documentation needs to be updated, or vice versa. Please update either one as required, thank you!
When running make inside the latest release of 1.3.11.Final the native/mod_proxy_cluster
Fails with the below error on Linux
After running
./buildconf
./configure --with-apxs=/usr/sbin/apxs
./make
/usr/lib64/apr-1/build/libtool --silent --mode=compile gcc -pthread -O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector --param=ssp-buffer-size=4 -m64 -mtune=generic -Wformat-security -fno-strict-aliasing -DLINUX=2 -D_REENTRANT -D_GNU_SOURCE -I/usr/include/httpd -I. -I/usr/include/apr-1 -I../include -prefer-pic -c mod_proxy_cluster.c && touch mod_proxy_cluster.slo
mod_proxy_cluster.c: In function ‘init_conn_pool’:
mod_proxy_cluster.c:237: warning: unused variable ‘cp’
mod_proxy_cluster.c: In function ‘internal_find_best_byrequests’:
mod_proxy_cluster.c:2393: error: ‘pptr’ undeclared (first use in this function)
mod_proxy_cluster.c:2393: error: (Each undeclared identifier is reported only once
mod_proxy_cluster.c:2393: error: for each function it appears in.)
mod_proxy_cluster.c:2395: error: ‘proxy_worker_shared’ undeclared (first use in this function)
mod_proxy_cluster.c:2395: error: expected expression before ‘)’ token
mod_proxy_cluster.c: In function ‘proxy_cluster_post_config’:
mod_proxy_cluster.c:2899: error: ‘proxy_worker_shared’ undeclared (first use in this function)
make: *** [mod_proxy_cluster.slo] Error 1
The above process works fine with 1.3.10.Final
Versions
$ apachectl -v
Server version: Apache/2.2.15 (Unix)
Server built: Jun 19 2018 15:45:13
httpd-2.2.15-69.el6.centos.x86_64
httpd-devel-2.2.15-69.el6.centos.x86_64
gcc-4.4.7-23.el6.x86_64
make-3.81-23.el6.x86_64
Has there been any thought about having mod_cluster expose prometheus metrics for scraping context status over time instead of relying on soley on mod_cluster_manager? Gets a bit much to parse through when we have many apps over many nodes, currently for many projects I see over 100 contexts total
Hi guys,
How to check the integrity of your tar ?
Is there a way to sign with something like pgp ?
Regards,
Hi,
Since a couple of days, I see this error when trying to access the https://modcluster.io/ website :
Is there another way to see modcluster documentation ?
Florian.
I noticed that support for tomcat 8.5 was only added on the master branch. Are the features included on master stable? If so, I was curious if a separate branch and tag could be created for the 2.0.0.Alpha1 version, similar to how the previous 1.3.x was maintained. I would like to leverage this product but wanted a way to ensure my build was reproducible.
I do this:
tar -xzvf mod_cluster-1.2.6.Final-linux2-x64-ssl.tar.gz
/opt/jboss/httpd/sbin/apachectl start
the error is
/opt/jboss/httpd/sbin/httpd: symbol lookup error: /opt/jboss/httpd/lib/libapr-1.so.0: undefined symbol: dlopen
why? please help me! many thanks!
I tried to upgrade mod_cluster from v1.2.x to v1.3.1.final on Apache v2.2.22, which is satisfied with the lowest requirements.
Unfortunately, when I restart the apache, I got the error message like:
/opt/app/apache2/modules/mod_cluster/mod_cluster_slotmem.so: undefined symbol: ap_unixd_config
I have searched around for this issue, but no available answers found.
Please kindly refer me to correct solutions. Thanks.
Hi,
Am facing below warning while compiling mod_proxy_cluster module for apache httpd, with the below warning the mod_proxy_cluster module (mod_proxy_cluster.so) was generated.
the remaining modules advertise, mod_cluster_slotmem and mod_manager able to compile with out any error or warning.
[root@localhost mod_proxy_cluster]# make
/usr/lib64/apr-1/build/libtool --silent --mode=compile gcc -std=gnu99 -pthread -DLINUX -D_REENTRANT -D_GNU_SOURCE -I/opt/apache2/include -I. -I/usr/include/apr-1 -I../include -prefer-pic -c mod_proxy_cluster.c && touch mod_proxy_cluster.slo
mod_proxy_cluster.c: In function 'create_worker':
mod_proxy_cluster.c:291:5: warning: implicit declaration of function 'ap_proxy_port_of_scheme' [-Wimplicit-function-declaration]
if (uri.port && uri.port == ap_proxy_port_of_scheme(uri.scheme)) {
^
/usr/lib64/apr-1/build/libtool --silent --mode=link gcc -std=gnu99 -pthread -o mod_proxy_cluster.la -rpath /opt/apache2/modules -module -avoid-version mod_proxy_cluster.lo
/opt/apache2/build/instdso.sh SH_LIBTOOL='/usr/lib64/apr-1/build/libtool --silent' mod_proxy_cluster.la pwd
/usr/lib64/apr-1/build/libtool --silent --mode=install install mod_proxy_cluster.la /home/mod_cluster-1.3.10.Final/native/mod_proxy_cluster/
libtool: install: warning: remember to run `libtool --finish /opt/apache2/modules'
Apache httpd version
[root@localhost bin]# ./httpd -v
Server version: Apache/2.4.6 (Unix)
Server built: Apr 25 2020 21:44:42
gcc version 4.8.5 20150623 (Red Hat 4.8.5-39) (GCC)
mod_cluster-1.3.10.Final.zip
After integration mod cluster modules (mod_advertise.so, mod_cluster_slotmem.so, mod_manager.so and mod_proxy_cluster.so) with Apache httpd, the mod_proxy_cluster.so module failed to load and getting below error from Apache httpd.
[root@localhost bin]# ./apachectl start
httpd: Syntax error on line 152 of /opt/apache2/conf/httpd.conf: Cannot load modules/mod_proxy_cluster.so into server: /opt/apache2/modules/mod_proxy_cluster.so: undefined symbol: proxy_module
Can you help provide the work around to fix the warning
ERROR [org.jboss.modcluster] (ContainerBackgroundProcessor[StandardEngine[jboss.web]]) MODCLUSTER000042: Error null sending INFO command to X.X.X.X/X.X.X.X:6666, configuration will be reset: null
This error is why? many thanks!
Hello guys.
First of all, this is a feature request and not a bug.
I would like to "obfuscate" the jvmRoute so that an external attacker cannot "guess" the topology of my internal infrastructure.
The "strong" way would be to have a symmetrical cipher with a configurable key.
mod_cluster could then cipher the jsessionid before exposing it to the external world, and decipher it to recover the jvmRoute and properly redirect the request.
But I guess that this would have very undesirable consequences on performance.
The "weak" way would be just obfuscate, i.e. let's say that the jsessionid is alea + '.' + jvmRoute. We could take a part of the alea to alter the jvmroute in a reversible way (XORing for instance).
Anyhow, the expected effect would be that the jvmroute would be externally different for each and every request.
Unfortunately, I have close to no C skills, hence I cannot make this myself.
(as a side note, coming from mod_jk, I'm quite impressed by the features mod_cluster offers! Thanks for the good work :) )
Hi,
the documentation talks about downloading a mod_cluster release (https://docs.modcluster.io/#downloads) and using it by unzipping (https://docs.modcluster.io/#install-the-whole-httpd).
The download links here https://www.modcluster.io/downloads/ however only direct to this GitHub repository, which I can only locate source tarballs in.
Am I missing something / should the documentation be updated to reference build instructions instead?
The README in this repository seems to furthermore only reference the JBOSS implementation, not the Apache modules.
Thanks for any pointers!
We use mode_cluster together with a cluster of Tomcat containers. Each container might have multiple versions of the same app deployed (using the parallel deloyment of Tomcat together with automatic undeployment of old versions). Now consider the usecase:
mod_cluster 1.4.1
Tomcat 9.0.21
On the docs page https://docs.modcluster.io/#_it_is_not_working_what_should_i_do
Check that Advertise message are received on the cluster node. A small
Java utility could be used to check Advertise. It is in the
mod_cluster repository and can be compiled using javac. The
output should be something like:
The text small Java utility
links to https://github.com/modcluster/mod_cluster/blob/master/test/java/Advertize.java which is 404.
The doc needs to be updated to reflect these changes.
I manually built a 1.3.1 mod_cluster to use against the latest apaches some months ago. Mostly this works fine, but I have a very strange issue.
I run the apache/mod_cluster combo inside a docker.
If I run it and I don't explicitly map the (internal) ports, docker will pick assign some random ones automatically.
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
2bde06b591d9 rt_cluster:latest "/bin/bash /run.sh" 11 minutes ago Up 11 minutes 0.0.0.0:49154->80/tcp, 0.0.0.0:49155->6666/tcp, 0.0.0.0:49161->22/tcp rt-frontend
I can connect to the port 49154, and sticky sessions work correctly, and failover works correctly.
however. If I manually map either of those two ports (-p 80:80), badness happens. If I stop the host that my jsessionId cookie is bound to, instead of failing over, nothing happens on the client. Even more strangely, I get a segfault in the logs:
[Tue Oct 14 15:38:32.236872 2014] [core:notice] [pid 9:tid 140433123825536] AH00052: child pid 69 exit signal Segmentation fault (11)
[Tue Oct 14 15:38:32.243495 2014] [:error] [pid 98:tid 140432948328192] proxy: CLUSTER: (balancer://rtcluster). All workers are in error state for route (155dc85835c7)
[Tue Oct 14 15:38:34.238732 2014] [:notice] [pid 98:tid 140433037821696] Balancer rtcluster changed
I cannot for the life of me guess at how the environment is different when a specific port is mapped through, so this is a query just in case someone has seen this before, or has a good guess.
I'm going to try to re-build 1.3.1 from master and see if it's still an issue.
In the README, there are several comments such as
Distribution archives are provided for each Tomcat version.
but I don't see any.
Does this still hold true? If yes, I would suggest clarifying (or even better adding links) , otherwise we should revise this.
We use Wildfly 10 with modcluster to balance a couple of app server instances. Now, we are looking for a way to tell the load balancer that a node is in trouble and should be removed from the list of balancing members.
I did not find a (documented) way to this in an elegant manner. So, I added a custom LoadMetric that reports errors by throwing an exception (at least this is what the API invites to). However, my exception is swallowed in DynamicLoadBalanceFactorProvider#getLoadBalanceFactor().
The point is: Is there a possibility to invoke a kind of DISABLE-APP event or something similar? If not, a nicer exception handling in DynamicLoadBalanceFactorProvider would be desirable. For example, returning -1 in case of an exception will lead to disablement of the cluster member.
We ran into what was ultimately a configuration error in our chef setup but because of how mod_cluster failed, it took us a while to figure out what the problem really was. It presented as random crashes in apache processes with the following two lines in error.log:
[notice] child pid 12758 exit signal Aborted (6), possible coredump in /etc/apache2
apache2: misc/apr_reslist.c:159: reslist_cleanup: Assertion `rl->ntotal == 0' failed.
The ultimate problem was that our wildfly instances were being set up to bind to 0.0.0.0 and then were reporting that IP to mod_cluster. Detail that may be relevant here: We are not using multicast for discovery. We are explicitly setting the IP of the apache servers in the wildfly config like so:
<subsystem xmlns="urn:jboss:domain:modcluster:1.2">
<mod-cluster-config advertise-socket="modcluster" proxy-list="10.133.248.4:6666,10.133.248.5:6666,10.133.248.6:6666,10.133.248.7:6666" advertise="false" load-balancing-group="${mycluster.modcluster.lbgroup:StdLBGroup}" connector="ajp">
<dynamic-load-provider>
<load-metric type="busyness"/>
</dynamic-load-provider>
</mod-cluster-config>
</subsystem>
Anyway, the end result is that the mod_cluster-manager page was displaying this (node details removed for brevity):
Now, clearly this configuration is wrong. The only reason it even worked in the first place to serve up any content was that wildfly is currently running on the same host as apache so sending requests to 0.0.0.0 actually works. If this was not the case, requests would have thrown 404s or 503s or something and the problem would have been obvious. But the setup worked well enough that we thought maybe it was some kind of mismatch between apache and mod_cluster since we were using an older version of mod_cluster initially. So we spent time trying to chase down possible bugs or issues in our installation process.
Our current theory is that the crashes happened when mod_cluster decided to switch a user to a different node for load balancing reasons and then either the duplicated connect string or the fact that when it tried to talk to a different node, it got the same one on 0.0.0.0 caused the crash.
I'm not sure what would constitute a fix for this. One simple solution might just be to have mod_cluster complain loudly if two nodes register themselves with the same connect string. Is there any valid reason for this to ever happen? One line in error.log would have saved us hours of debugging.
I want integrate mod_cluster with embedded Tomcat 8. Do you have any advise? I'll be very grateful for your help.
I am configuring mod_cluster, using apache, Jboss EAP 6.3. Extracted mod_cluster-1.2.6.Final-linux2-x64-so.tar and copied :mod_advertise.so, mod_manager.so, mod_slotmem.so, mod_proxy_cluster.so into /etc/httpd/modules directory.
Made following changed to httpd.conf file:
LoadModule proxy_module modules/mod_proxy.so
LoadModule proxy_ajp_module modules/mod_proxy_ajp.so
#LoadModule slotmem_module modules/mod_slotmem.so
LoadModule manager_module modules/mod_manager.so
#LoadModule proxy_cluster_module modules/mod_proxy_cluster.so
Listen 127.0.0.1:1001
<VirtualHost 127.0.0.1:1001>
Order deny,allow
Allow from all
KeepAliveTimeout 300
MaxKeepAliveRequests 0
#AdvertiseFrequency 5
#ServerAdvertise off
EnableMCPMReceive On
<Location /mod_cluster-manager>
SetHandler mod_cluster-manager
Order deny,allow
Allow from all
Require all granted
While running the apache server, I am getting following error. Apache server is not coming up:
httpd: Syntax error on line 357 of /etc/httpd/conf/httpd.conf: Cannot load modules/mod_manager.so into server: /etc/httpd/modules/mod_manager.so: undefined symbol: ap_my_generation
What is the solution to fix above issu
trying these commands::
# wget https://github.com/modcluster/mod_cluster/archive/refs/tags/1.3.20.Final.tar.gz
# tar -xf 1.3.20.Final.tar.gz
# cd mod_cluster-1.3.20.Final/native/
# mkdir build
# cd build/
# cmake ../ -G "Unix Makefiles"
# make
# cp modules/*.so /etc/httpd/modules/
# systemctl start httpd
# systemctl start wildfly
but in apache console i see:
[mpm_prefork:notice] [pid 20745] AH00163: Apache/2.4.58 () OpenSSL/1.0.2k-fips mod_cluster/1.3.20.Final configured -- resuming normal operations
then
AH01144: No protocol handler was valid for the URL /rest/api/v1/autenticate
AH01144: No protocol handler was valid for the URL /app.css
AH01144: No protocol handler was valid for the URL /app.js
AH01144: No protocol handler was valid for the URL /..........................
only version that works is:
[mpm_prefork:notice] [pid 26068] AH00163: Apache/2.4.58 () OpenSSL/1.0.2k-fips mod_cluster/1.3.11.Final configured -- resuming normal operations
what am I doing wrong ?
I configured httpd with modcluster and I want to redirect www to non-www version while using SSL but it did not work.
My current configuration work as follow
http://www.qoosi.com => https://qoosi.com ( not work )
http://qoosi.com => https://qoosi.com ( work)
https://www.qoosi.com => https://qoosi.com ( not work)
Here is the configuration for modcluster and a virtual host listen on port 80 to forward from http to https:
<IfModule manager_module>
Listen 192.168.123.9:6666
ManagerBalancerName wfycluster
<VirtualHost 192.168.123.9:6666>
AllowDisplay On
ServerAdvertise On
KeepAliveTimeout 300
MaxKeepAliveRequests 0
AdvertiseFrequency 5
ServerAdvertise On 192.168.123.9:6666
AdvertiseGroup 224.0.1.105:23364
EnableMCPMReceive On
ProxyPassMatch ^/sas/ !
ProxyPass / balancer://wfycluster stickysession=JSESSIONID|jsessionid nofailover=on
ProxyPassReverse / balancer://wyfcluster
ProxyPreserveHost on
<Location />
Require all granted
</Location>
<Location /wfycluster>
SetHandler mod_cluster-manager
Require all granted
</Location>
</VirtualHost>
</IfModule>
<VirtualHost *:80>
<VirtualHost *:80>
RewriteEngine On
RewriteCond %{HTTP_HOST} ^www\.(.*)$ [NC]
RewriteRule ^(.*)$ https://%1/$1 [R=301,L]
</VirtualHost>
Here is the configuration for SSL virtual-host(ssl.conf):
Listen 443 https
SSLPassPhraseDialog exec:/usr/libexec/httpd-ssl-pass-dialog
SSLSessionCache shmcb:/run/httpd/sslcache(512000)
SSLSessionCacheTimeout 300
SSLCryptoDevice builtin
<VirtualHost _default_:443>
#DocumentRoot "/var/www/html"
ServerName qoosi.com:443
ServerAlias wwww.qoosi.com:443
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteCond %{ENV:HTTPS} off
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301,NE]
RewriteCond %{HTTP_HOST} ^www\.(.+)$ [NC]
RewriteRule ^ https://%1%{REQUEST_URI} [L,R=301,NE]
ProxyPassMatch ^/sas/ !
ProxyPass / balancer://wfycluster stickysession=JSESSIONID|jsessionid nofailover=on
ProxyPassReverse / balancer://wyfcluster
ProxyPreserveHost on
#static asset
alias /sas /var/www/html/sas
ErrorLog logs/ssl_error_log
TransferLog logs/ssl_access_log
LogLevel warn
SSLEngine on
SSLProtocol all -SSLv2
SSLCipherSuite HIGH:MEDIUM:!aNULL:!MD5:!SEED:!IDEA
SSLCertificateFile /etc/httpd/ssl/qoosi_com.crt
SSLCertificateKeyFile /etc/httpd/ssl/qoosi_com.key
#SSLCertificateChainFile /etc/pki/tls/certs/server-chain.crt
SSLCACertificateFile /etc/httpd/ssl/qoosi_com.ca-bundle
#SSLVerifyClient require
#SSLVerifyDepth 10
<Files ~ "\.(cgi|shtml|phtml|php3?)$">
SSLOptions +StdEnvVars
</Files>
<Directory "/var/www/cgi-bin">
SSLOptions +StdEnvVars
</Directory>
BrowserMatch "MSIE [2-5]" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
</VirtualHost>
http://www.jboss.org/mod_cluster is a broken link
pi@raspberrypi ~/mod_cluster/mod_cluster $ ~/apache-maven-3.2.1/bin/mvn -P dist package
[INFO] Scanning for projects...
Downloading: http://repository.jboss.org/maven2/org/jboss/jbossorg-docbook-xslt/1.1.0/jbossorg-docbook-xslt-1.1.0.pom
Downloading: http://repository.jboss.org/maven2/org/jboss/jbossorg-jdocbook-style/1.1.0/jbossorg-jdocbook-style-1.1.0.pom
Downloading: http://repository.jboss.org/maven2/net/sf/docbook/docbook/1.72.0/docbook-1.72.0.pom
Downloading: http://repository.jboss.org/maven2/javax/media/jai-core/1.1.3/jai-core-1.1.3.pom
Downloading: http://repository.jboss.org/maven2/com/sun/media/jai-codec/1.1.3/jai-codec-1.1.3.pom
[ERROR] The build could not read 1 project -> [Help 1]
[ERROR]
[ERROR] The project org.jboss:User-Guide-en:1.3.1.Final-SNAPSHOT (/home/pi/mod_cluster/mod_cluster/docs/userguide/pom.xml) has 2 errors
[ERROR] Unresolveable build extension: Plugin org.jboss.maven.plugins:maven-jdocbook-plugin:2.1.2 or one of its dependencies could not be resolved: Failed to collect dependencies at org.jboss.maven.plugins:maven-jdocbook-plugin:jar:2.1.2 -> org.jboss:jbossorg-docbook-xslt:jar:1.1.0: Failed to read artifact descriptor for org.jboss:jbossorg-docbook-xslt:jar:1.1.0: Could not transfer artifact org.jboss:jbossorg-docbook-xslt:pom:1.1.0 from/to old jboss.org (http://repository.jboss.org/maven2): Access denied to: http://repository.jboss.org/maven2/org/jboss/jbossorg-docbook-xslt/1.1.0/jbossorg-docbook-xslt-1.1.0.pom , ReasonPhrase:Forbidden. -> [Help 2]
[ERROR] Unknown packaging: jdocbook @ org.jboss:User-Guide-${translation}:1.3.1.Final-SNAPSHOT, /home/pi/mod_cluster/mod_cluster/docs/userguide/pom.xml, line 11, column 14
[ERROR]
[ERROR] To see the full stack trace of the errors, re-run Maven with the -e switch.
[ERROR] Re-run Maven using the -X switch to enable full debug logging.
[ERROR]
[ERROR] For more information about the errors and possible solutions, please read the following articles:
[ERROR] [Help 1] http://cwiki.apache.org/confluence/display/MAVEN/ProjectBuildingException
[ERROR] [Help 2] http://cwiki.apache.org/confluence/display/MAVEN/PluginResolutionException
Various links at http://mod-cluster.jboss.org/ are broken, they are prepending an extra "/mod_cluster/" to the correct addresses.
For example, the "Documentation" link currently points to: http://mod-cluster.jboss.org/mod_cluster/docs which is broken, but the correct address is: http://mod-cluster.jboss.org/docs
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.