Sunday, 30 March 2014

Apache Virtual Host Definition and Configuration


Apache  : What is Virtualhost ? and how to configure Virtualhost with apache? 


Virtual Host as explained by name itself, is something with which you can run multiple websites on same server. for example I have two website myblog.com and myweblogicblog.com running on same physical server where i have an apache server is running. So, if i will access myblog.co.com.com or myweblogicblog.com, both will server by same physical server and by same apache server. ( multiple websites and one apache server )




There are two type of virtual hosting - 

1. I.P based virtual hosting ( old one and rarely in use as of now )
2. Name based virtual hosting ( widely used option as of today )


In I.P based virtual hosting, you have to use separate i.p for each website, means you need to have separate ethernet card for each website. So, if you have myblog.c
om and myweblogicblog.com on same physical machine then you have to use separate NIC card for both to have a separate i.p for websites, this directly related with high cost.



In Name base Virtual hosting, you need only one i.p address for your server, your each website will point to same server, You have register all your websites on DNS to point to same i.p address. When apache webserver receives requests, based oh the hostname on header, it serves different websites.

 So, in below figure, both myblog.c and myweblogicblog.com will be pointing to same server with single i.p address, and during access of any of the website, based on hostname in header, requests will be server by the apache.




Configuration in Apache


1. First you have to uncomment below lines in apache httpd.cong

Include conf/extra/httpd-vhosts.conf

2.  You have to add entries in httpd-vhosts.conf under conf/extra folder.

NameVirtualHost *:80 
This shows that all of the name-based virtual hosts will be listen on the default port 80

<VirtualHost *:80> </VirtualHost>
You have to configure for each virtual host 

I will define two virtual hosts, one for myblog.com and other for myweblogicblog.com, both running on same default port 80

So, there will be two <VirtualHost *:80> </VirtualHost>, one for each website.

When you will access myblog.com, the files under C:\Apache\myblog will be served by Apache and the access_log and error_log for this site will go under C:\Apache\logs\myblog\

When you will access myweblogicblog.com, the files under C:\Apache\myweblogicblog will be served by Apache and the access_log and error_log for this site will go under C:\Apache\logs\myweblogicblog\


# C:\Apache\conf\extra\httpd-vhosts.conf

NameVirtualHost *:80

# myblog virtual host
<VirtualHost *:80>
<Directory />
        Allow from all
    </Directory>
    ServerAdmin mukesh.negi0910@outlook.com
    DocumentRoot "C:\Apache\myblog"
    ServerName myblog.com
    ServerAlias www.myblog.com
    ErrorLog "logs\myblog\error_log"
    CustomLog "logs\myblog\access_log" common
</VirtualHost>

#myweblogicblog virtual host
<VirtualHost *:80>
<Directory />
        Allow from all
    </Directory>
    ServerAdmin mukesh.negi0910@outlook.com
    DocumentRoot "C:\Apache\myweblogicblog"
    ServerName myweblogicblog.com
    ServerAlias www.myweblogicblog.com
    ErrorLog "logs\myweblogicblog\error_log"
    CustomLog "logs\myweblogicblog\access_log" common
</VirtualHost>

3. Restart your apache server

So, when you hit myblog.com then it will server from C:\Apache\myblog, and when you hit myweblogicblog.com then it will server from C:\Apache\myweblogicblog

For testing you can create a simple index.html files under C:\Apache\myblog and C:\Apache\myweblogicblog with a simple text like "from myblog.com" and "from myweblogicblog.com"




Posted by at No comments:

Saturday, 29 March 2014

Apache SSL Configuration : How to configure apache for SSL


Apache SSL Configuration : How to configure apache for SSL

Apache come with two versions, one for SSL and other for non ssl

So, if you are downloading apache for SSL configuration download in below format naming convention  

httpd-2.2.25-win32-x86-openssl-0.9.8y.msi

and if you are downloading apache for SSL configuration download in below format naming convention  

httpd-2.2.25-win32-x86-no_ssl.msi

Download from here

http://httpd.apache.org/download.cgi#apache24
http://www.eng.lsu.edu/mirrors/apache//httpd/binaries/win32/
Installation is straight forward. I have  installed at C:\Apache

After installation -

Generate certificate ( private ) key

C:\Program Files (x86)\Apache Software Foundation\Apache2.2\bin>openssl   genrsa   -des3   -out server.key   1024
Loading 'screen' into random state - done
Generating RSA private key, 1024 bit long modulus
..................++++++
......++++++
e is 65537 (0x10001)
Enter pass phrase for server.key:
Verifying - Enter pass phrase for server.key:

Now, generate the certificate request ( CSR )

sharing the errors i have got during configuration on Windows

C:\Program Files (x86)\Apache Software Foundation\Apache2.2\bin>openssl req -new -key server.key -config " C:\Apache\conf \openssl.cnf" -out server.csr
error on line -1 of C:\Program Files (x86)\Apache Software Foundation\Apache2.2\conf \openssl.cnf
2036:error:02001003:system library:fopen:No such process:.\crypto\bio\bss_file.c:126:fopen('C:\Program Files (x86)\Apache Software Foundation\Apache2.2\conf \openssl.cnf','rb')
2036:error:2006D080:BIO routines:BIO_new_file:no such file:.\crypto\bio\bss_file.c:129:
2036:error:0E078072:configuration file routines:DEF_LOAD:no such file:.\crypto\conf\conf_def.c:197:
C:\Program Files (x86)\Apache Software Foundation\Apache2.2\bin>

if you get above error then,  copy openssl.con from conf to bin directory and run again

C:\Program Files (x86)\Apache Software Foundation\Apache2.2\bin>openssl req -new -key server.key -config openssl.cnf -out server.csr
Enter pass phrase for server.key:
Loading 'screen' into random state - done
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:webl0gic
string is too long, it needs to be less than  2 bytes long
Country Name (2 letter code) [AU]:IN
State or Province Name (full name) [Some-State]:UP
Locality Name (eg, city) []:Ghaziabad
Organization Name (eg, company) [Internet Widgits Pty Ltd]:OracleIndiaPvtLtd
Organizational Unit Name (eg, section) []:OnDemand
Common Name (e.g. server FQDN or YOUR name) []:weblogicserveradministration.blogspot.com
Email Address []:mukesh.negi0910@outlook.com

Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:webl0gic
An optional company name []:Oracle

Apache SSL configuration for self signed certificates

Generate the self signed  certificate using above generated private key and csr

C:\Apache\bin>openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt
Loading 'screen' into random state - done
Signature ok
subject=/C=IN/ST=UP/L=Ghaziabad/O=Oracle/OU=OnDemand/CN=weblogicserveradministration.blogspot.com/emailAddress=mukesh.negi0910@outlook.com
Getting Private key
Enter pass phrase for server.key:


Now make sure to copy your server.key and server.crt files under conf directory.

Now, open httpd.conf file and enable below lines by removing #

LoadModule ssl_module modules/mod_ssl.so
Include conf/extra/httpd-ssl.conf

Now, go to conf/extra, open httpd-ssl.conf  and make sure below lines enabled, if not enabled by removing #

SSLCertificateFile "C:/Apache/conf/server.crt"
SSLCertificateKeyFile "C:/Apache/conf/server.key"

Now restart apaches and tests as below

https://localhost or https://localhost:443

Default secure port ( in httpd-ssl.cong ) is 443, if you want to change it then update at below locations in httpd-ssl.conf and restart apache

-----------------------------------------------------------
Listen 443
<VirtualHost _default_:443>
#   General setup for the virtual host
DocumentRoot "C:/Apache/htdocs"
ServerName localhost:443
-----------------------------------------------------------
and test as https://localhost:new_port_defined_in_httpd_ssl.conf

  
Apache SSL configuration for trusted Third Party certificates

Above is the self signed certificate SSl configuration, for third party trusted ssl configuration, send the generated .csr file to the certificate authority and they will send you two certificates, called intermediate( DigiCert will send you DigiCertCA.crt ) and primary certificate ( your_domain.crt) save it under conf directory and update httpd-ssl.conf for below parameters and restart apache.

SSLCertificateFile      /path/to/your_domain.crt
SSLCertificateKeyFile   /path/to/your_private.key ( which is server.key in our case )
SSLCertificateChainFile /path/to/DigiCertCA.crt ( enable this one also )



Posted by at No comments:

Weblogic WLST ( Weblogic Scripting Tool )

Posted by at No comments:

Friday, 28 March 2014

Weblogic Server : How to use encrypted username & password with weblogic.Admin command instead of providing hard coded values


How to use encrypted username & password with weblogic.Admin command instead of providing hard coded values

Run belo command to generate encrypted username & password

E:\Oracle\WLS1036\user_projects\domains\base_domain>java weblogic.Admin -username weblogic -password webl0gic -userconfigfile configfile -userkeyfile keyfile STOREUSERCONFIG
Creating the key file can reduce the security of your system if it is not kept in a secured location after it is created. Do you want to create the key file? y or n  y

( when prompted enter y )


Above command will create two files with name keyfile & configfile under your domain directory, now use both as below instead of providing direct hardcoded username & password 


E:\Oracle\WLS1036\user_projects\domains\base_domain>java weblogic.Admin -url localhost:7001 -userconfigfile E:\Oracle\WLS1036\user_projects\domains\base_domain\configfile -userkeyfile E:\Oracle\WLS1036\user_projects\domains\base_domain\keyfile GETSTATE

Current state of "AdminServer" : RUNNING




Posted by at No comments:

Weblogic WLST : Basics


Weblogic WLST : Basics of WLST ( Weblogic Scripting Tool )


First run setDomainEnv to set classpath

E:\Oracle\WLS1036\user_projects\domains\base_domain\bin>setDomainEnv.cmd

Now run below commands to connect with WLST prompt

E:\Oracle\WLS1036\user_projects\domains\base_domain>java weblogic.WLST
Exception in thread "Main Thread" java.lang.NoClassDefFoundError: weblogic/WLST
Caused by: java.lang.ClassNotFoundException: weblogic.WLST
        at java.net.URLClassLoader$1.run(URLClassLoader.java:202)
        at java.net.URLClassLoader.findClass(URLClassLoader.java:190)
        at java.lang.ClassLoader.loadClass(ClassLoader.java:306)
        at sun.misc.Launcher$AppClassLoader.loadClass(Launcher.java:308)
        at java.lang.ClassLoader.loadClass(ClassLoader.java:247)
Could not find the main class: weblogic.WLST.  Program will exit.

if you get above error then use -cp with java with full weblogic.jar in path

E:\Oracle\WLS1036\user_projects\domains\base_domain>java -cp E:\Oracle\WLS1036\wlserver_10.3\server\lib\weblogic.jar weblogic.WLST

Initializing WebLogic Scripting Tool (WLST) ...

Welcome to WebLogic Server Administration Scripting Shell

Type help() for help on available commands

wls:/offline>

Now, at WLST prompt, use below command to connect with admin server

wls:/offline> connect('weblogic','webl0gic','t3://localhost:7001')
Connecting to t3://localhost:7001 with userid weblogic ...
Successfully connected to Admin Server 'AdminServer' that belongs to domain 'base_domain'.

Warning: An insecure protocol was used to connect to the
server. To ensure on-the-wire security, the SSL port or
Admin port should be used instead.

wls:/base_domain/serverConfig>

use below command to connect with node manager

wls:/offline> nmConnect('weblogic','webl0gic','localhost','5556','base_domain','E:/Oracle/WLS1036/user_projects/domains/base_domain','plain')

Connecting to Node Manager ...
Traceback (innermost last):
  File "<console>", line 1, in ?
  File "<iostream>", line 1408, in nmConnect
  File "<iostream>", line 1847, in raiseWLSTException
WLSTException: Error occured while performing nmConnect : Cannot connect to Node Manager. : Access to domain 'base_domain' for user 'weblogic' denie
Use dumpStack() to view the full stacktrace

if you get above error then


1. change node manager username and password as you have mentioned in nmConnect command from admin console => admin console > domain > security > under advance option ( NodeManager Username & NodeManager Password )

2. if still getting error, the update nm_password.properties under domain/config/nodemanager as below

username=weblogic
password=webl0gic

and restart nodemanager

wls:/offline> nmConnect('weblogic','webl0gic','localhost','5556','base_domain','E:/Oracle/WLS1036/user_projects/domains/base_domain','plain')
Connecting to Node Manager ...
Successfully Connected to Node Manager.
wls:/nm/base_domain>

To check status of server using node manager

wls:/nm/base_domain> nmServerStatus('MS1')

RUNNING

To start a server using node manager

wls:/nm/base_domain> nmStart('MS2')
Starting server MS2 ...
Successfully started server MS2 ...
wls:/nm/base_domain>

To disconnect fron node manager

wls:/nm/base_domain> nmDisconnect()
Successfully disconnected from Node Manager.

wls:/offline>

For further WST commands see below post

http://weblogicserveradministration.blogspot.in/2010/10/wlst-iii-online-and-offline-command.html

If you want to run few command via script then add all lines in a .py file in sequence and execute as below


java -cp E:\Oracle\WLS1036\wlserver_10.3\server\lib\weblogic.jar weblogic.WLST your_script.py

your_script.py as below to connect and start managed server MS1 with node manager

---------------------------------------------------------------------------------------------------------------------------------
nmConnect('weblogic','webl0gic','localhost','5556','base_domain','E:/Oracle/WLS1036/user_projects/domains/base_domain','plain')
nmStart('MS1')
nmServerStatus('MS1')
nmDisconnect()
--------------------------------------------------------------------------------------------------------------------------------





Posted by at No comments:

Sunday, 23 March 2014

Apache : What is reverse proxy, How it's work and Configuration


Apache : What is reverse proxy, How it's work and Configuration


Coming Soon............Stay Tune :)
Posted by at 1 comment:

Sunday, 16 March 2014

Apache : Troubleshooting Load Balancing, Status with mod_status and mod_info, Monitoring with WebLogicBridgeConfig


Apache : Troubleshooting Load Balancing, Status with mod_status and mod_info, Monitoring with WebLogicBridgeConfig


If you have knowledge of apache or any other web server like IIS, Iplanet etc and any application server like weblogic, websphere, jboss, tomcat etc, and worked or working in a support environment then you must have knowledge on web server and application server integration, and the concept of load balancing.

Most of the very common issue related with same we generally see is uneven load balancing of requests from web server to the application server. almost all of the organizations use a hardware load balancer ( like bigip, cisco ace etc ) either to divert the request to web server and then from web server to application server, or some organizations don't use web server and directly  send request to application server.

So, the basic architecture with hardware load balancer, web server and application server is -

Architecture 1
hardware load balancer => web server => application server ( with a single web server )


Architecture 2
hardware load balancer => web server => application ( more than one web server )



Architecture 3
hardware load balancer => application server ( without web server )



Architecture 4
hardware load balancer => application server ( with two hardware load balancers )



Based on above diagrams, you can imagine we can use n numbers of hardware load balancers, n number of web servers, and n number of application servers combinations to create a proper load balancing environment.

One thing I would like to clear you that there is no relation of cluster algorithms with the web ( http ) requests, means weblogic cluster don't  do the load balancing of http requests, for that you have to use either a web server or harware load balancer for load balancing the http requests.

Now,  the main issue we generally face is the load balancing from web server or hardware load balancer to application servers not working properly. ideal behavior is all nodes in the cluster should get equal number  ( or almost equal )  of requests.

 I am going to demonstrate you what could be possible causes of this, how we can troubleshoot it.

So, the first question is -

What could be the cause of uneven distributions of requests ?

Problem 1
you can define problem as, uneven load balancing of http requests due to uneven load balancing of http sessions.
Basically, proxy send requests to clustered nodes without session cookie, means every time request reach  to web server it divert to next new node on the cluster in round robin fashion, means each node in the cluster should get equal number of http sessions. if this does not happen, your any of the node or nodes in cluster will get more number of http sessions because of sticky session load balancing policy or you can say session affinity based load balancing.

what happened with sticky or session affinity load balancing is, when your http request connect with a server/node in a cluster, all subsequent requests for the same session send to the same server/node every time, that request create a session and maintain it in the request header, thus called uneven load balancing.
So, you can directly go ahead and disable the sticky load balancing / session affinity at hardware load balancer level.

Problem 2
Generally a proxy maintain a in-memory list of clustered nodes in General server List, which contain all the servers in good health at that of time, and proxy send requests to all nodes in round robin fashion. proxy general server list is almost the same as static servers defined in web server file, but sometime if there is some issues with any of the clustered node(s)/server(s) the proxy General Server List shrink to limited number of servers/nodes with good in health and this also cause unequal load balancing.


Troubleshooting - 

There are certain ways to troubleshoot this problems. below troubleshooting ways and steps are based on apache and weblogic configuration.

1. Enabling WebLogicBridgeConfig using DebugConfigInfo parameter at apache
2. Enabling server-status using mod_status module at apache

and with both above options, you have to enable Debug parameter also to enable the debug logging for apache.

Enabling WebLogicBridgeConfig using DebugConfigInfo parameter at apache

Below is my apache configuration
# Enable this with DebugConfigInfo to get detailed information
ExtendedStatus On
# Module to configure apache with weblogic
LoadModule weblogic_module modules/mod_wl_20.so
# configuration to access any of the web application deployed on weblogic
<Location />
SetHandler weblogic-handler
</Location>
# weblogic nodes configuration, with enable Debug and DebugConfigInfo
<IfModule mod_weblogic.c>
WebLogicCluster localhost:7002,localhost:7003
Debug ALL
DebugConfigInfo on
WLLogFile c:/temp/wlproxy.log
WLTempDir c:/temp


Enabling server-status using mod_status module at apache
# Enable server-status module and configuration to access server-status
</IfModule>
LoadModule status_module modules/mod_status.so
ExtendedStatus On
<Location /server-status>
   SetHandler server-status
      Order Deny,Allow
#   Deny from all
   Allow from localhost
   </Location>




Rest Coming Soon...............
Posted by at No comments:

Apache : Configuration with Weblogic Server, Load Balancing, Performance Tuning

Posted by at No comments:

Saturday, 15 March 2014

Weblogic Server : Custom Memory Heap Setting For Each Server


Weblogic Server : Custom Memory Heap Setting For Each Server

This is one of my favorite question which i frequently asked in lot's of interviews. We all know to change or alter memory heap size we have to chnage -Xms and -Xmx parameters either in setDomainEnv.sh or in startup script for managed servers startManagedServer.sh, but what would be case if I need to set different heap size for each managed servers? Yes, one way you most of the guys know is just create different startup script for each managed server and start server with the help of that, but most of the guys struggled a lot why changed heap is not reflecting even modified the startup scripts for all managed servers. so here are the reason and different ways which we can used to define different heap for different managed servers.

First, if you created separate startup files for each managed server then you have to make sure, inside each startup script, you should not be calling setDomainEnv.sh or commEnv.sh, otherwise your memory parameters will be override by the values existing in this script. So, make sure to define your memory heap parameters after any place where you are calling above scripts in your startup scripts.

Ok, Now here are different ways - 

1. For Admin Server 

Since, startWebLogic.sh is the script only used to start admin server, thus whatever the value you will update will reflect but only make sure you are updating new values after the place where you are calling, or i will add the values here in script


MEM_ARGS="-Xms<value>m  -Xmx<value>m"
export MEM_ARGS

2. For Managed Server(s)

You can have four ways to assign different memory arguments for managed servers

2.1 

Start your managed server as below 

startManagedWebLogic <Name_Of_Managed_Server> <Admin_URL> -Xms<value>m -Xmx<value>m

where <Name_Of_Managed_Server> is your managed server name.
<Admin_URL> is the Adminstration Server URL, for example http://localhost:7001
<value> in -Xms<value>m -Xmx<value>m, is the desired heap size, for example, -Xms512m -Xmx512m

2.2

Create custom scripts for each managed server and add memory heap parameters after you are calling setDomainEnv.sh, add as below 

After the JAVA_OPTIONS = "... {JAVA_OPTIONS}" line type:
JAVA_OPTIONS="${JAVA_OPTIONS} -Xms<value>m -Xmx<value>m"

2.3


If you are using the Node Manager then, From admin console, select the server, <Managed_Server> then configuration then Server Start then arguments, then add -Xms<value>m -Xmx<value>m under the arguments tab.


2.4

Directly edit the config.xml file and add argument as below

<server>
  <name>MS1</name>
  ...
  <server-start>
    <arguments>-Xms128m -Xmx128m</arguments>
  </server-start>
  ...
</server>

Ian s
Posted by at No comments:

Weblogic Server JDBC Connect String For Failover and Load Balancing

Weblogic Server Connect String For Failover and Load Balancing


There is a feature of JDBC ( not weblogic ) where you can use your single data source to load balance or failover the requests between different data source nodes ( for example different RAC nodes ), though it's good and easy to configure approach but have few limitations also.


A normal JDBC Connection String is like below 

jdbc:oracle:thin:@localhost:1521:XEDB


A Load-Balanced JDBC Connection String is like below 

jdbc:oracle:thin:@(description=(address_list=
(load_balance=on)
(failover=on)
(address=(protocol=tcp)(host=db1.localhst.com)(port=1521))
(address=(protocol=tcp)(host=db2.localhost.com)(port=1521)))
(connect_data=(service_name=rac_node1)))

A  Failover JDBC Connection String is like below 

jdbc:oracle:thin:@(description=(address_list=
(load_balance=off)
(failover=on)
(address=(protocol=tcp)(host=db1.localhost.com)(port=1521))
(address=(protocol=tcp)(host=db2.localhost.com)(port=1521)))
(connect_data=(service_name=rac_node2)))


Drawback would be - 


Failover would only occur at connect-time, that means during the automatic failover, weblogic will create a new data base connection to the other node instead of using the existing pool connection.

And second drawback is, Global XA transactions are not supported, because there is no guarantee that all of your database transaction involved in a a operation will be direct to the same RAC instance, that would lead some intermittent behavior.

Posted by at No comments:

Weblogic Server, Multi DataSource, Load Balancing and Failover


Multi DataSource, Load Balancing and Failover

If you have some idea on Data Source, clustering and cluster algorithms then it's very easy for you to understand Multi Data Source. 

Let me give you some idea. Data Source is a group of ready to use data base connection which is used to get connections) from database as well as for better performance. Since, all the connection created at server startup ( based on the max connection limit defined ) thus it don't make any overhead on application and application server to get connections dynamically at run time. application pick the connection from data source connection pool, used it and returned back to the pool. certain cases you must heard about connection leaking, it nothing just the connection(s) opened in pool, taken by the application but never returned to the pool. most of times it happened when developers didn't close the pool with proper syntax.

Just like a cluster where we grouped different managed server for high availability, Multi Data Source is also just a group of Data Sources used for high availability to provide load balancing and failover capabilities for JDBC connections. 

and like cluster algorithms, there are two algorithms provided with Multi Data Source, First one is round robin, and second one is Failover. as you can understand from the name itself, round robin is just to load balance the load equally between all data sources and Failover is to provide failover capabilities, but during lot's of technical interviews i had taken, i felt the use of Failover is not very clear to majority of guys :), let read below.


Round Robin Algorithm :

This algo simple load balance the requests between all assigned data sources. As shown in figure below, if your multi data source get 2 requests, then it will equally divert them between both available data source in cyclic manner. 





Failover Algorithm :

Data Source or Multi Data Source don't do the failover of current active connections, like if some connection which is server by data source1 got disconnect between processing some requests, then data source or multi data source will not failover request to other available connection, it can be handled at database level.

With this algorithm, doesn't matter how many data sources you have assigned to the multi data source, every request will be serve by the primary first data source in the list until and unless it got failed due to any reason. In that case, if your primary  data source got down, all incoming requests will be server by the second data source till first primary data source recovered. 



Based on the data source connect string configuration at database listener level, round robin algorithm could be like below




Based on the data source connect string configuration at database listener level, Failover algorithm could be like below

Based on the data source connect string with database service name configuration at database listener level, round robin algorithm could be like below


Based on the data source connect string with database service name configuration at database listener level, failover algorithm could be like below


Posted by at 4 comments:

Sunday, 9 March 2014

Apache : Concurrent threads, Idle threads, max and min possible threads ( Max and Min connections )


Apache : Concurrent threads, Idle threads, max and min possible threads ( Max and Min connections )

Based on the MPM ( multi processing modules ) your apache web server is using, below are the important parameters those governs all these configurations


# StartServers                 : initial number of server processes to start
# MaxClients                   : maximum number of simultaneous client connections
# MinSpareThreads         : minimum number of worker threads which are kept spare
# MaxSpareThreads        : maximum number of worker threads which are kept spare
# ThreadsPerChild           : constant number of worker threads in each server process

# MaxRequestsPerChild   : maximum number of requests a server process serves

For example - 

ServerLimit 16
StartServers 2
MaxClients 200
MinSpareThreads 25
MaxSpareThreads 75
ThreadsPerChild 25


1. First of all, whenever an apache is started, it will start 2 child processes which is determined      by StartServers parameter. 

2. Then each process will start 25 threads determined by ThreadsPerChildparameter so this      means 2 process can service only 50 concurrent connections/clients i.e. 25x2=50. 

3. Now if more concurrent users comes, then another child process will start, that can service          another 25 users. 

4. But how many child processes can be started is controlled by ServerLimit parameter, this    means that in the configuration above, I can have 16 child processes in total, with each child       process can handle 25 thread, in total handling 16x25=400 concurrent users. 

5. But if number defined in MaxClients is less which is 200 here, then this means that after 8      child processes, no extra process will start since we have defined an upper cap                  
   of MaxClients

6. This also means that if I set MaxClients to 1000, after 16 child processes and 400     
    connections, no extra process will start and we cannot service more than 400 concurrent    
    clients even if we have increase the MaxClient parameter. 

In this case, we need to also increase ServerLimit to 1000/25 i.e. MaxClients/ThreadsPerChild=40 So this is the optmized configuration to server 1000 clients

So, the good configuration will be 


<IfModule mpm_worker_module>
    ServerLimit          40
    StartServers          2
    MaxClients          1000
    MinSpareThreads      25
    MaxSpareThreads      75 
    ThreadsPerChild      25
    MaxRequestsPerChild   0
</IfModule>
Posted by at No comments:
Subscribe to: Posts (Atom)