0

We have a JBoss production on which our Java application is running. We have configured an Apache Server(DMZ) to route the traffic to JBoss production server and to increase security. We have used Apache's mod_jk module for routing to production and Apache version 2.2. It was working fine for few months but for some time we are having this error:

Bad Gateway
The proxy server received an invalid response from upstream server.

My worker.property on Apache is:

worker.list=ws    
worker.ws.port=8009
worker.ws.host=192.168.56.102
worker.ws.type=ajp13

My httpd.conf file has following virtual host for this worker:

<virtualhost *:443>
 ErrorLog "logs/dmz-error.log"
 CustomLog "logs/dmz-access.log" common

 JkMount /ws/ ws
 JkMount /* ws

 JkLogFile logs/mod_jk_prod.log
 JkLogLevel error
 JkLogStampFormat "[%a %b %d %H:%M:%S %Y]"
 JkOptions +ForwardKeySize +ForwardURICompatUnparsed -ForwardDirectories
 JkRequestLogFormat "%w %V %T"

 RewriteEngine On
 RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK)
 RewriteRule .* - [F]
</virtualhost>

JBoss is running on default configuration. This system was running with an old Apache version with same configurations and routing. But we needed to replace the Apache machine and also we were requested to upgrade Apache to 2.2 version. We are facing this problem for almost 2 months. Mod_jk log shows following error:

[Tue Sep 23 11:52:01 2014][1392:1900] [error] ajp_get_reply::jk_ajp_common.c (2126): (ws) Tomcat is down or refused connection. No response has been sent to the client (yet)
[Tue Sep 23 11:52:01 2014][1392:4028] [error] ajp_get_reply::jk_ajp_common.c (2126): (ws) Tomcat is down or refused connection. No response has been sent to the client (yet)

We cannot find any solution for this problem. When this error is shown, refreshing the page for few times resolves it but some times, we cannot access our application. How can I know the actual cause of this error? Some body please help.

Umair
  • 1
  • 1

1 Answers1

0

This is probably happening because the firewall is severing the ajp13 connection between mod_jk and JBoss. This is not a problem with the firewall, however, but is likely due to configuration defaults in mod_jk's workers.properties and in the JBoss.

In workers.properties, add:

worker.list=ws    
worker.ws.port=8009
worker.ws.host=192.168.56.102
worker.ws.type=ajp13
worker.ws.socket_keepalive=True
worker.ws.connection_pool_timeout=600

"socket_keepalive" will send keepalives across the ajp13 session to JBoss.

"connection_pool_timeout" will close the ajp13 session after 10 minutes of inactivity.

In server.xml on the JBoss ajp13 connector section (JBoss 4,5,6)

<!-- Define an AJP 1.3 Connector on port 8009 -->
<Connector port="8009" protocol="AJP/1.3" redirectPort="8443"
connectionTimeout="600000" />

JBoss 7 Make web connector connectionTimeout configurable and Configuring jboss7 ajp connector timeout

Federico Sierra
  • 3,589
  • 1
  • 20
  • 26
  • I currently have following configuration on JBoss: `` You mean to say that due to unmatched time out between Apache and JBoss, this error is occurring. Thanks for your help. I will apply the changes you suggested in the server. – Umair Sep 26 '14 at 05:13
  • @Umair You're welcome. This link will also be useful [Troubleshooting and optimizing mod_jk](https://access.redhat.com/documentation/en-US/JBoss_Enterprise_Application_Platform/5/html/HTTP_Connectors_Load_Balancing_Guide/Apache_HTTP_Troubleshooting.html) – Federico Sierra Sep 26 '14 at 14:16