apache tomcat next
play

Apache Tomcat NEXT Progress Report Jean-Frederic Clere, Manager, - PowerPoint PPT Presentation

Mar 24, 2024 •589 likes •1.03k views

Apache Tomcat NEXT Progress Report Jean-Frederic Clere, Manager, Red Hat AGENDA Who I am New features from specifjcations Tomcat specifjc new features Tomcat features removed Internal changes Why Apache Tomcat 8.5?

  1. Apache Tomcat NEXT Progress Report Jean-Frederic Clere, Manager, Red Hat

  2. AGENDA Who I am • New features from specifjcations • Tomcat specifjc new features • Tomcat features removed • Internal changes • Why Apache Tomcat 8.5? • HTTP/2 and ALPN • SNI • OpenSSLImplementation • Migration from 8.0 to 8.5 • Get involved • Questions • 2

  3. Who I am Jean-Frederic Clere Red Hat Years writing JAVA code and server software Tomcat committer since 2001 Doing OpenSource since 1999 Cyclist/Runner etc Lived 15 years in Spain (Barcelona) Now in Neuchâtel (CH) 3

  4. Tomcat 4

  5. Tomcat versions Java Minimum 1 st Stable Tomcat Servlet JSP EL WebSocket JASPIC EOL EE Java SE Release 5.x 4 1.4 2.4 2.0 N/A N/A N/A 08 2004 09 2012 6.x 5 5 2.5 2.1 2.1 N/A N/A 02 2007 12 2016 7.x 6 6 3.0 2.2 2.2 1.1 N/A 01 2011 TBD 8.0.x 7 7 3.1 2.3 3.0 1.1 N/A 02 2014 xx 2016? 8.5.x 7 7 3.1 2.3 3.0 1.1 1.1 06 2016 TBD 9.x 8 8 4.0 2.4? 3.1? 2.0? 1.1? 2017 TBD xx: was 09 in June ;-) 8.0.38 released 11 October 5

  6. New features from specifjcations JavaEE 8 ● Key elements ● HTTP/2 ● Simplification ● Better integration for managed beans ● Better infrastructure for the cloud 6

  7. Specifjcations Servlet 4.0 ● HTTP/2 ● Usability improvements ● HttpFilter, default methods ● Clarifications ● Enhancement requests 7

  8. Specifjcations HTTP/2 ● HTTP/2 requires some TLS features ● Server Name Indication (SNI) ● Application Layer Protocol Negotiation (ALPN) ● Full support ● 8.5.3 considered stable. (since June 2016) ● h2c available (for proxies) ● h2 requires APR/native/OpenSSL due to ALPN requirements ● Server push available 8

  9. Specifjcations Servlet 4.0 HTTP/2 ● Java EE 8 must run on Java 8 ● Java EE 8 requires Servlet 4.0 ● Servlet 4.0 requires HTTP/2 ● HTTP/2 requires ALPN ● Java 8 does not support ALPN ● ALPN support will be available in Java 9 ● ALPN support will likely be backported to Java 8 at some point... 9

  10. Specifjcations Other ● WebSocket 1.2 (keep 1.1?) ● Standard extension for compression/multiplexing? ● JSP 2.4 (keep 2.3?) ● Imports to clarify (EL 3.0 related) ● EL 3.1 (keep 3.0?) ● Only minor improvements/clarifjcations needed ● JASPIC 1.1 (New!) ● Java Authentication Service Provider Interface for Containers. Used to support Oauth (login) 10

  11. Tomcat New Features TLS support improvements (1) ● Major rewrite of TLS support ● Tomcat 8 supports ● one TLS virtual host per connector ● one certificate per virtual host ● Tomcat 9 supports ● multiple virtual hosts per connector (SNI) ● multiple certificates per virtual host ● TLS configuration has changed to support this 11

  12. Tomcat New Features TLS support improvements (2) ● SNI and multiple certificates supported by all connectors ● APR/native support via the OpenSSL API ● JSSE support via parsing the initial handshake ● ALPN supported by APR/native or OpenSSLImplementation ● JSSE support is currently TBD ● Common (where possible) configuration for all connectors ● Some JSSE / OpenSSL differences remain. ● OpenSSL engine option of NIO and NIO2 connectors Allows OpenSSL performance with NIO/NIO2 APIs • Use automatically when tc-native is installed. • 12

  13. Tomcat Removed Features Old blocking O/I connectors... ● BIO HTTP and BIO AJP connectors ● Websocket and Servlet 3.1 require non-blocking IO ● Emulation of non-blocking is bad: • Complex • Not scalable • Risky: stuff that might break. • Decision remove them. Still 3 connectors: • NIO default connector • NIO2 introduced in Tomcat 8.0 • APR/Native still available. (requires tomcat-native libraries) • 13

  14. Tomcat Removed Features Comet ● Proprietary interface for asynchronous I/O ● Users are moving (have moved) to WebSocket ● Adds complexity to all the connectors ● Therefore decided to remove it 14

  15. Internal Changes Connectors ● Removed ● BIO ● Comet ● Reduce duplication ● HTTP upgrade from 12 classes to 3 ● HTTP/1.1 cleanup = removed ~ 50% (~2500 loc) ● AJP 1.3 cleanup = remove ~ 30% ● No connector specific HTTP/2 code ● Implementation specific per connector → Endpoint ● Implementation specific per connection → SocketWrapper 15

  16. Internal Changes Websocket ● Refactored I/O implementation Direct to Tomcat’s I/O layer ● Not via Servlet 3.1 non-blocking API ● ● Simpler ● Faster ● Extension support likely to require further refactoring? 16

  17. Internal Changes Other ● Remove use of system properties for configuration ● Move to per Context / Host / Server / Connector ● keep the system property as a default ● Made RFC 6265 CookieProcessor the default ● Note UTF-8 extension 17

  18. Why Tomcat 8.5? EE8 late... ● Tomcat 9 stable release is tied to the release of Java EE 8 ● Java EE 8 has been repeatedly delayed Currently delayed until at least H1 2017 ● ● Don't want users to have to wait another year+ to get access our new features: ● HTTP/2 ● OpenSSL encryption for JSSE ● TLS virtual hosting ● JASPIC ● Hence, Tomcat 8.5... 18

  19. What is Tomcat 8.5? Tomcat 9.0.0.M4... ● Started from Apache Tomcat 9.0.0M4 ● Reverted all Servlet 4.0 API changes ● Reworked code that required Java 8 ● Tomcat specific Push Server API ● Configuration compatible with 8.0.x ● “big” removal: ● Comet (migrate to WebSocket) ● BIO (Connector… probably not noticed) 19

  20. Tomcat 8.5 timing Possible roadmap ● ~6 months of 8.0.x and 8.5.x ● Extended if needed. ● ~ one month between releases ● ~ after no more 8.0.x releases ● First 8.5 release 24 March 2016 ● Current release: 8.5.6 stable ● Expect last 8.0.x soon: no date yet! 20

  21. Why HTTP/2 – HTTP/1.1: June 1999 (RFC 2616) ● 1999: – 1 page ~ 1kB HTML ● 2015: – 1 page ~ 3MB HTML + IMAGES + JS + CSS etc – Protocol: ● Not adapted / ineffjcient / etc 21

  22. HTTP/2 general HTTP/2: • Binary • Frame • Multiplex • Based on SPDY • TLS everywhere: • Browers use https and strong ciphers • No forward proxy • h2c: Clear text only with reverse proxy (proxy to back-end • server) 22

  23. HTTP/2 general HTTP/2 general Two specifjcations: • Hypertext Transfer Protocol version 2 - RFC7540 • HPACK - Header Compression for HTTP/2 - RFC7541 • By the Internet Engineering Task Force • ALPN Application-Layer Protocol Negotiation - RFC 7301 • 23

  24. HTTP/2 Multiplexed HTTP/2 Multiplexed Headers Headers Headers Headers Data Data Data Headers Headers Data Data Data Headers 24

  25. HTTP/2 : more • HTTP headers compression • ~ 80 % saved • Request priority • Both sides • Server Push • Prevents round trips to get page elements. • Faster / better rendering on browsers. 25

  26. HTTP/2 When Browsers • Browser with HTTP/2 and TLS • FireFox 34 • Chrome 40 (with ALPN before was NPN) • IE 11 • Opera and Safari 9 • Stats from docs.trafficserver and ci.trafficserver: • More than 50% is over HTTP/2 (data from April) • → go for it now! 26

  27. ALPN Client Hello (Firefox) 27

  28. ALPN Server Hello (tomcat) 28

  29. TC connector server.xml TC connector server.xml <Connector port="8002" scheme="https" SSLEnabled="true" ciphers="TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256" SSLCertifjcateFile="/home/jfclere/CERTS/newcert.pem" SSLCertifjcateKeyFile="/home/jfclere/CERTS/newkey.txt.pem" protocol="org.apache.coyote.http11.Http11AprProtocol"> <UpgradeProtocol className="org.apache.coyote.http2.Http2Protocol" /> <Connector/> <Connector port="8003" protocol="HTTP/1.1" SSLEnabled="true" scheme="https" secure="true" keystoreFile="conf/.keystore" keystorePass="changeit" socket.directBuffer="true" socket.directSslBuffer="true"> <UpgradeProtocol className="org.apache.coyote.http2.Http2Protocol" /> </Connector> <Connector port="8004" protocol="org.apache.coyote.http11.Http11AprProtocol"> <UpgradeProtocol className="org.apache.coyote.http2.Http2Protocol" /> </Connector> 29

  30. Tomcat / confjguration In bin/setenv.sh: LD_LIBRARY_PATH=/home/jfclere/tomcat-native/native/.libs export LD_LIBRARY_PATH And the libtcnative-1.so linked with openssl-1.0.2c, checking with ldd: libssl.so.1.0.0 => /home/jfclere/OPENSSL-1.0.2c/lib/libssl.so.1.0.0 (0x00007f6ab147b000) libcrypto.so.1.0.0 => /home/jfclere/OPENSSL-1.0.2c/lib/libcrypto.so.1.0.0 (0x00007f6ab1028000) libapr-1.so.0 => /home/jfclere/APR-1.4.x/lib/libapr-1.so.0 (0x00007f6ab0dfa000) Usually the openssl of recent distribution (fedora 23) will work. 30

  31. Tomcat / Performances Concurency 240 400000 350000 300000 250000 Kbytes / second coyote_nio_jsse_h1_https 200000 coyote_nio_jsse_h2_https 150000 100000 50000 0 4KiB.bin 8KiB.bin 16KiB.bin 32KiB.bin 64KiB.bin 128KiB.bin 256KiB.bin 512KiB.bin 1MiB.bin File Size 31

  32. Tomcat / Performances Concurency 240 90 80 70 60 CPU Usage 50 coyote_nio_jsse_h1_https 40 coyote_nio_jsse_h2_https 30 20 10 0 4KiB 8KiB 16KiB 32KiB 64KiB 128KiB 256KiB 512KiB 1MiB File Size 32

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

TomcatCon Apache Tomcat and TLS Mark Thomas TM Introduction TM Why This Presentation? L o

TomcatCon Apache Tomcat and TLS Mark Thomas TM Introduction TM Why This Presentation? L o

T M TomcatCon Apache Tomcat and TLS Mark Thomas TM Introduction TM Why This Presentation? L o t s o f q u e s t i o n s a b o u t T L S o n t h e T o m c a t m a i l i n g l i s t s It is clear from the questions many folks dont

1.08k views • 41 slides
Monitoring Tomcat with JMX Christopher Schultz Chief Technology Offjcer Total Child Health, Inc.

Monitoring Tomcat with JMX Christopher Schultz Chief Technology Offjcer Total Child Health, Inc.

Monitoring Tomcat with JMX Christopher Schultz Chief Technology Offjcer Total Child Health, Inc. * Slides available on the Linux Foundation / ApacheCon2016 web site and at http://people.apache.org/~schultz/ApacheCon NA 2016/Monitoring Apache

738 views • 55 slides
Connecting Tomcat to the World What is a Connector? Tomcat's interface to the world

Connecting Tomcat to the World What is a Connector? Tomcat's interface to the world

Connecting Tomcat to the World What is a Connector? Tomcat's interface to the world Binds to a port Understands a protocol Dispatches requests Tomcat Connectors Java Blocking I/O (BIO or sometimes JIO) Java

339 views • 18 slides
PACKAGING TOMCAT FOR LINUX DISTRIBUTIONS COTY SUTHERLAND Senior Software Engineer, Red Hat

PACKAGING TOMCAT FOR LINUX DISTRIBUTIONS COTY SUTHERLAND Senior Software Engineer, Red Hat

PACKAGING TOMCAT FOR LINUX DISTRIBUTIONS COTY SUTHERLAND Senior Software Engineer, Red Hat AGENDA WHO AM I? WHY USE DISTRIBUTIONS? DISTRIBUTION OVERVIEW APACHE TOMCAT THE FEDORA DISTRIBUTION THE UBUNTU DISTRIBUTION SNAPS: UNIVERSAL LINUX

481 views • 34 slides
Installing a Web Server 1. Install a sample web server, which supports Servlets/JSPs. A light

Installing a Web Server 1. Install a sample web server, which supports Servlets/JSPs. A light

Installing a Web Server 1. Install a sample web server, which supports Servlets/JSPs. A light weight web server is Apache Tomcat server. You can get the server from http://tomcat.apache.org/ 2. Follow the installation directions and install the

199 views • 5 slides
Installing a Web Server 1. Install a sample web server, which supports Servlets/JSPs. A light

Installing a Web Server 1. Install a sample web server, which supports Servlets/JSPs. A light

Installing a Web Server 1. Install a sample web server, which supports Servlets/JSPs. A light weight web server is Apache Tomcat server. You can get the server from http://tomcat.apache.org/ 2. Follow the installation directions and install the

81 views • 5 slides
CSE 510 Web Data Engineering Java Servlets UB CSE 510 Web Data Engineering Install and Check

CSE 510 Web Data Engineering Java Servlets UB CSE 510 Web Data Engineering Install and Check

CSE 510 Web Data Engineering Java Servlets UB CSE 510 Web Data Engineering Install and Check Tomcat 2 UB CSE 510 Web Data Engineering Installing Tomcat Install stable production release We will be using Apache Tomcat version 6.0.20

512 views • 33 slides
Intro to Load-Balancing Tomcat with httpd and mod_jk Christopher Schultz Chief Technology

Intro to Load-Balancing Tomcat with httpd and mod_jk Christopher Schultz Chief Technology

Intro to Load-Balancing Tomcat with httpd and mod_jk Christopher Schultz Chief Technology Offjcer Total Child Health, Inc. * Slides available on the Linux Foundation / ApacheCon2015 web site and at http://people.apache.org/~schultz/ApacheCon

1.04k views • 69 slides
TomcatCon Tomcat Load-balancing Mark Thomas TM Introduction TM Terminology TM Terminology:

TomcatCon Tomcat Load-balancing Mark Thomas TM Introduction TM Terminology TM Terminology:

TM TomcatCon Tomcat Load-balancing Mark Thomas TM Introduction TM Terminology TM Terminology: Reverse Proxy /bugzilla /ooo bz.apache.org /SpamAssassin TM Terminology: Reverse Proxy Looks like a single host to the clients

637 views • 19 slides
Monitoring Tomcat with JMX Monitoring Tomcat with JMX Christopher Schultz Christopher Schultz

Monitoring Tomcat with JMX Monitoring Tomcat with JMX Christopher Schultz Christopher Schultz

Monitoring Tomcat with JMX Monitoring Tomcat with JMX Christopher Schultz Christopher Schultz Chief Technology Offcer Chief Technology Offcer Total Child Health, Inc. Total Child Health, Inc. * Slides available on the Linux Foundation /

1.21k views • 110 slides
Apache Felix Web Console Carsten Ziegeler | cziegeler@apache.org ApacheCon NA 2014 About

Apache Felix Web Console Carsten Ziegeler | cziegeler@apache.org ApacheCon NA 2014 About

Apache Felix Web Console Carsten Ziegeler | cziegeler@apache.org ApacheCon NA 2014 About cziegeler@apache.org @cziegeler RnD Team at Adobe Research Switzerland Member of the Apache So fu ware Foundation Apache Felix and Apache

725 views • 26 slides
Bug hunting with Apache Lucene Uwe Schindler Apache Lucene PMC &amp; Apache Software Foundation

Bug hunting with Apache Lucene Uwe Schindler Apache Lucene PMC &amp; Apache Software Foundation

Bug hunting with Apache Lucene Uwe Schindler Apache Lucene PMC &amp; Apache Software Foundation Member uschindler@apache.org http://www.thetaphi.de, http://blog.thetaphi.de @ThetaPh1 SD DataSolutions GmbH , Wtjenstr. 49, 28213 Bremen,

859 views • 51 slides
Integrating Apache Camel with Apache Syncope Dr. Colm higeartaigh, Talend. Speaker

Integrating Apache Camel with Apache Syncope Dr. Colm higeartaigh, Talend. Speaker

Integrating Apache Camel with Apache Syncope Dr. Colm higeartaigh, Talend. Speaker Introduction Introducing Apache Syncope Apache Syncope basics Apache Syncope is an Open Source system for managing digital identities in enterprise

929 views • 33 slides
How Apache works JB Onofr &lt;jbonofre@apache.org&gt; Who am I JB Onofr

How Apache works JB Onofr &lt;jbonofre@apache.org&gt; Who am I JB Onofr

How Apache works JB Onofr &lt;jbonofre@apache.org&gt; Who am I JB Onofr &lt;jbonofre@apache.org&gt; @jbonofre | http://blog.nanthrax.net Fellow /Software Architect at Talend Member of the Apache Software Foundation (started in 2004)

821 views • 45 slides
Apache Calcite for Enabling SQL Access to NoSQL Data Systems such as Apache Geode Christian

Apache Calcite for Enabling SQL Access to NoSQL Data Systems such as Apache Geode Christian

Apache Calcite for Enabling SQL Access to NoSQL Data Systems such as Apache Geode Christian Tzolov Whoami Christian Tzolov Engineer at Pivotal, Big-Data, Hadoop, Spring Cloud Dataflow, Apache Geode, Apache HAWQ, Apache Committer, Apache

796 views • 41 slides
Apache Lucene 5 New Features and Improvements for Apache Solr and Elasticsearch Uwe Schindler

Apache Lucene 5 New Features and Improvements for Apache Solr and Elasticsearch Uwe Schindler

Apache Lucene 5 New Features and Improvements for Apache Solr and Elasticsearch Uwe Schindler Apache Software Foundation | SD DataSolutions GmbH | PANGAEA My Background Committer and PMC member of Apache Lucene and Solr - main focus is on

1.09k views • 83 slides
Apache Beam Modle de programmation unifi pour Big Data Who am I? Jean-Baptiste Onofre

Apache Beam Modle de programmation unifi pour Big Data Who am I? Jean-Baptiste Onofre

Apache Beam Modle de programmation unifi pour Big Data Who am I? Jean-Baptiste Onofre &lt;jbonofre@apache.org&gt; &lt;jbonofre@talend.com&gt; @jbonofre | http://blog.nanthrax.net Member of the Apache Software Foundation Fellow/Software

539 views • 26 slides
ESSENTIALS OF NEPHROLOGY: Family Medicine Board Review ACUTE AND CHRONIC KIDNEY DISEASE

ESSENTIALS OF NEPHROLOGY: Family Medicine Board Review ACUTE AND CHRONIC KIDNEY DISEASE

3/18/2015 ESSENTIALS OF NEPHROLOGY: Family Medicine Board Review ACUTE AND CHRONIC KIDNEY DISEASE Geriatrics Shieva Khayam-Bashi, M.D. Psychiatry Cardiology Clinical Professor , Dept. of Family &amp; Community Medicine Neurology UCSF/

962 views • 46 slides
Step OOe Step OOe What would you like? rito .............................

Step OOe Step OOe What would you like? rito .............................

Step OOe Step OOe What would you like? rito ............................. ............................. Bur Burrit $7.95 95 wl ................................. ................................. Bo Bowl $7. 7.95 oft) .... ....

352 views • 4 slides
Myanmar Land of Opportunities and Challenges 2016 What are the associations? U.S.A U.K. Aung

Myanmar Land of Opportunities and Challenges 2016 What are the associations? U.S.A U.K. Aung

Myanmar Land of Opportunities and Challenges 2016 What are the associations? U.S.A U.K. Aung San Suu Kyi China Myanmar 2 Where is Myanmar? Myanmars Vital Statistics Population 53.96 mln - Male - 49.43% - Female - 50.57% Area

867 views • 42 slides
XML What you didn't know that you wanted to know... ... or maybe you did, and just have a good

XML What you didn't know that you wanted to know... ... or maybe you did, and just have a good

XML What you didn't know that you wanted to know... ... or maybe you did, and just have a good time Foudation Class If you know what letter is between W and Y you are wrong here! About me Lotus IBM Notes since V2.x Studied Law &amp;

1.07k views • 65 slides
Assembling and Executing Kieker Analysis Configurations via Java API and Web UI Kieker Days

Assembling and Executing Kieker Analysis Configurations via Java API and Web UI Kieker Days

Assembling and Executing Kieker Analysis Configurations via Java API and Web UI Kieker Days 2012 Nils Christian Ehmke Software Engineering Group Kiel University, Germany November 30, 2012 @ Kiel Nils Christian Ehmke Kieker

489 views • 29 slides
PLANNING FOR SHIFTING TRADE PANEL: New Challenges in Trade Policy Scott Sigman, Transportation and

PLANNING FOR SHIFTING TRADE PANEL: New Challenges in Trade Policy Scott Sigman, Transportation and

PLANNING FOR SHIFTING TRADE PANEL: New Challenges in Trade Policy Scott Sigman, Transportation and Export Infrastr ture Lead Illinois Soybean Association January 30, 2019 A Case Study: New Challenges in Trade Policy Overview of the

476 views • 32 slides
2/22/2011 Commodities Outlook Virgin Virginia ia Sta State Fee Feed Asso Association / /

2/22/2011 Commodities Outlook Virgin Virginia ia Sta State Fee Feed Asso Association / /

2/22/2011 Commodities Outlook Virgin Virginia ia Sta State Fee Feed Asso Association / / Virgin Virginia ia Macro View Tech N Nutr trition ition Cow College ege February 2011 3 4 1 2/22/2011 Rising World Demand for Food

351 views • 8 slides

More recommend