Comment on Shutdown tomcat server node in case of memory depletion – Avoiding Tomcat Out of memory by admin.
Tcat (Enterprise version of Apache tomcat) – is useful in debugging and quickly fixing out of memory (memory leaks).
Tcat allows adminstrator to create custom e-mail or SMS alerts for any attribute of a server or web application, such as unusual memory activity.
admin Also Commented
Shutdown tomcat server node in case of memory depletion – Avoiding Tomcat Out of memory
Just a small important note regarding connectionTimeout in Tomcat is calculated not in seconds like in Apache but in miliseconds.
Default value for connectionTimeout="20000" converted to seconds is only 20 seconds.
Below is example Tomcat config extractions from server.xml:
<!–You will find the connectors now in BIS6 frontend (System Settings/HTTP services/listener)–>
<!–Connector port="11004" maxHttpHeaderSize="8192"
maxThreads="150" minSpareThreads="25" maxSpareThreads="75"
enableLookups="false" redirectPort="11001" acceptCount="100"
connectionTimeout="20000" disableUploadTimeout="true" /–>
<!– Note : To disable connection timeouts, set connectionTimeout value to 0 –>
<!– Define a SSL HTTP/1.1 Connector on port 11001 –>
<!–You will find the connectors now in BIS6 frontend (System Settings/HTTP services/listener)–>
<!–Connector port="11001" maxHttpHeaderSize="8192"
sSLImplementation="com.seeburger.tksm.SeeSSLImplementation"
maxThreads="150" minSpareThreads="25" maxSpareThreads="75"
enableLookups="false" acceptCount="100"
disableUploadTimeout="true"
scheme="https" secure="true" clientAuth="false"
keystoreFile="USERSSSLTC_sl02296_BIS6_SV_NODE_DT"
trustStoreFile="TRUSTEDSSL*"
sslProtocol="${tomcat.ssl.protocol}" algorithm="${tomcat.ssl.algorithm}" /–>
<!–You will find the connectors now in BIS6 frontend (System Settings/HTTP services/listener)–>
<!–Connector port="11004" maxHttpHeaderSize="8192"
maxThreads="150" minSpareThreads="25" maxSpareThreads="75"
enableLookups="false" redirectPort="11001" acceptCount="100"
connectionTimeout="20000" disableUploadTimeout="true" /–>
<!– Note : To disable connection timeouts, set connectionTimeout value to 0 –>
<!– Define a SSL HTTP/1.1 Connector on port 11001 –>
<!–You will find the connectors now in BIS6 frontend (System Settings/HTTP services/listener)–>
<!–Connector port="11001" maxHttpHeaderSize="8192"
sSLImplementation="com.seeburger.tksm.SeeSSLImplementation"
maxThreads="150" minSpareThreads="25" maxSpareThreads="75"
enableLookups="false" acceptCount="100"
disableUploadTimeout="true"
scheme="https" secure="true" clientAuth="false"
keystoreFile="USERSSSLTC_sl02296_BIS6_SV_NODE_DT"
trustStoreFile="TRUSTEDSSL*"
sslProtocol="${tomcat.ssl.protocol}" algorithm="${tomcat.ssl.algorithm}" /–>
Recent Comments by admin
Install and configure rkhunter for improved security on a PCI DSS Linux / BSD servers with no access to Internet
–rwo, –report-warnings-only
This option causes only warning messages to be displayed. This can be useful when rkhunter is run via cron. Other options may
be used to force other items of information to be displayed.
–sk, –skip-keypress
When the –check command option is used, after certain sections of tests, the user will be prompted to press the return key
in order to continue. This option disables that feature, and rkhunter will run until all the tests have completed.
Install and configure rkhunter for improved security on a PCI DSS Linux / BSD servers with no access to Internet
As rkhunter check, can be pretty annoying and ask you to press keypresses multiple times and spit you a lot of unnecessery data a very good useful option arguments are:
–rwo and –sk
# rkhunter -c –rwo –sk
Warning: The SSH and rkhunter configuration options should be the same:
SSH configuration option 'PermitRootLogin': yes
Rkhunter configuration option 'ALLOW_SSH_ROOT_USER': no
Sorry for really late reply.
perhaps you have to create it or rename the ifcfg-eno1 to ifcfg-eth1 or you have some old ifcfg-enp1s0f0 or ifcfg-eno still under /etc/sysconfig/network-scripts/ interfering
How to RPM update Hypervisors and Virtual Machines running Haproxy High Availability cluster on KVM, Virtuozzo without a downtime on RHEL / CentOS Linux
if you happen to be missing versionlock plugin and you need to get use of it
yum versionlock capabilities
You will have to install yum-utils package:
For example on CentOS 8 Linux, to enable the yum versionlock plugiun
yum install yum-utils.noarch
In case if by default log is not configured for snoopy,
these are default output locations on various Linux distributions:
Distribution | Snoopy output location | Notes |
---|---|---|
CentOS |
/var/log/secure
|
|
Debian |
/var/log/auth.log
|
|
Ubuntu |
/var/log/auth.log
|
|
(others) |
/var/log/messages
|
(potentially, could be elsewhere) |