You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by Adrian Sutton <ad...@symphonious.net> on 2007/08/21 01:35:54 UTC
Very Slow Startup with APR
Hi all,
I've been setting up Tomcat 5.5, with Java 5 on a Debian Etch server
with a lot of success and just one problem - Tomcat seems to take a
long time to load. I think the problem started when I installed APR/
tomcat native and enabled SSL through it but it's hard to pin point
because the whole setup came together largely at once (it's a brand
new server).
At one point the start up time was well under 10 seconds and it's now
blown out to 5-15 minutes - but it does eventually come up. The last
message in the log before the long delay is:
Aug 20, 2007 3:08:56 PM org.apache.coyote.http11.Http11AprProtocol init
INFO: Initializing Coyote HTTP/1.1 on http-8080
Once it starts the full startup logs look like:
Aug 20, 2007 3:08:56 PM org.apache.coyote.http11.Http11AprProtocol init
INFO: Initializing Coyote HTTP/1.1 on http-8080
Aug 20, 2007 3:22:17 PM org.apache.coyote.http11.Http11AprProtocol init
INFO: Initializing Coyote HTTP/1.1 on http-8443
Aug 20, 2007 3:22:17 PM org.apache.coyote.ajp.AjpAprProtocol init
INFO: Initializing Coyote AJP/1.3 on ajp-8009
Aug 20, 2007 3:22:17 PM org.apache.catalina.startup.Catalina load
INFO: Initialization processed in 804697 ms
Aug 20, 2007 3:22:18 PM org.apache.catalina.core.StandardService start
INFO: Starting service Catalina
Aug 20, 2007 3:22:18 PM org.apache.catalina.core.StandardEngine start
INFO: Starting Servlet Engine: Apache Tomcat/5.5
Aug 20, 2007 3:22:18 PM org.apache.catalina.core.StandardHost start
INFO: XML validation disabled
Aug 20, 2007 3:22:31 PM org.apache.coyote.http11.Http11AprProtocol start
INFO: Starting Coyote HTTP/1.1 on http-8080
Aug 20, 2007 3:22:31 PM org.apache.coyote.http11.Http11AprProtocol start
INFO: Starting Coyote HTTP/1.1 on http-8443
Aug 20, 2007 3:22:32 PM org.apache.coyote.ajp.AjpAprProtocol start
INFO: Starting Coyote AJP/1.3 on ajp-8009
Aug 20, 2007 3:22:32 PM org.apache.catalina.storeconfig.StoreLoader load
INFO: Find registry server-registry.xml at classpath resource
Aug 20, 2007 3:22:32 PM org.apache.catalina.startup.Catalina start
INFO: Server startup in 14410 ms
Once it starts everything works fine and goes fast. Any pointers for
how to track down the cause would be greatly appreciated.
Thanks,
Adrian Sutton
http://www.symphonious.net
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: Very Slow Startup with APR
Posted by Markus Schönhaber <ma...@schoenhaber.de>.
Markus Schönhaber wrote:
> Does Tomcat start still fast if you do something like
> dd if=/dev/random of=/dev/null bs=1
> let that run for a couple of seconds and start Tomcat immediately after
> interrupting it?
I think that's phrased a bit confusingly. What I tried to say is the
following: If you
- stop Tomcat
- dd if=/dev/random of=/dev/null bs=1
- let the above dd command run for a couple of seconds, then interrupt it
- start Tomcat
does Tomcat still start fast?
Regards
mks
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: Very Slow Startup with APR
Posted by Jim Jagielski <ji...@jaguNET.com>.
On Aug 21, 2007, at 10:02 AM, Rainer Jung wrote:
> Followup to self:
>
> There's an addition in tcnative 1.1.10:
>
Looks like this went through further refactoring in:
http://svn.apache.org/viewvc/tomcat/connectors/trunk/jni/native/
src/ssl.c?r1=524725&r2=525163
I just checked HEAD on trunk and it *has* RAND_file_name() in there...
static int ssl_rand_load_file(const char *file)
{
char buffer[APR_PATH_MAX];
int n;
if (file == NULL)
file = ssl_global_rand_file;
if (file && (strcmp(file, "builtin") == 0))
return -1;
if (file == NULL)
file = RAND_file_name(buffer, sizeof(buffer));
if (file) {
if (strncmp(file, "egd:", 4) == 0) {
if ((n = RAND_egd(file + 4)) > 0)
return n;
else
return -1;
}
if ((n = RAND_load_file(file, -1)) > 0)
return n;
}
return -1;
}
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: Very Slow Startup with APR
Posted by Jim Jagielski <ji...@jaguNET.com>.
On Aug 22, 2007, at 11:32 AM, Markus Schönhaber wrote:
> 2. If tcnative < 1.1.10 is used, set the environment variable RANDFILE
> to point to some random source which can be accessed without danger of
> blocking (for example /dev/urandom) or create a static random file in
> the home dir of the user Tomcat is run as.
> 3. Use tcnative 1.1.10.
>
Yeah, although I'm not sure why the behavior was changed
in the 1.1.10 timeframe, since maintaining the "old"
behavior seemed like a more "general" result, unless,
of course, the usage of RANDFILE wasn't known:
RAND_file_name() generates a default path for the random seed
file. buf
points to a buffer of size num in which to store the
filename. The seed
file is $RANDFILE if that environment variable is set,
$HOME/.rnd oth-
erwise. If $HOME is not set either, or num is too small for
the path
name, an error occurs.
Of course, this is all based on looking at just the patch file;
I plan on actually looking over the whole ssl.c file to
see if my understanding matches the actual codebase usage :)
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: Very Slow Startup with APR
Posted by Markus Schönhaber <ma...@schoenhaber.de>.
Jim Jagielski wrote:
> Well, the comment doesn't seem to match what the code is doing :)
OK, this statement of yours might relativize the impression of dumbness
I have given here a little bit. Or maybe not ;-)
> I'm guessing that the problem the patch was trying to solve was
> due to the /dev/random issue itself, so bypassing that
> seemed a valid solution...
Yes, that matches what Rainer said wrt to this change.
To summarize the situation as I understand it: if someone experiences
the startup delay caused by /dev/random blocking he has (at least) the
following options to speed things up
1. Recompile APR after configuring it using
--with-devrandom=/dev/urandom (or some other non-blocking random source)
- that's what I did.
2. If tcnative < 1.1.10 is used, set the environment variable RANDFILE
to point to some random source which can be accessed without danger of
blocking (for example /dev/urandom) or create a static random file in
the home dir of the user Tomcat is run as.
3. Use tcnative 1.1.10.
Regards
mks
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: Very Slow Startup with APR
Posted by Jim Jagielski <ji...@jaguNET.com>.
On Aug 21, 2007, at 11:26 AM, Markus Schönhaber wrote:
> Rainer Jung wrote:
>
>> There's an addition in tcnative 1.1.10:
>>
>> http://svn.apache.org/viewvc/tomcat/connectors/trunk/jni/native/
>> src/ssl.c?view=diff&rev=524725&r1=524724&r2=524725
>> =====================================================================
>> =========
>> --- tomcat/connectors/trunk/jni/native/src/ssl.c (original)
>> +++ tomcat/connectors/trunk/jni/native/src/ssl.c Sun Apr 1
>> 22:22:42 2007
>> @@ -259,7 +259,7 @@
>> file = ssl_global_rand_file;
>>
>> if (file == NULL)
>> - file = RAND_file_name(buffer, sizeof(buffer));
>> + return -1;
>> else if ((n = RAND_egd(file)) > 0) {
>> return n;
>> }
>>
>> Didn't check, but that might be the difference, concerning respecting
>> RANDFILE?
>
> I'm not familiar enough with the tcnative or OpenSSL code to
> understand
> the change above just by looking at this snippet. But from Mladen's
> comment it seems to me that this would *introduce* respect for
> RANDFILE.
> Am I wrong?
>
Well, the comment doesn't seem to match what the code is doing :)
I'm guessing that the problem the patch was trying to solve was
due to the /dev/random issue itself, so bypassing that
seemed a valid solution...
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: Very Slow Startup with APR
Posted by Markus Schönhaber <ma...@schoenhaber.de>.
Rainer Jung wrote:
> Markus Schönhaber wrote:
>> Just to confirm that I don't get it wrong again: it is to be expected
>> that the value of RANDFILE is ignored in my case since im using tcnative
>> 1.10?
>
> That's my expectation too.
Fine, thanks.
Regards
mks
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: Very Slow Startup with APR
Posted by Rainer Jung <ra...@kippdata.de>.
Markus Schönhaber wrote:
> Just to confirm that I don't get it wrong again: it is to be expected
> that the value of RANDFILE is ignored in my case since im using tcnative
> 1.10?
That's my expectation too.
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: Very Slow Startup with APR
Posted by Markus Schönhaber <ma...@schoenhaber.de>.
Rainer Jung schrieb:
> Let's see: doesn't this *remove* the RAND_file_name() line? Man page of
> RAND_file_name() says, that it returns a file for andomness and respects
> variable RANDFILE. I neither know the code well, nor did I check now,
> if there are other references to RANDFILE. Mladen's commit log entry "In
> case we don't specify the global randFile use like mod_ssl does with
> builtin. This fixes long init on some platforms." doesn't really
> contradict this interpretation.
Yep, now that you say it it is clear for me too. Been a blockhead,
obviously.
Just to confirm that I don't get it wrong again: it is to be expected
that the value of RANDFILE is ignored in my case since im using tcnative
1.10?
> I simply thought it could be helpful to point out recent changes in
> behaviour.
You have been very helpful! Thanks for that.
Regards
mks
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: Very Slow Startup with APR
Posted by Rainer Jung <ra...@kippdata.de>.
Markus Schönhaber wrote:
> Rainer Jung wrote:
>> @@ -259,7 +259,7 @@
>> file = ssl_global_rand_file;
>>
>> if (file == NULL)
>> - file = RAND_file_name(buffer, sizeof(buffer));
>> + return -1;
>> else if ((n = RAND_egd(file)) > 0) {
>> return n;
>> }
>>
>> Didn't check, but that might be the difference, concerning respecting
>> RANDFILE?
>
> I'm not familiar enough with the tcnative or OpenSSL code to understand
> the change above just by looking at this snippet. But from Mladen's
> comment it seems to me that this would *introduce* respect for RANDFILE.
> Am I wrong?
>
> Regards
> mks
Let's see: doesn't this *remove* the RAND_file_name() line? Man page of
RAND_file_name() says, that it returns a file for andomness and respects
variable RANDFILE. I neither know the code well, nor did I check now,
if there are other references to RANDFILE. Mladen's commit log entry "In
case we don't specify the global randFile use like mod_ssl does with
builtin. This fixes long init on some platforms." doesn't really
contradict this interpretation.
I simply thought it could be helpful to point out recent changes in
behaviour.
Regards,
Rainer
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: Very Slow Startup with APR
Posted by Markus Schönhaber <ma...@schoenhaber.de>.
Rainer Jung wrote:
> There's an addition in tcnative 1.1.10:
>
> Author: mturk
> Date: Sun Apr 1 22:22:42 2007
> New Revision: 524725
>
> URL: http://svn.apache.org/viewvc?view=rev&rev=524725
> Log:
> In case we don't specify the global randFile use like mod_ssl does with
> builtin. This fixes long init on some platforms.
>
> Modified:
> tomcat/connectors/trunk/jni/native/src/ssl.c
>
> Modified: tomcat/connectors/trunk/jni/native/src/ssl.c
> URL:
> http://svn.apache.org/viewvc/tomcat/connectors/trunk/jni/native/src/ssl.c?view=diff&rev=524725&r1=524724&r2=524725
> ==============================================================================
> --- tomcat/connectors/trunk/jni/native/src/ssl.c (original)
> +++ tomcat/connectors/trunk/jni/native/src/ssl.c Sun Apr 1 22:22:42 2007
> @@ -259,7 +259,7 @@
> file = ssl_global_rand_file;
>
> if (file == NULL)
> - file = RAND_file_name(buffer, sizeof(buffer));
> + return -1;
> else if ((n = RAND_egd(file)) > 0) {
> return n;
> }
>
> Didn't check, but that might be the difference, concerning respecting
> RANDFILE?
I'm not familiar enough with the tcnative or OpenSSL code to understand
the change above just by looking at this snippet. But from Mladen's
comment it seems to me that this would *introduce* respect for RANDFILE.
Am I wrong?
Regards
mks
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: Very Slow Startup with APR
Posted by Rainer Jung <ra...@kippdata.de>.
Followup to self:
There's an addition in tcnative 1.1.10:
Author: mturk
Date: Sun Apr 1 22:22:42 2007
New Revision: 524725
URL: http://svn.apache.org/viewvc?view=rev&rev=524725
Log:
In case we don't specify the global randFile use like mod_ssl does with
builtin. This fixes long init on some platforms.
Modified:
tomcat/connectors/trunk/jni/native/src/ssl.c
Modified: tomcat/connectors/trunk/jni/native/src/ssl.c
URL:
http://svn.apache.org/viewvc/tomcat/connectors/trunk/jni/native/src/ssl.c?view=diff&rev=524725&r1=524724&r2=524725
==============================================================================
--- tomcat/connectors/trunk/jni/native/src/ssl.c (original)
+++ tomcat/connectors/trunk/jni/native/src/ssl.c Sun Apr 1 22:22:42 2007
@@ -259,7 +259,7 @@
file = ssl_global_rand_file;
if (file == NULL)
- file = RAND_file_name(buffer, sizeof(buffer));
+ return -1;
else if ((n = RAND_egd(file)) > 0) {
return n;
}
Didn't check, but that might be the difference, concerning respecting
RANDFILE?
Regards,
Rainer
Rainer Jung wrote:
> Markus Schönhaber wrote:
>> Adrian Sutton wrote:
>>
>>> RANDFILE is definitely honored and it does work well setting it as /
>>> dev/urandom. I've restarted Tomcat a number of times and it stayed
>>> fast, plus:
>>> cat /proc/sys/kernel/random/entropy_avail
>>> consistently returns low values. Generating activity. In fact, with
>>> hindsight the times that Tomcat took longest to start were the times
>>> I wasn't doing anything else on the server - but the startup time
>>> was always 5 minutes or more and now it starts in under a minute.
>>
>> Good to hear. Thanks for trying that.
>> I'll have to find out why for me the value RANDFILE is set to doesn't
>> seem to have any effect - or, for that matter, whether it really doesn't
>> have any effect.
>>
>> Regards
>> mks
>
> I'm not sure about it, but didn't Mladen change something in tcnative,
> when that problem showed up in tomcat-user? Or maybe he just added an
> option as a connector attribute ...
>
> Regards,
>
> Rainer
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: Very Slow Startup with APR
Posted by Rainer Jung <ra...@kippdata.de>.
Markus Schönhaber wrote:
> Adrian Sutton wrote:
>
>> RANDFILE is definitely honored and it does work well setting it as /
>> dev/urandom. I've restarted Tomcat a number of times and it stayed
>> fast, plus:
>> cat /proc/sys/kernel/random/entropy_avail
>> consistently returns low values. Generating activity. In fact, with
>> hindsight the times that Tomcat took longest to start were the times
>> I wasn't doing anything else on the server - but the startup time was
>> always 5 minutes or more and now it starts in under a minute.
>
> Good to hear. Thanks for trying that.
> I'll have to find out why for me the value RANDFILE is set to doesn't
> seem to have any effect - or, for that matter, whether it really doesn't
> have any effect.
>
> Regards
> mks
I'm not sure about it, but didn't Mladen change something in tcnative,
when that problem showed up in tomcat-user? Or maybe he just added an
option as a connector attribute ...
Regards,
Rainer
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: Very Slow Startup with APR
Posted by Markus Schönhaber <ma...@schoenhaber.de>.
Christopher Schultz wrote:
> Markus Schönhaber wrote:
>> I'll have to find out why for me the value RANDFILE is set to doesn't
>> seem to have any effect - or, for that matter, whether it really doesn't
>> have any effect.
>
> Perhaps by configuring with --randfile=/dev/urandom (which it sounds
> like you did),
Yep, I did.
> the code to honor the RANDFILE environment variable is
> eliminated. Perhaps configuring with no specific randfile settings gives
> you the extra option of using RANDFILE.
Might well be. I don't know.
OTOH Rainer's hint about the change in tcnative might point to the
culprit. Although, to me, this change seemed to *introduce* the
possibility that the value of RANDFILE will be honored (I'm using
tcnative 1.10).
Regards
mks
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: Very Slow Startup with APR
Posted by Christopher Schultz <ch...@christopherschultz.net>.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Markus,
Markus Schönhaber wrote:
> I'll have to find out why for me the value RANDFILE is set to doesn't
> seem to have any effect - or, for that matter, whether it really doesn't
> have any effect.
Perhaps by configuring with --randfile=/dev/urandom (which it sounds
like you did), the code to honor the RANDFILE environment variable is
eliminated. Perhaps configuring with no specific randfile settings gives
you the extra option of using RANDFILE.
- -chris
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFGyu5m9CaO5/Lv0PARAhUzAJ95BolRFqOh+H6I8KU/kWCcrT8YOACfRQXh
/d5LaANBhDK504eyqwr9RYU=
=So0j
-----END PGP SIGNATURE-----
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: Very Slow Startup with APR
Posted by Markus Schönhaber <ma...@schoenhaber.de>.
Adrian Sutton wrote:
> RANDFILE is definitely honored and it does work well setting it as /
> dev/urandom. I've restarted Tomcat a number of times and it stayed
> fast, plus:
> cat /proc/sys/kernel/random/entropy_avail
> consistently returns low values. Generating activity. In fact, with
> hindsight the times that Tomcat took longest to start were the times
> I wasn't doing anything else on the server - but the startup time was
> always 5 minutes or more and now it starts in under a minute.
Good to hear. Thanks for trying that.
I'll have to find out why for me the value RANDFILE is set to doesn't
seem to have any effect - or, for that matter, whether it really doesn't
have any effect.
Regards
mks
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: Very Slow Startup with APR
Posted by Adrian Sutton <ad...@symphonious.net>.
> I had just re-read Mladen's mail and experimented with RANDFILE
> myself,
> thinking that setting it to /dev/urandom might be the easiest
> solution.
> I strace'd Tomcat but couldn't find any hint that the value of
> RANDFILE
> is honored. Since my APR is built to use /dev/urandom I can't be sure,
> but if you just restarted Tomcat doing some typing and mouse-moving in
> between, the speed increase during startup might just be a result of
> /dev/random having gathered enough entropy in the meantime to satisfy
> Tomcat's read request without blocking.
RANDFILE is definitely honored and it does work well setting it as /
dev/urandom. I've restarted Tomcat a number of times and it stayed
fast, plus:
cat /proc/sys/kernel/random/entropy_avail
consistently returns low values. Generating activity. In fact, with
hindsight the times that Tomcat took longest to start were the times
I wasn't doing anything else on the server - but the startup time was
always 5 minutes or more and now it starts in under a minute. I'm
only accessing the server via SSH btw - it's actually an Amazon EC2
instance.
> Does Tomcat start still fast if you do something like
> dd if=/dev/random of=/dev/null bs=1
> let that run for a couple of seconds and start Tomcat immediately
> after
> interrupting it?
Yep, no delays at all.
Adrian Sutton
http://www.symphonious.net
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: Very Slow Startup with APR
Posted by Markus Schönhaber <ma...@schoenhaber.de>.
Adrian Sutton wrote:
> In the end, ~root/.rnd and ~tomcat55/.rnd were both ignored but
> setting the RANDFILE environment variable worked. Not sure what it
> was defaulting to.
>
> Anyway, everything now starts up lightning fast. Thanks for the help.
I had just re-read Mladen's mail and experimented with RANDFILE myself,
thinking that setting it to /dev/urandom might be the easiest solution.
I strace'd Tomcat but couldn't find any hint that the value of RANDFILE
is honored. Since my APR is built to use /dev/urandom I can't be sure,
but if you just restarted Tomcat doing some typing and mouse-moving in
between, the speed increase during startup might just be a result of
/dev/random having gathered enough entropy in the meantime to satisfy
Tomcat's read request without blocking.
Does Tomcat start still fast if you do something like
dd if=/dev/random of=/dev/null bs=1
let that run for a couple of seconds and start Tomcat immediately after
interrupting it?
Regards
mks
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: Very Slow Startup with APR
Posted by Adrian Sutton <ad...@symphonious.net>.
On 21/08/2007, at 5:39 PM, Markus Schönhaber wrote:
> WAG: your APR uses /dev/random as random source which blocks when it
> runs out of entropy.
> You could re-build APR after you ./configure'd it with
> --with-devrandom=/dev/urandom
> or you could try Mladen's advice here
> http://marc.info/?l=tomcat-user&m=118209169008472&w=2
> "Or one can simply create a $HOME/.rnd file by himself
> with 'openssl rand -out $HOME/.rnd 2048'"
Bingo! It's deceptive that the delay comes before the mention of the
HTTPS connector - that combined with some bad advice I found on the
internet confusing configuring Java to use urandom instead of
configuring APR and I thought I'd eliminated that option.
In the end, ~root/.rnd and ~tomcat55/.rnd were both ignored but
setting the RANDFILE environment variable worked. Not sure what it
was defaulting to.
Anyway, everything now starts up lightning fast. Thanks for the help.
Adrian Sutton
http://www.symphonious.net
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: Very Slow Startup with APR
Posted by Markus Schönhaber <ma...@schoenhaber.de>.
Adrian Sutton schrieb:
> I've been setting up Tomcat 5.5, with Java 5 on a Debian Etch server
> with a lot of success and just one problem - Tomcat seems to take a
> long time to load. I think the problem started when I installed APR/
> tomcat native and enabled SSL through it but it's hard to pin point
> because the whole setup came together largely at once (it's a brand
> new server).
WAG: your APR uses /dev/random as random source which blocks when it
runs out of entropy.
You could re-build APR after you ./configure'd it with
--with-devrandom=/dev/urandom
or you could try Mladen's advice here
http://marc.info/?l=tomcat-user&m=118209169008472&w=2
"Or one can simply create a $HOME/.rnd file by himself
with 'openssl rand -out $HOME/.rnd 2048'"
Regards
mks
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org