I hosted my application, and doing some stress tests, I noticed that when shooting around 50 requests in parallel, the server responds HTTP 503.
What does this means? It may be some specific configuration limiting the number of requests from Tomcat?
Thanks.
That typically just means you've run out of threads to handle the request. You could try increasing the maxThreads in your Tomcat server.xml file, or if you're using Apache HTTP server as a front end, you may need to configure your Connector to allow more connections.
A 503 status indicates the service handling the request is unavailable.
The server is currently unable to handle the request due to a
temporary overloading or maintenance of the server.
- HTTP Specification on 503
From time-to-time you'll see this if you're running Tomcat behind Apache, with Apache operating as a proxy. If Apache is unable to contact Tomcat it will return a 503 response.
If you are using Apache httpd as a front-end, you may want to check if there is a firewall between Tomcat and Apache. After having disabled the firewall on the Tomcat machine in our environment, the 503 errors disappeared.
See also this.
Above document also describes other less drastic ways of solving the 503 problem when a firewall is involved.
Related
Background:
I have my personal website running on a lighttpd server on my raspberry pi. I have that server’s port (80) forwarded so it can be accessed publicly.
I’m in the process of making a project, and I want a node.js service to make requests to from the lighttpd server. I set up pm2 so the node.js server is always running. I have that port forwarded too (5000). I've verified that this server is working via postman and the browser
Problem:
I'm receiving the following error when making requests:
has been blocked by CORS policy: The request client is not a secure context and the resource is in more-private address space private.
Of note; I have Access-Control-Allow-Private-Network:true in the response header and Access-Control-Request-Private-Network:true in the request header. The only other solution I've found that might fix this is getting an SSL cert for the lighttpd server and using https for it, however I'm struggling setting that up to see if it would work
Questions:
Would getting an SSL cert for lighttpd allow me to make requests to my pm2 server?
Is there a different solution?
How secure is this setup? I don't expect a lot of traffic...
How do I proxy requests to NTLM-protected websites, like TeamFoundation and SharePoint? I keep getting 401 authentication errors.
According to this Microsoft TechNet article, you can't.
Microsoft NTLM uses stateful HTTP, which is a violation of the HTTP/1.1 RFC. It relies on authentication (an affair which involves a handshake with a couple of initial 401 errors) and subsequent connections to be done through the exact same connection from client to server. This makes HTTP proxying nearly impossible, since each request would usually go through either a new or a random connection picked from a pool of open connections. It can be done though.
NGiNX apparently supports this through the "ntlm" option, but this is part of their commercial offering. Apache HTTPD seems to have a couple of experimental patches for this, but this requires rebuilding Apache. TinyProxy doesn't support this either. HAProxy to the rescue!
Here is an example of a running configuration which works - it's a fairly simple setup with a single backend server:
backend backend_tfs
server static teamfoundation.mycompany.com:8080 check maxconn 3
mode http
balance roundrobin
option http-keep-alive
option prefer-last-server
timeout server 30s
timeout connect 4s
frontend frontend_tfs
# You probably want something other than 127.0.0.1 here:
bind 127.0.0.1:8080 name frontend_tfs
mode http
option http-keep-alive
timeout client 30s
default_backend backend_tfs
The important options here are http-keep-alive and prefer-last-server.
One more thing for my scenerio;
If you are using ssl both sides(the iis servers and haproxy), the ssl must be same for iis and haproxy server. Otherwise ntlm doesn't work when you want to go iis from haproxy.
Maybe can help someone who has the same problem.
HTTP 503 errors occur during heavy load during performance testing of two tomcat servers. On the tomcat servers, log entries stop appearing in their access logs at the same time that the HTTP 503 errors start occurring.
There is a load balancer in front of two tomcat servers. I do not have access to the file system on the load balancer and cannot tell if the HTTP 503 errors are coming from the tomcat servers or the load balancer.
The question is whether tomcat would write the access log when it returns an HTTP 503 error?
Thanks in advance.
Check for OutOfMemoryErrors. If those occur, all kinds of things can stop working.
I have a Tomcat 6.x or 7.x web application server running on a webserver listening on port 8443.
Why is it that when I access http://:8443, I am
prompted to download a file of the format application/octet-stream from any browser from any platform?
When I access http://:443 I get a 400 Bad Request.
Is there anyway to configure Tomcat to yield a 400 Bad Request error code if a user attempts to access the SSL port via http ?
It's because you need to type https:// beforehand :D I just had the same problem!
I think some forwarding is needed to ensure https is used.
I have nginx as the reverse proxy of uwsgi service, and settings are very simple, just pass the connection to the backend. And when the code has come problem, uwsgi will send a 502 error to nginx, which make nginx only display 502 errors, and in order to check the problem, we have to check the uwsgi log, which is very inconvenient when we are developing. And I search the google which couldn't give me an answer, so is there any method to display code exceptions to nginx instead of just a 502 error.
use --catch-exceptions but use it only in development, as it could show sensible data