Will moving to JBOSS result in the claimed performance improvements?

Posted on 2007-08-08
Last Modified: 2013-12-02
Consider these claims

Currently we are having a fairly simple app (jsp, servlets, oracle db on an oracle raq cluster, application uses a few simple tables) running on two high end servers fronted by a loadbalancer.  Presently there is no session replication across the servers.  Apache httpd handles the ssl encryption/decryption and uses AJP13 to talk to a tomcat instance on each server.  This config is ok for most of the time except when there are huge surges (maybe 5 times a year) in which case we have to present a slimmed down version of the site.

Will moving to JBOSS  (and dropping  apache for SSL) give us twice the performance as claimed?  What are the potential pitfalls/advantages (gotchas)?

The OS is RHEL  but we do not want to commit to this config long term (if there are special binaries involved).

I have also heard about Terracotta recently and if you have an opinion thats also welcome (although note that presently we dont cluster sessions at all as that would further reduce capacity of the servers)

p.s. In a weird twist of fate, Experts Exchange was restarting its servers as I posted this question.. Luckily I had pasted it into notepad2!
Question by:nsriram
    LVL 57

    Expert Comment

    My interpretation of what they are implying is that the performance gains are due to using OpenSSL.  To me this means that you would only see the drastic performance increase if all (or a majority) of your transactions are SSL and if the majority of your time is spent doing the SSL encryption and decryption.

    So how many of your transactions are SSL?  Are you spending a majority of your time doing SSL?

    If you are I would think that you would get better performance by using a device in-front of your application server to offload the SSL processing completely.  Then you don't waste any of the application server's CPU cycles doing any encryption/decryption.

    Author Comment


    We are also using openSSL (what apache httpd uses?) Yes.. most/all  transactions are SSL.  Apparently the loadbalancer in the data center does do SSL but it has not been "set up yet".. I wonder how hard this can be (compared to apache/tomcat config)

    Now its true that images being sent need not be SSLed. Do you know any way for Apache to avoid using SSL for jpg images as these account for a decent subset (in the Apache to Tomcat AJP config) of the traffic. I'll wait for a few days for others to provide their opinions.

    LVL 57

    Accepted Solution

    You could either:

       1) Redo all hrefs so they specified http://servername/file
       2) Move all static content to another server and redo hrefs to http://newserver/file
       3) setup re-writes so that https://servername/file gets re-written to http://servername.file

    The last requires the least amount of changes, but uses the most CPU because Apache must do re-write processing.  The 1st options means you don't have to setup a new server, but still uses some CPU on your application server for non-application processing.  The 2nd option offloads the processing of static contents and images.

    You may want to check your load balancer.  Some can be configured to redirect HTTP requests based on the URL being referenced.  So you might be able to setup a new server, rewrite the URL so that it is http://newserver/file  instead of https://currentserver/file and only need to setup a new server and move the images.

    Using distributed boxes it is best to get as much processing as possible off the application server.

    Author Comment

    thanks.. this means apache has to be recompiled with mod_rewrite, I assume?  So its a matter of comparing the overhead for rewriting these requests vs. using SSL.  Does apache cache repeated requests for the same images automatically in memory or someplace?
    LVL 57

    Expert Comment

    If you are running the Apache that comes with RH I am 99% sure that mod_rewrite is already there.  You don't need to compile it anyway, you can just load it with  a LoadModule directive.

    If you have mod_cache loaded Apache will cache as much static content as memory will allow:

    Featured Post

    Why You Should Analyze Threat Actor TTPs

    After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

    Join & Write a Comment

    If you are running a LAMP infrastructure, this little code snippet is very helpful if you are serving lots of HTML, JavaScript and CSS-related information. The mod_deflate module, which is part of the Apache 2.2 application, provides the DEFLATE…
    In Solr 4.0 it is possible to atomically (or partially) update individual fields in a document. This article will show the operations possible for atomic updating as well as setting up your Solr instance to be able to perform the actions. One major …
    The viewer will learn how to implement Singleton Design Pattern in Java.
    This tutorial covers a practical example of lazy loading technique and early loading technique in a Singleton Design Pattern.

    755 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    21 Experts available now in Live!

    Get 1:1 Help Now