Chapter 9. Server-side Configuration Properties

9.1. Proxy Discovery Configuration

The list of proxies from which an application expects to receive AJP connections is either defined statically, via the addresses defined in the proxyList configuration property; or discovered dynamically via the advertise mechanism. Using a special mod_advertise module, proxies can advertise their existence by periodically broadcasting a multicast message containing its address/port. This functionality is enabled via the advertise configuration property. If configured to listen, a server can learn of the proxy's existence, then notify that proxy of its own existence, and update its configuration accordingly. This frees both the proxy and the server from having to define static, environment-specific configuration values.

Attribute	AS7 Attribute	Default	Scope	Description
proxyList	proxy-list	None	Configuration	Defines a comma delimited list of httpd proxies with which this node will initially communicate. Value should be of the form: address1:port1,address2:port2 Using the default configuration, this property can by manipulated via the jboss.mod_cluster.proxyList system property.
excludedContexts	excluded-contexts	ROOT, admin-console, invoker, bossws, jmx-console, juddi, web-console	Configuration	List of contexts to exclude from httpd registration, of the form: host1:context1,host2:context2,host3:context3 If no host is indicated, it is assumed to be the default host of the server (e.g. localhost). "ROOT" indicates the root context. Using the default configuration, this property can by manipulated via the jboss.mod_cluster.excludedContexts system property.
autoEnableContexts	auto-enable-contexts	true	Configuration	If false the contexts are registered disabled in httpd, they need to be enabled via the enable() mbean method or via mod_cluster_manager.
stopContextTimeout	stop-context-timeout	10	Configuration	The amount of time, measure in units specified by stopContextTimeoutUnit, for which to wait for clean shutdown of a context (completion of pending requests for a distributable context; or destruction/expiration of active sessions for a non-distributable context).
stopContextTimeoutUnit	None	TimeUnit.SECONDS	Configuration	The unit of time for use with stopContextTimeout
sessionDrainingStrategy	None	org.jboss.modcluster.SessionDrainingStrategyEnum.DEFAULT	Configuration	Indicates the session draining strategy used during undeployment of a web application. There are three possible values: DEFAULT Drain sessions before web application undeploy only if the web application is non-distributable. ALWAYS Always drain sessions before web application undeploy, even for distributable web applications. NEVER Do not drain sessions before web application undeploy, even for non-distributable web application.
proxyURL	proxy-url	None	Apache HTTPD	If defined, this value will be prepended to the URL of MCMP commands.
socketTimeout	socket-timeout	20000	Configuration	Number of milliseconds to wait for a response from an httpd proxy to MCMP commands before timing out, and flagging the proxy as in error.
advertise	advertise	true, if proxyList is undefined, false otherwise	Configuration	If enabled, httpd proxies will be auto-discovered via multicast announcements. This can be used either in concert or in place of a static proxyList.
advertiseGroupAddress	advertise-socket	224.0.1.105	Apache HTTPD	UDP address on which to listen for httpd proxy multicast advertisements In AS7 that corresponding to the name of a socket-binding
advertisePort	See advertise-socket	23364	Apache HTTPD	UDP port on which to listen for httpd proxy multicast advertisements
advertiseSecurityKey	advertise-security-key	None	Apache HTTPD	If specified, httpd proxy advertisements checksums (using this value as a salt) will be required to be verified on the server side
advertiseThreadFactory	None	Executors.defaultThreadFactory()	Configuration	The thread factory used to create the background advertisement listener.
jvmRouteFactory	None	new SystemPropertyJvmRouteFactory(new UUIDJvmRouteFactory(), "jboss.mod_cluster.jvmRoute")	Configuration	Defines the strategy for determining the jvm route of a node, if none was specified in server.xml. The default factory first consults the `jboss.mod_cluster.jvmRoute` system property. If this system property is undefined, the jvm route is assigned a UUID.

9.2. Proxy Configuration

The following configuration values are sent to proxies during server startup, when a proxy is detected via the advertise mechanism, or during the resetting of a proxy's configuration during error recovery.

Attribute	AS7 Attribute	Default	Scope	Description
stickySession	sticky-session	true	Balancer	Indicates whether subsequent requests for a given session should be routed to the same node, if possible.
stickySessionRemove	sticky-session-remove	false	Balancer	Indicates whether the httpd proxy should remove session stickiness in the event that the balancer is unable to route a request to the node to which it is stuck. This property is ignored if stickySession is false.
stickySessionForce	sticky-session-force	false	Balancer	Indicates whether the httpd proxy should return an error in the event that the balancer is unable to route a request to the node to which it is stuck. This property is ignored if stickySession is false.
workerTimeout	worker-timeout	-1	Balancer	Number of seconds to wait for a worker to become available to handle a request. When no workers of a balancer are usable, mod_cluster will retry after a while (workerTimeout/100). That is timeout in the balancer mod_proxy documentation. A value of -1 indicates that the httpd will not wait for a worker to be available and will return an error if none is available.
maxAttempts	max-attempts	1	Balancer	Number of times an httpd proxy will attempt to send a given request to a worker before giving up. The minimum value is 1, meaning try only once. (Note that mod_proxy default is also 1: no retry).
flushPackets	flush-packets	false	Node	Enables/disables packet flushing
flushWait	flush-wait	-1	Node	Time to wait before flushing packets in milliseconds. A value of -1 means wait forever.
ping	ping	10	Node	Time (in seconds) in which to wait for a pong answer to a ping
smax	smax	Determined by httpd configuration	Node	Soft maximum idle connection count (that is the smax in worker mod_proxy documentation). The maximum value depends on the httpd thread configuration (ThreadsPerChild or 1).
ttl	ttl	60	Node	Time to live (in seconds) for idle connections above smax
nodeTimeout	node-timeout	-1	Node	Timeout (in seconds) for proxy connections to a node. That is the time mod_cluster will wait for the back-end response before returning error. That corresponds to timeout in the worker mod_proxy documentation. A value of -1 indicates no timeout. Note that mod_cluster always uses a cping/cpong before forwarding a request and the connectiontimeout value used by mod_cluster is the ping value.
balancer	balancer	mycluster	Node	The balancer name
loadBalancingGroup	domain load-balancing-group	None	Node	If specified, load will be balanced among jvmRoutes withing the same load balancing group. A loadBalancingGroup is conceptually equivalent to a mod_jk domain directive. This is primarily used in conjunction with partitioned session replication (e.g. buddy replication).

Note

When nodeTimeout is not defined the ProxyTimeout directive Proxy is used. If ProxyTimeout is not defined the server timeout (Timeout) is used (default 300 seconds). nodeTimeout, ProxyTimeout or Timeout is set at the socket level.

9.3. SSL Configuration

The communication channel between application servers and httpd proxies uses HTTP by default. This channel can be secured using HTTPS by setting the ssl property to true.

Note

This HTTP/HTTPS channel should not be confused with the processing of HTTP/HTTPS client requests.

Attribute	AS7 Attribute	Default	Description
ssl	None	false	Should connection to proxy use a secure socket layer
sslCiphers	cipher-suite	The default JSSE cipher suites	Overrides the cipher suites used to initialize an SSL socket ignoring any unsupported ciphers
sslProtocol	protocol	TLS (ALL in AS7)	Overrides the default SSL socket protocol.
sslCertificateEncodingAlgorithm	None	The default JSSE key manager algorithm	The algorithm of the key manager factory
sslKeyStore	certificate-key-file	`System.getProperty("user.home") + "/.keystore"`	The location of the key store containing client certificates
sslKeyStorePassword	password	changeit	The password granting access to the key store (and trust store in AS7)
sslKeyStoreType	None	JKS	The type of key store
sslKeyStoreProvider	None	The default JSSE security provider	The key store provider
sslTrustAlgorithm	None	The default JSSE trust manager algorithm	The algorithm of the trust manager factory
sslKeyAlias	key-alias		The alias of the key holding the client certificates in the key store
sslCrlFile	ca-revocation-url		Certificate revocation list
sslTrustMaxCertLength	None	5	The maximum length of a certificate held in the trust store
sslTrustStore	None	`System.getProperty("javax.net.ssl.trustStorePassword")`	The location of the file containing the trust store
sslTrustStorePassword	None	`System.getProperty("javax.net.ssl.trustStore")`	The password granting access to the trust store.
sslTrustStoreType	None	`System.getProperty("javax.net.ssl.trustStoreType")`	The trust store type
sslTrustStoreProvider	None	`System.getProperty("javax.net.ssl.trustStoreProvider")`	The trust store provider

9.4. Load Configuration for JBoss Web and Tomcat

Additional configuration properties used when mod_cluster is configured in JBoss Web standalone or Tomcat.

Attribute	Default	Description
loadMetricClass	org.jboss.modcluster.load.metric.impl.BusyConnectorsLoadMetric	Class name of an object implementing org.jboss.load.metric.LoadMetric
loadMetricCapacity	1	The capacity of the load metric defined via the loadMetricClass property
loadHistory	9	The number of historic load values to consider in the load balance factor computation.
loadDecayFactor	2	The factor by which a historic load values should degrade in significance.