Tomcat 503 Service Unavailable

Greenhorn

Service Temporarily Unavailable The server is temporarily unable to service your request due to maintenance downtime or capacity problems. Please try again later.-Apache/1.3.34 Server at www.websitehere.com Port 80 EO Quote: Then I need to run /scripts/restartsrvtomcat and service httpd restart in order to bring tomcat and jsp site. No changes regarding firewall or load balancers. Tomcat and apache live on the same machine in this case. On 22/07/64 2:59 PM, Igor Cicimov wrote: Obviously apache can't connect to tomcat. Any firewall/load balancer changes maybe done last night between apache and tomcat? Can you access tomcat apps bypassing apache? There are, what appears to be three tomcat instances on this.

posted 4 years ago

Optional 'thank-you' note:

I'm following this guide to setup Tomcat 8 on Ubuntu Server 16.04 using Apache2's mod_jk module as a reverse proxy:
https://www.digitalocean.com/community/tutorials/how-to-encrypt-tomcat-8-connections-with-apache-or-nginx-on-ubuntu-16-04
Everything works until the last step, which is to change the HTTP and AJP Connectors in server.xml to only listen on localhost. Here's the change I made to the AJP Connector (added localhost in the address):

Before this change, typing https://myhostname takes me to the Tomcat administration page; after it, I get '503 Service Unavailable'.
Here's the relevant portion of mod_jk.log

Saloon Keeper

posted 4 years ago

Optional 'thank-you' note:

You might want to check the Tomcat catalina.out and localhost log files to make sure that port 8009 didn't fail to open.
Although your proxy log message seems to be indicating that Apache might have been trying to connect using IPV6 and your allowable address (127.0.0.1) is an IPv4 address. If that's the case, I'd try and ensure that the Apache-to-Tomcat tunnel on port 8009 used IPv4, since I don't thing IPv6 gains you a lot on a loopback connection.

Some people, when well-known sources tell them that fire will burn them, don't put their hands in the fire.
Some people, being skeptical, will put their hands in the fire, get burned, and learn not to put their hands in the fire.
And some people, believing that they know better than well-known sources, will claim it's a lie, put their hands in the fire, and continue to scream it's a lie even as their hands burn down to charred stumps.

Greenhorn

posted 4 years ago

Tomcat 503 Service Temporarily Unavailable

Optional 'thank-you' note:

Here are the logs based on your suggestion, it doesn't seem like there is an issue with port 8009 starting as line 36 of the catalina.out says this 'Initializing ProtocolHandler ['ajp-nio-127.0.0.1-8009']' but I'm not 100% sure:
Also, how do I ensure that the Apache-to-Tomcat tunnel on port 8009 uses IPv4. I didn't see anything I could change in the server.xml connector config to specify IP Type??
Apologies, I'm new to configuring tomcat and this is a bit of a learning process for me.
Thanks much!
Localhost.log:

catalina.out after running systemctl restart tomcat as root

24-Mar-2017 07:20:12.848 INFO [main] org.apache.catalina.core.StandardServer.await A valid shutdown command was received via the shutdown port. Stopping the Server instance. 24-Mar-2017 07:20:12.848 INFO [main] org.apache.coyote.AbstractProtocol.pause Pausing ProtocolHandler ['http-nio-127.0.0.1-8080'] 24-Mar-2017 07:20:12.852 INFO [main] org.apache.coyote.AbstractProtocol.pause Pausing ProtocolHandler ['ajp-nio-8009'] 24-Mar-2017 07:20:12.852 INFO [main] org.apache.catalina.core.StandardService.stopInternal Stopping service Catalina 24-Mar-2017 07:20:12.884 INFO [main] org.apache.coyote.AbstractProtocol.stop Stopping ProtocolHandler ['http-nio-127.0.0.1-8080'] 24-Mar-2017 07:20:12.900 INFO [main] org.apache.coyote.AbstractProtocol.stop Stopping ProtocolHandler ['ajp-nio-8009'] 24-Mar-2017 07:20:12.901 INFO [main] org.apache.coyote.AbstractProtocol.destroy Destroying ProtocolHandler ['http-nio-127.0.0.1-8080'] 24-Mar-2017 07:20:12.901 INFO [main] org.apache.coyote.AbstractProtocol.destroy Destroying ProtocolHandler ['ajp-nio-8009'] 24-Mar-2017 07:20:14.362 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Server version: Apache Tomcat/8.5.12 24-Mar-2017 07:20:14.371 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Server built: Mar 8 2017 17:41:47 UTC 24-Mar-2017 07:20:14.371 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Server number: 8.5.12.0 24-Mar-2017 07:20:14.371 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log OS Name: Linux 24-Mar-2017 07:20:14.371 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log OS Version: 4.4.0-62-generic 24-Mar-2017 07:20:14.371 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Architecture: amd64 24-Mar-2017 07:20:14.371 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Java Home: /usr/lib/jvm/java-8-openjdk-amd64/jre 24-Mar-2017 07:20:14.372 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log JVM Version: 1.8.0_121-8u121-b13-0ubuntu1.16.04.2-b13 24-Mar-2017 07:20:14.372 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log JVM Vendor: Oracle Corporation 24-Mar-2017 07:20:14.372 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log CATALINA_BASE: /opt/tomcat 24-Mar-2017 07:20:14.372 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log CATALINA_HOME: /opt/tomcat 24-Mar-2017 07:20:14.372 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Command line argument: -Djava.util.logging.config.file=/opt/tomcat/conf/logging.properties 24-Mar-2017 07:20:14.372 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Command line argument: -Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager 24-Mar-2017 07:20:14.372 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Command line argument: -Djava.awt.headless=true 24-Mar-2017 07:20:14.372 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Command line argument: -Djava.security.egd=file:/dev/./urandom 24-Mar-2017 07:20:14.373 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Command line argument: -Djdk.tls.ephemeralDHKeySize=2048 24-Mar-2017 07:20:14.373 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Command line argument: -Djava.protocol.handler.pkgs=org.apache.catalina.webresources 24-Mar-2017 07:20:14.373 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Command line argument: -Xms512M 24-Mar-2017 07:20:14.373 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Command line argument: -Xmx1024M 24-Mar-2017 07:20:14.373 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Command line argument: -XX:+UseParallelGC 24-Mar-2017 07:20:14.373 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Command line argument: -Dcatalina.base=/opt/tomcat 24-Mar-2017 07:20:14.373 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Command line argument: -Dcatalina.home=/opt/tomcat 24-Mar-2017 07:20:14.373 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Command line argument: -Djava.io.tmpdir=/opt/tomcat/temp 24-Mar-2017 07:20:14.373 INFO [main] org.apache.catalina.core.AprLifecycleListener.lifecycleEvent The APR based Apache Tomcat Native library which allows optimal performance in production environments was not found on the java.library.path: /usr/java/packages/lib/amd64:/usr/lib/x86_64-linux-gnu/jni:/lib/x86_64-linux-gnu:/usr/lib/x86_64-linux -gnu:/usr/lib/jni:/lib:/usr/lib 24-Mar-2017 07:20:14.457 INFO [main] org.apache.coyote.AbstractProtocol.init Initializing ProtocolHandler ['http-nio-127.0.0.1-8080'] 24-Mar-2017 07:20:14.477 INFO [main] org.apache.tomcat.util.net.NioSelectorPool.getSharedSelector Using a shared selector for servlet write/read 24-Mar-2017 07:20:14.478 INFO [main] org.apache.coyote.AbstractProtocol.init Initializing ProtocolHandler ['ajp-nio-127.0.0.1-8009'] 24-Mar-2017 07:20:14.479 INFO [main] org.apache.tomcat.util.net.NioSelectorPool.getSharedSelector Using a shared selector for servlet write/read 24-Mar-2017 07:20:14.480 INFO [main] org.apache.catalina.startup.Catalina.load Initialization processed in 488 ms 24-Mar-2017 07:20:14.505 INFO [main] org.apache.catalina.core.StandardService.startInternal Starting service Catalina 24-Mar-2017 07:20:14.505 INFO [main] org.apache.catalina.core.StandardEngine.startInternal Starting Servlet Engine: Apache Tomcat/8.5.12 24-Mar-2017 07:20:14.510 SEVERE [Catalina-startStop-1] org.apache.catalina.startup.HostConfig.beforeStart Unable to create directory for deployment: /opt/tomcat/conf/Catalina/localhost 24-Mar-2017 07:20:14.514 INFO [localhost-startStop-1] org.apache.catalina.startup.HostConfig.deployDirectory Deploying web application directory /opt/tomcat/webapps/examples 24-Mar-2017 07:20:15.027 INFO [localhost-startStop-1] org.apache.catalina.startup.HostConfig.deployDirectory Deployment of web application directory /opt/tomcat/webapps/examples has finished in 513 ms 24-Mar-2017 07:20:15.028 INFO [localhost-startStop-1] org.apache.catalina.startup.HostConfig.deployDirectory Deploying web application directory /opt/tomcat/webapps/docs 24-Mar-2017 07:20:15.039 INFO [localhost-startStop-1] org.apache.catalina.startup.HostConfig.deployDirectory Deployment of web application directory /opt/tomcat/webapps/docs has finished in 10 ms 24-Mar-2017 07:20:15.039 INFO [localhost-startStop-1] org.apache.catalina.startup.HostConfig.deployDirectory Deploying web application directory /opt/tomcat/webapps/manager 24-Mar-2017 07:20:15.069 INFO [localhost-startStop-1] org.apache.catalina.startup.HostConfig.deployDirectory Deployment of web application directory /opt/tomcat/webapps/manager has finished in 30 ms 24-Mar-2017 07:20:15.069 INFO [localhost-startStop-1] org.apache.catalina.startup.HostConfig.deployDirectory Deploying web application directory /opt/tomcat/webapps/ROOT 24-Mar-2017 07:20:15.090 INFO [localhost-startStop-1] org.apache.catalina.startup.HostConfig.deployDirectory Deployment of web application directory /opt/tomcat/webapps/ROOT has finished in 21 ms 24-Mar-2017 07:20:15.090 INFO [localhost-startStop-1] org.apache.catalina.startup.HostConfig.deployDirectory Deploying web application directory /opt/tomcat/webapps/host-manager 24-Mar-2017 07:20:15.112 INFO [localhost-startStop-1] org.apache.catalina.startup.HostConfig.deployDirectory Deployment of web application directory /opt/tomcat/webapps/host-manager has finished in 21 ms 24-Mar-2017 07:20:15.113 INFO [main] org.apache.coyote.AbstractProtocol.start Starting ProtocolHandler [http-nio-127.0.0.1-8080] 24-Mar-2017 07:20:15.128 INFO [main] org.apache.coyote.AbstractProtocol.start Starting ProtocolHandler [ajp-nio-127.0.0.1-8009] 24-Mar-2017 07:20:15.129 INFO [main] org.apache.catalina.startup.Catalina.start Server startup in 648 ms

Install Tomcat Service

Saloon Keeper

posted 4 years ago

Optional 'thank-you' note:

You can use the command 'netstat -tnlp' to list what programs are listing on which ports/protocols.
But it does appear that Apache is attempting to use IPv6 to communicate and your listening address on the connector is set for IPv4.
Unfortunately, Apache does its IPv6/IPv4 things with a certain amount of 'magic' these days, so it's not always easy to tell what protocols it's going to use. You'll probably have to read the Apache docs. I would expect that the mod_jk configuration options would deal with that, but unfortunately, the DigitalOcean tutorial doesn't show a functional and complete set of sample mod_jk directives
It's not totally essential that you limit the port 8009 listening address. That's not a public port, so access to it should be firewall-blocked both at the external entry to your site from the Internet, and in your case, on the local machine (iptables) itself. If someone managed to get far enough into your server to be able to send local requests inside the machine's firewall, you've probably already be totally eaten.
Also, are you the 'Bostich' that posted to the DigitalOcean site not long ago? We really would like to be notified when you cross-post stuff. Otherwise people get confused because sometime they'll answer on one site and sometimes on another.

Greenhorn

posted 4 years ago

Optional 'thank-you' note:

Apache Tomcat 503 Service Temporarily Unavailable

Tim,
Thank you for your clarifications! Yes that post on DO is mine.