Monday, November 15, 2021

Performance Tuning for Application Server Apache Tomcat for Sailpoint IdentityIQ

 Performance Tuning for Application  Server Apache Tomcat  for Sailpoint IdentityIQ

1. UI Server

Create a file with name setenv.sh inside /tomcat/bin Directory

# Begin settings to support SailPoint IdentityIQ application.
export CATALINA_OPTS="$CATALINA_OPTS -Xms512m"
export CATALINA_OPTS="$CATALINA_OPTS -Xmx4096m"
export CATALINA_OPTS="$CATALINA_OPTS -XX:MaxGCPauseMillis=200"
export CATALINA_OPTS="$CATALINA_OPTS -XX:+UseG1GC"

# Support time-out of LDAP pooled connections for 3 seconds to all LDAP servers.  
export CATALINA_OPTS="$CATALINA_OPTS -Dcom.sun.jndi.ldap.connect.pool.timeout=3000"  
export CATALINA_OPTS="$CATALINA_OPTS -Dcom.sun.jndi.ldap.connect.pool.protocol='plain ssl'"  
export CATALINA_OPTS="$CATALINA_OPTS -Dcom.sun.jndi.ldap.connect.pool.authentication='none simple DIGEST-MD5'"  

export CATALINA_OUT=/logs/tomcat/catalina.out
# -End- settings to support SailPoint IdentityIQ application.  

export JAVA_OPTS="$JAVA_OPTS -Dhttp.proxyHost=<proxy server>"
export JAVA_OPTS="$JAVA_OPTS -Dhttp.proxyPort=<port>"
export JAVA_OPTS="$JAVA_OPTS -Dhttp.nonProxyHosts=*.company.com\|abcd"

Comment the below line from tomcat/conf/server.xml file

<Connector port="8080" protocol="HTTP/1.1" connectionTimeout="20000" redirectPort="8443"  maxThreads="512"/>

Perform below steps for rewrite URL

Add line - <Valve className="org.apache.catalina.valves.rewrite.RewriteValve" /> in server.xml

/apps/tomcat/conf/Catalina/localhost/rewrite.config 
RewriteCond %{HTTP_HOST}  ^abcd.*
RewriteRule ^/$ /identityiq

2. Task Server

Create a file with name setenv.sh inside /tomcat/bin Directory

# Begin settings to support SailPoint IdentityIQ application.
export CATALINA_OPTS="$CATALINA_OPTS -Xms1024m"
export CATALINA_OPTS="$CATALINA_OPTS -Xmx6144m"
export CATALINA_OPTS="$CATALINA_OPTS -XX:+UseParallelGC"

# Support time-out of LDAP pooled connections for 3 seconds to all LDAP servers.  
export CATALINA_OPTS="$CATALINA_OPTS -Dcom.sun.jndi.ldap.connect.pool.timeout=3000"  
export CATALINA_OPTS="$CATALINA_OPTS -Dcom.sun.jndi.ldap.connect.pool.protocol='plain ssl'"  
export CATALINA_OPTS="$CATALINA_OPTS -Dcom.sun.jndi.ldap.connect.pool.authentication='none simple DIGEST-MD5'"  

export CATALINA_OUT=/logs/tomcat/catalina.out
# -End- settings to support SailPoint IdentityIQ application.

export JAVA_OPTS="$JAVA_OPTS -Dhttp.proxyHost=<proxy server>"
export JAVA_OPTS="$JAVA_OPTS -Dhttp.proxyPort=<port>"
export JAVA_OPTS="$JAVA_OPTS -Dhttp.nonProxyHosts=*.company.com\|abcd"

3. All Server

Remove docs and examples directory from /apps/tomcat/webapps

Set tomcat/conf/tomcat-users.xml with proper username and password

Create Directory /logs/tomcat

No comments:

Post a Comment