• Global community
    • Language:
      • Deutsch
      • English
      • Español
      • Français
      • Português
  • 日本語コミュニティ
    Dedicated community for Japanese speakers
  • 한국 커뮤니티
    Dedicated community for Korean speakers
Exit
0

coldfusion kubernetes

Community Beginner ,
Feb 20, 2024 Feb 20, 2024

Copy link to clipboard

Copied

I have set up ColdFusion in a pod of my Kubernetes cluster. I have configured all settings (services, ingress, etc.), and everything is working fine. However, I'm unable to connect ColdFusion to the Apache web server through wsconfig.

I've successfully done the same setup in a Docker container, but I encounter errors only in the Kubernetes cluster. The process of connecting wsconfig to Apache seems to proceed without errors, and when I list the wsconfig connected server, Apache is displayed.

When I access the server (Apache), it's working, and I can reach it. However, when I try to run a CFM file, it gives a 503 error.

I referred to the following documentation for guidance:
https://helpx.adobe.com/in/coldfusion/configuring-administering/web-server-management.html

Versions used: ColdFusion 2021/23




 

Views

773

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines

correct answers 1 Correct answer

Community Expert , Feb 21, 2024 Feb 21, 2024

Ok. I think you'll find this is a problem in how the localhost reference in workers.properties is being resolved (such as to ::1  in your k8s setup vs 127.0.0.1 in your docker setup).

 

If so, the solution is to change cf's server.xml file to recognize that as an allowed address by which the AJP connector can be reached. This was  discussed in a forum thread (about such a 503 connector error) where I offered details in comments here:

 

https://community.adobe.com/t5/coldfusion-discussions/tomcat-503-service-unavailable-error/td-p/11817160#M187746

...

Votes

Translate

Translate
Community Expert ,
Feb 20, 2024 Feb 20, 2024

Copy link to clipboard

Copied

That doc page doesn't discuss connecting the wsconfig tool to a container. You'd help us help you by showing your dockerfile and/or k8s manifest, so we better understand how you're attempting things. If you keep it simple, we should even be able to try exactly what you offer.

 

BTW, have you considered NOT using the wsconfig tool, and instead configure apache to forward/proxy requests to the built-in/tomcat web server in cf? 


/Charlie (troubleshooter, carehart.org)

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Community Beginner ,
Feb 20, 2024 Feb 20, 2024

Copy link to clipboard

Copied

Thank you for your reply.
1> I referred to the documentation for configuring the Linux environment didi the same in  the Docker container, which is working fine.
2> I haven't considered that. I will check it, thanks. Apache -> Tomcat [forwarding].

This is my Dockerfile. I've provided the Apache vhost configuration below, and I've used the same image in my Kubernetes cluster. There are no issues with the standalone Docker setup, but when I run the same image in Kubernetes, I encounter a 503 error. The Kubernetes configuration also seems fine, as Apache and other services are accessible from my cluster.

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Community Expert ,
Feb 21, 2024 Feb 21, 2024

Copy link to clipboard

Copied

Ok. I think you'll find this is a problem in how the localhost reference in workers.properties is being resolved (such as to ::1  in your k8s setup vs 127.0.0.1 in your docker setup).

 

If so, the solution is to change cf's server.xml file to recognize that as an allowed address by which the AJP connector can be reached. This was  discussed in a forum thread (about such a 503 connector error) where I offered details in comments here:

 

https://community.adobe.com/t5/coldfusion-discussions/tomcat-503-service-unavailable-error/td-p/1181...

 

And FWIW, it was introduced in a Tomcat security change introduced into cf  in March 20202, as I blogged (again with more detail) here:

 

https://www.carehart.org/blog/2020/3/20/how_and_why_sites_may_break_after_Mar_2020_CF_updates

 

Let us know if you get going. 

 

One last thing: as you may know, you don't NEED to implement tomcat WITHIN the cf container. You COULD set it up as it's own, and then use cf's "distributed" configuration of the connector (discussed in cf docs and elsewhere as if cf and the web server were on a separate machines). But hopefully the above will get you going, without taking that step. 


/Charlie (troubleshooter, carehart.org)

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Community Beginner ,
Feb 22, 2024 Feb 22, 2024

Copy link to clipboard

Copied

oh thank you so much 
i was able to connect to cf server thanks 

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Community Expert ,
Feb 22, 2024 Feb 22, 2024

Copy link to clipboard

Copied

Glad to have helped. So which approach did you take, or what change did you make, in case others find this thread? 


/Charlie (troubleshooter, carehart.org)

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Community Beginner ,
Feb 25, 2024 Feb 25, 2024

Copy link to clipboard

Copied

I modified the connector in server.xml, adding address="::1".
Then I was able to get Apache to connect to my CF server. However, as I am using a container, I cannot edit the server file every time. Hence, I checked more about the issue. By default, it indeed resolved localhost to 127.0.0.1, even though it was not reachable.
When I checked the /etc/gai.conf file, I came to know that in my environment there was precedence of IPv6 over IPv4, hence was the main issue. That's why it accepted ::1 rather than 127.0.0.1. So, I changed precedence to IPv4 over IPv6. Now I am able to connect my Apache to CF server without modifying any CF config files.

thank you @Charlie Arehart 

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Community Expert ,
Feb 25, 2024 Feb 25, 2024

Copy link to clipboard

Copied

LATEST

Yep, that sort of os-level (or networking-level) change can be the easier one in some cases. For a real server it might have unintended wider impact, but in a container deployment, sure, glad to hear it worked for you. And it may help future readers of this thread. You might want to identify one or two replies here as "the answer", to help them even more. 


/Charlie (troubleshooter, carehart.org)

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Resources
Documentation