Linux

Popular Search:Getting Started
Expand / Collapse All

How to configure Apache2 to Forward to BridgeGate Server

If you server configuration includes Apache 2 as the internet facing application use the following configuration to forward SSL to BridgeGate

The apache config file on Linux is usually located in

/etc/apache2/sites-available/000-default.conf

<VirtualHost *:443>

    ServerName yourdomain

    DocumentRoot /var/www/html

    SSLEngine on

    SSLCertificateFile      /bridgegate/certificates/yourdomain.crt

    SSLCertificateKeyFile   /bridgegate/certificates/yourdomaint.key

    SSLCertificateChainFile /bridgegate/certificates/yourdomain_certificateAuthorityRoot.crt

    ProxyRequests Off          # Important: disable forward proxy mode

    ProxyPreserveHost On       # Passes original Host: header to backend (often needed)

    ProxyPass / http://localhost:8080/

    ProxyPassReverse / http://localhost:8080/

    RequestHeader set X-Forwarded-Proto “https” env=HTTPS

    RequestHeader set X-Forwarded-Proto “https”

</VirtualHost>

BridgeGate holding on to memory. How to release unused memory

The following can be used to have the JVM release memory and shrink the heap when not used. This will release additional memory to the OS when not needed.

Linux update the /bridgegate/bin/runbridgegate

JAVA_OPTS="${JAVA_OPTS} -XX:+UseG1GC"
JAVA_OPTS="${JAVA_OPTS} -XX:NewRatio=1"
# Encourage heap shrinking when underutilized
JAVA_OPTS="${JAVA_OPTS} -XX:MaxHeapFreeRatio=30"
JAVA_OPTS="${JAVA_OPTS} -XX:MinHeapFreeRatio=10"

# Allow explicit GC to trigger concurrent collection
JAVA_OPTS="${JAVA_OPTS} -XX:+ExplicitGCInvokesConcurrent"

# Reduce startup latency by pre-touching heap pages
JAVA_OPTS="${JAVA_OPTS} -XX:+AlwaysPreTouch"

# Improve compaction and GC performance
JAVA_OPTS="${JAVA_OPTS} -XX:G1HeapRegionSize=16m"
JAVA_OPTS="${JAVA_OPTS} -XX:InitiatingHeapOccupancyPercent=35"

# Optional: limit old-gen GC pause time target
JAVA_OPTS="${JAVA_OPTS} -XX:MaxGCPauseMillis=200"

Windows update the /bridgegate/bin/bg_service.conf

Add the following:

# Encourage heap shrinking when underutilized
wrapper.java.additional.40= -XX:MaxHeapFreeRatio=30"
wrapper.java.additional.41= -XX:MinHeapFreeRatio=10"

# Allow explicit GC to trigger concurrent collection
wrapper.java.additional.42= -XX:+ExplicitGCInvokesConcurrent"

# Reduce startup latency by pre-touching heap pages
wrapper.java.additional.44= -XX:+AlwaysPreTouch"

# Improve compaction and GC performance
wrapper.java.additional.45= -XX:G1HeapRegionSize=16m"
wrapper.java.additional.46= -XX:InitiatingHeapOccupancyPercent=35"

# Optional: limit old-gen GC pause time target
wrapper.java.additional.47= -XX:MaxGCPauseMillis=200"

Can’t exec “ifconfig”: error when installing BridgeGate

If you get the following error while installing BridgeGate on Linux you need to install the net-tools. This includes the ifconfig.  The BridgeGate install script uses ifconfig to get IP information.

Example Error Message:

What is the alias of this server? [localhost.localdomain] Can’t exec “ifconfig”: No such file or directory at /bridgegate/bin/bg_config.pl line 344, <STDIN> line 15. Use of uninitialized value in pattern match (m//) at /bridgegate/bin/bg_config.pl line 344, <STDIN> line 15.

# sudo yum install net-tools

BridgeGate log has Too many open files Exception

If you encounter a (Too many open files) Exception in the /bridgegate/logs/server.log log file on a Linux system your system administrator will need to increase the number of OS File Descriptors the bridgegate process is allowed to use.

  1.  To increase edit /etc/sysctl.conf add the below line, save and exit 
    fs.file-max = 100000
  2. We also need to increase hard and soft limits Edit /etc/security/limits.conf add the below lines before the #End, save and exit

    * soft nofile 65535
* hard nofile 65535
  3. Edit the bridgegate service, vi/etc/systemd/system/bridgegate.service  and add the below  line at the of the [Service] section, save and exit 
    LimitNOFILE=65535
  4. Reload systemctl to apply new setting 
    sudo systemctl daemon-reload
  5. Restart the bridgegate service 
    sudo systemctl restart bridgegate
  6. Check the file limits of the bridgegate process. First find the process id for the bridgegate process 
    ps -ef | grep java
The output will look like the following. The process id is the first number after the bgate
bgate    27919 27854 94 10:03 ?        00:18:59 /usr/java/jdk1.8.0_191-amd64/bin/java 
-Djava.util.logging.config.file=/bridgegate/server/conf/logging.properties 
-Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager -Djdk.tls.ephemeralDHKeySize=2048 
-Djava.protocol.handler.pkgs=org.apache.catalina.webresources -Dorg.apache.catalina.security.SecurityListener.UMASK=0027 
-XX:+UseStringDeduplication -DBRIDGEGATE_ROOT=/bridgegate -DBRIDGEGATE_SERVER=true -Xms1g -Xmx20g -XX:+UseG1GC -XX:NewRatio=1 
-XX:ErrorFile=/bridgegate/logs/java_error%p.log -Djava.net.preferIPv4Stack=true 
-Djava.security.egd=/dev/random -Dlog4j.configuration=file:/bridgegate/conf/log4j.xml 
-Djava.util.logging.config.file=/bridgegate/server/conf/logging.properties -Djava.security.properties=/bridgegate/java/jre/lib/security/java.security -Dignore.endorsed.dirs= 
-classpath /bridgegate/server/bin/bootstrap.jar:/bridgegate/server/bin/tomcat-juli.jar -Dcatalina.base=/bridgegate/server 
-Dcatalina.home=/bridgegate/server -Djava.io.tmpdir=/bridgegate/server/temp org.apache.catalina.startup.Bootstrap start

    Next view the limits for that process id

    cat /proc/27919/limits

    Limit                     Soft Limit           Hard Limit           Units     
Max cpu time              unlimited            unlimited            seconds   
Max file size             unlimited            unlimited            bytes     
Max data size             unlimited            unlimited            bytes     
Max stack size            8388608              unlimited            bytes     
Max core file size        0                    unlimited            bytes     
Max resident set          unlimited            unlimited            bytes     
Max processes             126055               126055               processes 
Max open files            65535                65535                files     
Max locked memory         65536                65536                bytes     
Max address space         unlimited            unlimited            bytes     
Max file locks            unlimited            unlimited            locks     
Max pending signals       126055               126055               signals   
Max msgqueue size         819200               819200               bytes     
Max nice priority         0                    0                    
Max realtime priority     0                    0                    
Max realtime timeout      unlimited            unlimited            us