THIS IS A TEST INSTANCE. ALL YOUR CHANGES WILL BE LOST!!!!
...
This section provides several recommendations on how to make your web application and Apache Tomcat as a whole to start up faster.
General
Before we continue to specific tips and tricks, the general advice is that if Tomcat hangs or is not responsive, you have to perform diagnostics. That is to take several thread dumps to see what Tomcat is really doing. See Troubleshooting and Diagnostics page for details.
...
Among the scans the annotation scanning is the slowest. That is because each class file (except ones in ignored JARs) has to be read and parsed looking for annotations in it.
An example of a container-provided SCI that triggers annotation scanning is the WebSocket API implementation which is included with standard distribution in all versions of Tomcat 8 and with Tomcat 7 starting with 7.0.47. An SCI class declared there triggers scanning for WebSocket endpoints (the classes annotated with @ServerEndpoint or implementing ServerApplicationConfig interface or extending the abstract Endpoint class). If you do not need support for WebSockets, you may remove the WebSocket API and WebSocket implementation JARs from Tomcat (websocket-api.jar and tomcat7-websocket.jar or tomcat-websocket.jar).
A note on TLD scanning: In Tomcat 7 and earlier the TLD scanning happens twice,
...
The <absolute-ordering> element specifies which web fragment JARs (according to the names in their WEB-INF/web-fragment.xml files) have to be scanned for SCIs, fragments and annotations. An empty <absolute-ordering/> element configures that none are to be scanned.
Note: in Tomcat 8 the In Tomcat 7 the absolute-ordering option affects discovery both of SCIs provided by web application and ones provided by the container (i.e. by the libraries in $CATALINA_HOME/lib). In Tomcat 8 the option affects the web application ones only, while the container-provided SCIs are always discovered, regardless of absolute-ordering. It In such case the absolute-ordering option alone does not prevent scanning for annotations, but the list of JARs to be scanned will be empty, and thus it the scanning will complete quickly. The classes in WEB-INF/classes are always scanned regardless of absolute-ordering. An example of a container-provided SCI is in the WebSocket API implementation jar (tomcat-websocket.jar, tomcat7-websocket.jar) which is included with Tomcat 7 starting with 7.0.47. If you do not need support for WebSockets, you may remove it.
Scanning for web application resources and TLD scanning are not affected by these options.
...
In Tomcat 7 JAR files can be excluded from scanning by listing their names or name patterns in a system property. Those are usually configured in the conf/catalina.properties file.
In Tomcat 8 you there are several options available. You can use a system property or configure a <JanScanFilter> <JarScanFilter> element in the context file of your web application.
Disable WebSocket support
There exists an attribute on Context element, containerSciFilter. It can be used to disable container-provided features that are plugged into Tomcat via SCI API: WebSocket support (in Tomcat 7 and later), JSP support (in Tomcat 8 and later).
The class names to filter can be detected by looking into META-INF/services/javax.servlet.ServletContainerInitializer files in Tomcat JARs. For WebSocket support the name is org.apache.tomcat.websocket.server.WsSci, for JSP support the name is org.apache.jasper.servlet.JasperInitializer. e.g.:
| No Format |
|---|
<Context containerSciFilter="WsSci" />
|
The impact of disabling WebSocket support will depend on how many JARs were being scanned for WebSocket annotations and whether any other SCIs trigger annotation scans. Generally, it is the first SCI scan that has the biggest performance impact. The impact of additional scans is minimal.
References: Bug 55855, Tomcat 8 Context documentation
Entropy Source
Tomcat 7+ heavily relies on SecureRandom class to provide random values for its session ids and in other places. Depending on your JRE it can cause delays during startup if entropy source that is used to initialize SecureRandom is short of entropy. You will see warning in the logs when this happens, e.g.:
...
Note the "/./" characters in the value. They are needed to work around known Oracle JRE bug #6202721. See also JDK Enhancement Proposal 123. It is known that implementation of SecureRandom was improved in Java 8 onwards.
Also note that replacing the blocking entropy source (/dev/random) with a non-blocking one actually reduces security because you are getting less-random data. If you have a problem generating entropy on your server (which is common), consider looking into entropy-generating hardware products such as "EntropyKey".
...