What are over 50 things to avoid from Tomcat layer to improve performance in SpringBoot?

By following these best practices, you can effectively initialize and configure Tomcat with Spring Boot for running your application.

• Use the Spring Boot Maven Plugin: Include the spring-boot-maven-plugin in your Maven pom.xml file to package your application as an executable JAR or WAR file. This plugin automatically sets up an embedded Tomcat server for running your Spring Boot application.

<build>
    <plugins>
        <!-- Spring Boot Maven Plugin -->
        <plugin>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-maven-plugin</artifactId>
            <version>2.5.2</version>
            <executions>
                <execution>
                    <goals>
                        <goal>repackage</goal>
                    </goals>
                </execution>
            </executions>
        </plugin>
    </plugins>
</build>

• Configure Tomcat port: By default, Spring Boot uses port 8080 for Tomcat. You can configure the port by setting the server.port property in your application’s application.properties or application.yml file.

application.properties:
Open the src/main/resources/application.properties file and add the following line:


server.port=8080
Replace 8080 with the desired port number.

application.yml:
Open the src/main/resources/application.yml file and add the following lines:


server:
  port: 8080

• Optimize Tomcat for production: Configure Tomcat for optimal performance in production environments. Set appropriate values for connector threads, connection timeouts, and other parameters based on your application’s requirements.

<Connector compression="on" compressionMinSize="2048"
           compressableMimeType="text/html,text/xml,text/plain,text/css,text/javascript,application/javascript,application/json" />

<Connector ...>
    ...
    <Executor name="tomcatThreadPool" namePrefix="catalina-exec-"
              maxThreads="500" minSpareThreads="25"/>
    <Connector executor="tomcatThreadPool" ... />
    ...
</Connector>

• Use Tomcat as a dependency: Instead of using the embedded Tomcat provided by Spring Boot, you can also package your application as a WAR and deploy it to an external Tomcat server. In this case, include Tomcat as a provided dependency in your project.

<dependency>
    <groupId>org.apache.tomcat</groupId>
    <artifactId>tomcat-embed-core</artifactId>
    <version>9.0.50</version>
</dependency>

import org.springframework.boot.builder.SpringApplicationBuilder;
import org.springframework.boot.web.servlet.support.SpringBootServletInitializer;

public class ServletInitializer extends SpringBootServletInitializer {

    @Override
    protected SpringApplicationBuilder configure(SpringApplicationBuilder application) {
        return application.sources(YourApplication.class);
    }
}

• Enable SSL/TLS: Secure your application by enabling SSL/TLS encryption. Configure Tomcat to use HTTPS by providing an SSL certificate and configuring the appropriate properties in your application configuration.

import org.apache.catalina.connector.Connector;
import org.springframework.boot.web.embedded.tomcat.TomcatServletWebServerFactory;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;

@Configuration
public class TomcatConfiguration {

    @Bean
    public TomcatServletWebServerFactory tomcatServletWebServerFactory() {
        TomcatServletWebServerFactory factory = new TomcatServletWebServerFactory();
        factory.addAdditionalTomcatConnectors(createSslConnector());
        return factory;
    }

    private Connector createSslConnector() {
        Connector connector = new Connector();
        connector.setPort(8443);
        connector.setSecure(true);
        connector.setScheme("https");
        connector.setAttribute("keyAlias", "your_key_alias");
        connector.setAttribute("keystorePass", "your_keystore_password");
        connector.setAttribute("keystoreFile", "/path/to/your_keystore_file");
        connector.setAttribute("clientAuth", "false");
        connector.setAttribute("sslProtocol", "TLS");
        return connector;
    }
}

• Customize Tomcat server settings: If you need to customize Tomcat server settings, you can create a TomcatServletWebServerFactory bean in your Spring Boot configuration. This allows you to fine-tune Tomcat’s behavior, such as setting additional connectors, configuring HTTP/2, etc.

import org.apache.catalina.connector.Connector;
import org.springframework.boot.web.embedded.tomcat.TomcatServletWebServerFactory;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;

@Configuration
public class TomcatConfiguration {

    @Bean
    public TomcatServletWebServerFactory tomcatServletWebServerFactory() {
        TomcatServletWebServerFactory factory = new TomcatServletWebServerFactory();
        factory.addAdditionalTomcatConnectors(createHttpConnector());
        return factory;
    }

    private Connector createHttpConnector() {
        Connector connector = new Connector("org.apache.coyote.http11.Http11NioProtocol");
        // Configure the connector properties (e.g., port, max connections, etc.)
        connector.setPort(8080);
        // Add any additional configuration as needed
        return connector;
    }
}

• Externalize configuration: Externalize your configuration using environment variables, command-line arguments, or external configuration files. This allows you to modify Tomcat and Spring Boot settings without rebuilding your application.
• Implement graceful shutdown: Implement graceful shutdown of your Spring Boot application running on Tomcat. Configure the spring.lifecycle.timeout-per-shutdown-phase property to allow sufficient time for existing requests to complete during shutdown.
• Monitor and tune Tomcat: Monitor the performance and health of your Tomcat server using appropriate monitoring tools. Identify bottlenecks and tune Tomcat’s configuration accordingly to ensure optimal performance.
• Keep Tomcat up to date: Regularly update your Tomcat server to the latest stable version. This ensures that you have the latest bug fixes, security patches, and performance improvements.
• Avoid unnecessary session usage: Minimize the usage of HTTP sessions unless absolutely necessary. Sessions consume server resources, and excessive session usage can impact performance. Consider using stateless authentication mechanisms like JWT instead.
• Avoid excessive logging: Logging can significantly impact performance. Be cautious about the amount and level of detail in your log statements. Use logging frameworks with appropriate log levels and avoid excessive debug or trace logging in production environments.
• Avoid unnecessary JSP usage: If possible, avoid using JavaServer Pages (JSP) as they can have performance implications. Consider using more efficient templating engines like Thymeleaf or FreeMarker.
• Avoid blocking operations: Be cautious of blocking operations like long-running database queries or external API calls within request handling threads. Consider using asynchronous and non-blocking techniques to offload such operations to separate threads or use reactive frameworks like Spring WebFlux.
• Avoid excessive file uploads: If your application allows file uploads, ensure that you have appropriate size limits and validation mechanisms in place. Large file uploads can consume server resources and impact performance.
• Avoid unnecessary use of filters: Filters can add overhead to request processing. Evaluate the necessity of each filter and ensure they are only applied when required. Remove any unused or redundant filters.
• Avoid unnecessary use of interceptors: Similarly to filters, interceptors can introduce additional processing overhead. Evaluate the necessity of each interceptor and ensure they are used judiciously.
• Avoid unnecessary use of servlet listeners: Servlet listeners can have a performance impact as they are invoked for various events in the servlet lifecycle. Use them sparingly and only when necessary.
• Avoid misconfigured connection pools: If you’re using a connection pool, ensure it is properly configured with appropriate connection pool size, idle connection timeout, and validation settings. A misconfigured connection pool can result in poor performance and resource utilization.
• Avoid excessive resource loading: Be cautious about loading resources (e.g., static files, configurations) from the file system instead of using classpath resources. Loading resources from the file system can be slower and impact performance. Prefer classpath resources whenever possible.
• Avoid unnecessary session usage: Minimize the usage of HTTP sessions unless absolutely necessary. Sessions consume server resources, and excessive session usage can impact performance.
• Avoid excessive logging: Logging can significantly impact performance. Be cautious about the amount and level of detail in your log statements.
• Avoid unnecessary JSP usage: If possible, avoid using JavaServer Pages (JSP) as they can have performance implications.
• Avoid blocking operations: Be cautious of blocking operations like long-running database queries or external API calls within request handling threads. Use asynchronous and non-blocking techniques to offload such operations to separate threads.
• Avoid excessive file uploads: Ensure that you have appropriate size limits and validation mechanisms in place for file uploads.
• Avoid unnecessary use of filters: Evaluate the necessity of each filter and ensure they are only applied when required.
• Avoid unnecessary use of interceptors: Evaluate the necessity of each interceptor and use them sparingly.
• Avoid unnecessary use of servlet listeners: Use servlet listeners judiciously as they can have a performance impact.
• Avoid misconfigured connection pools: Ensure that your connection pool is properly configured with appropriate size, idle connection timeout, and validation settings.
• Avoid excessive resource loading from the file system: Prefer loading resources (e.g., static files, configurations) from the classpath instead of the file system.
• Avoid unnecessary use of context reloads: Minimize the frequency of context reloads as they can result in downtime and performance degradation.
• Avoid excessive cookie usage: Use cookies judiciously as they can increase the size of HTTP requests and responses.
• Avoid unnecessary URL rewriting: Evaluate the need for URL rewriting and use it only when necessary.
• Avoid unnecessary session replication: If you are using session replication in a clustered environment, evaluate the need for it and consider alternatives like session affinity.
• Avoid unnecessary use of blocking IO: Prefer non-blocking IO to improve the scalability and responsiveness of your application.
• Avoid excessive use of HTTP redirection: Minimize the number of HTTP redirects as they add overhead to request processing.
• Avoid unnecessary use of default error pages: Customize error pages to provide more meaningful information and avoid unnecessary processing.
• Avoid unnecessary use of compression: Evaluate the need for compression and ensure that it is configured appropriately to balance CPU usage and bandwidth savings.
• Avoid excessive use of URL rewriting: Evaluate the necessity of URL rewriting and minimize its usage if possible.
• Avoid unnecessary use of resource-consuming features: Disable any Tomcat features or modules that are not required for your application to conserve resources.
• Avoid unnecessary use of default servlet mappings: Customize servlet mappings to avoid unnecessary processing of requests.
• Avoid excessive use of wildcard mappings: Use specific servlet mappings instead of wildcards to improve request resolution efficiency.
• Avoid unnecessary use of default error handling: Customize error handling to provide more informative and efficient error responses.
• Avoid excessive use of request attributes: Minimize the usage of request attributes as they can impact performance, especially when used with filters or interceptors.
• Avoid unnecessary use of Tomcat valves: Evaluate the necessity of Tomcat valves and use them only when required.
• Avoid unnecessary use of session listeners: Use session listeners judiciously as they can introduce overhead.
• Avoid unnecessary use of Tomcat’s SSI (Server Side Includes) feature: Evaluate the need for SSI and consider alternative solutions if possible.
• Avoid excessive use of static content: Serve static content efficiently using caching mechanisms, content delivery networks (CDNs), or reverse proxies.
• Avoid unnecessary use of Tomcat’s default welcome files: Customize welcome files to avoid unnecessary processing.
• Avoid excessive use of HTTP headers: Minimize the number and size of HTTP headers to reduce network overhead.
• Avoid unnecessary use of session replication: Evaluate the need for session replication and consider alternatives like session clustering or shared session stores.
• Avoid unnecessary use of Tomcat’s request dispatcher: Minimize the usage of the request dispatcher as it involves additional processing.
• Avoid unnecessary use of Tomcat’s virtual hosts: Evaluate the need for virtual hosts and use them judiciously.
• Avoid excessive use of session attributes: Minimize the usage of session attributes as they can consume memory and impact performance.
• Avoid unnecessary use of Tomcat’s access logs: Evaluate the necessity of access logs and disable them if not required.
• Avoid excessive use of Tomcat’s cache-related headers: Use cache-related headers appropriately to balance caching and freshness of resources.
• Avoid unnecessary use of Tomcat’s SSL renegotiation: Evaluate the need for SSL renegotiation and disable it if not required.
• Avoid excessive use of Tomcat’s memory settings: Tune Tomcat’s memory settings appropriately based on your application’s requirements and resource availability.
• Avoid unnecessary use of Tomcat’s default servlet: Customize the default servlet to handle requests efficiently.
• Avoid excessive use of Tomcat’s default thread pool: Configure the Tomcat thread pool size appropriately to handle the expected workload.
• Avoid unnecessary use of Tomcat’s resource caching: Evaluate the need for resource caching and use it judiciously.
• Avoid excessive use of Tomcat’s default session timeout: Configure the session timeout appropriately based on your application’s requirements.
• Avoid unnecessary use of Tomcat’s compression settings: Configure compression settings appropriately to balance performance and resource usage.
• Avoid excessive use of Tomcat’s default MIME mappings: Customize MIME mappings to avoid unnecessary processing.
• Avoid unnecessary use of Tomcat’s default character encoding: Configure the character encoding appropriately based on your application’s requirements.
• Avoid excessive use of Tomcat’s default request parsing settings: Configure request parsing settings appropriately to handle the expected request sizes and payloads.

import org.apache.catalina.connector.Connector;
import org.springframework.boot.web.embedded.tomcat.TomcatServletWebServerFactory;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;

@Configuration
public class TomcatConfiguration {

    @Bean
    public TomcatServletWebServerFactory tomcatServletWebServerFactory() {
        TomcatServletWebServerFactory factory = new TomcatServletWebServerFactory();
        factory.addConnectorCustomizers(this::customizeConnector);
        return factory;
    }

    private void customizeConnector(Connector connector) {
        connector.setParseBodyMethods("POST,PUT"); // Limit parsing to specific HTTP methods
        connector.setMaxPostSize(1048576); // Set maximum request body size (in bytes)
        connector.setMaxSwallowSize(1048576); // Set maximum size of swallowed request body (in bytes)
        // Add any additional customizations as needed
    }
}

• Avoid unnecessary use of Tomcat’s default response buffering: Customize response buffering settings to avoid unnecessary memory usage.

import org.apache.catalina.connector.Connector;
import org.springframework.boot.web.embedded.tomcat.TomcatServletWebServerFactory;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;

@Configuration
public class TomcatConfiguration {

    @Bean
    public TomcatServletWebServerFactory tomcatServletWebServerFactory() {
        TomcatServletWebServerFactory factory = new TomcatServletWebServerFactory();
        factory.addConnectorCustomizers(this::customizeConnector);
        return factory;
    }

    private void customizeConnector(Connector connector) {
        connector.setAllowChunking(false); // Disable chunked transfer encoding
        connector.setBufferRequestBody(false); // Disable request body buffering
        // Add any additional customizations as needed
    }
}

• Avoid excessive use of Tomcat’s default thread stack size: Configure the thread stack size appropriately based on your application’s requirements.

import org.apache.catalina.connector.Connector;
import org.apache.coyote.http11.Http11NioProtocol;
import org.springframework.boot.web.embedded.tomcat.TomcatServletWebServerFactory;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;

@Configuration
public class TomcatConfiguration {

    @Bean
    public TomcatServletWebServerFactory tomcatServletWebServerFactory() {
        TomcatServletWebServerFactory factory = new TomcatServletWebServerFactory();
        factory.addConnectorCustomizers(connector -> customizeConnector(connector));
        return factory;
    }

    private void customizeConnector(Connector connector) {
        Http11NioProtocol protocol = (Http11NioProtocol) connector.getProtocolHandler();
        protocol.setThreadStackSize(256); // Set the desired stack size in kilobytes
    }
}

• Avoid unnecessary use of Tomcat’s default request size limits: Configure request size limits appropriately based on your application’s requirements.
• Avoid excessive use of Tomcat’s default connection timeout: Configure connection timeout appropriately based on your application’s requirements.

By avoiding these performance pitfalls at the Tomcat layer, you can significantly improve the performance of your Spring Boot application. Keep in mind that the specific optimizations required may vary based on your application’s characteristics and requirements.