Tomcat Administration
Tag 1
1.2 - rc.sh
#!/usr/bin/sh
# rc.sh
### Start Config ###
TOMCAT_VERSION=8.5.8
INSTANCE_NAME=workshop
INSTANCE_VERSION=1.0
### End Config ####
CATALINA_HOME=/opt/tomcat/products/${TOMCAT_VERSION}
CATALINA_BASE=/opt/tomcat/instances/${INSTANCE_NAME}/${INSTANCE_VERSION}
export CATALINA_HOME
export CATALINA_BASE
case "$1" in
start)
$CATALINA_HOME/bin/startup.sh
;;
stop)
$CATALINA_HOME/bin/shutdown.sh
;;
*)
echo "Usage: $0 {start|stop}"
exit 1
;;
esac
1.3 - Erweiterung setenv.sh
CATALINA_TMPDIR="${CATALINA_VAR}/temp"
CATALINA_PID="${CATALINA_VAR}/logs/tomcat.pid"
CATALINA_OUT="${CATALINA_VAR}/logs/catalina.out"
CATALINA_OPTS="-Dcatalina.var=${CATALINA_VAR}"
export CATALINA_TMPDIR; export CATALINA_OPTS
export CATALINA_PID; export CATALINA_OUT
1.4 - OOM
JAVA_OOM="-XX:+HeapDumpOnOutOfMemoryError -XX:HeapDumpPath=/var/tomcat/workshop -XX:OnOutOfMemoryError=${CATALINA_HOME}/bin/action.bash"
CATALINA_OPTS="$CATALINA_OPTS $JAVA_OOM"
1.4 - action.bash
#!/bin/bash
dumps=`ls -1rt /var/tomcat/java_pid*.hprof | tail -1`;
printf "Memory Dump:\n $dumps" >> /tmp/dumps.log
# printf "Memory Dump:\n $dumps" | mailx -s "Memory Dump" "admin@example.zz"
1.8 - Valve und Filter
<Context>
<Valve className="org.apache.catalina.valves.StuckThreadDetectionValve" threshold="10"/>
</Context>
<filter>
<filter-name>ExpiresFilter</filter-name>
<filter-class>org.apache.catalina.filters.ExpiresFilter</filter-class>
<init-param>
<param-name>ExpiresByType text</param-name>
<param-value>access plus 2 days</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>ExpiresFilter</filter-name>
<url-pattern>*.html</url-pattern>
<dispatcher>REQUEST</dispatcher>
</filter-mapping>
Tag 2
2.4 - SSL Connector
<Connector protocol="org.apache.coyote.http11.Http11NioProtocol"
port="8443" maxThreads="200"
scheme="https" secure="true" SSLEnabled="true">
<SSLHostConfig protocols="TLSv1+TLSv1.1+TLSv1.2">
<Certificate certificateKeystoreFile="${catalina.base}/keystore.jks"
certificateKeystorePassword="changeit" />
</SSLHostConfig>
</Connector>
2.5 - Anpassungen logging.properties
handlers = 1catalina.org.apache.juli.AsyncFileHandler,
2localhost.org.apache.juli.AsyncFileHandler,
3manager.org.apache.juli.AsyncFileHandler, 4hostmanager.
org.apache.juli.AsyncFileHandler, java.util.logging.ConsoleHandler,
5workshop1.org.apache.juli.AsyncFileHandler,
6workshop2.org.apache.juli.AsyncFileHandler
5workshop1.org.apache.juli.AsyncFileHandler.level = FINE
5workshop1.org.apache.juli.AsyncFileHandler.directory = ${catalina.var}/logs
5workshop1.org.apache.juli.AsyncFileHandler.prefix = workshop_log1.
6workshop2.org.apache.juli.AsyncFileHandler.level = FINE
6workshop2.org.apache.juli.AsyncFileHandler.directory = ${catalina.var}/logs
6workshop2.org.apache.juli.AsyncFileHandler.prefix = workshop_log2.
ws_log.handlers = 5workshop1.org.apache.juli.AsyncFileHandler
de.kippdata.workshop.handlers = 6workshop2.org.apache.juli.AsyncFileHandler
2.6 - log4j.xml
<?xml version="1.0" encoding="UTF-8"?>
<!-- You can add the attribute monitorInterval (seconds)
to the Configuration element for hot config reloading,
for example: <Configuration monitorInterval="60"> -->
<Configuration status="warn">
<Appenders>
<RollingFile name="default"
fileName="${sys:catalina.var}/logs/catalina.log"
filePattern="${sys:catalina.var}/logs/catalina.log.%d{yyyy-MM-dd-HHmmss}">
<PatternLayout>
<pattern>%d %r %p [%t] %c - %m%n</pattern>
</PatternLayout>
<!-- Hourly Rotation, schedule is cron style
with columns seconds, minutes, hours, day-of-month,
month, day-of-week, year(optional) -->
<CronTriggeringPolicy schedule="0 0 * * * ?" />
</RollingFile>
</Appenders>
<Loggers>
<Root level="info">
<AppenderRef ref="default"/>
</Root>
<!-- Example for changing a log level
<Logger name="org.apache.catalina"
level="info" additivity="false">
<AppenderRef ref="default"/>
</Logger>
<Logger name="org.apache.catalina.core.ContainerBase.[Catalina].[localhost]"
level="info" additivity="false">
<AppenderRef ref="default"/>
</Logger>
<Logger name="org.apache.catalina.core.ContainerBase.[Catalina].[localhost].[/manager]"
level="info" additivity="false">
<AppenderRef ref="default"/>
</Logger>
-->
</Loggers>
</Configuration>
Tag 3
3.7 - Ressources
<Context docBase="/opt/webapps/workshop/3.1.0/workshop.war">
<Resources>
<PreResources className="org.apache.catalina.webresources.DirResourceSet"
base="${catalina.base}/conf/workshop" webAppMount="/WEB-INF/classes" />
</Resources>
</Context>
3.8 - LDAP Realm
<Realm className="org.apache.catalina.realm.JNDIRealm"
connectionName="cn=tcmanager,ou=specialusers,dc=linuxhotel,dc=de"
connectionPassword="secret"
connectionURL="ldap://ldapserver:389/"
userBase="ou=people,dc=linuxhotel,dc=de"
userSubtree="true"
userSearch="(uid={0})"
roleBase="ou=groups,dc=linuxhotel,dc=de"
roleSubtree="true"
roleName="cn"
roleSearch="(uniqueMember={0})"
/>
Tag 4
GC Log Parameter
NOW=`date +%Y%m%d_%H%M%S`
JAVA_GC_LOG="\
-verbose:gc \
-XX:+PrintGCApplicationConcurrentTime \
-XX:+PrintGCApplicationStoppedTime \
-XX:+PrintGCDateStamps \
-XX:+PrintGCTimeStamps \
-XX:+PrintGCDetails \
-XX:+PrintHeapAtGC \
-XX:+PrintTenuringDistribution \
-XX:+UseGCLogFileRotation \
-XX:GCLogFileSize=50M \
-XX:NumberOfGCLogFiles=20 \
-Xloggc:${CATALINA_VAR}/logs/gc.log-$NOW \
"
CATALINA_OPTS="$CATALINA_OPTS $JAVA_GC_LOG"
Tag 5
5.5 - balancer-manager
ProxyPass /lbmanager !
<Location /lbmanager>
SetHandler balancer-manager
AuthType basic
AuthName "Proxy Balancer"
AuthBasicProvider file
AuthUserFile htpasswd.intern
Require user proxyadmin
</Location>