Hier werden die Unterschiede zwischen zwei Versionen gezeigt.
Beide Seiten, vorherige Überarbeitung Vorherige Überarbeitung Nächste Überarbeitung | Vorherige Überarbeitung Nächste Überarbeitung Beide Seiten, nächste Überarbeitung | ||
tomcat_administration:start [2016/11/21 08:07] marco.staub |
tomcat_administration:start [2022/05/13 14:30] marco.staub [2.4 - SSL Connector] |
||
---|---|---|---|
Zeile 5: | Zeile 5: | ||
==== 1.2 - rc.sh ==== | ==== 1.2 - rc.sh ==== | ||
<code> | <code> | ||
- | #!/usr/bin/sh | + | #!/bin/sh |
- | # rc.sh | + | |
### Start Config ### | ### Start Config ### | ||
- | TOMCAT_VERSION=8.5.8 | + | |
+ | TOMCAT_VERSION=10.0.20 | ||
INSTANCE_NAME=workshop | INSTANCE_NAME=workshop | ||
- | INSTANCE_VERSION=1.0 | ||
### End Config #### | ### End Config #### | ||
CATALINA_HOME=/opt/tomcat/products/${TOMCAT_VERSION} | CATALINA_HOME=/opt/tomcat/products/${TOMCAT_VERSION} | ||
- | CATALINA_BASE=/opt/tomcat/instances/${INSTANCE_NAME}/${INSTANCE_VERSION} | + | CATALINA_BASE=/opt/tomcat/instances/${INSTANCE_NAME} |
export CATALINA_HOME | export CATALINA_HOME | ||
Zeile 22: | Zeile 21: | ||
case "$1" in | case "$1" in | ||
- | start) | + | start) |
- | $CATALINA_HOME/bin/startup.sh | + | $CATALINA_HOME/bin/startup.sh |
- | ;; | + | ;; |
- | stop) | + | stop) |
- | $CATALINA_HOME/bin/shutdown.sh | + | $CATALINA_HOME/bin/shutdown.sh |
- | ;; | + | ;; |
- | *) | + | *) |
- | echo "Usage: $0 {start|stop}" | + | echo "Usage: $0 {start|stop}" |
- | exit 1 | + | exit 1 |
- | ;; | + | ;; |
esac | esac | ||
</code> | </code> | ||
Zeile 42: | Zeile 41: | ||
CATALINA_OUT="${CATALINA_VAR}/logs/catalina.out" | CATALINA_OUT="${CATALINA_VAR}/logs/catalina.out" | ||
CATALINA_OPTS="-Dcatalina.var=${CATALINA_VAR}" | CATALINA_OPTS="-Dcatalina.var=${CATALINA_VAR}" | ||
- | export CATALINA_TMPDIR; export CATALINA_OPTS | + | </code> |
- | export CATALINA_PID; export CATALINA_OUT | + | |
+ | ==== 1.4 - OOM ==== | ||
+ | <code> | ||
+ | JAVA_OOM="-XX:+HeapDumpOnOutOfMemoryError -XX:HeapDumpPath=/var/tomcat/workshop -XX:OnOutOfMemoryError=${CATALINA_HOME}/bin/oom.sh" | ||
+ | CATALINA_OPTS="$CATALINA_OPTS $JAVA_OOM" | ||
</code> | </code> | ||
Zeile 78: | Zeile 81: | ||
</filter-mapping> | </filter-mapping> | ||
</code> | </code> | ||
+ | |||
+ | ===== Tag 2 ===== | ||
+ | |||
+ | ==== 2.4 - SSL Connector ==== | ||
+ | |||
+ | <code> | ||
+ | <Connector port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol" | ||
+ | maxThreads="150" SSLEnabled="true" scheme="https" secure="true" > | ||
+ | <SSLHostConfig protocols="all,-TLSv1,-TLSv1.1" | ||
+ | ciphers="HIGH:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!kRSA" | ||
+ | honorCipherOrder="true" > | ||
+ | <Certificate | ||
+ | certificateKeystoreFile="${catalina.base}/conf/keystore.jks" | ||
+ | certificateKeystorePassword="changeit" /> | ||
+ | </SSLHostConfig> | ||
+ | </Connector> | ||
+ | </code> | ||
+ | |||
+ | ==== 2.5 - Anpassungen logging.properties ==== | ||
+ | |||
+ | <code> | ||
+ | handlers = 1catalina.org.apache.juli.AsyncFileHandler, | ||
+ | 2localhost.org.apache.juli.AsyncFileHandler, | ||
+ | 3manager.org.apache.juli.AsyncFileHandler, 4hostmanager. | ||
+ | org.apache.juli.AsyncFileHandler, java.util.logging.ConsoleHandler, | ||
+ | 5workshop1.org.apache.juli.AsyncFileHandler, | ||
+ | 6workshop2.org.apache.juli.AsyncFileHandler | ||
+ | </code> | ||
+ | <code> | ||
+ | 5workshop1.org.apache.juli.AsyncFileHandler.level = FINE | ||
+ | 5workshop1.org.apache.juli.AsyncFileHandler.directory = ${catalina.var}/logs | ||
+ | 5workshop1.org.apache.juli.AsyncFileHandler.prefix = workshop_log1. | ||
+ | 6workshop2.org.apache.juli.AsyncFileHandler.level = FINE | ||
+ | 6workshop2.org.apache.juli.AsyncFileHandler.directory = ${catalina.var}/logs | ||
+ | 6workshop2.org.apache.juli.AsyncFileHandler.prefix = workshop_log2. | ||
+ | </code> | ||
+ | <code> | ||
+ | ws_log.handlers = 5workshop1.org.apache.juli.AsyncFileHandler | ||
+ | de.kippdata.workshop.handlers = 6workshop2.org.apache.juli.AsyncFileHandler | ||
+ | </code> | ||
+ | ==== 2.6 - log4j.xml ==== | ||
+ | <code> | ||
+ | <?xml version="1.0" encoding="UTF-8"?> | ||
+ | <!-- You can add the attribute monitorInterval (seconds) | ||
+ | to the Configuration element for hot config reloading, | ||
+ | for example: <Configuration monitorInterval="60"> --> | ||
+ | <Configuration status="warn"> | ||
+ | <Appenders> | ||
+ | <RollingFile name="default" | ||
+ | fileName="${sys:catalina.var}/logs/catalina.log" | ||
+ | filePattern="${sys:catalina.var}/logs/catalina.log.%d{yyyy-MM-dd-HHmmss}"> | ||
+ | <PatternLayout> | ||
+ | <pattern>%d %r %p [%t] %c - %m%n</pattern> | ||
+ | </PatternLayout> | ||
+ | <!-- Hourly Rotation, schedule is cron style | ||
+ | with columns seconds, minutes, hours, day-of-month, | ||
+ | month, day-of-week, year(optional) --> | ||
+ | <CronTriggeringPolicy schedule="0 0 * * * ?" /> | ||
+ | </RollingFile> | ||
+ | </Appenders> | ||
+ | <Loggers> | ||
+ | <Root level="info"> | ||
+ | <AppenderRef ref="default"/> | ||
+ | </Root> | ||
+ | <!-- Example for changing a log level | ||
+ | <Logger name="org.apache.catalina" | ||
+ | level="info" additivity="false"> | ||
+ | <AppenderRef ref="default"/> | ||
+ | </Logger> | ||
+ | <Logger name="org.apache.catalina.core.ContainerBase.[Catalina].[localhost]" | ||
+ | level="info" additivity="false"> | ||
+ | <AppenderRef ref="default"/> | ||
+ | </Logger> | ||
+ | <Logger name="org.apache.catalina.core.ContainerBase.[Catalina].[localhost].[/manager]" | ||
+ | level="info" additivity="false"> | ||
+ | <AppenderRef ref="default"/> | ||
+ | </Logger> | ||
+ | --> | ||
+ | </Loggers> | ||
+ | </Configuration> | ||
+ | </code> | ||
+ | |||
+ | ===== Tag 3 ===== | ||
+ | |||
+ | ==== 3.7 - Ressources ==== | ||
+ | |||
+ | <code> | ||
+ | <Context docBase="/opt/webapps/workshop/3.1.0/workshop.war"> | ||
+ | <Resources> | ||
+ | <PreResources className="org.apache.catalina.webresources.DirResourceSet" | ||
+ | base="${catalina.base}/conf/workshop" webAppMount="/WEB-INF/classes" /> | ||
+ | </Resources> | ||
+ | </Context> | ||
+ | </code> | ||
+ | |||
+ | ==== 3.8 - LDAP Realm ==== | ||
+ | |||
+ | <code> | ||
+ | <Realm className="org.apache.catalina.realm.JNDIRealm" | ||
+ | connectionName="cn=tcmanager,ou=specialusers,dc=linuxhotel,dc=de" | ||
+ | connectionPassword="secret" | ||
+ | connectionURL="ldap://ldapserver:389/" | ||
+ | userBase="ou=people,dc=linuxhotel,dc=de" | ||
+ | userSubtree="true" | ||
+ | userSearch="(uid={0})" | ||
+ | roleBase="ou=groups,dc=linuxhotel,dc=de" | ||
+ | roleSubtree="true" | ||
+ | roleName="cn" | ||
+ | roleSearch="(uniqueMember={0})" | ||
+ | /> | ||
+ | </code> | ||
+ | |||
+ | ===== Tag 4 ===== | ||
+ | |||
+ | ==== GC Log Parameter ==== | ||
+ | |||
+ | <code> | ||
+ | NOW=`date +%Y%m%d_%H%M%S` | ||
+ | JAVA_GC_LOG="\ | ||
+ | -verbose:gc \ | ||
+ | -XX:+PrintGCApplicationConcurrentTime \ | ||
+ | -XX:+PrintGCApplicationStoppedTime \ | ||
+ | -XX:+PrintGCDateStamps \ | ||
+ | -XX:+PrintGCTimeStamps \ | ||
+ | -XX:+PrintGCDetails \ | ||
+ | -XX:+PrintHeapAtGC \ | ||
+ | -XX:+PrintTenuringDistribution \ | ||
+ | -XX:+UseGCLogFileRotation \ | ||
+ | -XX:GCLogFileSize=50M \ | ||
+ | -XX:NumberOfGCLogFiles=20 \ | ||
+ | -Xloggc:${CATALINA_VAR}/logs/gc.log-$NOW \ | ||
+ | " | ||
+ | CATALINA_OPTS="$CATALINA_OPTS $JAVA_GC_LOG" | ||
+ | </code> | ||
+ | |||
+ | ===== Tag 5 ===== | ||
+ | |||
+ | ==== 5.5 - balancer-manager ==== | ||
+ | |||
+ | <code> | ||
+ | ProxyPass /lbmanager ! | ||
+ | <Location /lbmanager> | ||
+ | SetHandler balancer-manager | ||
+ | AuthType basic | ||
+ | AuthName "Proxy Balancer" | ||
+ | AuthBasicProvider file | ||
+ | AuthUserFile htpasswd.intern | ||
+ | Require user proxyadmin | ||
+ | </Location> | ||
+ | </code> | ||
+ | |||
+ |