Linuxhotel Wiki

Wie ging das nochmal?

Benutzer-Werkzeuge

Webseiten-Werkzeuge

Zuletzt angesehen:
tomcat_administration:start

Unterschiede

Hier werden die Unterschiede zwischen zwei Versionen gezeigt.

Link zu der Vergleichsansicht

Beide Seiten, vorherige Überarbeitung Vorherige Überarbeitung
Nächste Überarbeitung 		Vorherige Überarbeitung
Nächste Überarbeitung Beide Seiten, nächste Überarbeitung
tomcat_administration:start [2016/11/21 08:04]
marco.staub 		tomcat_administration:start [2022/05/13 15:01]
marco.staub
Zeile 3: Zeile 3:
 ===== Tag 1 ===== ===== Tag 1 =====
  
-==== rc.sh ====+==== 1.2 - rc.sh ====
 <​code>​ <​code>​
-#!/usr/bin/sh +#!/bin/sh
-# rc.sh+
  
 ### Start Config ### ### Start Config ###
-TOMCAT_VERSION=8.5.8+ 
 +TOMCAT_VERSION=10.0.20
 INSTANCE_NAME=workshop INSTANCE_NAME=workshop
-INSTANCE_VERSION=1.0 
  
 ### End Config #### ### End Config ####
  
 CATALINA_HOME=/​opt/​tomcat/​products/​${TOMCAT_VERSION} CATALINA_HOME=/​opt/​tomcat/​products/​${TOMCAT_VERSION}
-CATALINA_BASE=/​opt/​tomcat/​instances/​${INSTANCE_NAME}/​${INSTANCE_VERSION}+CATALINA_BASE=/​opt/​tomcat/​instances/​${INSTANCE_NAME}
  
 export CATALINA_HOME export CATALINA_HOME
Zeile 22: Zeile 21:
  
 case "​$1"​ in case "​$1"​ in
-   start) +start) 
-   ​$CATALINA_HOME/​bin/​startup.sh +        $CATALINA_HOME/​bin/​startup.sh 
-;; +        ;; 
-   ​stop) +stop) 
-   ​$CATALINA_HOME/​bin/​shutdown.sh +        $CATALINA_HOME/​bin/​shutdown.sh 
-;; +        ;; 
-   ​*) +*) 
-   ​echo "​Usage:​ $0 {start|stop}"​ +        echo "​Usage:​ $0 {start|stop}"​ 
-   ​exit 1 +        exit 1 
-;;+        ;;
 esac esac
 </​code>​ </​code>​
  
-==== Erweiterung setenv.sh ====+==== 1.3 - Erweiterung setenv.sh ====
  
 <​code>​ <​code>​
Zeile 42: Zeile 41:
 CATALINA_OUT="​${CATALINA_VAR}/​logs/​catalina.out"​ CATALINA_OUT="​${CATALINA_VAR}/​logs/​catalina.out"​
 CATALINA_OPTS="​-Dcatalina.var=${CATALINA_VAR}"​ CATALINA_OPTS="​-Dcatalina.var=${CATALINA_VAR}"​
-export CATALINA_TMPDIR;​ export CATALINA_OPTS 
-export CATALINA_PID;​ export CATALINA_OUT 
 </​code>​ </​code>​
  
-==== action.bash ====+==== 1.4 - OOM ==== 
 +<​code>​ 
 +JAVA_OOM="​-XX:​+HeapDumpOnOutOfMemoryError -XX:​HeapDumpPath=/​var/​tomcat/​workshop -XX:​OnOutOfMemoryError=${CATALINA_HOME}/​bin/​oom.sh"​ 
 +CATALINA_OPTS="​$CATALINA_OPTS $JAVA_OOM"​ 
 +</​code>​ 
 + 
 +==== 1.4 - action.bash ====
  
 <​code>​ <​code>​
Zeile 54: Zeile 57:
 # printf "​Memory Dump:\n $dumps"​ | mailx -s "​Memory Dump" "​admin@example.zz"​ # printf "​Memory Dump:\n $dumps"​ | mailx -s "​Memory Dump" "​admin@example.zz"​
 </​code>​ </​code>​
 +
 +==== 1.8 - Valve und Filter ====
 +
 +<​code>​
 +<​Context>​
 +<Valve className="​org.apache.catalina.valves.StuckThreadDetectionValve"​ threshold="​10"/>​
 +</​Context>​
 +</​code>​
 +
 +<​code>​
 +   <​filter>​
 +      <​filter-name>​ExpiresFilter</​filter-name>​
 +      <​filter-class>​org.apache.catalina.filters.ExpiresFilter</​filter-class>​
 +      <​init-param>​
 +         <​param-name>​ExpiresByType text</​param-name>​
 +         <​param-value>​access plus 2 days</​param-value>​
 +      </​init-param>​
 +   </​filter>​
 +   <​filter-mapping>​
 +      <​filter-name>​ExpiresFilter</​filter-name>​
 +      <​url-pattern>​*.html</​url-pattern>​
 +      <​dispatcher>​REQUEST</​dispatcher>​
 +   </​filter-mapping>​
 +</​code>​
 +
 +===== Tag 2 =====
 +
 +==== 2.4 - SSL Connector ====
 +
 +<​code>​
 +<​Connector port="​8443"​ protocol="​org.apache.coyote.http11.Http11NioProtocol"​
 +   ​maxThreads="​150"​ SSLEnabled="​true"​ scheme="​https"​ secure="​true"​ >
 +   <​SSLHostConfig protocols="​all,​-TLSv1,​-TLSv1.1"​
 +                  ciphers="​HIGH:​!aNULL:​!eNULL:​!EXPORT:​!DES:​!RC4:​!MD5:​!kRSA"​
 +                  honorCipherOrder="​true"​ >
 +      <​Certificate ​
 +           ​certificateKeystoreFile="​${catalina.base}/​conf/​keystore.jks"​
 +           ​certificateKeystorePassword="​changeit"​ />
 +    </​SSLHostConfig>​
 +</​Connector>​
 +</​code>​
 +
 +==== 2.5 - Anpassungen logging.properties ====
 +
 +<​code>​
 +handlers = 1catalina.org.apache.juli.AsyncFileHandler,​
 +2localhost.org.apache.juli.AsyncFileHandler,​
 +3manager.org.apache.juli.AsyncFileHandler,​ 4hostmanager.
 +org.apache.juli.AsyncFileHandler,​ java.util.logging.ConsoleHandler,​
 +5workshop1.org.apache.juli.AsyncFileHandler,​
 +6workshop2.org.apache.juli.AsyncFileHandler
 +</​code>​
 +<​code>​
 +5workshop1.org.apache.juli.AsyncFileHandler.level = FINE
 +5workshop1.org.apache.juli.AsyncFileHandler.directory = ${catalina.var}/​logs
 +5workshop1.org.apache.juli.AsyncFileHandler.prefix = workshop_log1.
 +5workshop1.org.apache.juli.AsyncFileHandler.maxDays = 90
 +5workshop1.org.apache.juli.AsyncFileHandler.encoding = UTF-8
 +
 +6workshop2.org.apache.juli.AsyncFileHandler.level = FINE
 +6workshop2.org.apache.juli.AsyncFileHandler.directory = ${catalina.var}/​logs
 +6workshop2.org.apache.juli.AsyncFileHandler.prefix = workshop_log2.
 +6workshop2.org.apache.juli.AsyncFileHandler.maxDays = 90
 +6workshop2.org.apache.juli.AsyncFileHandler.encoding = UTF-8
 +</​code>​
 +<​code>​
 +ws_log.handlers = 5workshop1.org.apache.juli.AsyncFileHandler
 +de.kippdata.workshop.handlers = 6workshop2.org.apache.juli.AsyncFileHandler
 +</​code>​
 +==== 2.6 - log4j.xml ====
 +<​code>​
 +<?xml version="​1.0"​ encoding="​UTF-8"?>​
 +<!-- You can add the attribute monitorInterval (seconds)
 +     to the Configuration element for hot config reloading, ​
 +     for example: <​Configuration monitorInterval="​60">​ -->
 +<​Configuration status="​warn"​ monitorInterval="​60">​
 +  <​Appenders>​
 +    <​RollingFile name="​default"​
 +                 ​fileName="​${sys:​catalina.var}/​logs/​catalina.log"​
 +                 ​filePattern="​${sys:​catalina.var}/​logs/​catalina.log.%d{yyyy-MM-dd-HHmmss}">​
 +      <​PatternLayout>​
 +        <​pattern>​%d %r %p [%t] %c (%F:%L) - %m%n</​pattern>​
 +      </​PatternLayout>​
 +      <!-- Daily Rotation, schedule is cron style
 +           with columns seconds, minutes, hours, day-of-month,​
 +           ​month,​ day-of-week,​ year(optional) -->
 +      <​CronTriggeringPolicy schedule="​0 0 0 * * ?" />
 +    </​RollingFile>​
 +  </​Appenders>​
 +  <​Loggers>​
 +    <Root level="​info">​
 +      <​AppenderRef ref="​default"/>​
 +    </​Root>​
 +<!-- Example for changing a log level
 +    <Logger name="​org.apache.catalina"​
 +            level="​info"​ additivity="​false">​
 +      <​AppenderRef ref="​default"/>​
 +    </​Logger>​
 +    <Logger name="​org.apache.catalina.core.ContainerBase.[Catalina].[localhost]"​
 +            level="​info"​ additivity="​false">​
 +      <​AppenderRef ref="​default"/>​
 +    </​Logger>​
 +    <Logger name="​org.apache.catalina.core.ContainerBase.[Catalina].[localhost].[/​manager]"​
 +            level="​info"​ additivity="​false">​
 +      <​AppenderRef ref="​default"/>​
 +    </​Logger>​
 +-->
 +  </​Loggers>​
 +</​Configuration>​
 +</​code>​
 +
 +==== 2.7 - JMX Remote ====
 +<​code>​
 +JMX_OPTS_NOSSL_NOAUTH="​\
 +-Dcom.sun.management.jmxremote=true \
 +-Dcom.sun.management.jmxremote.port=1090 \
 +-Dcom.sun.management.jmxremote.ssl=false \
 +-Dcom.sun.management.jmxremote.authenticate=false \
 +"
 +
 +JMX_OPTS_SSL_NOAUTH="​\
 +-Dcom.sun.management.jmxremote=true \
 +-Dcom.sun.management.jmxremote.port=1090 \
 +-Dcom.sun.management.jmxremote.ssl=true \
 +-Dcom.sun.management.jmxremote.authenticate=false \
 +-Djavax.net.ssl.keyStorePassword=workshop \
 +-Djavax.net.ssl.keyStore=${CATALINA_BASE}/​conf/​keystore.jks \
 +"
 +
 +JMX_OPTS_SSL_AUTH="​\
 +-Dcom.sun.management.jmxremote=true \
 +-Dcom.sun.management.jmxremote.port=1090 \
 +-Dcom.sun.management.jmxremote.ssl=true \
 +-Dcom.sun.management.jmxremote.authenticate=true \
 +-Dcom.sun.management.jmxremote.access.file=${CATALINA_BASE}/​conf/​jmxremote.access \
 +-Dcom.sun.management.jmxremote.password.file=${CATALINA_BASE}/​conf/​jmxremote.password \
 +-Djavax.net.ssl.keyStorePassword=workshop \
 +-Djavax.net.ssl.keyStore=${CATALINA_BASE}/​conf/​keystore.jks \
 +"
 +
 +CATALINA_OPTS="​$CATALINA_OPTS $JMX_OPTS_NOSSL_NOAUTH"​
 +</​code>​
 +
 +===== Tag 3 =====
 +
 +==== 3.7 - Ressources ====
 +
 +<​code>​
 +<Context docBase="/​opt/​webapps/​workshop/​3.1.0/​workshop.war">​
 +   <​Resources>​
 +      <​PreResources className="​org.apache.catalina.webresources.DirResourceSet"​
 +                     ​base="​${catalina.base}/​conf/​workshop"​ webAppMount="/​WEB-INF/​classes"​ />
 +   </​Resources>​
 +</​Context>​
 +</​code>​
 +
 +==== 3.8 - LDAP Realm ====
 +
 +<​code>​
 +   <​Realm className="​org.apache.catalina.realm.JNDIRealm"​
 +          connectionName="​cn=tcmanager,​ou=specialusers,​dc=linuxhotel,​dc=de"​
 +          connectionPassword="​secret"​
 +          connectionURL="​ldap://​ldapserver:​389/"​
 +          userBase="​ou=people,​dc=linuxhotel,​dc=de"​
 +          userSubtree="​true"​
 +          userSearch="​(uid={0})"​
 +          roleBase="​ou=groups,​dc=linuxhotel,​dc=de"​
 +          roleSubtree="​true"​
 +          roleName="​cn"​
 +          roleSearch="​(uniqueMember={0})"​
 +          />
 +</​code>​
 +
 +===== Tag 4 =====
 +
 +
 +===== Tag 5 =====
 +
 +==== 5.1 - docker ====
 +
 +<​code>​
 +FROM alpine:3.15
 +
 +#### OpenJDK 17
 +RUN apk update
 +RUN apk add openjdk17-jre-headless
 +ENV JAVA_HOME /​usr/​lib/​jvm/​java-17-openjdk
 +
 +#### tcnative
 +#ENV TCNATIVE 1.2.33
 +#RUN apk add openjdk17-jdk apr-dev openssl-dev gcc make musl-dev
 +#RUN wget -O /​tmp/​tomcat-native-${TCNATIVE}-src.tar.gz https://​dlcdn.apache.org/​tomcat/​tomcat-connectors/​native/​${TCNATIVE}/​source/​tomcat-native-${TCNATIVE}-src.tar.gz;​ \
 +#  cd /tmp; \
 +#  tar -zxf tomcat-native-${TCNATIVE}-src.tar.gz;​ \
 +#  cd tomcat-native-${TCNATIVE}-src/​native;​ \
 +#  ./configure --prefix=/​opt/​tcnative/​${TCNATIVE};​ \
 +#  make; \
 +#  make install; \
 +#  cd /tmp; \
 +#  rm -rf /​tmp/​tomcat-native*
 +
 +#### tomcat
 +ENV TOMCATVERSION 10.0.20
 +ENV INSTANCENAME workshop
 +ENV TOMCATDIR /opt/tomcat
 +ENV WARFILE workshop.war
 +ENV APPVERSION 3.1.0
 +ENV CATALINA_HOME ${TOMCATDIR}/​products/​apache-tomcat-${TOMCATVERSION}
 +ENV CATALINA_BASE ${TOMCATDIR}/​instances/​${INSTANCENAME}
 +ENV CATALINA_VAR /​var/​tomcat/​${INSTANCENAME}
 +ENV PATH $CATALINA_HOME/​bin:​$PATH
 +ENV TCUSER tcrun
 +ENV TCGROUP tcgroup
 +
 +# create CATALINA_HOME
 +RUN mkdir -p "​${TOMCATDIR}/​products";​ \
 +  cd ${TOMCATDIR}/​products;​ \
 +  wget -O /​tmp/​tomcat-product.tar.gz "​https://​archive.apache.org/​dist/​tomcat/​tomcat-10/​v${TOMCATVERSION}/​bin/​apache-tomcat-${TOMCATVERSION}.tar.gz";​ \
 +  tar -zxf /​tmp/​tomcat-product.tar.gz;​ \
 +  rm /​tmp/​tomcat-product.tar.gz
 +
 +# create CATALINA_BASE
 +COPY ${INSTANCENAME}.tar /​tmp/​${INSTANCENAME}.tar
 +RUN mkdir -p ${TOMCATDIR}/​instances;​ \
 +  cd ${TOMCATDIR}/​instances;​ \
 +  tar -xf /​tmp/​${INSTANCENAME}.tar;​ \
 +  rm /​tmp/​${INSTANCENAME}.tar
 +
 +# create CATALINA_VAR
 +RUN mkdir -p /​var/​tomcat/​${INSTANCENAME};​ \
 +  cd /​var/​tomcat/​${INSTANCENAME};​ \
 +  mkdir logs temp webapps work
 +
 +# create webappdir
 +RUN mkdir -p /​opt/​webapps/​${INSTANCENAME}/​${APPVERSION}-jee9
 +COPY $WARFILE /​opt/​webapps/​${INSTANCENAME}/​${APPVERSION}-jee9/​
 +
 +# create runtime user and change rights
 +RUN addgroup $TCGROUP; \
 +  adduser -h /opt/tomcat -H -G $TCGROUP -s /bin/sh -D $TCUSER; \
 +  chown -R $TCUSER:​$TCGROUP /​opt/​tomcat;​ \
 +  chown -R $TCUSER:​$TCGROUP /​var/​tomcat;​ \
 +  chown -R $TCUSER:​$TCGROUP /​opt/​webapps
 +
 +WORKDIR $CATALINA_BASE
 +EXPOSE 8080 8443
 +
 +USER $TCUSER
 +CMD ["​catalina.sh","​run"​]
 +</​code>​
 +
 +==== 5.5 - balancer-manager ====
 +
 +<​code>​
 +   ​ProxyPass /lbmanager !
 +   <​Location /​lbmanager>​
 +      SetHandler balancer-manager
 +      AuthType basic
 +      AuthName "Proxy Balancer"​
 +      AuthBasicProvider file
 +      AuthUserFile htpasswd.intern
 +      Require user proxyadmin
 +   </​Location>​
 +</​code>​
 +
  
tomcat_administration/start.txt · Zuletzt geändert: 2024/04/11 06:55 (Externe Bearbeitung)

Seiten-Werkzeuge

Falls nicht anders bezeichnet, ist der Inhalt dieses Wikis unter der folgenden Lizenz veröffentlicht: CC Attribution-Noncommercial-Share Alike 4.0 International
CC Attribution-Noncommercial-Share Alike 4.0 International Donate Powered by PHP Valid HTML5 Valid CSS Run on Debian Driven by DokuWiki