Linuxhotel Wiki

Wie ging das nochmal?

Benutzer-Werkzeuge

Webseiten-Werkzeuge


tomcat_administration:start

Unterschiede

Hier werden die Unterschiede zwischen zwei Versionen gezeigt.

Link zu der Vergleichsansicht

Beide Seiten, vorherige Überarbeitung Vorherige Überarbeitung
Nächste Überarbeitung
Vorherige Überarbeitung
Letzte Überarbeitung Beide Seiten, nächste Überarbeitung
tomcat_administration:start [2022/05/13 14:30]
marco.staub [2.4 - SSL Connector]
tomcat_administration:start [2022/05/13 15:01]
marco.staub
Zeile 87: Zeile 87:
  
 <​code>​ <​code>​
-   <​Connector protocol="​org.apache.coyote.http11.Http11NioProtocol"​ +<​Connector ​port="​8443" ​protocol="​org.apache.coyote.http11.Http11NioProtocol"​ 
-              port="8443" ​maxThreads="200" +   maxThreads="150" ​SSLEnabled="true" scheme="​https"​ secure="​true"​ > 
-              ​scheme="​https"​ secure="​true"​ SSLEnabled="​true">​ +   ​<​SSLHostConfig protocols="​all,​-TLSv1,​-TLSv1.1
-      <​SSLHostConfig protocols="​all,​-TLSv1,​-TLSv1.1">​ +                  ciphers="​HIGH:​!aNULL:​!eNULL:​!EXPORT:​!DES:​!RC4:​!MD5:​!kRSA"​ 
-         ​<​Certificate certificateKeystoreFile="​${catalina.base}/​keystore.jks"​ +                  honorCipherOrder="​true" > 
-                      certificateKeystorePassword="​changeit"​ /> +      <​Certificate ​ 
-      </​SSLHostConfig>​ +           certificateKeystoreFile="​${catalina.base}/conf/​keystore.jks"​ 
-   ​</​Connector>​+           ​certificateKeystorePassword="​changeit"​ /> 
 +    </​SSLHostConfig>​ 
 +</​Connector>​
 </​code>​ </​code>​
  
Zeile 111: Zeile 113:
 5workshop1.org.apache.juli.AsyncFileHandler.directory = ${catalina.var}/​logs 5workshop1.org.apache.juli.AsyncFileHandler.directory = ${catalina.var}/​logs
 5workshop1.org.apache.juli.AsyncFileHandler.prefix = workshop_log1. 5workshop1.org.apache.juli.AsyncFileHandler.prefix = workshop_log1.
 +5workshop1.org.apache.juli.AsyncFileHandler.maxDays = 90
 +5workshop1.org.apache.juli.AsyncFileHandler.encoding = UTF-8
 +
 6workshop2.org.apache.juli.AsyncFileHandler.level = FINE 6workshop2.org.apache.juli.AsyncFileHandler.level = FINE
 6workshop2.org.apache.juli.AsyncFileHandler.directory = ${catalina.var}/​logs 6workshop2.org.apache.juli.AsyncFileHandler.directory = ${catalina.var}/​logs
 6workshop2.org.apache.juli.AsyncFileHandler.prefix = workshop_log2. 6workshop2.org.apache.juli.AsyncFileHandler.prefix = workshop_log2.
 +6workshop2.org.apache.juli.AsyncFileHandler.maxDays = 90
 +6workshop2.org.apache.juli.AsyncFileHandler.encoding = UTF-8
 </​code>​ </​code>​
 <​code>​ <​code>​
Zeile 125: Zeile 132:
      to the Configuration element for hot config reloading, ​      to the Configuration element for hot config reloading, ​
      for example: <​Configuration monitorInterval="​60">​ -->      for example: <​Configuration monitorInterval="​60">​ -->
-<​Configuration status="​warn">​+<​Configuration status="​warn" monitorInterval="​60">
   <​Appenders>​   <​Appenders>​
     <​RollingFile name="​default"​     <​RollingFile name="​default"​
Zeile 131: Zeile 138:
                  ​filePattern="​${sys:​catalina.var}/​logs/​catalina.log.%d{yyyy-MM-dd-HHmmss}">​                  ​filePattern="​${sys:​catalina.var}/​logs/​catalina.log.%d{yyyy-MM-dd-HHmmss}">​
       <​PatternLayout>​       <​PatternLayout>​
-        <​pattern>​%d %r %p [%t] %c - %m%n</​pattern>​+        <​pattern>​%d %r %p [%t] %c (%F:​%L) ​- %m%n</​pattern>​
       </​PatternLayout>​       </​PatternLayout>​
-      <​!-- ​Hourly ​Rotation, schedule is cron style+      <​!-- ​Daily Rotation, schedule is cron style
            with columns seconds, minutes, hours, day-of-month,​            with columns seconds, minutes, hours, day-of-month,​
            ​month,​ day-of-week,​ year(optional) -->            ​month,​ day-of-week,​ year(optional) -->
-      <​CronTriggeringPolicy schedule="​0 0 * * ?" />+      <​CronTriggeringPolicy schedule="​0 0 * * ?" />
     </​RollingFile>​     </​RollingFile>​
   </​Appenders>​   </​Appenders>​
Zeile 159: Zeile 166:
   </​Loggers>​   </​Loggers>​
 </​Configuration>​ </​Configuration>​
 +</​code>​
 +
 +==== 2.7 - JMX Remote ====
 +<​code>​
 +JMX_OPTS_NOSSL_NOAUTH="​\
 +-Dcom.sun.management.jmxremote=true \
 +-Dcom.sun.management.jmxremote.port=1090 \
 +-Dcom.sun.management.jmxremote.ssl=false \
 +-Dcom.sun.management.jmxremote.authenticate=false \
 +"
 +
 +JMX_OPTS_SSL_NOAUTH="​\
 +-Dcom.sun.management.jmxremote=true \
 +-Dcom.sun.management.jmxremote.port=1090 \
 +-Dcom.sun.management.jmxremote.ssl=true \
 +-Dcom.sun.management.jmxremote.authenticate=false \
 +-Djavax.net.ssl.keyStorePassword=workshop \
 +-Djavax.net.ssl.keyStore=${CATALINA_BASE}/​conf/​keystore.jks \
 +"
 +
 +JMX_OPTS_SSL_AUTH="​\
 +-Dcom.sun.management.jmxremote=true \
 +-Dcom.sun.management.jmxremote.port=1090 \
 +-Dcom.sun.management.jmxremote.ssl=true \
 +-Dcom.sun.management.jmxremote.authenticate=true \
 +-Dcom.sun.management.jmxremote.access.file=${CATALINA_BASE}/​conf/​jmxremote.access \
 +-Dcom.sun.management.jmxremote.password.file=${CATALINA_BASE}/​conf/​jmxremote.password \
 +-Djavax.net.ssl.keyStorePassword=workshop \
 +-Djavax.net.ssl.keyStore=${CATALINA_BASE}/​conf/​keystore.jks \
 +"
 +
 +CATALINA_OPTS="​$CATALINA_OPTS $JMX_OPTS_NOSSL_NOAUTH"​
 </​code>​ </​code>​
  
Zeile 193: Zeile 232:
 ===== Tag 4 ===== ===== Tag 4 =====
  
-==== GC Log Parameter ​====+ 
 +===== Tag 5 ===== 
 + 
 +==== 5.1 - docker ​====
  
 <​code>​ <​code>​
-NOW=`date +%Y%m%d_%H%M%S`  +FROM alpine:3.15
-JAVA_GC_LOG="​\  +
-     -verbose:gc \  +
-     -XX:​+PrintGCApplicationConcurrentTime \  +
-     -XX:​+PrintGCApplicationStoppedTime \  +
-     -XX:​+PrintGCDateStamps \  +
-     -XX:​+PrintGCTimeStamps \  +
-     -XX:​+PrintGCDetails \  +
-     -XX:​+PrintHeapAtGC \  +
-     -XX:​+PrintTenuringDistribution \  +
-     -XX:​+UseGCLogFileRotation \  +
-     -XX:​GCLogFileSize=50M \  +
-     -XX:​NumberOfGCLogFiles=20 \  +
-     -Xloggc:​${CATALINA_VAR}/​logs/​gc.log-$NOW \  +
-"  +
-CATALINA_OPTS="​$CATALINA_OPTS $JAVA_GC_LOG"​ +
-</​code>​+
  
-===== Tag 5 =====+#### OpenJDK 17 
 +RUN apk update 
 +RUN apk add openjdk17-jre-headless 
 +ENV JAVA_HOME /​usr/​lib/​jvm/​java-17-openjdk 
 + 
 +#### tcnative 
 +#ENV TCNATIVE 1.2.33 
 +#RUN apk add openjdk17-jdk apr-dev openssl-dev gcc make musl-dev 
 +#RUN wget -O /​tmp/​tomcat-native-${TCNATIVE}-src.tar.gz https://​dlcdn.apache.org/​tomcat/​tomcat-connectors/​native/​${TCNATIVE}/​source/​tomcat-native-${TCNATIVE}-src.tar.gz;​ \ 
 +#  cd /tmp; \ 
 +#  tar -zxf tomcat-native-${TCNATIVE}-src.tar.gz;​ \ 
 +#  cd tomcat-native-${TCNATIVE}-src/​native;​ \ 
 +#  ./configure --prefix=/​opt/​tcnative/​${TCNATIVE};​ \ 
 +#  make; \ 
 +#  make install; \ 
 +#  cd /tmp; \ 
 +#  rm -rf /​tmp/​tomcat-native* 
 + 
 +#### tomcat 
 +ENV TOMCATVERSION 10.0.20 
 +ENV INSTANCENAME workshop 
 +ENV TOMCATDIR /​opt/​tomcat 
 +ENV WARFILE workshop.war 
 +ENV APPVERSION 3.1.0 
 +ENV CATALINA_HOME ${TOMCATDIR}/​products/​apache-tomcat-${TOMCATVERSION} 
 +ENV CATALINA_BASE ${TOMCATDIR}/​instances/​${INSTANCENAME} 
 +ENV CATALINA_VAR /​var/​tomcat/​${INSTANCENAME} 
 +ENV PATH $CATALINA_HOME/​bin:​$PATH 
 +ENV TCUSER tcrun 
 +ENV TCGROUP tcgroup 
 + 
 +# create CATALINA_HOME 
 +RUN mkdir -p "​${TOMCATDIR}/​products";​ \ 
 +  cd ${TOMCATDIR}/​products;​ \ 
 +  wget -O /​tmp/​tomcat-product.tar.gz "​https://​archive.apache.org/​dist/​tomcat/​tomcat-10/​v${TOMCATVERSION}/​bin/​apache-tomcat-${TOMCATVERSION}.tar.gz";​ \ 
 +  tar -zxf /​tmp/​tomcat-product.tar.gz;​ \ 
 +  rm /​tmp/​tomcat-product.tar.gz 
 + 
 +# create CATALINA_BASE 
 +COPY ${INSTANCENAME}.tar /​tmp/​${INSTANCENAME}.tar 
 +RUN mkdir -p ${TOMCATDIR}/​instances;​ \ 
 +  cd ${TOMCATDIR}/​instances;​ \ 
 +  tar -xf /​tmp/​${INSTANCENAME}.tar;​ \ 
 +  rm /​tmp/​${INSTANCENAME}.tar 
 + 
 +# create CATALINA_VAR 
 +RUN mkdir -p /​var/​tomcat/​${INSTANCENAME};​ \ 
 +  cd /​var/​tomcat/​${INSTANCENAME};​ \ 
 +  mkdir logs temp webapps work 
 + 
 +# create webappdir 
 +RUN mkdir -p /​opt/​webapps/​${INSTANCENAME}/​${APPVERSION}-jee9 
 +COPY $WARFILE /​opt/​webapps/​${INSTANCENAME}/​${APPVERSION}-jee9/​ 
 + 
 +# create runtime user and change rights 
 +RUN addgroup $TCGROUP; \ 
 +  adduser -h /opt/tomcat -H -G $TCGROUP -s /bin/sh -D $TCUSER; \ 
 +  chown -R $TCUSER:​$TCGROUP /​opt/​tomcat;​ \ 
 +  chown -R $TCUSER:​$TCGROUP /​var/​tomcat;​ \ 
 +  chown -R $TCUSER:​$TCGROUP /​opt/​webapps 
 + 
 +WORKDIR $CATALINA_BASE 
 +EXPOSE 8080 8443 
 + 
 +USER $TCUSER 
 +CMD ["​catalina.sh","​run"​] 
 +</​code>​
  
 ==== 5.5 - balancer-manager ==== ==== 5.5 - balancer-manager ====
tomcat_administration/start.txt · Zuletzt geändert: 2022/05/13 15:09 von marco.staub