Benutzer-Werkzeuge
tomcat_administration:start
Unterschiede
Hier werden die Unterschiede zwischen zwei Versionen gezeigt.
| Beide Seiten, vorherige Überarbeitung Vorherige Überarbeitung Nächste Überarbeitung | Vorherige Überarbeitung | ||
|
tomcat_administration:start [2022/05/13 14:27] marco.staub [1.2 - rc.sh] |
tomcat_administration:start [2024/04/11 06:55] (aktuell) |
||
|---|---|---|---|
| Zeile 3: | Zeile 3: | ||
| ===== Tag 1 ===== | ===== Tag 1 ===== | ||
| - | ==== 1.2 - rc.sh ==== | + | ==== 1.2 - tomcat.sh ==== |
| <code> | <code> | ||
| #!/bin/sh | #!/bin/sh | ||
| Zeile 9: | Zeile 9: | ||
| ### Start Config ### | ### Start Config ### | ||
| - | TOMCAT_VERSION=10.0.20 | + | TOMCAT_VERSION=10.1.20 |
| INSTANCE_NAME=workshop | INSTANCE_NAME=workshop | ||
| Zeile 41: | Zeile 41: | ||
| CATALINA_OUT="${CATALINA_VAR}/logs/catalina.out" | CATALINA_OUT="${CATALINA_VAR}/logs/catalina.out" | ||
| CATALINA_OPTS="-Dcatalina.var=${CATALINA_VAR}" | CATALINA_OPTS="-Dcatalina.var=${CATALINA_VAR}" | ||
| - | export CATALINA_TMPDIR; export CATALINA_OPTS | ||
| - | export CATALINA_PID; export CATALINA_OUT | ||
| </code> | </code> | ||
| ==== 1.4 - OOM ==== | ==== 1.4 - OOM ==== | ||
| <code> | <code> | ||
| - | JAVA_OOM="-XX:+HeapDumpOnOutOfMemoryError -XX:HeapDumpPath=/var/tomcat/workshop -XX:OnOutOfMemoryError=${CATALINA_HOME}/bin/action.bash" | + | JAVA_OOM="-XX:+HeapDumpOnOutOfMemoryError -XX:HeapDumpPath=/var/tomcat/workshop -XX:OnOutOfMemoryError=${CATALINA_HOME}/bin/oom.sh" |
| CATALINA_OPTS="$CATALINA_OPTS $JAVA_OOM" | CATALINA_OPTS="$CATALINA_OPTS $JAVA_OOM" | ||
| </code> | </code> | ||
| Zeile 89: | Zeile 87: | ||
| <code> | <code> | ||
| - | <Connector protocol="org.apache.coyote.http11.Http11NioProtocol" | + | <Connector port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol" |
| - | port="8443" maxThreads="200" | + | maxThreads="150" SSLEnabled="true" scheme="https" secure="true" > |
| - | scheme="https" secure="true" SSLEnabled="true"> | + | <SSLHostConfig protocols="all,-TLSv1,-TLSv1.1" |
| - | <SSLHostConfig protocols="TLSv1+TLSv1.1+TLSv1.2"> | + | ciphers="HIGH:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!kRSA" |
| - | <Certificate certificateKeystoreFile="${catalina.base}/keystore.jks" | + | honorCipherOrder="true" > |
| - | certificateKeystorePassword="changeit" /> | + | <Certificate |
| - | </SSLHostConfig> | + | certificateKeystoreFile="${catalina.base}/conf/keystore.jks" |
| - | </Connector> | + | certificateKeystorePassword="changeit" /> |
| + | </SSLHostConfig> | ||
| + | </Connector> | ||
| </code> | </code> | ||
| Zeile 113: | Zeile 113: | ||
| 5workshop1.org.apache.juli.AsyncFileHandler.directory = ${catalina.var}/logs | 5workshop1.org.apache.juli.AsyncFileHandler.directory = ${catalina.var}/logs | ||
| 5workshop1.org.apache.juli.AsyncFileHandler.prefix = workshop_log1. | 5workshop1.org.apache.juli.AsyncFileHandler.prefix = workshop_log1. | ||
| + | 5workshop1.org.apache.juli.AsyncFileHandler.maxDays = 90 | ||
| + | 5workshop1.org.apache.juli.AsyncFileHandler.encoding = UTF-8 | ||
| + | |||
| 6workshop2.org.apache.juli.AsyncFileHandler.level = FINE | 6workshop2.org.apache.juli.AsyncFileHandler.level = FINE | ||
| 6workshop2.org.apache.juli.AsyncFileHandler.directory = ${catalina.var}/logs | 6workshop2.org.apache.juli.AsyncFileHandler.directory = ${catalina.var}/logs | ||
| 6workshop2.org.apache.juli.AsyncFileHandler.prefix = workshop_log2. | 6workshop2.org.apache.juli.AsyncFileHandler.prefix = workshop_log2. | ||
| + | 6workshop2.org.apache.juli.AsyncFileHandler.maxDays = 90 | ||
| + | 6workshop2.org.apache.juli.AsyncFileHandler.encoding = UTF-8 | ||
| </code> | </code> | ||
| <code> | <code> | ||
| Zeile 127: | Zeile 132: | ||
| to the Configuration element for hot config reloading, | to the Configuration element for hot config reloading, | ||
| for example: <Configuration monitorInterval="60"> --> | for example: <Configuration monitorInterval="60"> --> | ||
| - | <Configuration status="warn"> | + | <Configuration status="warn" monitorInterval="60"> |
| <Appenders> | <Appenders> | ||
| <RollingFile name="default" | <RollingFile name="default" | ||
| Zeile 133: | Zeile 138: | ||
| filePattern="${sys:catalina.var}/logs/catalina.log.%d{yyyy-MM-dd-HHmmss}"> | filePattern="${sys:catalina.var}/logs/catalina.log.%d{yyyy-MM-dd-HHmmss}"> | ||
| <PatternLayout> | <PatternLayout> | ||
| - | <pattern>%d %r %p [%t] %c - %m%n</pattern> | + | <pattern>%d %r %p [%t] %c (%F:%L) - %m%n</pattern> |
| </PatternLayout> | </PatternLayout> | ||
| - | <!-- Hourly Rotation, schedule is cron style | + | <!-- Daily Rotation, schedule is cron style |
| with columns seconds, minutes, hours, day-of-month, | with columns seconds, minutes, hours, day-of-month, | ||
| month, day-of-week, year(optional) --> | month, day-of-week, year(optional) --> | ||
| - | <CronTriggeringPolicy schedule="0 0 * * * ?" /> | + | <CronTriggeringPolicy schedule="0 0 0 * * ?" /> |
| </RollingFile> | </RollingFile> | ||
| </Appenders> | </Appenders> | ||
| Zeile 161: | Zeile 166: | ||
| </Loggers> | </Loggers> | ||
| </Configuration> | </Configuration> | ||
| + | </code> | ||
| + | |||
| + | ==== 2.7 - JMX Remote ==== | ||
| + | <code> | ||
| + | JMX_OPTS_NOSSL_NOAUTH="\ | ||
| + | -Dcom.sun.management.jmxremote=true \ | ||
| + | -Dcom.sun.management.jmxremote.port=1090 \ | ||
| + | -Dcom.sun.management.jmxremote.ssl=false \ | ||
| + | -Dcom.sun.management.jmxremote.authenticate=false \ | ||
| + | " | ||
| + | |||
| + | JMX_OPTS_SSL_NOAUTH="\ | ||
| + | -Dcom.sun.management.jmxremote=true \ | ||
| + | -Dcom.sun.management.jmxremote.port=1090 \ | ||
| + | -Dcom.sun.management.jmxremote.ssl=true \ | ||
| + | -Dcom.sun.management.jmxremote.authenticate=false \ | ||
| + | -Djavax.net.ssl.keyStorePassword=workshop \ | ||
| + | -Djavax.net.ssl.keyStore=${CATALINA_BASE}/conf/keystore.jks \ | ||
| + | " | ||
| + | |||
| + | JMX_OPTS_SSL_AUTH="\ | ||
| + | -Dcom.sun.management.jmxremote=true \ | ||
| + | -Dcom.sun.management.jmxremote.port=1090 \ | ||
| + | -Dcom.sun.management.jmxremote.ssl=true \ | ||
| + | -Dcom.sun.management.jmxremote.authenticate=true \ | ||
| + | -Dcom.sun.management.jmxremote.access.file=${CATALINA_BASE}/conf/jmxremote.access \ | ||
| + | -Dcom.sun.management.jmxremote.password.file=${CATALINA_BASE}/conf/jmxremote.password \ | ||
| + | -Djavax.net.ssl.keyStorePassword=workshop \ | ||
| + | -Djavax.net.ssl.keyStore=${CATALINA_BASE}/conf/keystore.jks \ | ||
| + | " | ||
| + | |||
| + | CATALINA_OPTS="$CATALINA_OPTS $JMX_OPTS_NOSSL_NOAUTH" | ||
| </code> | </code> | ||
| Zeile 195: | Zeile 232: | ||
| ===== Tag 4 ===== | ===== Tag 4 ===== | ||
| - | ==== GC Log Parameter ==== | + | |
| + | ===== Tag 5 ===== | ||
| + | |||
| + | ==== 5.1 - docker ==== | ||
| <code> | <code> | ||
| - | NOW=`date +%Y%m%d_%H%M%S` | + | FROM alpine:3.15 |
| - | JAVA_GC_LOG="\ | + | |
| - | -verbose:gc \ | + | #### OpenJDK 17 |
| - | -XX:+PrintGCApplicationConcurrentTime \ | + | RUN apk update |
| - | -XX:+PrintGCApplicationStoppedTime \ | + | RUN apk add openjdk17-jre-headless |
| - | -XX:+PrintGCDateStamps \ | + | ENV JAVA_HOME /usr/lib/jvm/java-17-openjdk |
| - | -XX:+PrintGCTimeStamps \ | + | |
| - | -XX:+PrintGCDetails \ | + | #### tcnative |
| - | -XX:+PrintHeapAtGC \ | + | #ENV TCNATIVE 1.2.33 |
| - | -XX:+PrintTenuringDistribution \ | + | #RUN apk add openjdk17-jdk apr-dev openssl-dev gcc make musl-dev |
| - | -XX:+UseGCLogFileRotation \ | + | #RUN wget -O /tmp/tomcat-native-${TCNATIVE}-src.tar.gz https://dlcdn.apache.org/tomcat/tomcat-connectors/native/${TCNATIVE}/source/tomcat-native-${TCNATIVE}-src.tar.gz; \ |
| - | -XX:GCLogFileSize=50M \ | + | # cd /tmp; \ |
| - | -XX:NumberOfGCLogFiles=20 \ | + | # tar -zxf tomcat-native-${TCNATIVE}-src.tar.gz; \ |
| - | -Xloggc:${CATALINA_VAR}/logs/gc.log-$NOW \ | + | # cd tomcat-native-${TCNATIVE}-src/native; \ |
| - | " | + | # ./configure --prefix=/opt/tcnative/${TCNATIVE}; \ |
| - | CATALINA_OPTS="$CATALINA_OPTS $JAVA_GC_LOG" | + | # make; \ |
| + | # make install; \ | ||
| + | # cd /tmp; \ | ||
| + | # rm -rf /tmp/tomcat-native* | ||
| + | |||
| + | #### tomcat | ||
| + | ENV TOMCATVERSION 10.0.20 | ||
| + | ENV INSTANCENAME workshop | ||
| + | ENV TOMCATDIR /opt/tomcat | ||
| + | ENV WARFILE workshop.war | ||
| + | ENV APPVERSION 3.1.0 | ||
| + | ENV CATALINA_HOME ${TOMCATDIR}/products/apache-tomcat-${TOMCATVERSION} | ||
| + | ENV CATALINA_BASE ${TOMCATDIR}/instances/${INSTANCENAME} | ||
| + | ENV CATALINA_VAR /var/tomcat/${INSTANCENAME} | ||
| + | ENV PATH $CATALINA_HOME/bin:$PATH | ||
| + | ENV TCUSER tcrun | ||
| + | ENV TCGROUP tcgroup | ||
| + | |||
| + | # create CATALINA_HOME | ||
| + | RUN mkdir -p "${TOMCATDIR}/products"; \ | ||
| + | cd ${TOMCATDIR}/products; \ | ||
| + | wget -O /tmp/tomcat-product.tar.gz "https://archive.apache.org/dist/tomcat/tomcat-10/v${TOMCATVERSION}/bin/apache-tomcat-${TOMCATVERSION}.tar.gz"; \ | ||
| + | tar -zxf /tmp/tomcat-product.tar.gz; \ | ||
| + | rm /tmp/tomcat-product.tar.gz | ||
| + | |||
| + | # create CATALINA_BASE | ||
| + | COPY ${INSTANCENAME}.tar /tmp/${INSTANCENAME}.tar | ||
| + | RUN mkdir -p ${TOMCATDIR}/instances; \ | ||
| + | cd ${TOMCATDIR}/instances; \ | ||
| + | tar -xf /tmp/${INSTANCENAME}.tar; \ | ||
| + | rm /tmp/${INSTANCENAME}.tar | ||
| + | |||
| + | # create CATALINA_VAR | ||
| + | RUN mkdir -p /var/tomcat/${INSTANCENAME}; \ | ||
| + | cd /var/tomcat/${INSTANCENAME}; \ | ||
| + | mkdir logs temp webapps work | ||
| + | |||
| + | # create webappdir | ||
| + | RUN mkdir -p /opt/webapps/${INSTANCENAME}/${APPVERSION}-jee9 | ||
| + | COPY $WARFILE /opt/webapps/${INSTANCENAME}/${APPVERSION}-jee9/ | ||
| + | |||
| + | # create runtime user and change rights | ||
| + | RUN addgroup $TCGROUP; \ | ||
| + | adduser -h /opt/tomcat -H -G $TCGROUP -s /bin/sh -D $TCUSER; \ | ||
| + | chown -R $TCUSER:$TCGROUP /opt/tomcat; \ | ||
| + | chown -R $TCUSER:$TCGROUP /var/tomcat; \ | ||
| + | chown -R $TCUSER:$TCGROUP /opt/webapps | ||
| + | |||
| + | WORKDIR $CATALINA_BASE | ||
| + | EXPOSE 8080 8443 | ||
| + | |||
| + | USER $TCUSER | ||
| + | CMD ["catalina.sh","run"] | ||
| </code> | </code> | ||
| - | ===== Tag 5 ===== | + | ==== 5.3 - einfacher Proxy ==== |
| + | <code> | ||
| + | <VirtualHost *:80> | ||
| + | ProxyPass /workshop http://localhost:8180/workshop | ||
| + | ProxyPassReverse /workshop http://localhost:8080/workshop | ||
| + | ProxyPassReverse /workshop http://localhost:8180/workshop | ||
| + | ProxyPreserveHost On | ||
| + | </VirtualHost> | ||
| + | </code> | ||
| - | ==== 5.5 - balancer-manager ==== | + | ==== 5.6 - Monitoring ==== |
| <code> | <code> | ||
| Zeile 232: | Zeile 332: | ||
| </code> | </code> | ||
| + | <code> | ||
| + | LogFormat "%h %l %u %t \"%r\" %>s %b %{BALANCER_ROUTE_CHANGED}e %{BALANCER_WORKER_ROUTE}e %{BALANCER_SESSION_ROUTE}e %D" proxyextended | ||
| + | CustomLog "logs/proxy_access_log" proxyextended | ||
| + | </code> | ||
tomcat_administration/start.1652452033.txt.gz · Zuletzt geändert: 2022/05/13 14:27 von marco.staub
Seiten-Werkzeuge
Falls nicht anders bezeichnet, ist der Inhalt dieses Wikis unter der folgenden Lizenz veröffentlicht: CC Attribution-Noncommercial-Share Alike 4.0 International
