Dies ist eine alte Version des Dokuments!
#!/bin/sh ### Start Config ### TOMCAT_VERSION=10.0.20 INSTANCE_NAME=workshop ### End Config #### CATALINA_HOME=/opt/tomcat/products/${TOMCAT_VERSION} CATALINA_BASE=/opt/tomcat/instances/${INSTANCE_NAME} export CATALINA_HOME export CATALINA_BASE case "$1" in start) $CATALINA_HOME/bin/startup.sh ;; stop) $CATALINA_HOME/bin/shutdown.sh ;; *) echo "Usage: $0 {start|stop}" exit 1 ;; esac
CATALINA_TMPDIR="${CATALINA_VAR}/temp" CATALINA_PID="${CATALINA_VAR}/logs/tomcat.pid" CATALINA_OUT="${CATALINA_VAR}/logs/catalina.out" CATALINA_OPTS="-Dcatalina.var=${CATALINA_VAR}"
JAVA_OOM="-XX:+HeapDumpOnOutOfMemoryError -XX:HeapDumpPath=/var/tomcat/workshop -XX:OnOutOfMemoryError=${CATALINA_HOME}/bin/oom.sh" CATALINA_OPTS="$CATALINA_OPTS $JAVA_OOM"
#!/bin/bash dumps=`ls -1rt /var/tomcat/java_pid*.hprof | tail -1`; printf "Memory Dump:\n $dumps" >> /tmp/dumps.log # printf "Memory Dump:\n $dumps" | mailx -s "Memory Dump" "admin@example.zz"
<Context> <Valve className="org.apache.catalina.valves.StuckThreadDetectionValve" threshold="10"/> </Context>
<filter> <filter-name>ExpiresFilter</filter-name> <filter-class>org.apache.catalina.filters.ExpiresFilter</filter-class> <init-param> <param-name>ExpiresByType text</param-name> <param-value>access plus 2 days</param-value> </init-param> </filter> <filter-mapping> <filter-name>ExpiresFilter</filter-name> <url-pattern>*.html</url-pattern> <dispatcher>REQUEST</dispatcher> </filter-mapping>
<Connector port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol" maxThreads="150" SSLEnabled="true" scheme="https" secure="true" > <SSLHostConfig protocols="all,-TLSv1,-TLSv1.1" ciphers="HIGH:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!kRSA" honorCipherOrder="true" > <Certificate certificateKeystoreFile="${catalina.base}/conf/keystore.jks" certificateKeystorePassword="changeit" /> </SSLHostConfig> </Connector>
handlers = 1catalina.org.apache.juli.AsyncFileHandler, 2localhost.org.apache.juli.AsyncFileHandler, 3manager.org.apache.juli.AsyncFileHandler, 4hostmanager. org.apache.juli.AsyncFileHandler, java.util.logging.ConsoleHandler, 5workshop1.org.apache.juli.AsyncFileHandler, 6workshop2.org.apache.juli.AsyncFileHandler
5workshop1.org.apache.juli.AsyncFileHandler.level = FINE 5workshop1.org.apache.juli.AsyncFileHandler.directory = ${catalina.var}/logs 5workshop1.org.apache.juli.AsyncFileHandler.prefix = workshop_log1. 5workshop1.org.apache.juli.AsyncFileHandler.maxDays = 90 5workshop1.org.apache.juli.AsyncFileHandler.encoding = UTF-8 6workshop2.org.apache.juli.AsyncFileHandler.level = FINE 6workshop2.org.apache.juli.AsyncFileHandler.directory = ${catalina.var}/logs 6workshop2.org.apache.juli.AsyncFileHandler.prefix = workshop_log2. 6workshop2.org.apache.juli.AsyncFileHandler.maxDays = 90 6workshop2.org.apache.juli.AsyncFileHandler.encoding = UTF-8
ws_log.handlers = 5workshop1.org.apache.juli.AsyncFileHandler de.kippdata.workshop.handlers = 6workshop2.org.apache.juli.AsyncFileHandler
<?xml version="1.0" encoding="UTF-8"?> <!-- You can add the attribute monitorInterval (seconds) to the Configuration element for hot config reloading, for example: <Configuration monitorInterval="60"> --> <Configuration status="warn" monitorInterval="60"> <Appenders> <RollingFile name="default" fileName="${sys:catalina.var}/logs/catalina.log" filePattern="${sys:catalina.var}/logs/catalina.log.%d{yyyy-MM-dd-HHmmss}"> <PatternLayout> <pattern>%d %r %p [%t] %c (%F:%L) - %m%n</pattern> </PatternLayout> <!-- Daily Rotation, schedule is cron style with columns seconds, minutes, hours, day-of-month, month, day-of-week, year(optional) --> <CronTriggeringPolicy schedule="0 0 0 * * ?" /> </RollingFile> </Appenders> <Loggers> <Root level="info"> <AppenderRef ref="default"/> </Root> <!-- Example for changing a log level <Logger name="org.apache.catalina" level="info" additivity="false"> <AppenderRef ref="default"/> </Logger> <Logger name="org.apache.catalina.core.ContainerBase.[Catalina].[localhost]" level="info" additivity="false"> <AppenderRef ref="default"/> </Logger> <Logger name="org.apache.catalina.core.ContainerBase.[Catalina].[localhost].[/manager]" level="info" additivity="false"> <AppenderRef ref="default"/> </Logger> --> </Loggers> </Configuration>
JMX_OPTS_NOSSL_NOAUTH="\ -Dcom.sun.management.jmxremote=true \ -Dcom.sun.management.jmxremote.port=1090 \ -Dcom.sun.management.jmxremote.ssl=false \ -Dcom.sun.management.jmxremote.authenticate=false \ " JMX_OPTS_SSL_NOAUTH="\ -Dcom.sun.management.jmxremote=true \ -Dcom.sun.management.jmxremote.port=1090 \ -Dcom.sun.management.jmxremote.ssl=true \ -Dcom.sun.management.jmxremote.authenticate=false \ -Djavax.net.ssl.keyStorePassword=workshop \ -Djavax.net.ssl.keyStore=${CATALINA_BASE}/conf/keystore.jks \ " JMX_OPTS_SSL_AUTH="\ -Dcom.sun.management.jmxremote=true \ -Dcom.sun.management.jmxremote.port=1090 \ -Dcom.sun.management.jmxremote.ssl=true \ -Dcom.sun.management.jmxremote.authenticate=true \ -Dcom.sun.management.jmxremote.password.file=${CATALINA_BASE}/conf/jmxremote.password -Djavax.net.ssl.keyStorePassword=workshop \ -Djavax.net.ssl.keyStore=${CATALINA_BASE}/conf/keystore.jks \ " CATALINA_OPTS="$CATALINA_OPTS $JMX_OPTS_NOSSL_NOAUTH"
<Context docBase="/opt/webapps/workshop/3.1.0/workshop.war"> <Resources> <PreResources className="org.apache.catalina.webresources.DirResourceSet" base="${catalina.base}/conf/workshop" webAppMount="/WEB-INF/classes" /> </Resources> </Context>
<Realm className="org.apache.catalina.realm.JNDIRealm" connectionName="cn=tcmanager,ou=specialusers,dc=linuxhotel,dc=de" connectionPassword="secret" connectionURL="ldap://ldapserver:389/" userBase="ou=people,dc=linuxhotel,dc=de" userSubtree="true" userSearch="(uid={0})" roleBase="ou=groups,dc=linuxhotel,dc=de" roleSubtree="true" roleName="cn" roleSearch="(uniqueMember={0})" />
FROM alpine:3.15 #### OpenJDK 17 RUN apk update RUN apk add openjdk17-jre-headless ENV JAVA_HOME /usr/lib/jvm/java-17-openjdk #### tcnative #ENV TCNATIVE 1.2.33 #RUN apk add openjdk17-jdk apr-dev openssl-dev gcc make musl-dev #RUN wget -O /tmp/tomcat-native-${TCNATIVE}-src.tar.gz https://dlcdn.apache.org/tomcat/tomcat-connectors/native/${TCNATIVE}/source/tomcat-native-${TCNATIVE}-src.tar.gz; \ # cd /tmp; \ # tar -zxf tomcat-native-${TCNATIVE}-src.tar.gz; \ # cd tomcat-native-${TCNATIVE}-src/native; \ # ./configure --prefix=/opt/tcnative/${TCNATIVE}; \ # make; \ # make install; \ # cd /tmp; \ # rm -rf /tmp/tomcat-native* #### tomcat ENV TOMCATVERSION 10.0.20 ENV INSTANCENAME workshop ENV TOMCATDIR /opt/tomcat ENV WARFILE workshop.war ENV APPVERSION 3.1.0 ENV CATALINA_HOME ${TOMCATDIR}/products/apache-tomcat-${TOMCATVERSION} ENV CATALINA_BASE ${TOMCATDIR}/instances/${INSTANCENAME} ENV CATALINA_VAR /var/tomcat/${INSTANCENAME} ENV PATH $CATALINA_HOME/bin:$PATH ENV TCUSER tcrun ENV TCGROUP tcgroup # create CATALINA_HOME RUN mkdir -p "${TOMCATDIR}/products"; \ cd ${TOMCATDIR}/products; \ wget -O /tmp/tomcat-product.tar.gz "https://archive.apache.org/dist/tomcat/tomcat-10/v${TOMCATVERSION}/bin/apache-tomcat-${TOMCATVERSION}.tar.gz"; \ tar -zxf /tmp/tomcat-product.tar.gz; \ rm /tmp/tomcat-product.tar.gz # create CATALINA_BASE COPY ${INSTANCENAME}.tar /tmp/${INSTANCENAME}.tar RUN mkdir -p ${TOMCATDIR}/instances; \ cd ${TOMCATDIR}/instances; \ tar -xf /tmp/${INSTANCENAME}.tar; \ rm /tmp/${INSTANCENAME}.tar # create CATALINA_VAR RUN mkdir -p /var/tomcat/${INSTANCENAME}; \ cd /var/tomcat/${INSTANCENAME}; \ mkdir logs temp webapps work # create webappdir RUN mkdir -p /opt/webapps/${INSTANCENAME}/${APPVERSION}-jee9 COPY $WARFILE /opt/webapps/${INSTANCENAME}/${APPVERSION}-jee9/ # create runtime user and change rights RUN addgroup $TCGROUP; \ adduser -h /opt/tomcat -H -G $TCGROUP -s /bin/sh -D $TCUSER; \ chown -R $TCUSER:$TCGROUP /opt/tomcat; \ chown -R $TCUSER:$TCGROUP /var/tomcat; \ chown -R $TCUSER:$TCGROUP /opt/webapps WORKDIR $CATALINA_BASE EXPOSE 8080 8443 USER $TCUSER CMD ["catalina.sh","run"]
ProxyPass /lbmanager ! <Location /lbmanager> SetHandler balancer-manager AuthType basic AuthName "Proxy Balancer" AuthBasicProvider file AuthUserFile htpasswd.intern Require user proxyadmin </Location>