HowTo set Tomcat 7 automatic startup with CentOS 7

因CentOS7与6在系统上,变化较大,所以在之前的文章中讲到的使用Tomcat7开机自启动的方式在CentOS7是是无法使用的,所以这篇文章的目的是如何在CentOS7上将Tomcat7设置为开机自启动。

安装JAVA环境

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21

[root@7 ~]# curl -LO -H "Cookie: oraclelicense=accept-securebackup-cookie" \
"http://download.oracle.com/otn-pub/java/jdk/7u75-b13/jdk-7u75-linux-x64.rpm"

[root@7 ~]# rpm -Uvh jdk-7u75-linux-x64.rpm
Preparing... ########################################### [100%]
1:jdk ########################################### [100%]
Unpacking JAR files...
rt.jar...
jsse.jar...
charsets.jar...
tools.jar...
localedata.jar...
jfxrt.jar...

[root@7 ~]# vi /etc/profile
# add follows to the end
export JAVA_HOME=/usr/java/default
export PATH=$PATH:$JAVA_HOME/bin
export CLASSPATH=.:$JAVA_HOME/jre/lib:$JAVA_HOME/lib:$JAVA_HOME/lib/tools.jar
[root@7 ~]# source /etc/profile

安装Tomcat7

1
2
3
4
5
6

[root@7 ~]# wget http://ftp.riken.jp/net/apache/tomcat/tomcat-7/v7.0.77/bin/apache-tomcat-7.0.77.tar.gz
[root@7 ~]# tar zxvf apache-tomcat-7.0.77.tar.gz
[root@7 ~]# mv apache-tomcat-7.0.77 /usr/tomcat7
[root@7 ~]# useradd -M -d /usr/tomcat7 tomcat7
[root@7 ~]# chown -R tomcat7. /usr/tomcat7

创建开机自启动脚本

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
[root@7 ~]# cat /usr/lib/systemd/system/tomcat7.service
# create new
[Unit]
Description=Apache Tomcat 7
After=network.target

[Service]
Type=oneshot
ExecStart=/usr/tomcat7/bin/startup.sh
ExecStop=/usr/tomcat7/bin/shutdown.sh
RemainAfterExit=yes
User=tomcat7
Group=tomcat7

[Install]
WantedBy=multi-user.target

启动Tomcat7

1
2
[root@7 ~]# systemctl start tomcat7.service
[root@7 ~]# systemctl enable tomcat7.service

Tomcat(2) 利用JDK自身keytool实现HTTPS

因为一个偶然机会,想把自己的webserver通过https加密访问,这里就采用JDK自带的keytool工具实现,tomcat官方也推荐这种方式,英文好的同学走这里:官方配置

demo: CentOS 6.6 & Tomcat 7 & JDK 1.7

1. 生成 keystore

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
[root@test conf]# keytool -genkey -v -alias tomcat -keyalg RSA -keystore mykeystore
Enter keystore password: #设置密码
Re-enter new password: #重复一次
What is your first and last name?
[Unknown]: Alex Lu #随便填
What is the name of your organizational unit?
[Unknown]: visionet #随便填
What is the name of your organization?
[Unknown]: visionet #随便填
What is the name of your City or Locality?
[Unknown]: SH #随便填
What is the name of your State or Province?
[Unknown]: SH #随便填
What is the two-letter country code for this unit?
[Unknown]: ZH #随便填
Is CN=Alex Lu, OU=visionet, O=visionet, L=SH, ST=SH, C=ZH correct?
[no]: Y #这里要Y,确认前面信息。

Generating 2,048 bit RSA key pair and self-signed certificate (SHA256withRSA) with a validity of 90 days
for: CN=Alex Lu, OU=visionet, O=visionet, L=SH, ST=SH, C=ZH
Enter key password for <tomcat>
(RETURN if same as keystore password): #默认回车即可,不需要设置太多密码
[Storing mykeystore]
[root@test conf]# ls
Catalina catalina.policy catalina.properties context.xml logging.properties mykeystore server.xml tomcat-users.xml web.xml

注意:-keystore是用来指定keystore保存位置,如果不加参数默认保存的当前用户家目录为~/.keystore
-validity 可以用来指定证书有效期,单位为天,缺省值为90天。

2. 备份$tomcatdir/conf/server.xml

1
cp $tomcatdir/conf/server.xml $tomcatdir/conf/server.xml

3. 修改server.xml

a. 注释以下:(tomcat注释用:<!-- XXXX --> ),如何也想保留http访问,可以不注释
1
2
3
4
5
6
<!--
<Connector executor="tomcatThreadPool"
port="80" protocol="HTTP/1.1"
connectionTimeout="20000"
redirectPort="8443" />
-->
b. 取消下面注释
1
2
3
<Connector port="443" protocol="HTTP/1.1" SSLEnabled="true"
maxThreads="150" scheme="https" secure="true"
clientAuth="false" sslProtocol="TLS" />
c. 增加keystoreFile和keystorePass
1
2
3
4
<Connector port="443" protocol="HTTP/1.1" SSLEnabled="true"
maxThreads="150" scheme="https" secure="true"
clientAuth="false" sslProtocol="TLS"
keystoreFile="conf/mykeystore" keystorePass="123456"/>

keystoreFile=跟keystore文件位置
keystorePass=跟当时keytool命令执行时输入的密码

4. 重启tomcat

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
[root@test conf]# ../bin/catalina.sh stop && ../bin/catalina.sh start
Using CATALINA_BASE: /home/pms/apache-tomcat-6.0.44
Using CATALINA_HOME: /home/pms/apache-tomcat-6.0.44
Using CATALINA_TMPDIR: /home/pms/apache-tomcat-6.0.44/temp
Using JRE_HOME: /home/pms/jdk1.7.0_65
Using CLASSPATH: /home/pms/apache-tomcat-6.0.44/bin/bootstrap.jar
Using CATALINA_BASE: /home/pms/apache-tomcat-6.0.44
Using CATALINA_HOME: /home/pms/apache-tomcat-6.0.44
Using CATALINA_TMPDIR: /home/pms/apache-tomcat-6.0.44/temp
Using JRE_HOME: /home/pms/jdk1.7.0_65
Using CLASSPATH: /home/pms/apache-tomcat-6.0.44/bin/bootstrap.jar
[root@test conf]# netstat -ntlup | grep -e "80\|443"
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 21960/java
tcp 0 0 0.0.0.0:443 0.0.0.0:* LISTEN 21960/java
tcp 0 0 127.0.0.1:8005 0.0.0.0:* LISTEN 21960/java
tcp 0 0 0.0.0.0:8009 0.0.0.0:* LISTEN 21960/java
[root@test conf]#

OK !

Tomcat(1) java.lang.OutOfMemoryError

1. 什么是 PermGen space ?

PermGen space的全称是Permanent Generation space,是指内存的永久保存区域,这块内存主要是被JVM存放Class和Meta信息的,Class在被Loader时就会被放到PermGen space中,它和存放类实例(Instance)的Heap区域不同,GC(Garbage Collection)不会在主程序运行期对PermGen space进行清理,所以如果你的应用中有很CLASS的话,就很可能出现PermGen space错误,这种错误常见在web服务器对JSP进行pre compile的时候。如果你的WEB APP下都用了大量的第三方jar,其大小超过了jvm默认的大小(4M)那么就会产生此错误信息了。

2. 解决方法

2.1 手动设置MaxPermSize大小
1
2
# 修改$TOMCAT_HOME/bin/catalina.sh,在“echo "Using CATALINA_BASE:   $CATALINA_BASE"”上面加入以下行:
JAVA_OPTS="-server -Xms256m -Xmx512m -XX:PermSize=64M -XX:MaxPermSize=128m"

3. Java heap space

解释:

Heap size 设置
JVM堆的设置是指java程序运行过程中JVM可以调配使用的内存空间的设置.JVM在启动的时候会自动设置Heap size的值,其初始空间(即-Xms)是物理内存的1/64,最大空间(-Xmx)是物理内存的1/4。可以利用JVM提供的-Xmn -Xms -Xmx等选项可进行设置。Heap size 的大小是Young Generation 和Tenured Generaion 之和。

  • 提示:在JVM中如果98%的时间是用于GC且可用的Heap size 不足2%的时候将抛出此异常信息。
  • 提示:Heap Size 最大不要超过可用物理内存的80%,一般的要将-Xms和-Xmx选项设置为相同,而-Xmn为1/4的-Xmx值。

修改设置方法如PermGen space

HowTo Install a Tomcat Server 7

       本文件是采用的模板是CentOS 6,同样适用于CentOS 系列其他发行版本。

1. 测试环境

2. Install Java SE Development Kit 7 (JDK7)

1
2
3
4
5
6
7
8
9
10
11
12
[root@ultraera ~]# curl -LO -H "Cookie: oraclelicense=accept-securebackup-cookie" \
"http://download.oracle.com/otn-pub/java/jdk/7u75-b13/jdk-7u75-linux-x64.rpm"
[root@ultraera ~]# rpm -Uvh jdk-7u75-linux-x64.rpm
Preparing... ########################################### [100%]
1:jdk ########################################### [100%]
Unpacking JAR files...
rt.jar...
jsse.jar...
charsets.jar...
tools.jar...
localedata.jar...
jfxrt.jar...

3. Build Java Environment.

1
2
3
4
5
6
7
8
9
10
[root@ultraera ~]# vi /etc/profile
# add follows to the end
export JAVA_HOME=/usr/java/default
export PATH=$PATH:$JAVA_HOME/bin
export CLASSPATH=.:$JAVA_HOME/jre/lib:$JAVA_HOME/lib:$JAVA_HOME/lib/tools.jar
[root@ultraera ~]# source /etc/profile
[root@ultraera ~]# java -version
java version "1.7.0_75"
Java(TM) SE Runtime Environment (build 1.7.0_75-b13)
Java HotSpot(TM) 64-Bit Server VM (build 24.75-b04, mixed mode)

4. Download Tomcat7

Make sure the latest one and download it from the site below.
=》 http://ftp.riken.jp/net/apache/tomcat/tomcat-7/

1
2
3
4
5
[root@ultraera ~]# wget http://ftp.riken.jp/net/apache/tomcat/tomcat-7/v7.0.70/bin/apache-tomcat-7.0.70.tar.gz
[root@ultraera ~]# tar zxvf apache-tomcat-7.0.70.tar.gz
[root@ultraera ~]# mv apache-tomcat-7.0.70 /usr/tomcat7
[root@ultraera ~]# useradd -M -d /usr/tomcat7 tomcat7
[root@ultraera ~]# chown -R tomcat7. /usr/tomcat7

5. create a script , use service manage tomcat7

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
[root@ultraera ~]# cat /etc/rc.d/init.d/tomcat7
#!/bin/bash

# Tomcat7: Start/Stop Tomcat 7
#
# chkconfig: - 90 10
# description: Tomcat is a Java application Server.

. /etc/init.d/functions
. /etc/sysconfig/network

CATALINA_HOME=/usr/tomcat7
TOMCAT_USER=tomcat7

LOCKFILE=/var/lock/subsys/tomcat7

RETVAL=0
start(){
echo "Starting Tomcat7: "
su - $TOMCAT_USER -c "$CATALINA_HOME/bin/startup.sh"
RETVAL=$?
echo
[ $RETVAL -eq 0 ] && touch $LOCKFILE
return $RETVAL
}

stop(){
echo "Shutting down Tomcat7: "
$CATALINA_HOME/bin/shutdown.sh
RETVAL=$?
echo
[ $RETVAL -eq 0 ] && rm -f $LOCKFILE
return $RETVAL
}

case "$1" in
start)
start
;;
stop)
stop
;;
restart)
stop
start
;;
*)
echo $"Usage: $0 {start|stop|restart}"
exit 1
;;
esac
exit $?

6. Add tomcat7 to system service

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
[root@ultraera ~]# chmod 755 /etc/rc.d/init.d/tomcat7
[root@ultraera ~]# /etc/rc.d/init.d/tomcat7 start
Starting Tomcat7:
Using CATALINA_BASE: /usr/tomcat7
Using CATALINA_HOME: /usr/tomcat7
Using CATALINA_TMPDIR: /usr/tomcat7/temp
Using JRE_HOME: /usr/java/default
Using CLASSPATH: /usr/tomcat7/bin/bootstrap.jar:/usr/tomcat7/bin/tomcat-juli.jar
Tomcat started.
[root@ultraera ~]# netstat -ntlp | grep java
tcp 0 0 ::ffff:127.0.0.1:8005 :::* LISTEN 6326/java
tcp 0 0 :::8009 :::* LISTEN 6326/java
tcp 0 0 :::8080 :::* LISTEN 6326/java
[root@ultraera ~]# ps axu | grep java
tomcat7 6326 8.3 85.6 5229768 2910176 ? Sl Aug22 3216:38 /usr/bin/java -Djava.util.logging.config.file=/usr/tomcat7/conf/logging.properties -Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager -server -Djava.endorsed.dirs=/usr/tomcat7/endorsed -classpath /usr/tomcat7/bin/bootstrap.jar:/usr/tomcat7/bin/tomcat-juli.jar -Dcatalina.base=/usr/tomcat7 -Dcatalina.home=/usr/tomcat7 -Djava.io.tmpdir=/usr/tomcat7/temp org.apache.catalina.startup.Bootstrap start
[root@ultraera ~]# chkconfig --add tomcat7
[root@ultraera ~]# chkconfig tomcat7 on

7. 打开浏览器测试Tomcat Server搭建完成,默认页面如下

8. 使用curl 测试

1
2
3
4
5
6
[root@ultraera ~]# curl -I http://localhost:8080
HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Content-Type: text/html;charset=ISO-8859-1
Transfer-Encoding: chunked
Date: Sun, 18 Sep 2016 11:14:06 GMT

9. Tomcat 文件树

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
[root@ultraera /usr/tomcat7]# tree
.
├── bin
│   ├── bootstrap.jar
│   ├── catalina.bat
│   ├── catalina.sh
│   ├── catalina-tasks.xml
│   ├── commons-daemon.jar
│   ├── commons-daemon-native.tar.gz
│   ├── configtest.bat
│   ├── configtest.sh
│   ├── daemon.sh
│   ├── digest.bat
│   ├── digest.sh
│   ├── setclasspath.bat
│   ├── setclasspath.sh
│   ├── shutdown.bat
│   ├── shutdown.sh
│   ├── startup.bat
│   ├── startup.sh
│   ├── tomcat-juli.jar
│   ├── tomcat-native.tar.gz
│   ├── tool-wrapper.bat
│   ├── tool-wrapper.sh
│   ├── version.bat
│   └── version.sh
├── conf
│   ├── catalina.policy
│   ├── catalina.properties
│   ├── context.xml
│   ├── logging.properties
│   ├── server.xml
│   ├── tomcat-users.xml
│   └── web.xml
├── lib
├── LICENSE
├── logs
│   ├── catalina.2016-09-18.log
│   ├── catalina.out
│   ├── host-manager.2016-09-18.log
│   ├── localhost.2016-09-18.log
│   └── manager.2016-09-18.log
├── NOTICE
├── RELEASE-NOTES
├── RUNNING.txt
├── temp
├── webapps
│   └── ROOT
└── work

Tomcat(3) 优化设定

  • 设置JVM空间大小,Xms和Xmx一样大:JVM初始分配的内存由-Xms指定,默认是物理内存的1/64;JVM最大分配的内存由-Xmx指定,默认是物理内存的1/4。默认空余堆内存小于 40%时,JVM就会增大堆直到-Xmx的最大限制;空余堆内存大于70%时,JVM会减少堆直到-Xms的最小限制。因此服务器一般设置-Xms、 -Xmx相等以避免在每次GC 后调整堆的大小。
  • 关闭dns查询
  • 增加线程数量
  • maxThreads、acceptCount : 增加并发,同时增加这两个的数量
  • 内存优化 : /tomcatbin/catalina.sh

  • JAVA_OPTS=”-XX:PermSize=64M -XX:MaxPermSize=128m -Xms512m -Xmx1024m -Duser.timezone=Asia/Shanghai”

  • 缓存优化
  • 并发优化,线程优化
  • <Connector port=”80” protocol=”HTTP/1.1” maxThreads=”600” minSpareThreads=”100” maxSpareThreads=”500” acceptCount=”700”
  • connectionTimeout=”20000” redirectPort=”8443” />
  • 关闭DNS查询 :修改server.xml文件中的Connector元素,修改属性enableLookups参数值: enableLookups=”false”
  • 使用apr插件,提高tomcat响应时间

    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    13
    14
    15
    16
    17
    18
    19
    20
    21
    22
    23
    (1)安装APR tomcat-native
    apr-1.3.8.tar.gz 安装在/usr/local/apr
    #tar zxvf apr-1.3.8.tar.gz
    #cd apr-1.3.8
    #./configure;make;make install

    apr-util-1.3.9.tar.gz 安装在/usr/local/apr/lib
    #tar zxvf apr-util-1.3.9.tar.gz
    #cd apr-util-1.3.9
    #./configure --with-apr=/usr/local/apr ----with-java-home=JDK;make;make install

    #cd apache-tomcat-6.0.20/bin
    #tar zxvf tomcat-native.tar.gz
    #cd tomcat-native/jni/native
    #./configure --with-apr=/usr/local/apr;make;make install

    (2)设置 Tomcat 整合 APR
    修改 tomcat 的启动 shell (startup.sh),在该文件中加入启动参数:
    CATALINA_OPTS="$CATALINA_OPTS -Djava.library.path=/usr/local/apr/lib" 。

    (3)判断安装成功:
    如果看到下面的启动日志,表示成功。
    2007-4-26 15:34:32 org.apache.coyote.http11.Http11AprProtocol init
  • 开启manager 管理

  • 使用http://visualvm.Java.net/download.html 工具监控tomcat的性能
  • JAVA_OPTS=’-Dcom.sun.management.jmxremote.port=8999 -Dcom.sun.management.jmxremote.ssl=false -Dcom.sun.management.jmxremote.authenticate=false’
  • 设置自动更新autodeploy=false
Your browser is out-of-date!

Update your browser to view this website correctly. Update my browser now

×