基於APR模式的Tomcat環境部署
一、版本信息
組件名java |
版本號 |
| jdk | 1.8.0_45 |
| tomcat | 8.0.23 |
| apr | 1.5.2 |
| apr-iconv | 1.2.1 |
| apr-util | 1.5.4 |
| tomcat-native | 1.1.33 |
Tomcat的通信模型總共爲3種,分別爲BIO、NIO、APR,而本次所採用的模式爲APR。web
3種模式的區別:apache
Java Blocking Connectorvim |
Java Nio Blocking Connectortomcat |
APR/native Connector安全 |
|
| Tomcat Version | 3.x onwards | 7.x onwards | 5.5.x onwards |
| Classname | BIO(AjpProtocol)bash |
NIO(AjpNioProtocol) | APR(AjpAprProtocol) |
| Read Request Headers | Blocking | Sim Blocking | Blocking |
| Read Request Body | Blocking | Sim Blocking | Blocking |
| Write Response | Blocking | Sim Blocking | Blocking |
| Wait for next Request | Blocking | Non Blocking | Non Blocking |
| Max Connections | maxConnections | maxConnections | maxConnections |
| Polling Size | N/A | maxConnections | maxConnections |
| Support Polling | NO | YES | YES |
二、基礎安裝
# cd /usr/local/src
# tar xvzf jdk-8u45-linux-x64.gz -C /opt
# cd /opt && ln -s jdk1.8.0_45 jdk
# cd /usr/local/src
# tar xvzf apache-tomcat-8.0.23.tar.gz -C /opt
# cd /opt && ln -s apache-tomcat-8.0.23 tomcat
# vim /etc/profile併發
export
TOMCAT_HOME=
/opt/tomcat
export
JAVA_HOME=
/opt/jdk
export
CLASSPATH=.:$JAVA_HOME
/lib/dt
.jar:$JAVA_HOME
/lib/tools
.jar
export
PATH=$PATH:$JAVA_HOME
/bin
:$TOMCAT_HOME
/bin
# source /etc/profile
# mkdir -p /data/logs/{search,tomcat}
# mkdir -p /data/search/{data,index}
# vim /opt/tomcat/conf/server.xmlapp
......
<Connector port=
"8080"
protocol=
"org.apache.coyote.http11.Http11AprProtocol"
maxHttpHeaderSize=
"8192"
onnectionTimeout=
"20000"
redirectPort=
"8443"
maxThreads=
"1000"
minSpareThreads=
"50"
maxSpareThreads=
"150"
minProcessors=
"100"
maxProcessors=
"1000"
acceptCount=
"1000"
disableUpload20meout=
"true"
enableLookups=
"false"
URIEncoding=
"UTF-8"
/>
......
# vim /opt/tomcat/bin/setenv.sh(這裏以64G內存、24核CPU爲例,且以單實例運行)
JAVA_OPTS="-Djava.awt.headless=
true
-Dfile.encoding=UTF-8
-server -Xms48g -Xmx48g -Xss1m
-XX:NewSize=8g -XX:MaxNewSize=16g
-XX:NewRatio=4 -XX:SurvivorRatio=4
-XX:+AggressiveOpts -XX:+UseBiasedLocking
-XX:+UseConcMarkSweepGC -XX:ParallelCMSThreads=24
-XX:+PrintGCDetails -XX:+PrintGCTimeStamps -Xloggc:
/data/logs/tomcat/gc
.log
-XX:+HeapDumpOnOutOfMemoryError -XX:HeapDumpPath=
/data/logs/tomcat/heapdump
.bin
-XX:+CMSParallelRemarkEnabled -XX:+ScavengeBeforeFullGC
-XX:CMSInitiatingOccupancyFraction=75"
CATALINA_OUT=
/data/logs/tomcat/catalina
.out
CATALINA_OPTS="-Dcom.sun.management.jmxremote
-Dcom.sun.management.jmxremote.authenticate=
false
-Dcom.sun.management.jmxremote.ssl=
false
-Dcom.sun.management.jmxremote.port=10826"
# chmod +x /opt/tomcat/bin/setenv.sh
# vim /opt/tomcat/conf/logging.properties
......
1catalina.org.apache.juli.AsyncFileHandler.level = FINE
1catalina.org.apache.juli.AsyncFileHandler.directory =
/data/logs/tomcat
1catalina.org.apache.juli.AsyncFileHandler.prefix = catalina.
2localhost.org.apache.juli.AsyncFileHandler.level = FINE
2localhost.org.apache.juli.AsyncFileHandler.directory =
/data/logs/tomcat
2localhost.org.apache.juli.AsyncFileHandler.prefix = localhost.
3manager.org.apache.juli.AsyncFileHandler.level = FINE
3manager.org.apache.juli.AsyncFileHandler.directory =
/data/logs/tomcat
3manager.org.apache.juli.AsyncFileHandler.prefix = manager.
4host-manager.org.apache.juli.AsyncFileHandler.level = FINE
4host-manager.org.apache.juli.AsyncFileHandler.directory =
/data/logs/tomcat
4host-manager.org.apache.juli.AsyncFileHandler.prefix = host-manager.
......
也能夠直接以下執行:
# sed -i 's#${catalina.base}/logs#/data/logs/tomcat#g' /opt/tomcat/conf/logging.properties
# cd /usr/local/src
# tar xvzf apr-1.5.2.tar.gz
# cd apr-1.5.2
# ./configure --prefix=/opt/apr
# make && make install
# cd /usr/local/src
# tar xvzf apr-iconv-1.2.1.tar.gz
# cd apr-iconv-1.2.1
# ./configure --prefix=/opt/apr-iconv --with-apr=/opt/apr
# make && make install
# cd /usr/local/src
# tar xvzf apr-util-1.5.4.tar.gz
# cd apr-util-1.5.4
# ./configure --prefix=/opt/apr-util --with-apr=/opt/apr --with-apr-iconv=/opt/apr-iconv/bin/apriconv
# make && make install
# cd /usr/local/src
# tar xvzf tomcat-native-1.1.33-src.tar.gz
# cd tomcat-native-1.1.33-src/jni/native
# ./configure --prefix=/usr --with-apr=/opt/apr --with-java-home=/opt/jdk
# make && make install
安裝結果以下:
三、安全設置
1)隱藏Tomcat版本信息
# cd /opt/tomcat/lib
# mkdir -p org/apache/catalina/util
# vim org/apache/catalina/util/ServerInfo.properties
server.info=Eleme Tomcat
2)刪除Tomcat管理頁面
# rm -rf /opt/tomcat/webapps/*
3)以普通用戶運行Tomcat
方式一:(使用jsvc以普通用戶權限去啓動Tomcat,這是官方最推薦的方法,原理是root用戶fork非root進程)
# useradd tomcat -s /usr/sbin/nologin 【Ubuntu系統環境】
# useradd tomcat -s /sbin/nologin 【CentOS系統環境】
# chown -R tomcat:tomcat /opt/tomcat/
# chown -R tomcat:tomcat /data/logs/{search,tomcat}
# cd /opt/tomcat/bin
# tar xvzf commons-daemon-native.tar.gz
# cd commons-daemon-1.0.15-native-src/unix
# ./configure --with-java=/opt/jdk
# make
# cp jsvc ../../
# cd ../../
# ./daemon.sh start
注:正常狀況下有兩個進程,參數都是同樣的,但屬主不同,1個是root用戶,1個是tomcat用戶。
方式二:
# useradd tomcat -s /bin/bash
# chown -R tomcat:tomcat /opt/tomcat/
# chown -R tomcat:tomcat /data/logs/{search,tomcat}
# sudo su tomcat /opt/tomcat/bin/startup.sh
4)其餘設置
自定義錯誤頁面,好比添加如下內容:
<error-page>
<error-code>500<
/error-code
>
<location>
/500
.jsp<
/location
>
<
/error-page
>
注:能夠根據須要自行增長相應的錯誤碼,常見的如500,404等,location選項爲指定跳轉的頁面,該jsp文件須要本身生成。
刪除jspx文件解析,能夠註釋掉如下內容
<url-pattern>*.jspx</url-pattern>
注:以上兩點配置,都在web.xml進行設置。
四、初步壓測結果
測試工具:siege
併發線程數:600
測試命令:/opt/siege/bin/siege -c 600 -f /opt/urls.txt
測試並調優的難點主要是在JVM上,須要對JVM有較深刻的瞭解,根據不一樣的應用場景進行調優。
相關文章
- 1. 基於APR模式的Tomcat環境部署
- 2. Tomcat部署環境
- 3. tomcat環境部署
- 4. Tomcat 部署 The APR based Apache Tomcat Native ...
- 5. Spring boot+Docker 實現內嵌tomcat Apr模式部署
- 6. IDEA win10環境部署Tomcat
- 7. win7+tomcat+jenkins 環境部署
- 8. tomcat Jenkins 上環境部署
- 9. docker centos環境部署tomcat
- 10. 基於Centos6的tomcat部署
- 更多相關文章...
- • Maven 自動化部署 - Maven教程
- • C# 環境 - C#教程
- • 委託模式
- • ☆基於Java Instrument的Agent實現
相關標籤/搜索
每日一句
-
每一个你不满意的现在,都有一个你没有努力的曾经。
最新文章
歡迎關注本站公眾號,獲取更多信息
