第36-37 Tomcat & SVN
1. Tomcat简介
tomcat是一个web服务器,类似nginx,apache的http
nginx,http只能处理html等静态文件(jpg)
网页分为静态网页(以.html或者.htm结尾的url地址)和动态网页
nginx和http配合php就能够处理动态的网页(.php结尾)
tomcat也可以处理静态的html文件
tomcat配合jdk就能够处理动态的网页(.jsp结尾)
http://blog.oldboyedu.com/java-tomcat/
2. Tomcat安装
cd /application/tools/
# 上传软件包
2.1 安装JDK
jdk==》java虚拟机(jvm)
tar xf jdk-8u161-linux-x64.tar.gz -C /application/
ln -s /application/jdk1.8.0_161 /application/jdk
#
#export JAVA_HOME=/application/jdk
#export PATH=$JAVA_HOME/bin:$JAVA_HOME/jre/bin:$PATH
#export CLASSPATH=.:$JAVA_HOME/lib:$JAVA_HOME/jre/lib:$JAVA_HOME/lib/tools.jar
#
sed -i.ori '$a export JAVA_HOME=/application/jdk\nexport PATH=$JAVA_HOME/bin:$JAVA_HOME/jre/bin:$PATH\nexport CLASSPATH=.:$JAVA_HOME/lib:$JAVA_HOME/jre/lib:$JAVA_HOME/lib/tools.jar' /etc/profile
source /etc/profile
java -version
2.2 安装Tomcat
tar xf apache-tomcat-8.0.50.tar.gz -C /application/
ln -s /application/apache-tomcat-8.0.50 /application/tomcat
echo 'export TOMCAT_HOME=/application/tomcat'>>/etc/profile
source /etc/profile
chown -R root.root /application/jdk/ /application/tomcat/
/application/tomcat/bin/version.sh
3. Tomcat目录结构
[root@oldboyedu tools]# cd /application/tomcat/
[root@oldboyedu tomcat]# tree -L 1
.
├── bin # 启动文件目录,startup.sh,shutdown.sh,catalina.sh(核心)
├── conf # 配置文件目录,server.xml(主配置文件),tomcat-users.xml(用户管理)
├── lib
├── LICENSE
├── logs # 日志目录
├── NOTICE
├── RELEASE-NOTES
├── RUNNING.txt
├── temp # 临时目录
├── webapps # 站点存放目录,类似nginx的html目录
└── work # #→用以产生有JSP编译出的Servlet的.java和.class文件
7 directories, 4 files
关注点:bin、conf、logs、webapps
4. 启动/关闭tomcat
/application/tomcat/bin/startup.sh
/application/tomcat/bin/shutdown.sh
[root@oldboyedu conf]# netstat -tunlp|grep java
tcp6 0 0 :::8009 :::* LISTEN 5322/java
tcp6 2 0 :::8080 :::* LISTEN 5322/java
[root@oldboyedu conf]# ps -ef|grep [j]ava
5. 查看日志,读懂日志
[root@oldboyedu logs]# ls
catalina.out # 实时记录tomcat运行信息,文件会越来越大,定时清空
catalina.2017-10-24.log # catalina.out文件每天的日志切割文件
[root@oldboyedu logs]# pwd
/application/tomcat/logs
[root@oldboyedu logs]# tailf catalina.out
Server startup in 108301 ms # tomcat已经启动的标识
6. Tomcat在CentOS7启动慢的原因
见群文件《CentOS Tomcat 启动过程很慢》
7. 搭建jpress--java版本的wordpress
JSP网页
Linux + Nginx + PHP + MySQL
Linux + Tomcat + JDK + MySQL (db01)
7.1 连接db01的数据库
create database jpress DEFAULT CHARACTER SET utf8;
grant all on jpress.* to jpress@'172.16.1.0/255.255.255.0' identified by 'jpress';
flush privileges;
7.2 部署站点代码
上传jpress-web-newest.war到webapps目录
会自动解压
先改名,再把它移动走。
mv jpress-web-newest jpress
http://10.0.0.200:8080/jpress/install
8.Tomcat配置文件
语法:
注释:以<!--开头,以-->结尾,中间包含的都是注释,段注释
vim /application/tomcat/conf/server.xml
# 指定关闭tomcat的端口号及暗号
<Server port="8005" shutdown="SHUTDOWN">
查看日志(最详细)
[root@cs7 ~]# tailf /application/tomcat/logs/catalina.out
# 指定tomcat的web站点监听端口
<Connector port="8080" protocol="HTTP/1.1"
connectionTimeout="20000"
redirectPort="8443" />
# 专门和apache通信的端口,不用,注释掉
<Connector port="8009" protocol="AJP/1.3" redirectPort="8443" />
<Host name="localhost" appBase="webapps"
unpackWARs="true" autoDeploy="true">
2.自定义网站目录
默认在webapps/ROOT
以前地址: http://10.0.0.201:8080/memtest/meminfo.jsp
安装memtest.war同前面
想要的地址:http://10.0.0.201:8080/meminfo.jsp
第一种方法:
将meminfo.jsp放入ROOT目录(默认站点都是从ROOT开始)不常用
第二种方法:
nginx的location规则
location /oldboyedu/ {
....
}
vim /application/tomcat/conf/server.xml
# context === location path="" === /oldboyedu/
<Context path="" docBase="/application/tomcat/webapps/memtest" debug="0" reloadable="false" crossContext="true"/>
sed -i.ori '125a <Context path="" docBase="/application/tomcat/webapps/memtest" debug="0" reloadable="false" crossContext="true"/>' /application/tomcat/conf/server.xml
/application/tomcat/bin/shutdown.sh
/application/tomcat/bin/startup.sh
3.Tomcat多实例
多虚拟主机:nginx
多实例:tomcat,尽可能使用我们系统的资源(资源相对多)
32cores 256G 8*600G
cd /application/tools/
tar xf apache-tomcat-8.0.50.tar.gz
cp -a apache-tomcat-8.0.50 /application/tomcat8_1
cp -a apache-tomcat-8.0.50 /application/tomcat8_2
sed -i 's#8005#8011#;s#8080#8081#' /application/tomcat8_1/conf/server.xml
sed -i 's#8005#8012#;s#8080#8082#' /application/tomcat8_2/conf/server.xml
# 生产经验:将已经配置的实例打包,以后方便批量配置多实例
tar zcf tomcat_muti.tar.gz ./tomcat8_1/ ./tomcat8_2/
[root@cs7 ~]# tar tf /tmp/webpp_multi.tar.gz /application/tomcat8_1/bin/startup.sh
/application/tomcat8_2/bin/startup.sh
netstat -tunlp|grep java
http://10.0.0.200:8081/
http://10.0.0.200:8082/
4.Tomcat反向代理集群
root@cs7 conf]# vim nginx.conf
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
sendfile on;
keepalive_timeout 65;
upstream web_pools {
server 10.0.0.200:8081;
server 10.0.0.200:8082;
}
server {
listen 80;
server_name localhost;
location / {
index index.jsp index.html index.htm;
proxy_pass http://web_pools;
proxy_set_header Host $http_host;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
}
}
上述部署完一直浏览器无法访问,报400错误
在 / location 添加 proxy_set_header Host $http_host;
[root@cs7 conf]# curl 10.0.0.201
[root@cs7 conf]# curl 10.0.0.201
[root@cs7 conf]# wget 10.0.0.201
--2018-09-23 22:22:45-- http://10.0.0.201/
正在连接 10.0.0.201:80... 已连接。
已发出 HTTP 请求,正在等待回应... 400 Bad Request
2018-09-23 22:22:45 错误 400:Bad Request。
改正后
[root@cs7 conf]# curl 10.0.0.201
tomcat8_1
[root@cs7 conf]# curl 10.0.0.201
tomcat8_2
[root@cs7 conf]# curl 10.0.0.201
tomcat8_1
[root@cs7 conf]# curl 10.0.0.201
tomcat8_2
[root@cs7 conf]# curl 10.0.0.201
tomcat8_1
5.Tomcat监控
jps -lvm 能够看到当前运行的java进程及pid号
6.Tomcat优化
6.1 安全优化(必会)
telnet、nc管理端口保护(8005)
ajp连接端口保护(8009)
禁用管理端
[root@oldboyedu webapps]# pwd
/application/tomcat8_1/webapps
[root@oldboyedu webapps]# mv * /tmp/
[root@oldboyedu webapps]# ls
[root@oldboyedu webapps]# mkdir ROOT
[root@oldboyedu webapps]# ls
ROOT
降权启动:降低权限启动tomcat
不要以root启动[root@oldboyedu ~]# useradd tomcat
[root@oldboyedu ~]# cp -a /application/tomcat8_2 /home/tomcat/
[root@oldboyedu ~]# ls /home/tomcat/
tomcat8_2
[root@oldboyedu ~]# chown -R tomcat.tomcat /home/tomcat/tomcat8_2/
[root@oldboyedu ~]# su - tomcat
[tomcat@oldboyedu ~]$ ls
tomcat8_2
[tomcat@oldboyedu ~]$ tomcat8_2/bin/startup.sh
Using CATALINA_BASE: /home/tomcat/tomcat8_2
Using CATALINA_HOME: /home/tomcat/tomcat8_2
Using CATALINA_TMPDIR: /home/tomcat/tomcat8_2/temp
Using JRE_HOME: /application/jdk
Using CLASSPATH: /home/tomcat/tomcat8_2/bin/bootstrap.jar:/home/tomcat/tomcat8_2/bin/tomcat-juli.jar
Tomcat started.
[tomcat@oldboyedu ~]$ ps -ef|grep tomcat
root 5801 1752 0 12:27 pts/0 00:00:00 su - tomcat
tomcat 5802 5801 0 12:27 pts/0 00:00:00 -bash
tomcat 5837 1 42 12:27 pts/0 00:00:02 /application/jdk/bin/java -Djava.util.logging.config.file=/home/tomcattomcat8_2/conf/logging.properties -Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager -Djava.endorsed.dirs=/home/tomcat/tomcat8_2/endorsed -classpath /home/tomcat/tomcat8_2/bin/bootstrap.jar:/home/tomcat/tomcat8_2/bin/tomcat-juli.jar -Dcatalina.base=/home/tomcat/tomcat8_2 -Dcatalina.home=/home/tomcat/tomcat8_2 -Djava.io.tmpdir=/home/tomcat/tomcat8_2/temp org.apache.catalina.startup.Bootstrap start
tomcat 5858 5802 0 12:27 pts/0 00:00:00 ps -ef
tomcat 5859 5802 0 12:27 pts/0 00:00:00 grep --color=auto tomcat
# 可以放入/etc/rc.local开机自启动
su - tomcat -c '/home/tomcat/tomcat8_2/bin/startup.sh'
http://blog.oldboyedu.com/java-tomcat/
JVM memory detail info :
Max memory:1945MB
Total memory:1945MB
Free memory:1907MB
Available memory can be used is :1907MB
svn
http://blog.oldboyedu.com/git/
[root@cs7 ~]# rpm -qa subversion
subversion-1.7.14-10.el7.x86_64
[root@cs7 ~]# mkdir -p /application/svndata
[root@cs7 ~]# mkdir -p /application/svnpasswd
[root@cs7 ~]#
[root@cs7 ~]#
[root@cs7 ~]# ll -d /application/svn*
drwxr-xr-x. 2 root root 6 Mar 6 23:40 /application/svndata
drwxr-xr-x. 2 root root 6 Mar 6 23:40 /application/svnpasswd
[root@cs7 ~]# svnserve -dr /application/svndata/
[root@cs7 ~]#
[root@cs7 ~]# ss -lntup |grep svn
tcp LISTEN 0 7 *:3690 *:* users:(("svnserve",pid=21123,fd=3))
创建版本库
svnadmin create /application/svndata/sadoc
[root@cs7 ~]# svnadmin create /application/svndata/sadoc[root@cs7 ~]# tree /application/svndata/sadoc
/application/svndata/sadoc
├── conf
│ ├── authz
│ ├── passwd
│ └── svnserve.conf
├── db
│ ├── current
│ ├── format
│ ├── fsfs.conf
│ ├── fs-type
│ ├── min-unpacked-rev
│ ├── revprops
│ │ └── 0
│ │ └── 0
│ ├── revs
│ │ └── 0
│ │ └── 0
│ ├── transactions
│ ├── txn-current
│ ├── txn-current-lock
│ ├── txn-protorevs
│ ├── uuid
│ └── write-lock
├── format
├── hooks
│ ├── post-commit.tmpl
│ ├── post-lock.tmpl
│ ├── post-revprop-change.tmpl
│ ├── post-unlock.tmpl
│ ├── pre-commit.tmpl
│ ├── pre-lock.tmpl
│ ├── pre-revprop-change.tmpl
│ ├── pre-unlock.tmpl
│ └── start-commit.tmpl
├── locks
│ ├── db.lock
│ └── db-logs.lock
└── README.txt
10 directories, 27 files
[root@cs7 ~]#
[root@cs7 ~]# cd /application/svndata/sadoc/conf/
[root@cs7 conf]# ll
总用量 12
-rw-r--r-- 1 root root 1080 9月 23 23:03 authz
-rw-r--r-- 1 root root 309 9月 23 23:03 passwd
-rw-r--r-- 1 root root 3090 9月 23 23:03 svnserve.conf
mv authz passwd /application/svnpasswd/
[root@cs7 conf]# diff svnserve.conf*
19,20c19,20
< anon-access = none
< auth-access = write
---
> # anon-access = read
> # auth-access = write
27c27
< password-db = /application/svnpasswd/passwd
---
> # password-db = passwd
34c34
< authz-db = /application/svnpasswd/authz
---
> # authz-db = authz
[root@cs7 svnpasswd]# tail -5 passwd
# sally = sallyssecret
lewen = 123456
kevin = 123456
root = 123456
[root@cs7 svnpasswd]# tail -5 authz
# * = r
sa = lewen,kevin,root
[sadoc:/]
lewen = rw
kevin = r
--[root@cs7 svnpasswd]# svnserve -dr /application/svndata/
[root@cs7 svnpasswd]# ss -lntup|grep svn
tcp LISTEN 0 7 *:3690 *:* users:(("svnserve",pid=21394,fd=3))
#客户端下载地址
https://tortoisesvn.net/downloads.zh.html
SVN客户端密码保存地点:
C:\Users\oldboy\AppData\Roaming\Subversion\auth\svn.simple
sadoc/
oldboy rw
alex r
lee r
http://blog.51cto.com/xiexiaojun/2049665