CentOS study notes -- Tomcat installation, centos -- tomcat

CentOS study notes -- Tomcat installation, centos -- tomcat
Tomcat installation

It is usually easy to configure Tomcat, but it is not easy to set up a Java virtual host with multiple users and services. The biggest problem is the Tomcat execution permission. Tomcat configured in common mode runs as a root Super administrator. Obviously, this is very dangerous. Once a website is infected with Trojans, your entire server can be controlled by hackers. By compiling or online (for example, the yum and debian apt-get of the redhat series), only one tomcat service can be installed on one server, if you place multiple websites in the same tomcat service, if a website becomes stuck due to a problem, all the websites on the server cannot be opened, unable to meet the dedicated tomcat needs of various website programs. To solve these problems, we need to configure Tomcat to run as a specified identity, and one server can install any number of tomcat services.

Test the machine environment:

VMware Workstation 10 Virtual Machine

Memory: 1 GB

Linux: CentOS MinimalCD 6.5

JAVA: JAVA_HOME =/opt/jdk

1. Configure the JDK environment on the Linux system first (CentOS Study Notes-JDK installation)

Assume that you have correctly installed the JDK Development Environment on Linux, and the JDK installation path is:/opt/jdk/

2. Download and unzip the latest version of Tomcat, http://tomcat.apache.org, download it to (my next is apache-tomcat-6.0.41.tar.gz) put in the Linux system/opt/directory, run the command to decompress (and unzip the directory renamed tomcat ):

tar xzvf apache-tomcat-6.0.41.tar.gzmv apache-tomcat-6.0.41/ tomcat

3. Compile and install the tomcat daemon service waiting program:

      
cd /opt/tomcat/bin/tar xvzf commons-daemon-native.tar.gz
1. After decompression, A commons-daemon-1.0.15-native-src directory will be generated, cd to the Linux subdirectory of this directory:
cd commons-daemon-1.0.10-native-src/unix
2. Note: Install gcc (gcc is not installed in the Mini version by default)
yum -y install gcc
3. Execute the compilation Configuration
./Configure # (Note: Install make, gcc, and other compilation tools first)./configure -- with-java =/opt/jdk. Use this command if no jdk is displayed. The main reason is that the java directory is not written to the system directory.
4. After the operation is completed, the following message is displayed to indicate that the operation is successful:
...*** All done ***Now you can issue "make"
5. Execute make:
make
6. After executing make, a jsvc file is generated and copied to the bin directory of tomcat.
cp jsvc /opt/tomcat/bin/
    
7. There is a daemon. sh file in the tomcat/bin directory, which is used to start and close the tomcat service waiting program.
  
Note: Some previous tomcat versions, such as tomcat 6.0.x, may not have this file, in fact, this file is placed in the commons-daemon-x.x.x-native-src/unix/samples/atat7.sh here (this directory also has a Tomcat5.sh ), but the new version of tomcat moved it to the bin directory and named it daemon. sh. Therefore, if you are using tomcat 6, copy the Tomcat7.sh file to the bin directory and name it daemon. sh.
  
8. Modify the daemon environment variables:
  
Use a text editor (vi or emacs) to edit it and find the configuration section similar to the following:
      
test ".$TOMCAT_USER" = . && TOMCAT_USER=tomcat# Set JAVA_HOME to working JDK or JRE# JAVA_HOME=/opt/jdk-1.6.0.22
      
9. Modify TOMCAT_USER = tomcat to specify the linux account user name to run as your identity. Here, set the user name to tomcat.
  
Remove the comments ("#") in front of JAVA_HOME =... and set it to the jdk installation directory path. Finally, the modified configuration segment is changed to the following:
test ".$TOMCAT_USER" = . && TOMCAT_USER=tomcat# Set JAVA_HOME to working JDK or JREJAVA_HOME=/opt/jdk
10. Change the owner of the/opt/tomcat directory to tomcat (that is, the linux Account to run as an identity ):
Useradd-M tomcat # create a tomcat user chsh tomcat-s/sbin/nologin without a home directory # disable tomcat login, similar to the windows system account chown-R tomcat/opt/tomcat # change all files and subdirectories under/opt/tomcat to the same owner as the tomcat user
11. Add the corresponding x permission bits to *. sh In the tomcat/bin/directory:
chmod +x /opt/tomcat/bin/*.sh
12. Now, you can test whether daemon can start and run as follows:
/Opt/tomcat/bin/daemon. sh start curl http: // localhost: 8080 # test whether to start
      
  
(If an error occurs, check the directory * in the bin of tomcat *. whether sh has the x executable permission, whether the linux Account Has the read and write permissions on the tomcat directory, and whether the tomcat/logs log directory has the write permission .) If no error occurs, the daemon program of tomcat has been set successfully.
  
13. Now the local machine can access tomcat, but the remote machine cannot access tomcat, which is a firewall problem. Add it in/etc/sysconfig/iptables.
-A input-m state -- state NEW-m tcp-p tcp -- dport 8080-j ACCEPT #8080 is the tomcat access port.
Restart iptable
service iptables restart
      
  
In this way, you can access it.
  
14. Stop tomcat with the following command:
/opt/tomcat/bin/daemon.sh  stop
15. Add tomcat as a Linux service. In this case, you only need to create a soft link to the/etc/init. d/directory.
ln  -s  /opt/tomcat/bin/daemon.sh  /etc/init.d/tomcat
16. Now you can use it to start/Close tomcat:
/Etc/init. d/tomcat start # start tomcat service tomcat start # start tomcat/etc/init. d/tomcat stop # disable tomcat service tomcat stop # disable tomcat
17. To enable tomcat Service Startup, add the following statement to daemon. sh:
#! /Bin/sh # This sentence exists in the original file. The following two sentences are to be added # chkconfig: 2345 90 15 # description: Tomcat-en Manager
18. Run the chkconfig command again to add the tomcat service and start it by yourself:
chkconfig --add  tomcat
      
  
Restart the machine and test it.

4. If you want to create another tomcat service, you only need to copy the/opt/tomcat directory. For example:

cp /opt/tomcat /opt/tomcat1

Modify the port number of cmdat1 (the port number in/opt/tomcat/opt/cmdat1/conf/server. xml cannot be the same as that of other services ). Finally, you can create another service from step 1 above.

In this way, you can create any number of tomcat services for a Linux server. Finally, you only need to install a front-end server (such as Nginx or Apache) to forward requests from different domain names to different tomcat service programs.