Tomcat

Revision as of 15:19, 31 March 2015 by WikiFreak (talk | contribs)


Tomcat is a Java servlet container, it can be used to display simple JSP and run Spring applications.

However, it cannot run JavaEE, you'll need a proper application server such IBM WAS, Glassfish, Jboss, etc. to do so.



Installation Server configuration Application configuration Other
Linux apt-get setup UTF-8 MySQL datasource Apache 2 proxy
Linux manual setup Increase PermGen
Linux Tomcat on boot IPv4 over IPv6 Example Example
JMX configuration Example Example
Windows setup Example Example Example


installation

Installation as Windows service

Installation

1. Download the latest tomcat version (Windows installer): http://tomcat.apache.org/download-70.cgi

2. During installation, add a specific user This user will be used to access the manager-app (= configuration pages)

3. After install, start the tomcat service and go to: http://localhost:8080

4. Go to the manager app: http://localhost:8080/manager/html

5. Deploy you war file(s)


Upgrade Tomcat privileges

In order to start “Tomcat server as a service” on windows startup, you must improve the Tomcat privileges. To do so, go to TOMCAT_install_dir / bin

  • Right click on “tomcat7w.exe” -> Properties
Tomcat properties
  • Go to the “compatibility” panel
    • Enable “run this program as an administrator”
    • Click on “change settings for all users”
    • Once again, enable “run this program as an administrator”


Increase server memory

In order to avoid memory errors such as “permGen space exception”, you have to increase your server JVM memory settings.

  • Launch the Tomcat Manager “configuration” panel: Right click on the manager -> Configure…
Tomcat settings
  • Go to the “Java” tab and adjust memory settings
    • Increase permsize by adding the following line in the text panel
-XX:MaxPermSize=256m
    • Set maximum memory pool size to 512 MB (see max. memory pool)
Java settings


Server configuration

Create users and user-rights

Manual installation

vim /opt/tomcat/conf/tomcat-users.xml

Automatic installation

vim /etc/tomcat7/tomcat-users.xml


Add / uncomment:

<role rolename="manager" />
<role rolename="admin" />
<role rolename="manager-gui" />
<role rolename="manager-script" />
<role rolename="admin-gui" />

<user username="tomcat" password="password"  roles="admin, admin-gui, manager, manager-gui, manager-script" />


Increase permgen space

Manual install

Add JAVA_OPTS parameters as environment variable

vim /etc/profile

Add following line:

export JAVA_OPTS="-Xms1024m -Xmx1024m -XX:NewSize=256m -XX:MaxNewSize=256m -XX:PermSize=256m -XX:MaxPermSize=512m -XX:+DisableExplicitGC"

Take changes into account

source /etc/profile

Check changes

echo $JAVA_OPTS


Automatic install

vim /etc/default/tomcat7

Add following line:

JAVA_OPTS="-server -Djava.awt.headiless=true -XX:+UseConcMarkSweepGC -XX:+CMSIncrementalMode -XX:+CMSPermGenSweepingEnabled -XX:+CMSClassUnloadingEnabled"
JAVA_OPTS="${JAVA_OPTS} -Xms256m -Xmx2048m"
JAVA_OPTS="${JAVA_OPTS} -XX:NewSize=128m -XX:MaxNewSize=256m"

Take changes into account

service tomcat7 restart


Add UTF-8 support on Tomcat

By default Tomcat will rely on the O.S locale.

In order to support UTF-8 URLs, you’ve to manually update the server’s configuration.

  • automatic install: $Tomcat = /etc/tomcat7
vim $TOMCAT/conf/server.xml

~ Line 70 change the “<connector port=”8080” …” value.

  • Before
<Connector port="8080" protocol="HTTP/1.1"
               connectionTimeout="20000"
               redirectPort="8443" />
  • After
<Connector port="8080" protocol="HTTP/1.1"
               connectionTimeout="20000"
               redirectPort="8443" URIEncoding="UTF-8" />


Restart Tomcat server

service tomcat7 restart


War deployment

There is 2 ways to deploy a war:


If you plan to use the graphical tool then you have to adjust the war file max size. Edit:

${Tomcat root} / webapps / manager / WEB-INF / web.xml


Adjust following values ~line 54 :

<multipart-config>
    <max-file-size>104857600</max-file-size>
    <max-request-size>104857600</max-request-size>
    <file-size-threshold>0</file-size-threshold>
</multipart-config>


add JMX management

Tomcat can be remotely monitored through JMX. That’s useful to check the status of the server: memory, threads and processes, performances, etc.


Restricted access configuration

You should restrict the JMX access.

Create the JMX users rights

vim /var/lib/tomcat7/conf/jmxremote.access

Put the following

monitorRole readonly		→ replace monitorRole by your ''userName''
controlRole readwrite

Create the JMX users password

vim /var/lib/tomcat7/conf/jmxremote.password

Put the following

monitorRole tomcat	         → replace monitorRole by username | replace tomcat by password
controlRole tomcat

Set rights and permissions upon login files

chmod 600 /var/lib/tomcat7/conf/jmxremote.*
chown tomcat7:tomcat7 /var/lib/tomcat7/conf/jmxremote.*

Tomcat launcher configuration

Just edit your default Tomcat launcher:

vim /etc/default/tomcat7

Add the following lines:

JAVA_HOME=/usr/lib/jvm/default-jvm/ 	          → That must be the ORACLE JDK

# JMX configuration
JAVA_OPTS="${JAVA_OPTS} -Dcom.sun.management.jmxremote"
JAVA_OPTS="${JAVA_OPTS} -Dcom.sun.management.jmxremote.port=8090"
JAVA_OPTS="${JAVA_OPTS} -Dcom.sun.management.jmxremote.ssl=false"
JAVA_OPTS="${JAVA_OPTS} -Djava.rmi.server.hostname=preprodrtd.vehco.com"
JAVA_OPTS="${JAVA_OPTS} -Dcom.sun.management.jmxremote.authenticate=true"
JAVA_OPTS="${JAVA_OPTS} -Dcom.sun.management.jmxremote.access.file=/var/lib/tomcat7/conf/jmxremote.access"
JAVA_OPTS="${JAVA_OPTS} -Dcom.sun.management.jmxremote.password.file=/var/lib/tomcat7/conf/jmxremote.password"

!! The rmi.server.hostname must match /etc/hostname !!


Restart tomcat

Service tomcat7 restart


Open firewall

Edit your firewall script

vim /etc/firewall/firewall-start.sh

Incoming connections

$IPTABLES -A INPUT -p tcp --dport 8090 -j ACCEPT     # Tomcat JMX

Outgoing connections

$IPTABLES -t filter -A OUTPUT -p tcp -m state --state NEW --dport 8090 -j ACCEPT      # Tomcat JMX

Just restart your firewall to apply changes

firewall restart


Access JMX data

Just execute jvisualvm or jconsole. Fill up the information and use a none-secure connection.


Add MySQL datasource

Setup MySQL JDBC connector

1. Download MySQL JDBC driver http://dev.mysql.com/downloads/connector/j/

2. Decompress content and extract mysql-connector-java-XXX-bin.jar

3. Copy this file into $TOMCAT/libs Automatic install: /usr/share/tomcat7/lib

Declare MySQL datasource

Server.xml

Automatic install: /etc/tomcat7/server.xml

$TOMCAT/server.xml

Add

<host>
... 
<GlobalNamingResources>
...

<!-- ####################################################################### -->
<!--                              MySQL datasource                           -->
<!-- ####################################################################### -->

<!-- maxActive: Maximum number of database connections in pool. Set to -1 for no limit. -->
<!-- maxIdle: Maximum number of idle database connections to retain in pool. Set to -1 for no limit.  -->
<!-- maxWait: Maximum time to wait for a database connection to become available in ms. Set to -1 to wait indefinitely. -->
<!-- driverClassName: Class name for the official MySQL Connector/J driver is com.mysql.jdbc.Driver. -->

<Resource name="jdbc/myDataSource" 
	      auth="Container" type="javax.sql.DataSource"
	      username="user" password="password" 
	      url="jdbc:mysql://localhost:3306/mySchema" 
	      maxActive="50" maxIdle="30" maxWait="10000"
	      driverClassName="com.mysql.jdbc.Driver"
              factory="org.apache.tomcat.dbcp.dbcp2.BasicDataSourceFactory"
              removeAbandoned="true"
              validationQuery="select 1" validationInterval="30000"
              testOnBorrow="true" testWhileIdle="true" 
              timeBetweenEvictionRunsMillis="60000"
              numTestsPerEvictionRun="5"
              poolPreparedStatements="true"
/>

</GlobalNamingResources>
  • Tomcat 8 : factory="org.apache.tomcat.dbcp.dbcp2.BasicDataSourceFactory"
  • Tomcat 7 >= 7.0.52 : factory="org.apache.tomcat.dbcp.dbcp.BasicDataSourceFactory"
  • Tomcat 6,7 < 7.0.52 : factory="org.apache.commons.dbcp.BasicDataSourceFactory"


Context.xml

Edit:

$TOMCAT/context.xml

Add the following declaration

<!-- ####################################################################### -->
<!--                              MySQL datasource                           -->
<!-- ####################################################################### -->
<ResourceLink name="jdbc/myDataSource" 	
              global="jdbc/myDataSource"
              type="javax.sql.datasource" />


web.xml

Edit

$TOMCAT/web.xml

Add the following declaration

<!-- ####################################################################### -->
<!--                              MySQL datasource                           -->
<!-- ####################################################################### -->

    <resource-ref>
	    <description>RTD database</description>
	    <res-ref-name>jdbc/VehcoData</res-ref-name>
	    <res-type>javax.sql.DataSource</res-type>
	    <res-auth>Container</res-auth>
    </resource-ref>


Take changes into account

Restart tomcat

service tomcat7 restart

Check result: http://localhost:8080/manager/text/resources


Use datasource

To use the datasource with a JNDI name you must prefix it with: java:comp/env/

      java:comp/env/jdbc/myDataSource


Datasource improvements

You can tweak the datasource using some specific config parameters. Edit:

$TOMCAT/server.xml

Edit your JDBC resource:

<Resource auth="Container"
   name="jdbc/APP_NAME"
   username="user"
   password="password"
   type="javax.sql.DataSource"

   url="jdbc:oracle:thin:@server.domain:1521:development"    	→ ORACLE database
   driverClassName="oracle.jdbc.driver.OracleDriver"

   url="jdbc:mysql://localhost:3306/rtd"		→ MySQL database
   driverClassName="com.mysql.jdbc.Driver"

   maxActive="50" maxIdle="30" maxWait="10000"		→ Connection pool
   maxIdle="10"
   maxWait="5000"
   maxActive="30"   	             → To remove none close connections

   logAbandoned="true" 		     To report the stacktrace of the faulty code
   removeAbandoned="true"	     To remedy connection starvation while leaky code is not fixed
   removeAbandonedTimeout="60"	     Interval for fixing connection starvation

   validationQuery="select 1 from dual"     custom query to perform regular checks
   validationInterval="30000"		    To be adjusted!  Interval in ms.
   testOnBorrow="true"
   testOnReturn="false"
   testWhileIdle="true"
   timeBetweenEvictionRunsMillis="5000"
   numTestsPerEvictionRun="3"
   minEvictableIdleTimeMillis="30000"
/>

More tweaks: http://commons.apache.org/proper/commons-dbcp/configuration.html


Basic tasks

Files location

The applications files are in $Tomcat/webapps

  • Automatic installation: /var/lib/tomcat/webapps

Remove old temp files

In case of bugs, you can remove the working directory: $Tomcat/work/Catalina/localhost/*

rm -Rf /var/lib/tomcat7/work/Catalina/localhost/*

Server access

http://server:8080