Tomcat

Revision as of 16:02, 31 March 2015 by WikiFreak (talk | contribs)


Tomcat is a Java servlet container, it can be used to display simple JSP and run Spring applications.

However, it cannot run JavaEE, you'll need a proper application server such IBM WAS, Glassfish, Jboss, etc. to do so.



Installation Server configuration Application configuration Other
Linux apt-get setup Users management MySQL datasource Apache 2 proxy
Linux manual setup UTF-8
Linux Tomcat on boot IPv4 over IPv6 Example Example
Windows setup JMX configuration Example Example
Increase PermGen Example Example



Server configuration

Create users and user-rights

Manual installation

vim /opt/tomcat/conf/tomcat-users.xml

Automatic installation

vim /etc/tomcat7/tomcat-users.xml


Add / uncomment:

<role rolename="manager" />
<role rolename="admin" />
<role rolename="manager-gui" />
<role rolename="manager-script" />
<role rolename="admin-gui" />

<user username="tomcat" password="password"  roles="admin, admin-gui, manager, manager-gui, manager-script" />


Increase permgen space

Manual install

Add JAVA_OPTS parameters as environment variable

vim /etc/profile

Add following line:

export JAVA_OPTS="-Xms1024m -Xmx1024m -XX:NewSize=256m -XX:MaxNewSize=256m -XX:PermSize=256m -XX:MaxPermSize=512m -XX:+DisableExplicitGC"

Take changes into account

source /etc/profile

Check changes

echo $JAVA_OPTS


Automatic install

vim /etc/default/tomcat7

Add following line:

JAVA_OPTS="-server -Djava.awt.headiless=true -XX:+UseConcMarkSweepGC -XX:+CMSIncrementalMode -XX:+CMSPermGenSweepingEnabled -XX:+CMSClassUnloadingEnabled"
JAVA_OPTS="${JAVA_OPTS} -Xms256m -Xmx2048m"
JAVA_OPTS="${JAVA_OPTS} -XX:NewSize=128m -XX:MaxNewSize=256m"

Take changes into account

service tomcat7 restart


Add UTF-8 support on Tomcat

By default Tomcat will rely on the O.S locale.

In order to support UTF-8 URLs, you’ve to manually update the server’s configuration.

  • automatic install: $Tomcat = /etc/tomcat7
vim $TOMCAT/conf/server.xml

~ Line 70 change the “<connector port=”8080” …” value.

  • Before
<Connector port="8080" protocol="HTTP/1.1"
               connectionTimeout="20000"
               redirectPort="8443" />
  • After
<Connector port="8080" protocol="HTTP/1.1"
               connectionTimeout="20000"
               redirectPort="8443" URIEncoding="UTF-8" />


Restart Tomcat server

service tomcat7 restart


War deployment

There is 2 ways to deploy a war:


If you plan to use the graphical tool then you have to adjust the war file max size. Edit:

${Tomcat root} / webapps / manager / WEB-INF / web.xml


Adjust following values ~line 54 :

<multipart-config>
    <max-file-size>104857600</max-file-size>
    <max-request-size>104857600</max-request-size>
    <file-size-threshold>0</file-size-threshold>
</multipart-config>


add JMX management

Tomcat can be remotely monitored through JMX. That’s useful to check the status of the server: memory, threads and processes, performances, etc.


Restricted access configuration

You should restrict the JMX access.

Create the JMX users rights

vim /var/lib/tomcat7/conf/jmxremote.access

Put the following

monitorRole readonly		→ replace monitorRole by your ''userName''
controlRole readwrite

Create the JMX users password

vim /var/lib/tomcat7/conf/jmxremote.password

Put the following

monitorRole tomcat	         → replace monitorRole by username | replace tomcat by password
controlRole tomcat

Set rights and permissions upon login files

chmod 600 /var/lib/tomcat7/conf/jmxremote.*
chown tomcat7:tomcat7 /var/lib/tomcat7/conf/jmxremote.*

Tomcat launcher configuration

Just edit your default Tomcat launcher:

vim /etc/default/tomcat7

Add the following lines:

JAVA_HOME=/usr/lib/jvm/default-jvm/ 	          → That must be the ORACLE JDK

# JMX configuration
JAVA_OPTS="${JAVA_OPTS} -Dcom.sun.management.jmxremote"
JAVA_OPTS="${JAVA_OPTS} -Dcom.sun.management.jmxremote.port=8090"
JAVA_OPTS="${JAVA_OPTS} -Dcom.sun.management.jmxremote.ssl=false"
JAVA_OPTS="${JAVA_OPTS} -Djava.rmi.server.hostname=preprodrtd.vehco.com"
JAVA_OPTS="${JAVA_OPTS} -Dcom.sun.management.jmxremote.authenticate=true"
JAVA_OPTS="${JAVA_OPTS} -Dcom.sun.management.jmxremote.access.file=/var/lib/tomcat7/conf/jmxremote.access"
JAVA_OPTS="${JAVA_OPTS} -Dcom.sun.management.jmxremote.password.file=/var/lib/tomcat7/conf/jmxremote.password"

!! The rmi.server.hostname must match /etc/hostname !!


Restart tomcat

Service tomcat7 restart


Open firewall

Edit your firewall script

vim /etc/firewall/firewall-start.sh

Incoming connections

$IPTABLES -A INPUT -p tcp --dport 8090 -j ACCEPT     # Tomcat JMX

Outgoing connections

$IPTABLES -t filter -A OUTPUT -p tcp -m state --state NEW --dport 8090 -j ACCEPT      # Tomcat JMX

Just restart your firewall to apply changes

firewall restart


Access JMX data

Just execute jvisualvm or jconsole. Fill up the information and use a none-secure connection.


Add MySQL datasource

Setup MySQL JDBC connector

1. Download MySQL JDBC driver http://dev.mysql.com/downloads/connector/j/

2. Decompress content and extract mysql-connector-java-XXX-bin.jar

3. Copy this file into $TOMCAT/libs Automatic install: /usr/share/tomcat7/lib

Declare MySQL datasource

Server.xml

Automatic install: /etc/tomcat7/server.xml

$TOMCAT/server.xml

Add

<host>
... 
<GlobalNamingResources>
...

<!-- ####################################################################### -->
<!--                              MySQL datasource                           -->
<!-- ####################################################################### -->

<!-- maxActive: Maximum number of database connections in pool. Set to -1 for no limit. -->
<!-- maxIdle: Maximum number of idle database connections to retain in pool. Set to -1 for no limit.  -->
<!-- maxWait: Maximum time to wait for a database connection to become available in ms. Set to -1 to wait indefinitely. -->
<!-- driverClassName: Class name for the official MySQL Connector/J driver is com.mysql.jdbc.Driver. -->

<Resource name="jdbc/myDataSource" 
	      auth="Container" type="javax.sql.DataSource"
	      username="user" password="password" 
	      url="jdbc:mysql://localhost:3306/mySchema" 
	      maxActive="50" maxIdle="30" maxWait="10000"
	      driverClassName="com.mysql.jdbc.Driver"
              factory="org.apache.tomcat.dbcp.dbcp2.BasicDataSourceFactory"
              removeAbandoned="true"
              validationQuery="select 1" validationInterval="30000"
              testOnBorrow="true" testWhileIdle="true" 
              timeBetweenEvictionRunsMillis="60000"
              numTestsPerEvictionRun="5"
              poolPreparedStatements="true"
/>

</GlobalNamingResources>
  • Tomcat 8 : factory="org.apache.tomcat.dbcp.dbcp2.BasicDataSourceFactory"
  • Tomcat 7 >= 7.0.52 : factory="org.apache.tomcat.dbcp.dbcp.BasicDataSourceFactory"
  • Tomcat 6,7 < 7.0.52 : factory="org.apache.commons.dbcp.BasicDataSourceFactory"


Context.xml

Edit:

$TOMCAT/context.xml

Add the following declaration

<!-- ####################################################################### -->
<!--                              MySQL datasource                           -->
<!-- ####################################################################### -->
<ResourceLink name="jdbc/myDataSource" 	
              global="jdbc/myDataSource"
              type="javax.sql.datasource" />


web.xml

Edit

$TOMCAT/web.xml

Add the following declaration

<!-- ####################################################################### -->
<!--                              MySQL datasource                           -->
<!-- ####################################################################### -->

    <resource-ref>
	    <description>RTD database</description>
	    <res-ref-name>jdbc/VehcoData</res-ref-name>
	    <res-type>javax.sql.DataSource</res-type>
	    <res-auth>Container</res-auth>
    </resource-ref>


Take changes into account

Restart tomcat

service tomcat7 restart

Check result: http://localhost:8080/manager/text/resources


Use datasource

To use the datasource with a JNDI name you must prefix it with: java:comp/env/

      java:comp/env/jdbc/myDataSource


Datasource improvements

You can tweak the datasource using some specific config parameters. Edit:

$TOMCAT/server.xml

Edit your JDBC resource:

<Resource auth="Container"
   name="jdbc/APP_NAME"
   username="user"
   password="password"
   type="javax.sql.DataSource"

   url="jdbc:oracle:thin:@server.domain:1521:development"    	→ ORACLE database
   driverClassName="oracle.jdbc.driver.OracleDriver"

   url="jdbc:mysql://localhost:3306/rtd"		→ MySQL database
   driverClassName="com.mysql.jdbc.Driver"

   maxActive="50" maxIdle="30" maxWait="10000"		→ Connection pool
   maxIdle="10"
   maxWait="5000"
   maxActive="30"   	             → To remove none close connections

   logAbandoned="true" 		     To report the stacktrace of the faulty code
   removeAbandoned="true"	     To remedy connection starvation while leaky code is not fixed
   removeAbandonedTimeout="60"	     Interval for fixing connection starvation

   validationQuery="select 1 from dual"     custom query to perform regular checks
   validationInterval="30000"		    To be adjusted!  Interval in ms.
   testOnBorrow="true"
   testOnReturn="false"
   testWhileIdle="true"
   timeBetweenEvictionRunsMillis="5000"
   numTestsPerEvictionRun="3"
   minEvictableIdleTimeMillis="30000"
/>

More tweaks: http://commons.apache.org/proper/commons-dbcp/configuration.html


Basic tasks

Files location

The applications files are in $Tomcat/webapps

  • Automatic installation: /var/lib/tomcat/webapps

Remove old temp files

In case of bugs, you can remove the working directory: $Tomcat/work/Catalina/localhost/*

rm -Rf /var/lib/tomcat7/work/Catalina/localhost/*

Server access

http://server:8080