...
/opt/apache/tomcat.1 - directory for Tomcat1 running on the default port 80808180
/opt/apache/tomcat.1/java - directory we will place java for Tomcat1
/opt/apache/tomcat.2 - directory for Tomcat2
/opt/apache/tomcat.2/java - directory we will place java for Tomcat2 running ont he port 81808280
So as your first step, create the apache directory under opt,
...
Leave the setup Java folder alone for now. It will be moved into the Tomcat folder as part of the Tomcat setup.
Manually Setup Tomcat
Again, by By manually setting up Tomcat there is much more control and you can run multiple tomcat instances. Download tomcat. I prefer the The tar.gz file is used because permissions are already setup for you there such as execute for startup.sh. A zip file will lose the permissions.
...
| Code Block | ||
|---|---|---|
| ||
su - serveradmin
cd ~
gunzip apache-tomcat-6.0.20.tar.gz
tar -xvpf apache-tomcat-6.0.20.tar # All the permissions will be kept
mv ./apache-tomcat-6.0.20/ ./tomcat.1/ # This will be Tomcat1
exit # Switch back to your staff account
|
We do not allow serveradmin sudo access. The purpose of the serveradmin account is to run Tomcat and java. In the event that Tomcat is somehow attacked serveradmin would be compromosied. Not allowing serveradmin access to sudo provides an extra layer of security.
Next move the extracted Java folder into your tomcat folder,
...
| Code Block | ||
|---|---|---|
| ||
cd /opt/apache sudo chown -R serveradmin:staff ./tomcat.1/ sudo chmod -R 750 ./tomcat.1/ |
Change Default Ports
We will change Tomcat1 from the default ports,
- 8005 - for shutdown
- 8009 - for JK Mod
- 8080 - regular port similar to 80
- 8443 - ssl port similar to 443
The new ports will be,
- 8105 - for shutdown
- 8109 - for JK Mod
- 8180 - regular port similar to 80
- 8543 - ssl port similar to 443
The very first step is to verify that the ports for Tomcat1 are not being used.
| Code Block |
|---|
netstat -an | grep LISTEN | grep 8105
netstat -an | grep LISTEN | grep 8109
netstat -an | grep LISTEN | grep 8180
netstat -an | grep LISTEN | grep 8543 |
If you get no results then there are no listening ports.
Change Tomcat1 to use use the new ports by editing /opt/tomcat.1/conf/server.xml. Use an editor to search and replace or more quickly using the following sed commands to do modify your file,
| Code Block |
|---|
cd /opt/apache/tomcat.1/conf
sed -i 's/8005/8105/' server.xml
sed -i 's/8009/8109/' server.xml
sed -i 's/8080/8180/' server.xml
sed -i 's/8443/8543/' server.xml |
Fix Tomcat Logging
Out of the box Tomcat Logging has a bug where after catalina.out reaches a large file size over logging stops working. On top of that if your log file reaches 2GB Tomcat will fail to start and without reporting any errors. Yes this is pretty crazy that this is not fixed.
...
| Code Block | ||
|---|---|---|
| ||
cd /opt sudo cp -Rp ./apache/tomcat.1/ ./apache/tomcat.2/ # This will be Tomcat2 |
Leave Tomcat1 on the default Tomcat6 ports,
- 8005 8105 - for shutdown
- 8009 8109 - for JK Mod
- 8080 8180 - regular port similar to 80
- 8443 8543 - ssl port similar to 443
Tomcat2 will use the following ports,
- 8105 8205 - for shutdown
- 8109 8209 - for JK Mod
- 8180 8280 - regular port similar to 80
- 8543 8643 - ssl port similar to 443
The very first step is to verify that the ports for Tomcat2 are not being used.
| Code Block |
|---|
netstat -an | grep LISTEN | grep 81058205 netstat -an | grep LISTEN | grep 81098209 netstat -an | grep LISTEN | grep 81808280 netstat -an | grep LISTEN | grep 8543 8643 |
If you get no results then there are no listening ports.
Change Tomcat2 to use use the following new ports by editing /opt/tomcat.2/conf/server.xml. Use an editor to search and replace or more quickly using the following sed commands to do modify your file,
| Code Block |
|---|
cd /opt/apache/tomcat.2/conf sed -i 's/8005/8105/8205/' server.xml sed -i 's/8009/8109/8209/' server.xml sed -i 's/8080/8180/8280/' server.xml sed -i 's/8443/8543/8643/' server.xml |
Verify
Finally startup your Tomcat instances and verify that they are listening,
| Code Block | ||
|---|---|---|
| ||
su - serveradmin cd /opt/apache/tomcat.1/bin/ ./startup.sh cd /opt/apache/tomcat.2/bin/ ./startup.sh netstat -an | grep LISTEN tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN tcp6 0 0 127.0.0.1:80058105 :::* LISTEN tcp6 0 0 :::80098109 :::* LISTEN tcp6 0 0 :::80808180 :::* LISTEN tcp6 0 0 :::80 :::* LISTEN tcp6 0 0 :::22 :::* LISTEN unix 2 [ ACC ] STREAM LISTENING 7376 @/com/ubuntu/upstart unix 2 [ ACC ] STREAM LISTENING 11434 /var/run/fail2ban/fail2ban.sock unix 2 [ ACC ] STREAM LISTENING 21228 /var/run/apache2/cgisock.4973 |
Notice that here we have started Tomcat1 and it is listening on port 8009 8109 and 80808180.
Tomcat by default will have a sample application installed and running.
| Tip |
|---|
If you have a firewall setup do not forget to open these the ports for testing and then close them afterwards if you plan to front with the Apache Web Server. |
If your server has a web browser you can load the examples page using http://localhost:80808180/examples/. From another computer you can see the examples application by browsing to, http://www.krypton.com:80808180/examples/ where if www.krypton.com is not a real dns, use the server's IP address or add a host file entry to your client system.
...
| Code Block | ||
|---|---|---|
| ||
<Connector port="80808180" URIEncoding="UTF-8"/> |
If you plan to use mod_jk then also adjust the appropriate connector,
| Code Block | ||
|---|---|---|
| ||
<Connector port="80098109" protocol="AJP/1.3" redirectPort="85438643" URIEncoding="UTF-8" /> |
References
...