Table of Contents |
---|
Introduction
This is a method of installing and running Tomcat in a way that is portable and part of the BonsaiFramework 0FS approach. Tar (zip) up the directory and move your entire application server or duplicate it with a copy command.
...
Gliffy Diagram | ||||
---|---|---|---|---|
|
Shortcut
Everything is all packaged up at http://www.bonsaiframework.com/downloads/0fs-tomcat-linux/,
...
For audit purposes, make sure to log in with your own staff id first and then sudo into serveradmin for managing Tomcat. In true Cloud world where everything works as a recipe, use your recipes to make Tomcat adjustments.
Directory Structure
The directory structure will be as follows,
...
Code Block | ||
---|---|---|
| ||
su - bhitch # We need a staff user who can sudo cd /opt sudo mkdir apache sudo chown -R serveradmin:staff ./apache # Make sure serveradmin can use the folder. |
Manually Setup JRE
Include Page | ||||
---|---|---|---|---|
|
Leave the setup Java folder alone for now. It will be moved into the Tomcat folder as part of the Tomcat setup.
Manually Setup Tomcat and Package Java In
By manually setting up Tomcat there is much more control and you can run multiple tomcat instances. Download tomcat. The tar.gz file is used because permissions are already setup such as execute for startup.sh. A zip file will lose the permissions.
...
Code Block | ||
---|---|---|
| ||
cd /opt/apache sudo chown -R serveradmin:staff ./0fs-tomcat/ sudo chmod -R o-wrx ./0fs-tomcat/ |
Only Allow serveradmin to Run Tomcat
Setting up and running Tomcat with serveradmin has the advantage that you can manage the Application server without having to go into root. We want to ensure that only serveradmin starts Tomcat to prevent any issues with permissions. For example, once you start Tomcat as root you may find that log files spawned from that startup can no longer be managed by serveradmin. Also, running Tomcat as serveradmin rather than root is safer from a security standpoint.
...
Code Block | ||
---|---|---|
| ||
#!/bin/sh # Bonsaiframework - Modification Start # -------------------------------------- if [ "$LOGNAME" != "serveradmin" ]; then echo "This service should only managed with the user serveradmin" exit 1 fi # -------------------------------------- # Bonsaiframework - Modification End # Licensed to the Apache Software Foundation (ASF) under one or more |
Bind Tomcat to Java Using setenv.sh
Tomcat can be run with a separate version of JRE or JDK that is not the default system version. To do so, you will have to explicitly set the JRE_HOME variable. The JAVA_HOME variable is also configured as some applications will want to make use of this variable instead.
...
Using this method, you can have different Tomcat instances running different versions of Java and control when you want to move between Java versions.
Verify Process is Running
Finally startup your Tomcat instances and verify that they are listening,
...
If your server has a web browser you can load the examples page using http://localhost:8080/examples/. From another computer you can see the examples application by browsing to, http://www.krypton.com:8080/examples/ where if www.krypton.com is not a real dns, use the server's IP address or add a host file entry to your client system.
Additional Layers
In my experience all my real world systems do not need any more layers to Tomcat. However, there are some odd scenarios which are covered here.
Automatic Startup and Shutdown of Tomcat
Not recommend until you proper monitoring in place. If you system reboots you want to know about it.
...
Warning |
---|
This section is still to be written. |
Setup SSL on Tomcat
For testing purposes or if the only thing you want to do is encrypt the channel of communication you can Setup a Self-Signed Certificate for Tomcat.
...
Note |
---|
The more enterprise solution is to front Tomcat with Apache and setup SSL on Apache. |
UTF-8
Warning |
---|
I have only used this in Production with Confluence. My other i18n projects seem to work fine without this parameter. More testing and research is needed to determine why and if this is a good idea in general. |
...
Code Block | ||
---|---|---|
| ||
<Connector port="8109" protocol="AJP/1.3" redirectPort="8643" URIEncoding="UTF-8" /> |
References
http://wiki.apache.org/tomcat/FAQ/CharacterEncoding#Q9 - still to finish reading
...