部署Tomcat服务器
- 安装部署JDK基础环境
yum –y install java-1.8.0-openjdk java-1.8.0-openjdk-headless
java -version- 安装部署Tomcat服务器
tar –xf apache-tomcat-8.0.30.tar.gz
mv apache-tomcat-8.0.30 /usr/local/tomcat
mv /dev/random /dev/random.bak
ln –s /dev/urandom /dev/random
/usr/local/tomcat/bin/startup.sh
ss –anptu | grep javaà8005/8009/8080三个端口必须正常运行
- 实现开机自启,将启动命令写入启动文件中
vim /etc/rc.local
/usr/local/tomcat/bin/startup.sh- 创建测试页面
vim /usr/local/tomcat/webapps/ROOT/test.jsp
<html>
<body>
<center>
Now time is : <%=new java.util.Date()%>
</center>
</body>
</html>- 客户端访问验证
firefox 192.168.1.1:8080/test.jsp使用tomcat部署虚拟主机
# vim /usr/local/tomcat/conf/server.xml
<Host name="www.a.com" appBase="a" unpackWARs="true" autoDeploy="true">
</Host>
<Host name="www.b.com" appBase="b" unpackWARs="true" autoDeploy="true">
</Host>
# mkdir -p /usr/local/tomcat/{a,b}/ROOT
# echo "AAA" > /usr/local/tomcat/a/ROOT/index.html
# echo "BBB" > /usr/local/tomcat/b/ROOT/index.html- 当用户访问 http://www.a.com/test ,打开/var/www/html目录下的内容
vim /usr/local/tomcat/conf/server.xml
<Host name="www.a.com" appBase="a" unpackWARs="true" autoDeploy="true">
<Context path=”/test” docBase=”/var/www/html/” />
</Host>- 客户端测试
# firefox http://www.a.com:8080/test
配置tomcat日志
vim /usr/local/tomcat/conf/server.xml
<Host name="www.a.com" appBase="a" unpackWARs="true" autoDeploy="true">
<Context path=”/test” docBase=”/var/www/html/” />
<Valve className="org.apache.catalina.valves.AccessLogValve" directory="logs"
prefix="a_access" suffix=".txt"
pattern="%h %l %u %t "%r" %s %b" />
</Host>
<Host name="www.b.com" appBase="b" unpackWARs="true" autoDeploy="true">
<Valve className="org.apache.catalina.valves.AccessLogValve" directory="logs"
prefix="b_access" suffix=".txt"
pattern="%h %l %u %t "%r" %s %b" />
</Host>配置tomcat集群
- Nginx调度器上配置相应规则
vim /usr/local/nginx/conf/nginx.conf
http {
upstream tomcat {
server 192.168.1.1:8080;
server 192.168.1.2:8080;
}
server {
listen 80;
server_name localhost;
location / {
proxy_pass http://tomcat;
}
}
}Tomcat 安全性配置
- 隐藏tomcat版本信息
# yum –y install java-1.8.0-openjdk-devel
# cd /usr/local/tomcat/lib/
# jar –xf catalina.jar
# vim org/apache/catalina/util/ServerInfo.properties
server.info=Ktz/1.0.0
server.number=1.0.0
server.built=Dec 1 2015 22:30:46 UTC
# vim /usr/local/tomcat/conf/server.xml
<Connector port="8080" protocol="HTTP/1.1"
connectionTimeout=”20000” redirectPort=”8443” server=”Ktz” />- tomcat降级启动
默认tomcat使用系统高级管理员账户root启动服务,启动服务尽量使用普通用户,防止别人通过tomcat服务供给服务器。
# useradd –s /sbin/nologin tomcat
# chown –R tomcat:tomcat /usr/local/tomcat/
# su –c /usr/local/tomcat/bin/startup.sh tomcat
# chmod +x /etc/rc.local
# vim /etc/rc.local
# su –c /usr/local/tomcat/bin/startup.sh tomcat