Tomcat deployment and tuning

Tomcat deployment

1. Install java-jdk environment
yum the install -Y-java-1.8.0 OpenJDK
yum the install -Y-java-1.8.0-headless OpenJDK
java -version
See java version
2. Installation Tomcat
extract the source packet
tar -xf apache-tomcat -8.0.30.tar.gz

Move to the / usr / local / under
mv apache-tomcat-8.0.30 / usr / local / tomcat

bin / ## main program directory
lib / ## library file directory
logs / ## log directory
temp / ## temporary directory
work / ## automatically compiled jsp directory transcoding the servlet
conf / ## profile directory
webapps / ## page catalog

3. Start Services
/usr/local/tomcat/bin/startup.sh

4. Verify server port information
netstat -nutlp | grep the Java
8080 and 8005 ports are open
If the inspection port, the port 8005 a very slow start, the following command can be used by replacing urandom random (non-essential operation).
mv /dev/random /dev/random.bak
ln -s /dev/urandom /dev/random

Use deploy Tomcat Hosting

1. Modify the profile
cat /usr/local/tomcat/conf/server.xml

<Server>
   <Service>
     <Connector port=8080 />
     <Connector port=8009 />
     <Engine name="Catalina" defaultHost="localhost">
<Host name="www.a.com" appBase="a" unpackWARS="true" autoDeploy="true">
</Host>
<Host name="www.b.com" appBase="b" unpackWARS="true" autoDeploy="true">
</Host>
… …

2. Create a virtual host
mkdir -p / usr / local / Tomcat / {A, B} / the ROOT
echo "the AAA"> /usr/local/tomcat/a/ROOT/index.html
echo "the BBB"> / usr / local /tomcat/b/ROOT/index.html

3) Restart Tomcat

Modify www.b.com website home page directory base

1. Modify the configuration file
vim /usr/local/tomcat/conf/server.xml

...
<Host name="www.a.com" appBase="a" unpackWARS="true" autoDeploy="true">
</Host>
<Host name="www.b.com" appBase="b" unpackWARS="true" autoDeploy="true">
<Context path="" docBase="base"/>
</Host>
...

2. Create the root directory
mkdir / usr / local / Tomcat / b / Base
echo "BASE"> /usr/local/tomcat/b/base/index.html

3. Restart tomcat

Jump pages

1. When the user opens the page access http://www.a.com/test at / var / www / html directory
vim /usr/local/tomcat/conf/server.xml

<Host name="www.a.com" appBase="a" unpackWARS="true" autoDeploy="true">
<Context path="/test" docBase="/var/www/html/" />
</Host>
<Host name="www.b.com" appBase="b" unpackWARS="true" autoDeploy="true">
<Context path="" docBase="base" />
</Host>

2. Edit the page
echo "Test"> /var/www/html/index.html

3. Restart tomcat

Configuring Tomcat to support SSL encrypted website

1. Create encrypted with the private key and certificate files
keytool -genkeypair -alias tomcat -keyalg RSA -keystore / usr / local / tomcat / keystore

Prompted to enter the password: 123456
## - genkeypair generate a key pair
## - alias tomcat key alias
## - keyalg RSA key algorithm is the RSA algorithm is defined
## - keystore define the key file is stored in: / usr / local / tomcat / keystore

2. Modify the server.xml configuration file, create a support encrypted connections Connector

<Connector port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol"
maxThreads="150" SSLEnabled="true" scheme="https" secure="true"
keystoreFile="/usr/local/tomcat/keystore" keystorePass="123456" clientAuth="false" sslProtocol="TLS" />

3. Restart Tomcat

Configuring Tomcat log

Different settings for each virtual host log files
1.vim /usr/local/tomcat/conf/server.xml

<Host name="www.a.com" appBase="a" unpackWARS="true" autoDeploy="true">
<Context path="/test" docBase="/var/www/html/" />
#从默认localhost虚拟主机中把Valve这段复制过来，适当修改下即可
<Valve className="org.apache.catalina.valves.AccessLogValve" directory="logs"
               prefix=" a_access" suffix=".txt"
               pattern="%h %l %u %t &quot;%r&quot; %s %b" />
</Host>

2. Restart Tomcat
3. Check the log
ls / usr / local / tomcat / logs /

tomcat tuning

1. Modify the server.xml file

将 
<!--
 <Executor name="tomcatThreadPool" namePrefix="catalina-exec-"
 maxThreads="150" minSpareThreads="4"/>
 -->
修改为：
  <Executor name="tomcatThreadPool" namePrefix="catalina-exec-"   maxThreads="1500" minSpareThreads="50" prestartminSpareThreads="true"/>
        #maxThreads 最大线程数
        #minSpareThreads 最小线程
        #prestartminSpareThreads 是否在启动前准备线程
将
<Connector port="8080"  protocol="HTTP/1.1"  connectionTimeout="20000" redirectPort="8443" 
 />
修改为
 <Connector executor ="tomcatThreadPool" port="8009" protocol="org.apache.coyote.http11.Http11Nio2Protocol"  connectionTimeout="20000" maxConnections="10000"  redirectPort="8443" acceptCount="1500"/>
 #acceptCount 线程达到最大时,排队的最大请求个数
 #connectionTimeout 链接超时时间
#acceptCount与maxThreads设置一样大(最大请求数)
#tomcatThreadPool 线程池

2.linux current system of a single user process while the number of open files limit
ulimit -u The default is 1024. The system allows the user to view the current process number of open file
if you want to support higher concurrency can modify the soft and hard limit, the soft limit is the number of Linux users further restrictions in the current system can withstand a range of simultaneously open files; hard limit is based on the system hardware resources (main system memory) calculated from the number of file system up to simultaneously open. The soft limit is usually equal to or less than the hard limit.
vim /etc/security/limits.conf

#增加如下配置
prouser  soft   nofile 65536
prouser  hard nofile 65536
prouser  soft  nproc 65536
prouser hard nproc 65536

Restrictions 3.Linux network kernel of TCP connections
vim /etc/sysctl.conf

net.ipv4.tcp_tw_reuse = 1 
net.ipv4.tcp_tw_recycle = 1 
net.ipv4.tcp_fin_timeout = 30 
#超时时间
net.ipv4.ip_local_port_range = 10000 65000 
#修改端口范围
net.ipv4.tcp_max_syn_backlog = 8192 
#允许多少个访问地址
net.ipv4.tcp_max_tw_buckets = 10000

net.core.somaxconn=8192      
#accept队列的长度跟这个参数有关