LDP
/
old-www
1
1
Fork 0
Code Issues Pull Requests Releases Wiki Activity
old-www/HOWTO/MMBase-Inst-HOWTO/x321.html

1023 lines
14 KiB
HTML
Raw Permalink Blame History

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML
><HEAD
><TITLE
>Installing Tomcat</TITLE
><META
NAME="GENERATOR"
CONTENT="Modular DocBook HTML Stylesheet Version 1.7"><LINK
REL="HOME"
TITLE="
MMBase Installation HOWTO
"
HREF="index.html"><LINK
REL="PREVIOUS"
TITLE="Installing Java"
HREF="x212.html"><LINK
REL="NEXT"
TITLE="
Replacing Tomcat's
default JSP compiler
Jasper
with IBM's
Jikes compiler
"
HREF="x433.html"></HEAD
><BODY
CLASS="sect1"
BGCOLOR="#FFFFFF"
TEXT="#000000"
LINK="#0000FF"
VLINK="#840084"
ALINK="#0000FF"
><DIV
CLASS="NAVHEADER"
><TABLE
SUMMARY="Header navigation table"
WIDTH="100%"
BORDER="0"
CELLPADDING="0"
CELLSPACING="0"
><TR
><TH
COLSPAN="3"
ALIGN="center"
><SPAN
CLASS="application"
>MMBase</SPAN
> Installation HOWTO</TH
></TR
><TR
><TD
WIDTH="10%"
ALIGN="left"
VALIGN="bottom"
><A
HREF="x212.html"
ACCESSKEY="P"
>Prev</A
></TD
><TD
WIDTH="80%"
ALIGN="center"
VALIGN="bottom"
></TD
><TD
WIDTH="10%"
ALIGN="right"
VALIGN="bottom"
><A
HREF="x433.html"
ACCESSKEY="N"
>Next</A
></TD
></TR
></TABLE
><HR
ALIGN="LEFT"
WIDTH="100%"></DIV
><DIV
CLASS="sect1"
><H1
CLASS="sect1"
><A
NAME="AEN321"
></A
>4. Installing <SPAN
CLASS="application"
>Tomcat</SPAN
></H1
><P
>&#13;Download a binary distribution of
<SPAN
CLASS="application"
>Tomcat</SPAN
>
from the <SPAN
CLASS="application"
>Apache Jakarta</SPAN
> website:
<TABLE
BORDER="0"
BGCOLOR="#E0E0E0"
WIDTH="100%"
><TR
><TD
><FONT
COLOR="#000000"
><PRE
CLASS="screen"
>&#13; <A
HREF="http://jakarta.apache.org/tomcat/"
TARGET="_top"
>http://jakarta.apache.org/tomcat/</A
>
</PRE
></FONT
></TD
></TR
></TABLE
>
</P
><P
>&#13;If you don't want to run the
<SPAN
CLASS="application"
>Tomcat</SPAN
> daemon as
<SPAN
CLASS="systemitem"
>root</SPAN
>,
create a new user/group <SPAN
CLASS="systemitem"
>tomcat</SPAN
>
(first make sure that the
<SPAN
CLASS="acronym"
>UID</SPAN
> and <SPAN
CLASS="acronym"
>GID</SPAN
>
you use
are still available
by checking the files <TT
CLASS="filename"
>/etc/passwd</TT
>
and <TT
CLASS="filename"
>/etc/group</TT
>):
<TABLE
BORDER="0"
BGCOLOR="#E0E0E0"
WIDTH="100%"
><TR
><TD
><FONT
COLOR="#000000"
><PRE
CLASS="programlisting"
>&#13;
groupadd -g 220 tomcat
useradd -u 220 -g tomcat -c "Tomcat" -r -d /usr/local/tomcat -s "/sbin/nologin" tomcat
</PRE
></FONT
></TD
></TR
></TABLE
>
</P
><P
>&#13;<DIV
CLASS="warning"
><P
></P
><TABLE
CLASS="warning"
WIDTH="100%"
BORDER="0"
><TR
><TD
WIDTH="25"
ALIGN="CENTER"
VALIGN="TOP"
><IMG
SRC="../images/warning.gif"
HSPACE="5"
ALT="Warning"></TD
><TD
ALIGN="LEFT"
VALIGN="TOP"
><P
>&#13;You really should not use the
<SPAN
CLASS="systemitem"
>root</SPAN
> account
to run the <SPAN
CLASS="application"
>Tomcat</SPAN
> daemon;
(using Tomcat version 4.1.27) we found out that this allows the
<SPAN
CLASS="application"
>MMBase</SPAN
>
<SPAN
CLASS="systemitem"
>admin</SPAN
> user
to write backup dumps of his sites anywhere on the system.
</P
></TD
></TR
></TABLE
></DIV
>
</P
><P
>&#13;&#60;TODO: better solution available?&#62;
</P
><P
>&#13;Extract the <SPAN
CLASS="application"
>Tomcat</SPAN
> distribution
in a new directory:
<TABLE
BORDER="0"
BGCOLOR="#E0E0E0"
WIDTH="100%"
><TR
><TD
><FONT
COLOR="#000000"
><PRE
CLASS="programlisting"
>&#13;
cd /usr/local/
tar -zxvf .../jakarta-tomcat-xxx.tar.gz
</PRE
></FONT
></TD
></TR
></TABLE
>
</P
><P
>&#13;<DIV
CLASS="note"
><P
></P
><TABLE
CLASS="note"
WIDTH="100%"
BORDER="0"
><TR
><TD
WIDTH="25"
ALIGN="CENTER"
VALIGN="TOP"
><IMG
SRC="../images/note.gif"
HSPACE="5"
ALT="Note"></TD
><TD
ALIGN="LEFT"
VALIGN="TOP"
><P
>&#13;Version 4.1.27 came with a hot-fix:
<TABLE
BORDER="0"
BGCOLOR="#E0E0E0"
WIDTH="100%"
><TR
><TD
><FONT
COLOR="#000000"
><PRE
CLASS="programlisting"
>&#13;
cd /usr/local/jakarta-tomcat-xxx/
tar -zxvf .../xxx-hotfix-xxx.tar.gz
</PRE
></FONT
></TD
></TR
></TABLE
>
</P
></TD
></TR
></TABLE
></DIV
>
</P
><P
>&#13;Change the ownership of the
<SPAN
CLASS="application"
>Tomcat</SPAN
> directory
and make it available as
<TT
CLASS="filename"
>/usr/local/tomcat/</TT
>:
<TABLE
BORDER="0"
BGCOLOR="#E0E0E0"
WIDTH="100%"
><TR
><TD
><FONT
COLOR="#000000"
><PRE
CLASS="programlisting"
>&#13;
chown -R tomcat:tomcat /usr/local/jakarta-tomcat-xxx
ln -s /usr/local/jakarta-tomcat-xxx /usr/local/tomcat
</PRE
></FONT
></TD
></TR
></TABLE
>
</P
><P
>&#13;Open up the firewall for web access
to the <SPAN
CLASS="application"
>Tomcat</SPAN
> server
by adding to the file
<TT
CLASS="filename"
>/etc/sysconfig/iptables</TT
>:
<TABLE
BORDER="0"
BGCOLOR="#E0E0E0"
WIDTH="100%"
><TR
><TD
><FONT
COLOR="#000000"
><PRE
CLASS="programlisting"
>&#13;
-A RH-Lokkit-0-50-INPUT -p tcp -m tcp --dport 8080 --syn -j ACCEPT
</PRE
></FONT
></TD
></TR
></TABLE
>
</P
><P
>&#13;You need to reboot your system to make this rule effective
or restart the <SPAN
CLASS="application"
>iptables</SPAN
> firewall:
<TABLE
BORDER="0"
BGCOLOR="#E0E0E0"
WIDTH="100%"
><TR
><TD
><FONT
COLOR="#000000"
><PRE
CLASS="programlisting"
>&#13;
service iptables restart
</PRE
></FONT
></TD
></TR
></TABLE
>
</P
><P
>&#13;<DIV
CLASS="tip"
><P
></P
><TABLE
CLASS="tip"
WIDTH="100%"
BORDER="0"
><TR
><TD
WIDTH="25"
ALIGN="CENTER"
VALIGN="TOP"
><IMG
SRC="../images/tip.gif"
HSPACE="5"
ALT="Tip"></TD
><TD
ALIGN="LEFT"
VALIGN="TOP"
><P
>&#13;Since (for some odd reason) some network managers allow outgoing web
connections only to
<SPAN
CLASS="systemitem"
><SPAN
CLASS="acronym"
>TCP</SPAN
> port 80</SPAN
>,
there might be people around that cannot access your
<SPAN
CLASS="application"
>Tomcat</SPAN
>
(and <SPAN
CLASS="application"
>MMBase</SPAN
>) server
through <SPAN
CLASS="systemitem"
>port 8080</SPAN
>.
Further <A
HREF="jk2.html"
>below</A
>
we will explain how to install
a <SPAN
CLASS="acronym"
>JK 2</SPAN
> mapping or a reverse proxy
in <SPAN
CLASS="application"
>Apache</SPAN
>,
so <SPAN
CLASS="application"
>Tomcat</SPAN
>
and <SPAN
CLASS="application"
>MMBase</SPAN
>
can be accessed through the
<SPAN
CLASS="application"
>Apache</SPAN
> web server
at <SPAN
CLASS="systemitem"
>port 80</SPAN
>.
Apart from the port issue,
this has the advantage that you can use
<SPAN
CLASS="application"
>Apache</SPAN
>
to manage you <SPAN
CLASS="acronym"
>SSL</SPAN
> connections
and use your existing
<SPAN
CLASS="application"
>Apache</SPAN
>
logs and statistics facilities
for <SPAN
CLASS="application"
>Tomcat</SPAN
>
and <SPAN
CLASS="application"
>MMBase</SPAN
> as well.
</P
><P
>&#13;If you decide to use
<SPAN
CLASS="application"
>Apache</SPAN
>
as a front-end to your
<SPAN
CLASS="application"
>Tomcat</SPAN
>
and <SPAN
CLASS="application"
>MMBase</SPAN
> server,
there's no need to open up
<SPAN
CLASS="systemitem"
>port 8080</SPAN
>
in your firewall.
</P
></TD
></TR
></TABLE
></DIV
>
</P
><P
>&#13;To run <SPAN
CLASS="application"
>Tomcat</SPAN
>,
set the <TT
CLASS="envar"
>$CATALINA_HOME</TT
> environment variable:
<TABLE
BORDER="0"
BGCOLOR="#E0E0E0"
WIDTH="100%"
><TR
><TD
><FONT
COLOR="#000000"
><PRE
CLASS="programlisting"
>&#13;
CATALINA_HOME=/usr/local/tomcat
</PRE
></FONT
></TD
></TR
></TABLE
>
</P
><P
>&#13;and fire it up:
<TABLE
BORDER="0"
BGCOLOR="#E0E0E0"
WIDTH="100%"
><TR
><TD
><FONT
COLOR="#000000"
><PRE
CLASS="programlisting"
>&#13;
/usr/local/tomcat/bin/startup.sh
</PRE
></FONT
></TD
></TR
></TABLE
>
</P
><P
>&#13;Now you can access
<SPAN
CLASS="application"
>Tomcat</SPAN
>'s home page through
(replace <TT
CLASS="replaceable"
><I
>&#60;hostname&#62;</I
></TT
> with your hostname):
<TABLE
BORDER="0"
BGCOLOR="#E0E0E0"
WIDTH="100%"
><TR
><TD
><FONT
COLOR="#000000"
><PRE
CLASS="programlisting"
>&#13;
http://&#60;hostname&#62;:8080/
</PRE
></FONT
></TD
></TR
></TABLE
>
</P
><P
>&#13;which should give you the <SPAN
CLASS="application"
>Tomcat</SPAN
>
welcome screen.
<P
><IMG
SRC="ApacheTomcat-600x420.png"></P
>
</P
><P
>&#13;To shutdown again:
<TABLE
BORDER="0"
BGCOLOR="#E0E0E0"
WIDTH="100%"
><TR
><TD
><FONT
COLOR="#000000"
><PRE
CLASS="programlisting"
>&#13;
/usr/local/tomcat/bin/shutdown.sh
</PRE
></FONT
></TD
></TR
></TABLE
>
</P
><P
>&#13;Since we want to automate the starting up and shutting down of the
<SPAN
CLASS="application"
>Tomcat</SPAN
> server,
we create a file
<TT
CLASS="filename"
>/etc/rc.d/init.d/tomcat</TT
>
to do this for us:
<TABLE
BORDER="0"
BGCOLOR="#E0E0E0"
WIDTH="100%"
><TR
><TD
><FONT
COLOR="#000000"
><PRE
CLASS="programlisting"
>&#13;
#!/bin/sh
#
# Startup script for the Jakarta Tomcat Java Servlets and JSP server
#
# chkconfig: - 85 15
# description: Jakarta Tomcat Java Servlets and JSP server
# processname: tomcat
# pidfile: /var/run/tomcat.pid
# config:
# Source function library.
. /etc/rc.d/init.d/functions
# Source networking configuration.
. /etc/sysconfig/network
# Check that networking is up.
[ ${NETWORKING} = "no" ] &#38;&#38; exit 0
# Set Tomcat environment.
export JAVA_HOME=/usr/local/j2sdk
export CLASSPATH=.:/usr/local/j2sdk/lib/tools.jar:/usr/local/j2re/lib/rt.jar
export CATALINA_HOME=/usr/local/tomcat
export CATALINA_OPTS="-server -Xms64m -Xmx512m -Dbuild.compiler.emacs=true"
export PATH=/usr/local/j2sdk/bin:/usr/local/j2re/bin:$PATH
[ -f /usr/local/tomcat/bin/startup.sh ] || exit 0
[ -f /usr/local/tomcat/bin/shutdown.sh ] || exit 0
export PATH=$PATH:/usr/bin:/usr/local/bin
# See how we were called.
case "$1" in
start)
# Start daemon.
echo -n "Starting Tomcat: "
/usr/local/tomcat/bin/startup.sh
RETVAL=$?
echo
[ $RETVAL = 0 ] &#38;&#38; touch /var/lock/subsys/tomcat
;;
stop)
# Stop daemons.
echo -n "Shutting down Tomcat: "
/usr/local/tomcat/bin/shutdown.sh
RETVAL=$?
echo
[ $RETVAL = 0 ] &#38;&#38; rm -f /var/lock/subsys/tomcat
;;
restart)
$0 stop
$0 start
;;
condrestart)
[ -e /var/lock/subsys/tomcat ] &#38;&#38; $0 restart
;;
status)
status tomcat
;;
*)
echo "Usage: $0 {start|stop|restart|status}"
exit 1
esac
exit 0
</PRE
></FONT
></TD
></TR
></TABLE
>
</P
><P
>&#13;Set its ownership and access rights:
<TABLE
BORDER="0"
BGCOLOR="#E0E0E0"
WIDTH="100%"
><TR
><TD
><FONT
COLOR="#000000"
><PRE
CLASS="programlisting"
>&#13;
chown root:root /etc/rc.d/init.d/tomcat
chmod 755 /etc/rc.d/init.d/tomcat
</PRE
></FONT
></TD
></TR
></TABLE
>
</P
><P
>&#13;And add this init script to
<SPAN
CLASS="application"
>chkconfig</SPAN
>:
<TABLE
BORDER="0"
BGCOLOR="#E0E0E0"
WIDTH="100%"
><TR
><TD
><FONT
COLOR="#000000"
><PRE
CLASS="programlisting"
>&#13;
chkconfig --add tomcat
chkconfig tomcat on
</PRE
></FONT
></TD
></TR
></TABLE
>
</P
><P
>&#13;<DIV
CLASS="tip"
><P
></P
><TABLE
CLASS="tip"
WIDTH="100%"
BORDER="0"
><TR
><TD
WIDTH="25"
ALIGN="CENTER"
VALIGN="TOP"
><IMG
SRC="../images/tip.gif"
HSPACE="5"
ALT="Tip"></TD
><TD
ALIGN="LEFT"
VALIGN="TOP"
><P
>&#13;Instead of creating your own init script,
you can use the script that comes with
the <SPAN
CLASS="application"
>Tomcat</SPAN
> package:
<TT
CLASS="filename"
>/usr/local/tomcat/bin/catalina.sh</TT
>.
Make sure you set
the <SPAN
CLASS="application"
>Tomcat</SPAN
> environment
at the start of this script.
Or create a short init script that calls
the original <SPAN
CLASS="application"
>Tomcat</SPAN
> init script.
</P
><P
>&#13;See
<A
HREF="http://www.jguru.com/faq/view.jsp?EID=425628"
TARGET="_top"
>How can I start Tomcat as a daemon in Linux?</A
>.
</P
></TD
></TR
></TABLE
></DIV
>
</P
><P
>&#13;<DIV
CLASS="tip"
><P
></P
><TABLE
CLASS="tip"
WIDTH="100%"
BORDER="0"
><TR
><TD
WIDTH="25"
ALIGN="CENTER"
VALIGN="TOP"
><IMG
SRC="../images/tip.gif"
HSPACE="5"
ALT="Tip"></TD
><TD
ALIGN="LEFT"
VALIGN="TOP"
><P
>&#13;To install two (or even more) versions of
<SPAN
CLASS="application"
>Tomcat</SPAN
> server
on the same system,
increase the <SPAN
CLASS="systemitem"
>port</SPAN
> numbers
of the second server (e.g. by 10),
by editing the configuration file
<TT
CLASS="filename"
>/usr/local/tomcat55/conf/server.xml</TT
>:
<TABLE
BORDER="0"
BGCOLOR="#E0E0E0"
WIDTH="100%"
><TR
><TD
><FONT
COLOR="#000000"
><PRE
CLASS="programlisting"
>&#13;
&#60;Server port="8015" shutdown="SHUTDOWN"&#62;
...
&#60;!-- Define a non-SSL HTTP/1.1 Connector on port 8080 --&#62;
&#60;Connector port="8090"
maxThreads="150" minSpareThreads="25" maxSpareThreads="75"
enableLookups="false" redirectPort="8453" acceptCount="100"
connectionTimeout="20000" disableUploadTimeout="true" /&#62;
...
&#60;!-- Define a SSL HTTP/1.1 Connector on port 8443 --&#62;
&#60;!--
&#60;Connector port="8453"
maxThreads="150" minSpareThreads="25" maxSpareThreads="75"
enableLookups="false" disableUploadTimeout="true"
acceptCount="100" scheme="https" secure="true"
clientAuth="false" sslProtocol="TLS" /&#62;
--&#62;
...
&#60;!-- Define an AJP 1.3 Connector on port 8009 --&#62;
&#60;Connector port="8019"
enableLookups="false" redirectPort="8453" protocol="AJP/1.3" /&#62;
...
&#60;!-- Define a Proxied HTTP/1.1 Connector on port 8082 --&#62;
&#60;!-- See proxy documentation for more information about using this. --&#62;
&#60;!--
&#60;Connector port="8082"
maxThreads="150" minSpareThreads="25" maxSpareThreads="75"
enableLookups="false" acceptCount="100" connectionTimeout="20000"
proxyPort="80" disableUploadTimeout="true" /&#62;
--&#62;
</PRE
></FONT
></TD
></TR
></TABLE
>
</P
><P
>&#13;Complete this second
<SPAN
CLASS="application"
>Tomcat</SPAN
> server installation
as above for the first server,
using adjusted directory and file names.
</P
></TD
></TR
></TABLE
></DIV
>
</P
></DIV
><DIV
CLASS="NAVFOOTER"
><HR
ALIGN="LEFT"
WIDTH="100%"><TABLE
SUMMARY="Footer navigation table"
WIDTH="100%"
BORDER="0"
CELLPADDING="0"
CELLSPACING="0"
><TR
><TD
WIDTH="33%"
ALIGN="left"
VALIGN="top"
><A
HREF="x212.html"
ACCESSKEY="P"
>Prev</A
></TD
><TD
WIDTH="34%"
ALIGN="center"
VALIGN="top"
><A
HREF="index.html"
ACCESSKEY="H"
>Home</A
></TD
><TD
WIDTH="33%"
ALIGN="right"
VALIGN="top"
><A
HREF="x433.html"
ACCESSKEY="N"
>Next</A
></TD
></TR
><TR
><TD
WIDTH="33%"
ALIGN="left"
VALIGN="top"
>Installing <SPAN
CLASS="application"
>Java</SPAN
></TD
><TD
WIDTH="34%"
ALIGN="center"
VALIGN="top"
>&nbsp;</TD
><TD
WIDTH="33%"
ALIGN="right"
VALIGN="top"
>Replacing <SPAN
CLASS="application"
>Tomcat</SPAN
>'s
default <SPAN
CLASS="acronym"
>JSP</SPAN
> compiler
<SPAN
CLASS="application"
>Jasper</SPAN
>
with <SPAN
CLASS="acronym"
>IBM</SPAN
>'s
<SPAN
CLASS="application"
>Jikes</SPAN
> compiler</TD
></TR
></TABLE
></DIV
></BODY
></HTML
>
Reference in New Issue View Git Blame Copy Permalink