■ Rocky linux 9.3 tomcat 10.1.18
1) java インストール
# dnf -y install java-21-openjdk java-21-openjdk-devel
# cat > /etc/profile.d/java.sh <<__EOF__
export JAVA_HOME=$(dirname $(dirname $(readlink $(readlink $(which java)))))
export PATH=$PATH:$JAVA_HOME/bin
__EOF__
#source /etc/profile.d/java.sh
# update-alternatives --config java
# java --version
export JAVA_HOME=$(dirname $(dirname $(readlink $(readlink $(which java)))))
export PATH=$PATH:$JAVA_HOME/bin
__EOF__
#source /etc/profile.d/java.sh
# update-alternatives --config java
# java --version
openjdk 21.0.2 2024-01-16 LTS
OpenJDK Runtime Environment (Red_Hat-21.0.2.0.13-1) (build 21.0.2+13-LTS)
OpenJDK 64-Bit Server VM (Red_Hat-21.0.2.0.13-1) (build 21.0.2+13-LTS, mixed mode, sharing)
・tomcat 10.1.18
wget https://dlcdn.apache.org/tomcat/tomcat-10/v10.1.18/bin/apache-tomcat-10.1.18.tar.gz
# tar xzvf apache-tomcat-10.1.18.tar.gz
# ln -s apache-tomcat-10.1.18 tomcat
# ln -s apache-tomcat-10.1.18 tomcat
# vi /usr/lib/systemd/system/tomcat10.service<<__EOF__
[Unit]
Description=Apache Tomcat 10
After=network.target
[Service]
Type=oneshot
ExecStart=/opt/tomcat/bin/startup.sh
ExecStop=/opt/tomcat/bin/shutdown.sh
RemainAfterExit=yes
User=tomcat
Group=tomcat
[Install]
WantedBy=multi-user.target
__EOF__
[Unit]
Description=Apache Tomcat 10
After=network.target
[Service]
Type=oneshot
ExecStart=/opt/tomcat/bin/startup.sh
ExecStop=/opt/tomcat/bin/shutdown.sh
RemainAfterExit=yes
User=tomcat
Group=tomcat
[Install]
WantedBy=multi-user.target
__EOF__
# useradd -M -d /opt/tomcat tomcat
# chown -R tomcat:tomcat /opt/tomcat /opt/tomcat/*
# cd /opt/tomcat
# systemctl restart httpd
# systemctl restart tomcat10
# systemctl enable tomcat10
・apache 連携
# vi /etc/httpd/conf.d/tomcat.conf << __EOF__
<Location /tomcat >
ProxyPass ajp://localhost:8009/
ProxyPassReverse ajp://localhost:8009/tomcat/
</Location>
<Location /docs >
ProxyPass ajp://localhost:8009/docs/
ProxyPassReverse ajp://localhost:8009/docs/
</Location>
<Location /examples >
ProxyPass ajp://localhost:8009/examples/
ProxyPassReverse ajp://localhost:8009/examples/
</Location>
<Location /host-manager >
ProxyPass ajp://localhost:8009/host-manager/
ProxyPassReverse ajp://localhost:8009/host-manager/
</Location>
<Location /manager >
ProxyPass ajp://localhost:8009/manager/
ProxyPassReverse ajp://localhost:8009/manager/
</Location>
__EOF__
# vi /opt/tomcat/conf/server.xml
<!-- del by takahab
<Connector port="8080" protocol="HTTP/1.1"
connectionTimeout="20000"
redirectPort="8443"
maxParameterCount="1000"
/>
del by takahb -->
<!-- add by takahab -->
<Connector port="8009" protocol="AJP/1.3"
proxyName="portal.cxdnext.co.jp"
proxyPort="443"
scheme="https"
secure="true"
redirectPort="8443"
maxParameterCount="1000"
secretRequired="false"
/>
<!-- add by takahab -->
http://10.0.12.101/tomcat/
■ CentOS8 * tomcat 10.0.12
1) java インストール
# dnf -y install java-11-openjdk java-11-openjdk-devel
# cat > /etc/profile.d/java.sh <<__EOF__
export JAVA_HOME=$(dirname $(dirname $(readlink $(readlink $(which java)))))
export PATH=$PATH:$JAVA_HOME/bin
__EOF__
#source /etc/profile.d/java.sh
# update-alternatives --config java
# java --version
openjdk 11.0.13 2021-10-19 LTS
OpenJDK Runtime Environment 18.9 (build 11.0.13+8-LTS)
OpenJDK 64-Bit Server VM 18.9 (build 11.0.13+8-LTS, mixed mode, sharing)
# cat > /etc/profile.d/java.sh <<__EOF__
export JAVA_HOME=$(dirname $(dirname $(readlink $(readlink $(which java)))))
export PATH=$PATH:$JAVA_HOME/bin
__EOF__
#source /etc/profile.d/java.sh
# update-alternatives --config java
# java --version
openjdk 11.0.13 2021-10-19 LTS
OpenJDK Runtime Environment 18.9 (build 11.0.13+8-LTS)
OpenJDK 64-Bit Server VM 18.9 (build 11.0.13+8-LTS, mixed mode, sharing)
■ tomcat インストール
https://dlcdn.apache.org/tomcat/tomcat-10/v10.0.12/bin/apache-tomcat-10.0.12.tar.gz
# cd /opt
# wget https://dlcdn.apache.org/tomcat/tomcat-10/v10.0.12/bin/apache-tomcat-10.0.12.tar.gz
# tar xzvf apache-tomcat-10.0.12.tar.gz
# ln -s apache-tomcat-10.0.12 tomcat
# vi /usr/lib/systemd/system/tomcat10.service<<__EOF__
[Unit]
Description=Apache Tomcat 10
After=network.target
[Service]
Type=oneshot
ExecStart=/opt/tomcat/bin/startup.sh
ExecStop=/opt/tomcat/bin/shutdown.sh
RemainAfterExit=yes
User=tomcat
Group=tomcat
[Install]
WantedBy=multi-user.target
__EOF__
# wget https://dlcdn.apache.org/tomcat/tomcat-10/v10.0.12/bin/apache-tomcat-10.0.12.tar.gz
# tar xzvf apache-tomcat-10.0.12.tar.gz
# ln -s apache-tomcat-10.0.12 tomcat
# vi /usr/lib/systemd/system/tomcat10.service<<__EOF__
[Unit]
Description=Apache Tomcat 10
After=network.target
[Service]
Type=oneshot
ExecStart=/opt/tomcat/bin/startup.sh
ExecStop=/opt/tomcat/bin/shutdown.sh
RemainAfterExit=yes
User=tomcat
Group=tomcat
[Install]
WantedBy=multi-user.target
__EOF__
# cd /opt
# ln -s /opt/apache-tomcat-10.0.12 tomcat
# useradd -M -d /opt/tomcat tomcat
# useradd -M -d /opt/tomcat tomcat
# chown -R tomcat:tomcat /opt/tomcat /opt/tomcat/*
# firewall-cmd --add-port=8080/tcp --permanent
# firewall-cmd --reload# cd ~/Selinux
# vi catalinash.te <<__EOF__
module catalinash 1.0;
require {
type init_t;
type admin_home_t;
class file { append execute execute_no_trans ioctl open read };
}
#============= init_t ==============
allow init_t admin_home_t:file { append execute execute_no_trans ioctl open read };
__EOF__
# checkmodule -m -M -o catalinash.mod catalinash.te
# semodule_package --outfile catalinash.pp --module catalinash.mod
# semodule -i catalinash.pp
# systemctl restart tomcat10
# systemctl enable tomcat10
URL localhost:8080で確認
■ CentOS7 + tomcat8.5.11
# yum install httpd
https://tomcat.apache.org/download-80.cgi#8.5.11
# mv apache-tomcat-8.5.11.tar.gz /opt
# cd /opt
# tar xvzf apache-tomcat-8.5.11.tar.gz
# rm apache-tomcat-8.5.11.tar.gz
# ln -s apache-tomcat-8.5.11 tomcat
# vi /usr/lib/systemd/system/tomcat.service
[Unit]
Description=Apache Tomcat 8.5
After=network.target
[Service]
User=tomcat
Group=tomcat
Type=oneshot
RemainAfterExit=yes
PIDFile=/var/run/tomcat.pid
EnvironmentFile=/etc/sysconfig/tomcat
ExecStart=/opt/tomcat/bin/startup.sh
ExecStop=/opt/tomcat/bin/shutdown.sh
[Install]
WantedBy=multi-user.target
# chmod 644 /usr/lib/systemd/system/tomcat.service
# useradd -d /opt/tomcat -s /sbin/nologin tomcat
useradd: 警告: ホームディレクトリが既に存在します。 <--- 無視
skel ディレクトリからのコピーは行いません。
# chown -R tomcat:tomcat /opt/tomcat /opt/tomcat/*
# vi /etc/sysconfig/tomcat
GUACAMOLE_HOME=/etc/guacamole
【参考】
# java -version
openjdk version "1.8.0_121"
OpenJDK Runtime Environment (build 1.8.0_121-b13)
OpenJDK 64-Bit Server VM (build 25.121-b13, mixed mode)
# /opt/tomcat/bin/version.sh
Using CATALINA_BASE: /opt/tomcat
Using CATALINA_HOME: /opt/tomcat
Using CATALINA_TMPDIR: /opt/tomcat/temp
Using JRE_HOME: /
Using CLASSPATH: /opt/tomcat/bin/bootstrap.jar:/opt/tomcat/bin/tomcat-juli.jar
Server version: Apache Tomcat/8.5.11
Server built: Jan 10 2017 21:02:52 UTC
Server number: 8.5.11.0
OS Name: Linux
OS Version: 3.10.0-514.6.1.el7.x86_64
Architecture: amd64
JVM Version: 1.8.0_121-b13
JVM Vendor: Oracle Corporation
■apache2.4とtomcat8.5連携の設定
1) ajpモジュールが組み込まれているか確認
# cd /etc/httpd/conf.modules.d
# grep -e mod_proxy_ajp -e mod_proxy.so *
00-proxy.conf:LoadModule proxy_module modules/mod_proxy.so
00-proxy.conf:LoadModule proxy_ajp_module modules/mod_proxy_ajp.so
ProxyPass ajp://localhost:8009/guacamole/
</Location>
<Location /tomcat >
ProxyPass ajp://localhost:8009/
</Location>
<Location /docs >
ProxyPass ajp://localhost:8009/docs/
</Location>
<Location /examples >
ProxyPass ajp://localhost:8009/examples/
</Location>
<Location /host-manager >
ProxyPass ajp://localhost:8009/host-manager/
</Location>
<Location /manager >
ProxyPass ajp://localhost:8009/manager/
</Location>
# vi /etc/httpd/conf/httpd.conf
末尾に追加
Include /etc/httpd/conf/extra/httpd-proxy.conf
※/var/log/messageにエラー
httpd: AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using fe80::993c:71e:ca36:5715. Set the 'ServerName' directive globally to suppress this message
これで直るようだ!!
# vi /etc/httpd/conf/httpd.conf
ServerName managesv1n:80
3) tomcat側の設定
# vi /opt/tomcat/conf/server.xml
<!-- delete
<Connector port="8080" protocol="HTTP/1.1"
connectionTimeout="20000"
redirectPort="8443" />
<!-- add -->
<Connector port="8009" protocol="AJP/1.3"
proxyName="portal.cxdnext.co.jp"
proxyPort="443"
scheme="https"
secure="true"
redirectPort="8443"
# tar xvzf apache-tomcat-8.5.11.tar.gz
# rm apache-tomcat-8.5.11.tar.gz
# ln -s apache-tomcat-8.5.11 tomcat
# vi /usr/lib/systemd/system/tomcat.service
[Unit]
Description=Apache Tomcat 8.5
After=network.target
[Service]
User=tomcat
Group=tomcat
Type=oneshot
RemainAfterExit=yes
PIDFile=/var/run/tomcat.pid
EnvironmentFile=/etc/sysconfig/tomcat
ExecStart=/opt/tomcat/bin/startup.sh
ExecStop=/opt/tomcat/bin/shutdown.sh
[Install]
WantedBy=multi-user.target
# useradd -d /opt/tomcat -s /sbin/nologin tomcat
useradd: 警告: ホームディレクトリが既に存在します。 <--- 無視
skel ディレクトリからのコピーは行いません。
# chown -R tomcat:tomcat /opt/tomcat /opt/tomcat/*
# vi /etc/sysconfig/tomcat
GUACAMOLE_HOME=/etc/guacamole
【参考】
# java -version
openjdk version "1.8.0_121"
OpenJDK Runtime Environment (build 1.8.0_121-b13)
OpenJDK 64-Bit Server VM (build 25.121-b13, mixed mode)
# /opt/tomcat/bin/version.sh
Using CATALINA_BASE: /opt/tomcat
Using CATALINA_HOME: /opt/tomcat
Using CATALINA_TMPDIR: /opt/tomcat/temp
Using JRE_HOME: /
Using CLASSPATH: /opt/tomcat/bin/bootstrap.jar:/opt/tomcat/bin/tomcat-juli.jar
Server version: Apache Tomcat/8.5.11
Server built: Jan 10 2017 21:02:52 UTC
Server number: 8.5.11.0
OS Name: Linux
OS Version: 3.10.0-514.6.1.el7.x86_64
Architecture: amd64
JVM Version: 1.8.0_121-b13
JVM Vendor: Oracle Corporation
■apache2.4とtomcat8.5連携の設定
1) ajpモジュールが組み込まれているか確認
# cd /etc/httpd/conf.modules.d
# grep -e mod_proxy_ajp -e mod_proxy.so *
00-proxy.conf:LoadModule proxy_module modules/mod_proxy.so
00-proxy.conf:LoadModule proxy_ajp_module modules/mod_proxy_ajp.so
2) apache側の設定
# mkdir /etc/httpd/conf/extra
# vi /etc/httpd/conf/extra/httpd-proxy.conf
<Location /guacamole >ProxyPass ajp://localhost:8009/guacamole/
</Location>
<Location /tomcat >
ProxyPass ajp://localhost:8009/
</Location>
<Location /docs >
ProxyPass ajp://localhost:8009/docs/
</Location>
<Location /examples >
ProxyPass ajp://localhost:8009/examples/
</Location>
<Location /host-manager >
ProxyPass ajp://localhost:8009/host-manager/
</Location>
<Location /manager >
ProxyPass ajp://localhost:8009/manager/
</Location>
# vi /etc/httpd/conf/httpd.conf
末尾に追加
Include /etc/httpd/conf/extra/httpd-proxy.conf
※/var/log/messageにエラー
httpd: AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using fe80::993c:71e:ca36:5715. Set the 'ServerName' directive globally to suppress this message
これで直るようだ!!
# vi /etc/httpd/conf/httpd.conf
ServerName managesv1n:80
3) tomcat側の設定
# vi /opt/tomcat/conf/server.xml
<!-- delete
<Connector port="8080" protocol="HTTP/1.1"
connectionTimeout="20000"
redirectPort="8443" />
-->
<!-- add -->
<Connector port="8009" protocol="AJP/1.3"
proxyName="portal.cxdnext.co.jp"
proxyPort="443"
scheme="https"
secure="true"
redirectPort="8443"
secretRequired="false" /> # tomcat9.0.31以降必要のようだが、8.5.59でも必要だった。
<!-- ここまで -->
<!-- delete
<Connector port="8009" protocol="AJP/1.3" redirectPort="8443" />
-->
# systemctl enable tomcat
# systemctl enable httpd
# systemctl restart tomcat
# systemctl restart httpd
# firewall-cmd --permanent --zone=public --add-service=http
# firewall-cmd --reload
# firewall-cmd --list-all
logにエラーがでている。
org.apache.catalina.core.AprLifecycleListener.init An incompatible version 1.1.34 of the APR based Apache Tomcat Native library is installed, while Tomcat requires version 1.2.6
apr-1.5.2.tar.gz
apr-util-1.5.4.tar.gz
<!-- ここまで -->
<!-- delete
<Connector port="8009" protocol="AJP/1.3" redirectPort="8443" />
-->
# systemctl enable httpd
# systemctl restart tomcat
# systemctl restart httpd
# firewall-cmd --permanent --zone=public --add-service=http
# firewall-cmd --reload
# firewall-cmd --list-all
logにエラーがでている。
org.apache.catalina.core.AprLifecycleListener.init An incompatible version 1.1.34 of the APR based Apache Tomcat Native library is installed, while Tomcat requires version 1.2.6
ここから、下記をダウンロードしてソースからコンパイルしてインストールした。
apr-util-1.5.4.tar.gz
# rm libapr-1.so.0 libaprutil-1.so.0
# ln -s /usr/local/apr/lib/libapr-1.so.0.5.2 libapr-1.so.0
# ln -s /usr/local/apr/lib/libaprutil-1.so.0.5.4 libaprutil-1.so.0
エラーは取れなかった????
# vi /opt/tomcat/conf/tomcat-users.xml
<?xml version="1.0" encoding="UTF-8"?>
xsi:schemaLocation="http://tomcat.apache.org/xml tomcat-users.xsd"
version="1.0">
<role rolename="tomcat"/>
<role rolename="role1"/>
<role rolename="manager-gui"/>
<role rolename="manager-status"/>
<role rolename="manager-script"/>
<role rolename="manager-jmx"/>
<role rolename="admin-gui"/>
<role rolename="admin-script"/>
<user username="tomcat" password="s3cret" roles="tomcat"/>
<user username="both" password="s3cret" roles="tomcat,role1"/>
<user username="role1" password="s3cret" roles="role1"/>
<user username="manager" password="s3cret" roles="manager-gui,manager-status,manager-script,manager-jmx"/>
<user username="admin" password="s3cret" roles="admin-gui,admin-script"/>
</tomcat-users>
エラーは取れなかった????
# vi /opt/tomcat/conf/tomcat-users.xml
<?xml version="1.0" encoding="UTF-8"?>
<tomcat-users xmlns="http://tomcat.apache.org/xml"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"xsi:schemaLocation="http://tomcat.apache.org/xml tomcat-users.xsd"
version="1.0">
<role rolename="tomcat"/>
<role rolename="role1"/>
<role rolename="manager-gui"/>
<role rolename="manager-status"/>
<role rolename="manager-script"/>
<role rolename="manager-jmx"/>
<role rolename="admin-gui"/>
<role rolename="admin-script"/>
<user username="tomcat" password="s3cret" roles="tomcat"/>
<user username="both" password="s3cret" roles="tomcat,role1"/>
<user username="role1" password="s3cret" roles="role1"/>
<user username="manager" password="s3cret" roles="manager-gui,manager-status,manager-script,manager-jmx"/>
<user username="admin" password="s3cret" roles="admin-gui,admin-script"/>
</tomcat-users>
0 件のコメント:
コメントを投稿