Tomcat

tomcat instance 분리

0. bash_profile 적용

•         ##### alias #####
          alias status=/home/alan/script/status.sh
          alias webd=/home/alan/script/webdwarf.sh
          alias goweb='cd /app/apache24/bin'
          alias goweblog='cd /logs/weblog/service'
          alias gowas='cd /app/tomcat8/tomcat-engine'
          alias gowaslog='cd /logs/waslog/instance'
  
  
  
          #### HYUNSU 20190313 ######
          alias XXXstart='/app/tomcat8/tomcat-engine/launcher XXX int_XXX1 -Xmx1024m -Xms1024m start'
          alias XXXstop='/app/tomcat8/tomcat-engine/launcher XXX int_XXX1 -Xmx1024m -Xms1024m stop'
          alias goXXX='cd /app/tomcat8/instance/XXX'
          alias goXXXweb='cd /app/homeplus/webapps-XXX'
          alias goXXXlog='cd /logs/waslog/instance/XXX'

1. 폴더생성

• /app/tomcat8/instance/XXX 생성 자리수는 3자리 정의

2. 인스턴스 복제

• /app/tomcat8/tomcat-engine에서 cp -Rf ./conf ./temp ./work /app/tomcat8/instance/XXX

3. logs, webapps 심볼릭 링크만들기

• ln -s /logs/waslog/instance/adm logs ln -s /app/homeplus/webapps-adm webapps

4. webapps 파일 복사

• cp -Rf /app/homeplus/webapps/* /app/homeplus/webapps-adm

5. catalina.properties 수정

• cp catalina.properties catalina.properties.20190227 logs.dir 변경 추가 : logs.dir=/logs/waslog/instance/XXX

5. context.xml 변경

• cp context.xml context.xml.20190227 PC 관리자 사례

          <!-- ######################## context.xml 2019.02.27 hsuryu (IBM) -->
                  <ResourceLink name="jdbc/cosadm" global="jdbc/cosadm" type="javax.sql.DataSource"/>
          <!-- ######################## context.xml 2019.02.27 hsuryu (IBM) -->

6. server.xml 변경 포트를 설정에 따라 모두 변경한다.

• cp server.xml server.xml.20190227

• server port : 8005 --> 8105

• Connector port : 8080 --> 8180 (http port), redirectPort port : 8443 --> 8143

• AJP/1.3 port : 8009 --> 8109, redirectPort 8443 --> 8143

• <Connector 에 connectionTimeout="20000" 추가

• <Engine name="Catalina" defaultHost="localhost">

  • --> <Engine name="Catalina" defaultHost="localhost" jvmRoute="node1"> : 웹서버 loadbalancer 설정 참조

• Datasource 설정 context.xml 설정 참조

  •         <GlobalNamingResources>
        <!-- Editable user database that can also be used by
             UserDatabaseRealm to authenticate users
        -->
            <!-- ########## 2019.02.27 hsuryu IBM Added ########## -->
                    <Resource auth="Container"
                                    name="jdbc/cosadm"
                                    driverClassName="oracle.jdbc.driver.OracleDriver"
                                    username="cosadm"
                                    password="cos0515adm"
                                    url="jdbc:oracle:thin:@10.10.36.129:1521/COSTST"
                                    maxIdle="1"
                                    maxTotal="3"
                                    maxWaitMillis="10000"
                                    type="javax.sql.DataSource"
                                    validationQuery="SELECT 1 FROM DUAL" />
            <!-- ################################################## -->
    
                    <Resource name="UserDatabase" auth="Container"
                                      type="org.apache.catalina.UserDatabase"
                                      description="User database that can be updated and saved"
                                      factory="org.apache.catalina.users.MemoryUserDatabaseFactory"
                                      pathname="conf/tomcat-users.xml" />
    
            </GlobalNamingResources>

7. tomcat-users.xml admin 사용자 추가

• cp tomcat-users.xml tomcat-users.xml.20190227

•   <role rolename="manager-gui"/>
    <role rolename="manager-script"/>
    <role rolename="manager-jmx"/>
    <role rolename="manager-status"/>
    <role rolename="admin-gui"/>
    <role rolename="admin-script"/>
    <user username="tomcat" password="tomcatadm@#" roles="manager-gui,manager-script,manager-jmx,manager-status,admin-gui,admin-script"/>

8. /manager 적용 (선택적 적용, 비추천)

• - goXXXweb - .../webapps-xxx/manager/META-INF의 context.xml의 주석 처리

  <!-- <Valve className="org.apache.catalina.valves.RemoteAddrValve"

  • allow="127\.\d+\.\d+\.\d+|::1|0:0:0:0:0:0:0:1" />

  -->

tomcat 인증서 설치

 4016  2019-04-05 14:38:38 cd /app/apache24/conf/ssl/
 4028  2019-04-05 14:44:04 cat Wildcard.homeplus.co.kr.key Wildcard.homeplus.co.kr.crt GLOBALSIGN_ROOT_CA.crt > tomcat20190405.pem
 4029  2019-04-05 14:44:07 openssl pkcs12 -export -out tomcat20190405.p12 -in tomcat20190405.pem
 4031  2019-04-05 14:44:39 vi tomcat20190405.pem <-- 개행 수정 
 4032  2019-04-05 14:45:06 openssl pkcs12 -export -out tomcat20190405.p12 -in tomcat20190405.pem <-- 패스워드 정의 
 4035  2019-04-05 14:47:23 keytool -importkeystore -srckeystore tomcat20190405.p12 -srcstoretype pkcs12 -destkeystore tomcat20190405.jks -deststoretype jks
 4037  2019-04-05 14:48:26 keytool -list -keystore tomcat20190405.jks <-- 점검 
 4040  2019-04-05 14:49:57 vi server.xml
      <Connector port="8143" scheme="https" secure="true"
        enableLookups="false" disableUploadTimeout="true" SSLEnabled="true"
        clientAuth="false"
        keystoreFile="/app/apache24/conf/ssl/tomcat20190405.jks" keystorePass="tomcatadm@#"
        sslProtocol="TLS"
     />
 4041  2019-04-05 14:54:31 prdstop
 4042  2019-04-05 14:54:38 prdstart
 4043  2019-04-05 14:54:45 ps -ef | grep java
 4046  2019-04-05 14:57:43 netstat -ant | grep 8143

tomcat instance stop

#!/bin/sh

echo
echo '##### START Waiting for tomcat instance stop #####'
echo
TPATH=/app/tomcat8/tomcat-engine/bin/bootstrap.jar

TOMCAT_USER=alan
WAITINGTIME=60 # Total waiting 60 second
KILL15TIME=30 # Total waiting 60 second
KILL15STATUS=0 # STATUS 1 after kill -15 process
INSTID=$1
SLEEPTIME=2 # sleep  2 second
cnt=1

for (( i=0; i < $WAITINGTIME; i++ ))
do
        sleep $SLEEPTIME
        #echo "  " $i " , " $cnt " !"
        runinst=$(ps -ef | grep java | grep -v grep | grep $INSTID | awk {'print $2 $16'})

        UNAME=`id -u -n`

        if [ e$UNAME != "e$TOMCAT_USER" ]
        then
                echo "[ Use by only user Account [ $TOMCAT_USER ] Start Fail Tomcat Instance ]"
                exit;
        fi

        if [[ $KILL15TIME -le $cnt && $KILL15STATUS != 1 ]]
        then
                echo "Kill -15 tomcat process [$1]"
                runprocessid=$(ps -ef | grep java | grep -v grep | grep $INSTID | awk {'print $2'})
                echo 'Kill -15 tomcat instance process id = '$runprocessid
                #echo "##### KILL -15 PROCESS ######"
                kill -15 $runprocessid
                KILL15STATUS=1
        fi

        if [ $WAITINGTIME -le $cnt ]
        then
                echo "Kill -9 tomcat process [$1]"
                runprocessid=$(ps -ef | grep java | grep -v grep | grep $INSTID | awk {'print $2'})
                echo 'Kill -9 tomcat instance process id = '$runprocessid
                #echo "##### KILL -9 PROCESS #####"
                kill -9 $runprocessid
                sleep 5
                break
        fi

        if [ -z "$runinst" ]; then
                echo [$cnt sec]"Stoped Tomcat Instance [$1] $runinst"
                break
        else
                echo [$cnt sec]"Running Tomcat Instance [$1][$INSTID] $runinst"
        fi

        let cnt=cnt+$SLEEPTIME
done


instcount=$(ps -ef | grep java | grep -v grep | grep $INSTID | awk {'print $2 $16'} | wc -l)
echo "=============================================================="
echo " Tomcat $INSTID Instance STOP "
echo "=============================================================="
echo " Instance Running Count = "$instcount
echo "=============================================================="

echo
echo '##### END Waiting for tomcat instance stop #####'
echo
echo