Shulou(Shulou.com)06/03 Report--

Tomcat is a servelet container developed by the Jakarta project of the Apache Software Foundation, according to the technology provided by Sun microsystems.

Developed by the specification, Tomcat 8 implements support for servlet 3.1 and Javaserver page 2.3 (JSP), and provides a

Some unique features, such as the Tomcat management and control platform, security domain management, and Tomcat add-ons

Install jdk and apache

Modify the end of / etc/profile by appending export JAVA_H0ME=/usr/local/jdk1.8.0_211export JRE_HOME=/usr/local/jdk1.8.0_211export CLASSPATH=$JAVA_HOME/lib/tools.jar:$JAVA_H0ME/lib/dt.jarexport PATH=$JAVA_HOME/bin:$JRE_HOME/bin:$PATH

Refresh source / etc/profile

Check out java-version

Start tomcat.

4. Check the port

Test it

Multiple instances (one host running multiple Tomcat)

Copy a tomcat configuration file

Cp-r / usr/local/tomcat / usr/local/tomcat2 modify / usr/local/tomcat2/conf/server.xml (add each port number to one)

Start tomcat2

test

View

JPS command function description: jps is used to look up the process command syntax of the hotspot virtual machine (virtual machine in jdk) with access: jps [options] [hostid] options: command option, used to control the output format-p displays only the vm identity, does not display information such as jar,class,main parameters, m outputs the parameters passed in by the main function-l output application main class full package name or jar full name-v lists jvm parameters -Xms20m-Xmx50m is the jvm parameter specified by the startup program and the-V output through the jvm parameter specified by .hotsportrc or-XX:Flags= hostid: specify a specific host, you can make the IP address or domain name, or you can specify a specific protocol. Port [protocol:] [/ / hostname] [: port] [servername]

Configuration

Directory structure

Program directory

-- Tomcat execution script directory conf-- Tomcat configuration file lib-- Library file (JARS) logs needed for Tomcat to run--

LOG file temp during Tomcat execution-- Tomcat temporary file storage directory webapps-- Tomcat's main Web release directory (save

Put our own JSP,SERVLET, class) work-the working directory of Tomcat, and Tomcat will translate the Java file and class file to which the JSP file is translated

Put it here.

Web project release directory structure webapps is

Tomcat's main Web release directory, where Web application files are placed by default. Project name: WEB-INF under the project name.

META-INF, two folders, and some resources for browsers to access, such as html files

WEB-INF: it can be called a secure directory because the files below are not accessible to the browser.

Web.xml:Web application configuration file, which describes the configuration and naming conventions of servlet and other application components. Classes: contains the required class files, including servlet class and other class, which cannot be included in .jar files. Lib: store all kinds of JAR files needed by web applications

META-INF: used to configure applications, extenders, classloaders, and services

Default webapps directory structure

Docs:Tomcat help documentation examples:web Application example host-manager: host Management manager: application Management ROOT: default site Root

Catalogue

Configuration file

The conf directory is mainly used to store some configuration files for tomcat.

The server.xml main configuration file web.xml and other profiles applicable to the entire web application settings context.xml default context settings

Set, all deployment content applied to all hosts on which Tomcat is installed tomcat-users.xml is used to configure users and permissions for managing tomcat

Security Policy File of catalina.xml Tomcat

module

Server provides an interface consisting of 1 to multiple Service so that other programs can access this Service collection while maintaining each

The life cycle of Service, including how to initialize, how to end services, and how to find services requested by others. Service is also composed of 1 Connector and a single Container, but there is an extra layer around Container and Connector to provide a variety of

The service Connector component is optional and is responsible for receiving TCP connection requests from browsers, creating Request/Response, and distributing lines.

Procedure, which passes the created object to the Container to process the request. Container is the parent interface of the container and consists of four containers, which are Engine,Host,Context,Wrapper. Among them, the engineer package

Contains Host,Host contains Context,Content contains Wrapper, a Servlet class corresponds to a WrapperEngine container is designed as a top-level Container component, composed of Host, its function is equivalent to a Container facade. Yes.

Engine, the processing of the request is changed to: the browser sends the request, the Connector accepts the request, and the request is handed over to Container (in this case,

Engine) processing, Container (Engine) looks up the corresponding Host of the request and passes the request to it. Host gets the request and looks it up.

Find the appropriate application context, prepare the servlet environment, and call the service method. The Host container is a child container of Engine. A Host represents a virtual host in Engine, which can run multiple applications.

Responsible for installing and deploying these applications and identifying them so that they can be distinguished. Its child container is usually Context, except for

In addition to the associated sub-container, it also stores the information that a host should have. Host is not required, but to run the war program, you must use the

Host, because there must be a web.xml file in war, Host is required for this file parsing, and a top needs to be defined if there are multiple Host

Container Engine, and Engine does not have a parent container, an Engine represents a complete Servlet engine Context represents the Context of Servlet, it has the basic environment in which Servlet runs, theoretically, as long as there is Context, it can run Servlet

A simple Tomcat can be without Engine and Host. Its most important function is to manage Servlet instances. Servlet instances in Context are

It appears as Wrapper. Wrapper represents a Servlet, which is responsible for managing the Servlet, including loading, initialization, execution, and resource recovery. It's at the bottom.

The container. The valve valve, which intercepts the request and performs some processing before transferring it to the corresponding webapp, can be used in any container, such as recording

Logging and access control based on ip

Configuration file interpretation

Engine is the core component, which is responsible for receiving user requests through connector, processing requests, and forwarding requests to the corresponding virtual host host

Defaulthost specifies the default hostname for processing requests, which is at least the same as the name attribute value of one of the host elements. Realm represents memory.

Put the database of user name, password and role

The process of Tomcat Server processing a http request assumes that the request from the customer is: http://localhost:8080/wsota/wsota_index.jsp

The request is sent to local port 8080, and the Coyote HTTP/1.1 Connector listening there gets the Connector to deliver the request to its location

Engine of Service to process and wait for the response from Engine Engine to get the request localhost/wsota/wsota_index.jsp to match it

All virtual host Host Engine that you own matches to the Host named localhost (even if it doesn't match, the request is handed over to the Host for processing, because

The Host is defined as the default host for the Engine) localhost Host gets the request / wsota/wsota_index.jsp, matching all it owns

Context Host matches to Context with path / wsota (if not, the request is handed over to Context with path name "" to be processed)

The Context of path= "/ wsota" gets the request / wsota_index.jsp and looks for the corresponding servlet Context in its mapping table to match to

URL PATTERN is the servlet of * .jsp, corresponding to JspServlet class to construct HttpServletRequest object and HttpServletResponse object.

Call the doGet or doPost method Context of JspServlet as a parameter to return the HttpServletResponse object to Host after execution

Host returns the HttpServletResponse object to Engine Engine and the HttpServletResponse object to Connector Connector

Return the HttpServletResponse object to the customer browser

Custom directory

Modify the host element in the server.xml file # appBase definition site directory # docBase definition application directory # Context path indicates your visit

Ask the path (virtual application name, can be empty) # Context docBase specify your storage path # debug is to set the registration of dedug, 0 provides the most

Less information, 9 provides the most information # reloadable=true when there are changes in web.xml or class will be automatically updated and loaded later, no need

Restarting the service # crosscontext= "true" means that different context configurations share a session # unpackWARs whether to decompress the war automatically

Whether package # autoDeploy is automatically deployed (hot deployment)

The appBase directory says that the subdirectories under this directory will be automatically deployed as war under the application (autoDeploy= "true") directory.

The file will be automatically unzipped and deployed as a subdirectory under the application (unpackWARs= "true") directory as a separate virtual directory, or

If the calling application does not want to use the webapp directory path under Tomcat, then add a line of docBase under appBase to configure the path to docBase

Medium, just leave the appBase empty

Custom directory

Modify / usr/local/tomcat/conf/server.xml

Create the required directory and web page [root@bogon ~] # mkdir-p / data/project [root@bogon ~] # vim / data/project/index1.jsp [root@bogon ~] # vim / data/project/index2.jsp modify 112 / usr/local/tomcat/conf/web.xml

Restart tomcat

View Port

test

Customize a monitoring page to view the running performance through web (similar to phpinfo) server.xml settings are as follows

Modify / usr/local/tomcat/conf/web.xml

Create the required directories and web pages

Restart tomcat

View Port

test

Remote monitoring and control

Tomcat enables JMX remote debugging

Modify / usr/local/tomcat/bin/catalina.sh

Configure authentication, configure jmxremote.access and jmxremote.password to enter the default directory according to jdk

Modify / usr/local/jdk1.8.0_211/jre/lib/management/jmxremote.password

Modify / usr/local/jdk1.8.0_211/jre/lib/management/jmxremote. Access

Restrict password file read permissions

Chmod 600jmxremote.password jmxremote.access restart tomcat

View Port

6. Test

Backstage

App manager

Delete what is written in catalina.sh when doing this, otherwise Tomcat will not be able to access the page

Modify / usr/local/tomcat/conf/tomcat-users.xml file to configure manager role, user name and password

Modify / usr/local/tomcat/webapps/manager/META-INF/context.xml 20

Restart tomcat

View Port

test

Create a test web page

Packaged web page

Jar-cvf bdqn.war index.jsp

test

(1)

(2)

Check to see if / usr/local/tomcat/webapps/ has test.

Hot deployment

The principle of hot deployment of tomcat: when tomcat starts, there will be a thread that starts to judge whether the class loaded in the application occurs or not.

Change (change in the total number of classes, modification of the class), if there is a change, the application's startup thread will be stopped, the reference will be cleared, and the load should be

10-Tomcat.md 5/12/2019

18 / 23

Set the WebappClassLoader to null, and then create a new WebappClassLoader to reload the application.

The function of reloadable is that when you modify jsp, the class file will be compiled automatically, which is equal to take effect immediately, but the cost is not low, and it is suitable for local use.

For development and debugging, you generally set the property of reloadable to true during the development phase, which is helpful for debugging servlet and other class files, but

Because this will increase the running load of the server and deplete the system performance, set it to false during the project run phase.

War package deployment

Copy the web project file (usually copy the generated war package) directly to the webapps directory of Tomcat

If Tomcat does not enable self-decompression, extract the war package to the webapps directory

Extract the command jar (extract to the current directory) jar-xf bdqnweb.war war package can also be extracted using unzip, when using the unzip command, you can

To specify the decompression directory

Safety

Port protection

Modify the target port to a port that is not easy to guess, reducing the probability that the automatic scanning software will find it.

back-stage management

Remove the default administrative backend (if not needed) to reduce the risk of blasting and empowerment

Delete the host-manager and manager directories under webapp

Disable directory browsing

Modify the conf/web.xml file to change listings to false

Hidden information

Try to avoid exposing the version information of the server and hiding error pages. Redirect some common errors in the configuration to avoid errors

The error page displayed by Tomcat by default exposes server and version information; you must ensure that the error page in the root directory of the program already exists

Vim conf/web.xml

Add content

404/notfound.jsp

Restart Tomcat and test it

Firefox 192.168.43.249:8088/aaaaaaaaaaaaaaa

Note: this means that if it is a 404 error, find the notfound.jsp in the / directory, so be sure to know where the root directory of your web page is, and create a notfound.jsp page under this directory. The root directory of the page is the docBase in the context tag under the host tag in the server.xml file.

Only 404 errors are reported in the above web.xml, and other common errors can also be reported, such as

403/forbidden.jsp404/notfound.jsp500/systembusy.jsp

Script permission revocation

Remove other users' executable permissions on shutdown.sh, startup.sh and catalina.sh under Tomcat's bin directory to prevent other users from having

Permissions for Tomcat chmod-R744 / usr/local/apache-tomcat-8.5.35/bin/

Log specification

Enable referer and user-agent records in the Tomcat default access log for better root in case of security problems.

Troubleshoot problems according to the log

[root@localhost apache-tomcat-8.5.35] # vim conf/server.xml

So it goes like this:

What it looks like after modification:

Use of host manager (added at the end)

Modify / usr/local/tomcat/conf/tomcat-users.xml

Modify / usr/local/tomcat/webapps/host-manager/META-INF/context.xml

Restart tomcat

View Port

Browser testing

Log cutting uses cronolog

Compile and install Cronolog

Modify / usr/local/tomcat/bin/catalina.sh

448 with comments

Find the second org.apache.catalina.starup.Bootstrap to modify 472

Restart tomcat

View Port

test

Define the error page

Modified / usr/local/tomcat/conf/web.xml 23

Create the required web page

Vim / usr/local/tomcat/webapps/ROOT/error.jsp

Restart tomcat

View Port

test

Thread pool optimization

Modified / usr/local/tomcat/conf/server.xml 56

Modify 69

two。 Restart tomcat

View Port

Tomcat optimization

Add at the beginning of 1 / usr/local/tomcat/bin/catalina.sh

JAVA_OPTS= "- Dfile.encoding=UTF-8

-server

-Xms1024M

-Xmx1024M

-XX:NewSize=512M

-XX:MaxNewSize=1024M

-XX:PermSize=256M

-XX:MaxPermSize=356M

-XX:NewRatio=2

-XX:ParallelGCThreads=15

-XX:+DisableExplicitGC "

-Xms: indicates the initial memory size of JVM, or the size of the Java initialization heap.-Xms is set to the same value as-Xmx to prevent JVM from repeatedly re-applying for memory, resulting in great ups and downs in performance. The default value is 1x64 of physical memory.

-Xmx: represents the maximum Java heap size. When the memory required by the application exceeds the maximum value of the heap, the virtual machine will prompt for a memory overflow and cause the application service to crash, so it is generally recommended that the maximum value of the heap be set to 80% of the maximum available memory.

-Xmn: set the minimum memory of JVM (128256 is enough, generally not set)

-XX:NewSize: sets the memory size of the new generation. In the new generation, the memory space allocated when the object is newly created, and the object is still not reclaimed after the garbage collector is collected by the garbage collector, the object will be moved to the old generation.

-XX:PermSize: sets the persistent memory size for storing static files, such as Java classes, methods, and so on. Persistent generation has no significant effect on garbage collection, but some should

With the possibility of dynamically generating or calling some class, the persistence zone is also known as the method zone, which stores the structural information of each java class: such as runtime constant pool, field and method data, bytecode contents of constructors and ordinary methods, and special methods used for initialization of classes, instances, interfaces, and other data, JDK8 has removed the persistent generation (PermGen Space) and replaced the metaspace (Metaspace). Metaspace consumes local memory and no longer consumes virtual machine memory.

-XX:MaxPermSize: set the maximum persistent generation memory size. Permanent generation does not belong to heap memory. Heap memory only contains the new generation and the old age.

-XX:NewRatio: change the ratio of the new space to the old space, meaning that the size of the new space is 1 / 8 of that of the old space (default is 8)

-XX:ParallelGCThreads can be used to increase parallelism, requiring multiple cpu

-XX:+DisableExplicitGC: turn off System.gc (), which is simply to turn off the memory recovery mechanism in java

two。 Restart tomcat

View Port

test

The request method of Tomcat

Tomcat supports three ways to receive requests: BIO NIO APR

1. BIO: each request needs to be processed with a thread, which is expensive and not suitable for scenarios with high concurrency, and has the lowest performance.

2. NIO: based on buffer, it can provide non-blocking I-stroke O operation, and has better concurrency performance compared with traditional BIO.

3. APR (Apache portable run-time libraries): to simply understand, it is to solve the problem of asynchronous IO from the operating system level, greatly improve the processing and corresponding performance of the server, and is also the preferred mode for Tomcat to run with high concurrency.

The main functional modules provided by APR include memory allocation and memory pool, atomic operation, file Imax O, lock, memory mapping, hash table, network Imax O, polling, process and thread operation, etc. APR,Tomcat can achieve high scalability and superior performance, and can be better integrated with local server technology, so that Tomcat can be used as a general Web server. Not just as a lightweight application server. In this case, Java will no longer be a back-end programming language, but can also be used more for mature Web server platforms.

Description of important parameters of Excutor:

Name: the name of the shared thread pool, which is the name to be referenced by connector in order to share the thread pool. The name must be unique namePrefix: on JVM, each running thread can have a name string. This property is the name word of each thread in the thread pool.

The string is set with a prefix, and Tomcat appends the thread number to this prefix. The default value is tomcat-exec-maxThreads: the maximum number of threads the thread pool can hold, and the default 200maxIdleTime: the amount of time allowed to idle threads (in milliseconds) before Tomcat shuts down an idle thread. Only the current

Idle processes will be closed only if the number of active threads is greater than the value of minSpareThread. The default value is 60000. The minimum number of inactive threads that minSpareThreads:Tomcat should always open in a minute. Default 25threadPriority: thread level.

Connector important parameter description executor: indicates the thread pool corresponding to the parameter value minProcessors: number of request processing threads created at server startup maxProcessors: maximum number of request processing processes that can be created acceptCount: specify the number of requests that can be placed in the processing queue when all the current available request processing threads are used

Requests exceeding this number will not be processed.

Treatment mode

Org.apache.coyote.http11.Http11NioProtocol: represents the nio processing class

Org.apache.coyote.http11.Http11AprProtocol: indicates apr mode

HTTP/1.1: indicates bio mode

The main functional modules provided by APR include: memory allocation and memory pool, atomic operation, file Imax O, lock, memory mapping, hash table, network.

With APR,Tomcat, high scalability and superior performance can be achieved, and

Can be better integrated with local server technology, so that Tomcat can be used as a general-purpose Web server, not just as

Lightweight application server. In this case, Java will no longer be a programming language that focuses on the back end, but can also be used more mature

The Web server platform of. / usr/local/tomcat/conf/server.xml modification

Restart tomcat

3. View Port

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.