Tomcat
Tomcat1.JVM介绍2.Tomcat介绍3.Tomcat快速安装4.Tomcat启动慢解决方案5.tomcat目录结构介绍6.tomcat配置文件7.Tomcat部署zrlog8.配置tomcat basic认证9.Nginx+Tomcat集群架构实战10.tomcat+nfs实现文件共享11.nginx缓存12.Nginx+Tomcat集群实现全栈Https13.使用maven编译java程序14.使用redisson实现session共享15.Tomcat监控16.Tomcat性能优化
1.JVM介绍
JVM是Java Virtual Machine(Java虚拟机)的缩写
Java虚拟机本质是就是一个程序,当它在命令行上启动的时候,就开始执行保存在某字节码文件中的指令。Java语言的可移植性正是建立在Java虚拟机的基础上。任何平台只要装有针对于该平台的Java虚拟机,字节码文件(.class)就可以在该平台上运行。这就是“一次编译,多次运行”。
2.Tomcat介绍
a.什么是Tomcat
Tomcat和我们此前学习的 Nginx 类似,也是一个Web服务器。
b.Tomcat与Nginx有什么区别?
tomcat是一个java版的web服务器
Nginx仅支持静态资源,而Tomcat则支持Java开发的 jsp 动态资源和静态资源。 Nginx适合做前端负载均衡,而Tomcat适合做后端应用服务处理。 通常情况下,企业会使用 Nginx+tomcat 结合使用,由Nginx处理静态资源,Tomcat处理动态资源。
3.Tomcat快速安装
| 机器名 | ip地址 | 软件包 |
|---|---|---|
| tomcat01 | 10.0.0.11 | tomcat+nfs |
| tomcat02 | 10.0.0.12 | tomcat+nfs |
| lb01 | 10.0.0.5 | nginx+mariadb+redis+nfs |
安装方法1:
xxxxxxxxxx41rpm -ivh jdk-8u102-linux-x64.rpm2mkdir /app -p3tar xf apache-tomcat-8.0.27.tar.gz -C /app4/app/apache-tomcat-8.0.27/bin/startup.sh 安装方法2:
xxxxxxxxxx81#适合debian和ubuntu等其他linux发行版2tar xf jdk-8u60-linux-x64.tar.gz -C /app/3ln -s /app/jdk1.8.0_60 /app/jdk4sed -i.ori '$a export JAVA_HOME=/app/jdk\nexport PATH=$JAVA_HOME/bin:$JAVA_HOME/jre/bin:$PATH\nexport CLASSPATH=.$CLASSPATH:$JAVA_HOME/lib:$JAVA_HOME/jre/lib:$JAVA_HOME/lib/tools.jar' /etc/profile5source /etc/profile6mkdir /app/7tar xf apache-tomcat-8.0.27.tar.gz -C /app8/app/apache-tomcat-8.0.27/bin/startup.sh 4.Tomcat启动慢解决方案
xxxxxxxxxx121没优化之前启动时间2[root@tomcat logs]# grep 'Server startup' catalina.out303-Aug-2019 03:15:18.225 INFO [main] org.apache.catalina.startup.Catalina.start Server startup in 591050 ms45优化之后启动时间6[root@tomcat logs]# grep 'Server startup' catalina.out703-Aug-2019 03:15:18.225 INFO [main] org.apache.catalina.startup.Catalina.start Server startup in 591050 ms803-Aug-2019 03:22:14.112 INFO [main] org.apache.catalina.startup.Catalina.start Server startup in 1326 ms910优化方法:11vi /usr/java/jdk1.8.0_102/jre/lib/security/java.security12securerandom.source=file:/dev/urandom5.tomcat目录结构介绍
xxxxxxxxxx131[root@tomcat apache-tomcat-8.0.27]# ll2total 923drwxr-xr-x 2 root root 4096 Aug 3 03:05 bin #主要包含启动、关闭tomcat脚本和脚本依赖文件 非常重要4drwxr-xr-x 3 root root 198 Aug 3 03:05 conf #tomcat配置文件目录 非常重要5drwxr-xr-x 2 root root 4096 Aug 3 03:05 lib #tomcat运行需要加载的jar包 非常重要6-rw-r--r-- 1 root root 57011 Sep 28 2015 LICENSE #license文件,不重要7drwxr-xr-x 2 root root 197 Aug 3 03:15 logs #在运行过程中产生的日志文件 非常重要8-rw-r--r-- 1 root root 1444 Sep 28 2015 NOTICE #不重要9-rw-r--r-- 1 root root 6741 Sep 28 2015 RELEASE-NOTES #版本特性,不重要10-rw-r--r-- 1 root root 16204 Sep 28 2015 RUNNING.txt #帮助文件,不重要11drwxr-xr-x 2 root root 30 Aug 3 03:05 temp #存放临时文件12drwxr-xr-x 7 root root 81 Sep 28 2015 webapps #站点目录 非常重要13drwxr-xr-x 3 root root 22 Aug 3 03:05 work #tomcat运行时产生的缓存文件6.tomcat配置文件
核心配置文件:
/app/apache-tomcat-8.0.27/conf/server.xml
一个tomcat实例一个server
一个server中包含多个Connector,Connector的主要功能是接受、响应用户请求。
service的作用是:将connector关联至engine(catalina引擎)
一个host就是一个站点,类似于nginx的多站点
context类似于nginx中location的概念
7.Tomcat部署zrlog
xxxxxxxxxx111vim /app/apache-tomcat-8.0.27/conf/server.xml2 <Host name="blog.oldqiang.com" appBase="/html"3 unpackWARs="true" autoDeploy="true">4 <Valve className="org.apache.catalina.valves.AccessLogValve" directory="logs"5 prefix="blog.oldqiang.com_access_log" suffix=".txt"6 pattern="%h %l %u %t "%r" %s %b" />7 </Host>8 9/app/apache-tomcat-8.0.27/bin/shutdown.sh10/app/apache-tomcat-8.0.27/bin/startup.sh11mv ROOT.war /html
8.配置tomcat basic认证
xxxxxxxxxx271vim /app/apache-tomcat-8.0.27/webapps/ROOT/WEB-INF/web.xml23<web-app>4...... 5 <security-constraint>6 <web-resource-collection>7 <web-resource-name>test</web-resource-name>8 <url-pattern>/admin/login/*</url-pattern>9 </web-resource-collection>10 11 <auth-constraint>12 <role-name>test100</role-name>13 </auth-constraint>14 </security-constraint> 15 <login-config>16 <auth-method>BASIC</auth-method>17 <realm-name>Default</realm-name>18 </login-config>19</web-app>2021# 添加系统角色22vim /app/apache-tomcat-8.0.27/conf/tomcat-users.xml23<role rolename="manager-gui"/>24<role rolename="test100"/>25<user username="tomcat" password="123456" roles="manager-gui,test100"/>2627#重启tomcat生效
9.Nginx+Tomcat集群架构实战
xxxxxxxxxx311#nginx负载均衡配置2[root@lb01 ~]# cat /etc/nginx/nginx.conf3worker_processes 1;4events {5 worker_connections 1024;6}7http {8 include mime.types;9 default_type application/octet-stream;10 sendfile on;11 keepalive_timeout 65;12 upstream tomcat {13 server 10.0.0.11:8080;14 server 10.0.0.12:8080;15 }16 server {17 listen 80;18 server_name localhost;19 location / {20 proxy_pass http://tomcat;21 proxy_set_header Host $host;22 proxy_set_header X-Real-IP $remote_addr;23 }24 }25}2627#解决访问日志源ip丢失问题28vim /app/apache-tomcat-8.0.27/conf/server.xml29 pattern="%{X-Real-IP}i %l %u %t "%r" %s %b" />30/app/apache-tomcat-8.0.27/bin/shutdown.sh31/app/apache-tomcat-8.0.27/bin/startup.sh10.tomcat+nfs实现文件共享
xxxxxxxxxx141#lb01安装nfs2yum install nfs-utils.x86_64 -y3mkdir /data4vim /etc/exports5/data 10.0.0.0/24(rw,sync,no_root_squash,no_all_squash)6systemctl restart rpcbind7systemctl restart nfs8systemctl enable nfs910#tomcat01和tomcat0211yum install nfs-utils -y12showmount -e 10.0.0.513mkdir /html/ROOT/attached14mount -t nfs 10.0.0.5:/data /html/ROOT/attached11.nginx缓存
xxxxxxxxxx161#http模块增加2 proxy_cache_path /opt/nginx/cache levels=1:2 keys_zone=one:10m;3 4#location5 location ~ .*\.(gif|jpg|png|css|js|woff|flv|ico|swf)(.*) {6 proxy_cache one;7 proxy_cache_key $uri;8 proxy_cache_valid 200 302 1h;9 proxy_cache_valid 301 1d;10 proxy_cache_valid any 1m;11 expires 30d;12 add_header Nginx-Cache "$upstream_cache_status";13 proxy_pass http://tomcat;14 proxy_set_header Host $host;15 proxy_set_header X-Real-IP $remote_addr;16 }12.Nginx+Tomcat集群实现全栈Https
xxxxxxxxxx501[root@lb01 ~]# cat /etc/nginx/nginx.conf2worker_processes 1;3events {4 worker_connections 1024;5}6http {7 include mime.types;8 default_type application/octet-stream;9 sendfile on;10 keepalive_timeout 65;11 #proxy_cache_path /opt/nginx/cache levels=1:2 keys_zone=one:10m;12 proxy_cache_path /opt/nginx/cache keys_zone=one:10m;13 upstream tomcat {14 server 10.0.0.11:8080;15 server 10.0.0.12:8080;16 }17 18server {19 listen 443 ssl; 20 server_name blog.oldqiang.com; 21 ssl_certificate /opt/Nginx/1_blog.oldqiang.com_bundle.crt; 22 ssl_certificate_key /opt/Nginx/2_blog.oldqiang.com.key; 23 ssl_session_timeout 5m;24 ssl_protocols TLSv1 TLSv1.1 TLSv1.2; 25 ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE; 26 ssl_prefer_server_ciphers on;27 location / {28 proxy_pass http://tomcat;29 proxy_set_header Host $host;30 proxy_set_header X-Real-IP $remote_addr;31 }32 location ~ ^.*\.(js|css|ico|gif|jpg|jpeg|png)$ {33 proxy_cache one;34 proxy_cache_key $uri;35 add_header Nginx-Cache "$upstream_cache_status";36 proxy_cache_valid 200 304 1h;37 proxy_cache_valid 404 1m;38 proxy_pass http://tomcat;39 proxy_set_header Host $host;40 proxy_set_header X-Real-IP $remote_addr;41 }42}43 server {44 listen 80;45 server_name localhost;46 location / {47 return 302 https://blog.oldqiang.com$request_uri;48 }49 }50}13.使用maven编译java程序
xxxxxxxxxx261#安装配置maven2wget https://mirrors.tuna.tsinghua.edu.cn/apache/maven/maven-3/3.6.3/binaries/apache-maven-3.6.3-bin.tar.gz34tar xf apache-maven-3.6.3-bin.tar.gz -C /usr/local/5ln -s /usr/local/apache-maven-3.6.3 /usr/local/maven6vim /etc/profile7#文件结尾添加两行8export M2_HOME=/usr/local/maven9export PATH=${M2_HOME}/bin:$PATH1011source /etc/profile12#验证13mvn -v1415#配置maven仓库16vim /usr/local/maven/conf/settings.xml17<mirror>18 <id>aliyunmaven</id>19 <mirrorOf>*</mirrorOf>20 <name>阿里云公共仓库</name>21 <url>https://maven.aliyun.com/repository/public</url>22</mirror>232425#清理并打包26mvn clean package14.使用redisson实现session共享
xxxxxxxxxx371vim /app/apache-tomcat-8.0.27/conf/context.xml2<Manager className="org.redisson.tomcat.RedissonSessionManager"3configPath="${catalina.base}/conf/redisson.conf" readMode="MEMORY" updateMode="DEFAULT"/>45vim /app/apache-tomcat-8.0.27/conf/redisson.conf6{7 "singleServerConfig":{8 "idleConnectionTimeout":10000,9 "connectTimeout":10000,10 "timeout":3000,11 "retryAttempts":3,12 "retryInterval":1500,13 "password":null,14 "subscriptionsPerConnection":5,15 "clientName":null,16 "address": "redis://10.0.0.5:6379",17 "subscriptionConnectionMinimumIdleSize":1,18 "subscriptionConnectionPoolSize":50,19 "connectionMinimumIdleSize":32,20 "connectionPoolSize":64,21 "database":0,22 "dnsMonitoringInterval":500023 },24 "threads":0,25 "nettyThreads":0,26 "codec":{27 "class":"org.redisson.codec.JsonJacksonCodec"28 },29 "transportMode":"NIO"30}3132#准备两个jar包33#下载https://github.com/redisson/redisson/tree/master/redisson-tomcat34/app/apache-tomcat-8.0.27/lib/redisson-all-3.14.0.jar35/app/apache-tomcat-8.0.27/lib/redisson-tomcat-8-3.14.0.jar3637#重启tomcat生效15.Tomcat监控
xxxxxxxxxx161vim /application/apache-tomcat-8.0.27/bin/catalina.sh2CATALINA_OPTS="$CATALINA_OPTS3-Dcom.sun.management.jmxremote4-Djava.rmi.server.hostname=10.0.0.115-Dcom.sun.management.jmxremote.port=123456-Dcom.sun.management.jmxremote.ssl=false7-Dcom.sun.management.jmxremote.authenticate=false"89a:安装zabbix-java-gateway,1005210b:配置重启zabbix-java-gateway11START_POLLERS=512c:配置重启zabbix-server13JavaGateway=127.0.0.114JavaGatewayPort=1005215StartJavaPollers=516d:zabbix-web添加jmx监控16.Tomcat性能优化
内存参数
堆内存: 新生代 eden survivor 老年代tenured
非堆内存: metaspace codecache 编译区
gc垃圾回收: 回收次数越少越好,回收时间越短越好
设置: 最大堆内存==最小堆内存
新生代内存满了,触发的gc,局部gc
老年代内存满了,触发的gc,全局gc
调优: 新生代:老年代的1:4
jvm 内存溢出如何排查?
xxxxxxxxxx21vim /app/apache-tomcat-8.0.27/bin/catalina.sh2JAVA_OPTS="$JAVA_OPTS -server -Xms512m -Xmx512m -Xss256k -XX:+HeapDumpOnOutOfMemoryError -XX:HeapDumpPath=/usr/heapdump -XX:+PrintGCDetails -XX:+PrintGCTimeStamps -Xloggc:/tmp/heap_trace.txt -XX:NewSize=128m -XX:MaxNewSize=128m"使用MAT分析