场景:为了节省时间,将模拟行的部署过程进行简要记录。
下面叙述的工程环境的准备,对于工程的自动部署,可以参考http://www.cnblogs.com/lixuwu/p/6442327.html进行配置
1 准备工作
工程的目录结构:
1.1 机器配置
一般拿到手的都是新机器,首先要做好相关的准备工作。
假如是root用户,这里就创建一个其他用户,方便单机多项目部署。
#创建用户并指定目录 useradd -d /home/test -m test #然后给test设置密码 passwd test #验证是否已创建用户并指定目录 su test cd pwd #给已有用户指定目录 usermod -d /home/hnlinux root
#调整系统时间,方便日志查看,通常需要root用户 date -s "2017-04-06 14:59:00" #创建项目目录 mkdir web mkdir service #以service目录为例 cd service mkdir logs mkdir keys #通过ftp工具上传war包,解压文件并指定所要解压的目录 unzip simubankservice.war -d simubankservice
1.2 java配置
只需要直接上传jdk相关的压缩包,并解压。多个tomcat可以共用一个jdk,这里采用在tomcat的bin/catalina.sh中配置jdk的方式来指定tomcat使用的jdk。
2 tomcat 配置
2.1 下载
这里的tomcat是在官网上面下载的,但是有两点要注意:
- 下载的tomcat版本要和使用的JDK版本一致
- tomcat的版本要和工程中的tomcat相关jar包一致,可以高一点,但是不能使用低版本的,否则容易出现类缺失问题。
这里是使用apache-tomcat-8.0.43。
ps:刚开始遇到一个坑就是采用7.0.77版本的tomcat,没注意maven中的依赖,启动时候直接报错,才注意到这个问题。
分别上传tomcat压缩包到指定工作目录,web和service。
2.2 conf/server.xml
修改端口,为了web和service中的tomcat都能顺利启动,需要保证两个tomcat中的端口不一致。
<?xml version='1.0' encoding='utf-8'?> <!-- Licensed to the Apache Software Foundation (ASF) under one or more contributor license agreements. See the NOTICE file distributed with this work for additional information regarding copyright ownership. The ASF licenses this file to You under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License. --> <!-- Note: A "Server" is not itself a "Container", so you may not define subcomponents such as "Valves" at this level. Documentation at /docs/config/server.html --> <Server port="13180" shutdown="SHUTDOWN"> <Listener className="org.apache.catalina.startup.VersionLoggerListener" /> <!-- Security listener. Documentation at /docs/config/listeners.html <Listener className="org.apache.catalina.security.SecurityListener" /> --> <!--APR library loader. Documentation at /docs/apr.html --> <Listener className="org.apache.catalina.core.AprLifecycleListener" SSLEngine="on" /> <!-- Prevent memory leaks due to use of particular java/javax APIs--> <Listener className="org.apache.catalina.core.JreMemoryLeakPreventionListener" /> <Listener className="org.apache.catalina.mbeans.GlobalResourcesLifecycleListener" /> <Listener className="org.apache.catalina.core.ThreadLocalLeakPreventionListener" /> <!-- Global JNDI resources Documentation at /docs/jndi-resources-howto.html --> <GlobalNamingResources> <!-- Editable user database that can also be used by UserDatabaseRealm to authenticate users --> <Resource name="UserDatabase" auth="Container" type="org.apache.catalina.UserDatabase" description="User database that can be updated and saved" factory="org.apache.catalina.users.MemoryUserDatabaseFactory" pathname="conf/tomcat-users.xml" /> </GlobalNamingResources> <!-- A "Service" is a collection of one or more "Connectors" that share a single "Container" Note: A "Service" is not itself a "Container", so you may not define subcomponents such as "Valves" at this level. Documentation at /docs/config/service.html --> <Service name="Catalina"> <!--The connectors can use a shared executor, you can define one or more named thread pools--> <!-- <Executor name="tomcatThreadPool" namePrefix="catalina-exec-" maxThreads="150" minSpareThreads="4"/> --> <!-- A "Connector" represents an endpoint by which requests are received and responses are returned. Documentation at : Java HTTP Connector: /docs/config/http.html (blocking & non-blocking) Java AJP Connector: /docs/config/ajp.html APR (HTTP/AJP) Connector: /docs/apr.html Define a non-SSL/TLS HTTP/1.1 Connector on port 8080 --> <Connector port="7170" protocol="HTTP/1.1" connectionTimeout="20000" redirectPort="13280" /> <!-- A "Connector" using the shared thread pool--> <!-- <Connector executor="tomcatThreadPool" port="8080" protocol="HTTP/1.1" connectionTimeout="20000" redirectPort="8443" /> --> <!-- Define a SSL/TLS HTTP/1.1 Connector on port 8443 This connector uses the NIO implementation that requires the JSSE style configuration. When using the APR/native implementation, the OpenSSL style configuration is required as described in the APR/native documentation --> <!-- <Connector port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol" maxThreads="150" SSLEnabled="true" scheme="https" secure="true" clientAuth="false" sslProtocol="TLS" /> --> <!-- Define an AJP 1.3 Connector on port 8009 --> <Connector port="8009" protocol="AJP/1.3" redirectPort="13380" /> <!-- An Engine represents the entry point (within Catalina) that processes every request. The Engine implementation for Tomcat stand alone analyzes the HTTP headers included with the request, and passes them on to the appropriate Host (virtual host). Documentation at /docs/config/engine.html --> <!-- You should set jvmRoute to support load-balancing via AJP ie : <Engine name="Catalina" defaultHost="localhost" jvmRoute="jvm1"> --> <Engine name="Catalina" defaultHost="localhost"> <!--For clustering, please take a look at documentation at: /docs/cluster-howto.html (simple how to) /docs/config/cluster.html (reference documentation) --> <!-- <Cluster className="org.apache.catalina.ha.tcp.SimpleTcpCluster"/> --> <!-- Use the LockOutRealm to prevent attempts to guess user passwords via a brute-force attack --> <Realm className="org.apache.catalina.realm.LockOutRealm"> <!-- This Realm uses the UserDatabase configured in the global JNDI resources under the key "UserDatabase". Any edits that are performed against this UserDatabase are immediately available for use by the Realm. --> <Realm className="org.apache.catalina.realm.UserDatabaseRealm" resourceName="UserDatabase"/> </Realm> <Host name="localhost" appBase="webapps" unpackWARs="true" autoDeploy="true"> <Context path="/simubankservice" debug="0" docBase="/home/ipsp/service/simubankservice" reloadable="true"></Context> <!-- SingleSignOn valve, share authentication between web applications Documentation at: /docs/config/valve.html --> <!-- <Valve className="org.apache.catalina.authenticator.SingleSignOn" /> --> <!-- Access log processes all example. Documentation at: /docs/config/valve.html Note: The pattern used is equivalent to using pattern="common" --> <Valve className="org.apache.catalina.valves.AccessLogValve" directory="logs" prefix="localhost_access_log" suffix=".txt" pattern="%h %l %u %t "%r" %s %b" /> </Host> </Engine> </Service> </Server>
对于端口的修改, 可以配合一下命令来进行查看:
#查看某一端口是否被占用 netstat -anp|grep 7170 netstat -anp|grep 8090 #查看当前服务器的端口监听状态 netstat -tunl
核心修改在于以下两部分:
<Connector port="7170" protocol="HTTP/1.1" connectionTimeout="20000" redirectPort="13280" /> <Context path="/simubankservice" debug="0" docBase="/home/ipsp/service/simubankservice" reloadable="true"></Context>
附:context元素的常用属性
- 查看程序的端口号
- 查看path处的上下文路径
- ip:port/path/url
查看tomcat的进程:
ps -ef | grep tomcat
查看tomcat进程所对应的端口号
ps:虽然和server.xml中对应的端口号一致,但是使用命令就无需切换目录去查看。
#这条命令需要使用root权限
sudo netstat -naop | grep 34974
7070 8005 8009 都是tomcat server.xml中配置的端口号。
但是7070才是我需要找的监听端口号。所以一般以第一个筛选出的端口号作为tomcat的监听端口号。
如下图所示:
<?xml version='1.0' encoding='utf-8'?> <!-- Licensed to the Apache Software Foundation (ASF) under one or more contributor license agreements. See the NOTICE file distributed with this work for additional information regarding copyright ownership. The ASF licenses this file to You under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License. --> <!-- Note: A "Server" is not itself a "Container", so you may not define subcomponents such as "Valves" at this level. Documentation at /docs/config/server.html --> <Server port="8005" shutdown="SHUTDOWN"> <Listener className="org.apache.catalina.startup.VersionLoggerListener" /> <!-- Security listener. Documentation at /docs/config/listeners.html <Listener className="org.apache.catalina.security.SecurityListener" /> --> <!--APR library loader. Documentation at /docs/apr.html --> <Listener className="org.apache.catalina.core.AprLifecycleListener" SSLEngine="on" /> <!-- Prevent memory leaks due to use of particular java/javax APIs--> <Listener className="org.apache.catalina.core.JreMemoryLeakPreventionListener" /> <Listener className="org.apache.catalina.mbeans.GlobalResourcesLifecycleListener" /> <Listener className="org.apache.catalina.core.ThreadLocalLeakPreventionListener" /> <!-- Global JNDI resources Documentation at /docs/jndi-resources-howto.html --> <GlobalNamingResources> <!-- Editable user database that can also be used by UserDatabaseRealm to authenticate users --> <Resource name="UserDatabase" auth="Container" type="org.apache.catalina.UserDatabase" description="User database that can be updated and saved" factory="org.apache.catalina.users.MemoryUserDatabaseFactory" pathname="conf/tomcat-users.xml" /> </GlobalNamingResources> <!-- A "Service" is a collection of one or more "Connectors" that share a single "Container" Note: A "Service" is not itself a "Container", so you may not define subcomponents such as "Valves" at this level. Documentation at /docs/config/service.html --> <Service name="Catalina"> <!--The connectors can use a shared executor, you can define one or more named thread pools--> <!-- <Executor name="tomcatThreadPool" namePrefix="catalina-exec-" maxThreads="150" minSpareThreads="4"/> --> <!-- A "Connector" represents an endpoint by which requests are received and responses are returned. Documentation at : Java HTTP Connector: /docs/config/http.html (blocking & non-blocking) Java AJP Connector: /docs/config/ajp.html APR (HTTP/AJP) Connector: /docs/apr.html Define a non-SSL HTTP/1.1 Connector on port 8080 --> <Connector port="7070" protocol="HTTP/1.1" connectionTimeout="20000" redirectPort="8443" URIEncoding="UTF-8" /> <!-- A "Connector" using the shared thread pool--> <!-- <Connector executor="tomcatThreadPool" port="8080" protocol="HTTP/1.1" connectionTimeout="20000" redirectPort="8443" /> --> <!-- Define a SSL HTTP/1.1 Connector on port 8443 This connector uses the NIO implementation that requires the JSSE style configuration. When using the APR/native implementation, the OpenSSL style configuration is required as described in the APR/native documentation --> <!-- <Connector port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol" maxThreads="150" SSLEnabled="true" scheme="https" secure="true" clientAuth="false" sslProtocol="TLS" /> --> <!-- Define an AJP 1.3 Connector on port 8009 --> <Connector port="8009" protocol="AJP/1.3" redirectPort="8443" /> <!-- An Engine represents the entry point (within Catalina) that processes every request. The Engine implementation for Tomcat stand alone analyzes the HTTP headers included with the request, and passes them on to the appropriate Host (virtual host). Documentation at /docs/config/engine.html --> <!-- You should set jvmRoute to support load-balancing via AJP ie : <Engine name="Catalina" defaultHost="localhost" jvmRoute="jvm1"> --> <Engine name="Catalina" defaultHost="localhost"> <!--For clustering, please take a look at documentation at: /docs/cluster-howto.html (simple how to) /docs/config/cluster.html (reference documentation) --> <!-- <Cluster className="org.apache.catalina.ha.tcp.SimpleTcpCluster"/> --> <!-- Use the LockOutRealm to prevent attempts to guess user passwords via a brute-force attack --> <Realm className="org.apache.catalina.realm.LockOutRealm">
2.3 bin/catalina.sh
优化内存 设置jdk路径。
在配置文件的开始部分加入以下配置:
export JAVA_OPTS="-server -Xms512M -Xmx512M -XX:+AggressiveOpts -XX:+UseBiasedLocking -XX:PermSize=128M -XX:MaxPermSize=256M -XX:+DisableExplicitGC -XX:MaxTenuringThreshold=31 -XX:+UseConcMarkSweepGC -XX:+UseParNewGC -XX:+CMSParallelRemarkEnabled -XX:+UseCMSCompactAtFullCollection -XX:LargePageSizeInBytes=128m -XX:+UseFastAccessorMethods -XX:+UseCMSInitiatingOccupancyOnly -Djava.awt.headless=true -Dcom.sun.management.jmxremote.port=8998 -Dcom.sun.management.jmxremote.ssl=false -Dcom.sun.management.jmxremote.authenticate=false" export JAVA_HOME=/home/ipsp/jdk1.7.0_67 export JRE_HOME=/home/ipsp/jdk1.7.0_67/jre
上图JAVA_OPTS是对于tomcat内存的优化配置,上面是以1G内存来进行相关的配置。但是需要注意的是
-Dcom.sun.management.jmxremote.port=8998 这一配置项,web和service中的端口要区分。
在启动service后再启动web应用,如下错误
解决过程:
刚开始在server.xml中找了半天没找到该端口的配置。后来结合日志搜索的过程,
在web的tomcat中进行全文搜索,看看是否有设置8998端口的配置。
#进入tomcat目录
grep 8998 -nr *
2.4 日志查看
初始情况下,查看tomacat的日志输出。
tail -f /home/ipsp/web/apache-tomcat-8.0.43/logs/catalina.out
tail -f /home/ipsp/service/apache-tomcat-8.0.43/logs/catalina.out
3 工程配置
工程中注意修改数据库、redis、mq、logback.xml日志路径。
IPSP模拟行新建用户默认密码是111111
超级管理员22222222222222/admin/111111
3.1 hessian连接失败
一般原因都是服务端启动失败导致的。
在部署中先部署service并启动,日志正常,在启动web日志正常。但是在登录界面一登录就发现该问题。——目前没找到问题的原因,通过再次启动解决。
hessian连接失败可以用两个办法来查找:
- 查看端口占用情况
netstat -anp|grep 7170 netstat -anp|grep 8090
如果有一个哪个端口未运行,就说明服务可能挂掉了。
- 采用老办法
ps -ef |grep ipsp
可以查看服务的启动情况。