Tomcat6&7 How To
-
Upload
ji-woong-choi -
Category
Technology
-
view
1.358 -
download
0
description
Transcript of Tomcat6&7 How To
0 Copyright 2012 , Open Source Consulting, Inc. All Right Reserved
©2012 Open Source Consulting, Inc.
The information contained herein is subject to change without notice
Tomcat 6/7 How To Open Source Consulting, Inc.
1 Copyright 2012 , Open Source Consulting, Inc. All Right Reserved
Tomcat Overview
• JEE 스펙중 Servlet, JSP를 위한 컨테이너로써 사용
• http://tomcat.apache.org
Version Servlet JSP JDK
7.0.X 3.0 2.2 1.6+
6.0.X 2.5 2.1 1.5+
5.0.X/5.5.X 2.4 2.0 1.4+
4.1.X 2.3 1.2 1.3+
2 Copyright 2012 , Open Source Consulting, Inc. All Right Reserved
Tomcat Install
• Download
http://tomcat.apache.org/download-70.cgi
• Install
[root@ip-10-144-81-93 ~]# wget http://www.us.apache.org/dist/tomcat/tomcat-7/v7.0.35/bin/apache-tomcat-7.0.35.zip
[root@ip-10-144-81-93 ~]# unzip unzip apache-tomcat-7.0.35.zip
3 Copyright 2012 , Open Source Consulting, Inc. All Right Reserved
[root@ip-10-144-81-93 apache-tomcat-7.0.35]# ls -al
total 136
drwxr-xr-x 9 root root 4096 Jan 10 22:54 .
dr-xr-x--- 10 root root 4096 Feb 5 23:10 ..
-rw-r--r-- 1 root root 57862 Jan 10 22:54 LICENSE
-rw-r--r-- 1 root root 1228 Jan 10 22:54 NOTICE
-rw-r--r-- 1 root root 9054 Jan 10 22:54 RELEASE-NOTES
-rw-r--r-- 1 root root 16641 Jan 10 22:54 RUNNING.txt
drwxr-xr-x 2 root root 4096 Jan 10 22:54 bin
drwxr-xr-x 2 root root 4096 Jan 10 22:54 conf
drwxr-xr-x 2 root root 4096 Jan 10 22:54 lib
drwxr-xr-x 2 root root 4096 Jan 10 22:53 logs
drwxr-xr-x 2 root root 4096 Jan 10 22:54 temp
drwxr-xr-x 7 root root 4096 Jan 10 22:54 webapps
drwxr-xr-x 2 root root 4096 Jan 10 22:53 work
Tomcat Directory
실행 바이너리 스크립트
서버 환경 설정 파일
Tomcat 구동 라이브러리
로그 저장 디렉토리
임시 작업 디렉토리
디플로이 애플리케이션
Tomcat 작업 디렉토리
4 Copyright 2012 , Open Source Consulting, Inc. All Right Reserved
Tomcat Architecture
http://tomcat.apache.org/tomcat-7.0-doc/architecture/overview.html
• Server
서버의 개념으로 Tomcat 컨테이너 자체를 나타냄
• Service
서버 내에 존재하는 컴포넌트에 대한 중재자 역할을 수행하며, 엔진에 하나 혹은 그 이상의 커넥터 사용
• Engine
특정 서비스를 위한 요청 처리 파이프라인을 나타냄
하나의 서비스는 여러 개의 커넥터를 가질 수 있으며, 엔진은 이러한 커넥터들로부터 모든 요청을 수신하고 처리함
• Host
www.osci.kr과 같은 특정 네트워크의 이름을 Tomcat 서버에 할당.
하나의 엔진의 여러 개의 호스트를 가질 수 있으며, 호스트의 요소는 osci.kr, blog.osci.kr 등의 네트워크 별칭(alias)을 지원
• Connector
클라이언트와의 프로토콜 통신을 처리하며, HTTP 및 AJP 커넥터를 가짐
• Context
웹 애플리케이션을 나타내며, 하나의 Host는 여러 개의 Context를 가질 수 있음
5 Copyright 2012 , Open Source Consulting, Inc. All Right Reserved
Tomcat Architecture
6 Copyright 2012 , Open Source Consulting, Inc. All Right Reserved
Tomcat Connectors
JBoss Web
HTTP JSP
HTTPS
AJP
Servlet
JMX
API
• 3-Main Connectors : HTTP 1.1, HTTPS, AJP 1.3
• HTTP 1.1
Application Server로의 direct request를 받음
Default: enabled, port: 8080
• HTTPS
HTTPS를 직접 입력으로 받음, SSL keystore 필요
Default: disabled, port: 8443
• AJP 1.3
Apache Web Server를 통해 mod_jk를 통해 입력받는 커넥터
Default: enabled, port: 8009
7 Copyright 2012 , Open Source Consulting, Inc. All Right Reserved
Tomcat Base/Home & Deploy
http://tomcat.apache.org/tomcat-7.0-doc/architecture/overview.html
• CATALINA_HOME
서버를 기동, 중지하기 위해 필요한 라이브러리 및 실행 파일을 포함하는 디렉토리
• CATALINA_BASE
디플로이 대상의 웹 애플리케이션, 설정 데이터 등의 디렉토리를 지정하는 데 사용
• Deploy Type
Archive File Type
Exploded Structure
• Web Archive
catalina.base/webapps 디렉토리에 .war 파일을 복사하여 디플로이
• Exploded
catalina.base/webapps 디렉토리에 exploded 형태의 디렉토리 구조를 사용
8 Copyright 2012 , Open Source Consulting, Inc. All Right Reserved
Main Config: server.xml
• Tomcat Chairman == JBoss Web Project Lead
• $TOMCAT_HOME/conf/server.xml
• IP 주소에 따른 바인딩이 결정됨
server.xml - ${jboss.bind.address}
0.0.0.0
<!-- A HTTP/1.1 Connector on port 8080 -->
<Connector protocol="HTTP/1.1" port="8080" address="${jboss.bind.address}"
connectionTimeout="20000" redirectPort="8443" />
<!-- Add this option to the connector to avoid problems with
.NET clients that don't implement HTTP/1.1 correctly
restrictedUserAgents="^.*MS Web Services Client Protocol 1.1.4322.*$"
-->
<!-- A AJP 1.3 Connector on port 8009 -->
<Connector protocol="AJP/1.3" port="8009" address="${jboss.bind.address}"
redirectPort="8443" />
9 Copyright 2012 , Open Source Consulting, Inc. All Right Reserved
Logging
• Tomcat 서비스 중 가장 먼저 올라오는 서비스 중의 하나
• $CATALINA_HOME/conf/logging.properties 파일을 사용
• log4j 관련 appender를 설정하여 로그 설정
• 운영 환경
Daily 로그를 남길 수 있도록 DailyRollingFileAppender 또는 cronolog 사용 필요
충분한 디스크 크기 공간이 확보되었는지 반드시 확인
Handlers 중 불필요한 핸들러를 모두 제거하도록 함
10 Copyright 2012 , Open Source Consulting, Inc. All Right Reserved
Web 서버 Tomcat
부하분산 흐름도
Load Balancer
내부 망/외부 망
DBMS
DBMS
DB 서버
* DB 서버의 구성에 따라, JBoss Server가 하나의 업무 DB를 접속하거나, 이중화된 DB를 접속할 수 있도록 구성할 수 있습니다.
일반적으로 안정성 및 성능 지향적인 업무 시스템을 위한 하드웨어 구성을 위하여 Web 서버 및 Web Application
서버 플랫폼의 하드웨어를 이중화하는 구성을 사용
Load Balancing
11 Copyright 2012 , Open Source Consulting, Inc. All Right Reserved
컨테이너 자체의 클러스터링 기능을 이용하여 HTTP Session에 대한 클러스터링 장애에 대한 대응
Data JBoss Application Server
부하분산 흐름도
Load Balancer
Source
1 2
3
HTTP Load-balancing
L4 또는 Apache Plug-in (mod_jk)를 사용
Apache Plug-in (mod_jk) Load-balancing 정책
Weighted Round Robin, Lowest Session, Lowest Network Traffic, Lowest Current Load
Load Balancing
12 Copyright 2012 , Open Source Consulting, Inc. All Right Reserved
Apache HTTPD
• Unix/Linux Prefork Method
Parent process
Child process
Child process
Child process
Listen
er So
cket
• StartServers • MaxClients
13 Copyright 2012 , Open Source Consulting, Inc. All Right Reserved
Apache HTTPD
Parent process
Listen
er So
cket
Child Process
T1
T2
Tn
Child Process
T1
T2
Tn
• ThreadsPerChild • MaxClients
• Unix/Linux Worker
14 Copyright 2012 , Open Source Consulting, Inc. All Right Reserved
Apache Modules & Tomcat
• Load Balancing을 위한 3가지 아파치 모듈
mod_jk - 가장 오래되고 안정됨
mod_proxy – Apache 2.2 이상에서 사용가능, mod_proxy_ajp, mod_proxy_balancer 등이 필요없음
mod_cluster – 새로운 형태의 모듈, multicast를 통한 자동 발견 기능 등
• JBoss Web 설정
AJP 1.3 Connector에 가장 최적화 되어 있음
Deploy/jbossweb.sar/server.xml 설정의 8009 포트 사용.
jvmRoute 속성을 통해 Apache Worker 이름을 정의
요청 유입시 maxThreads 속성의 값까지 스레드 생성, 이후 요청 유입은 acceptCount 값까지
Access Log를 통하여 Request 내역 및 처리 정보 확인 가능
https://community.jboss.org/wiki/OptimalModjk12Configuration
<Valve className="org.apache.catalina.valves.AccessLogValve“ prefix="localhost_access_log." suffix=".log“
pattern="common" directory="${jboss.server.log.dir}“ resolveHosts="false" />
15 Copyright 2012 , Open Source Consulting, Inc. All Right Reserved
AJP Connector
• 다양한 Test를 통하여 환경에 맞는 Tuning Point를 확인 필요
• AJP Connector 주요 Tuning Point
<!-- AJP 1.3 Connector on port 8009 -->
<Connector protocol="AJP/1.3" port="8009" address="${jboss.bind.address}“ redirectPort="8443" />
• maxThreads : Connector에서 생성되는 request processing thread의 최대값 및 최대 동시 처리량을 의미.( default : 200 )
• maxPostSize : HTTP POST request size ( default : 2MB )
• backlog : 모든 request processing thread가 작동중일 경우 connection request를 저장하는 queue lenghth ( defalut : 10 )
• connectionTimeout : connection을 수락한 후 Request URI을 받을 때까지 Connector가 기다리는 시간 default : unlimited )
• keepAliveTimeout : connection을 종료하기 전에 또 다른 AJP request를 받을 때까지 Connector가 기다리는 시간 ( default : connectionTimeout 값 )
16 Copyright 2012 , Open Source Consulting, Inc. All Right Reserved
mod_jk
• Connection Directives
socket_timeout : JK에서 Remote Host로부터의 response를 유지하는 시갂 ( default : 0 )
ping_mode, prepost_timeout, connect_timeout : AJP13의 CPing, CPong packet을 이용하여 back-end 서버가 정상적으로 connection이 연결되어 서비스 하고 있는지 확인
lbfactor : load balancer의 member worker의 request 처리량 할당 ( default : 1 )
connection_pool_size : 각 웹서버 child process 당 pool로 유지하는 AJP back-end connection 수
• Load Balancing Directives
method : request 수, session의 개수, network traffic, busyness 등 Load Balancing 수행 시 최적의 worker를 찾는 알고리즘을 선택 ( default : Request )
sticky_session : SESSION ID를 포함한 request를 같은 worker로 전달할건지 결정 (default : true )
• Advanced Worker Directives
recovery_options : 장애 발생시 처리 방식 선택 ( 중복 선택 가능, default 0 )
1: don't recover if Tomcat failed after getting the request 2: don't recover if Tomcat failed after sending the headers to client 4: close the connection to Tomcat, if we detect an error when writing back the answer to the client (browser) 8: always recover requests for HTTP method HEAD (even if Bits 1 or 2 are set) – 1.2.24이후 16: always recover requests for HTTP method GET (even if Bits 1 or 2 are set) – 1.2.24이후
http://tomcat.apache.org/connectors-doc/reference/workers.html
17 Copyright 2012 , Open Source Consulting, Inc. All Right Reserved
worker.host1.type=ajp13 jvmRoute=“host1”
AJP
13
AJP
/1.3
worker.host2.type=ajp13 jvmRoute=“host2”
AJP
13
AJP
/1.3
worker.balancer.type=lb worker.balancer. balance_workers=host1,host2
• AJP 1.3 프로토콜 사용
HTTP-Tomcat 전용 프로토콜 및 연결 풀 방식의 사용
HTTP 헤더를 두 번 파싱할 필요 없음
모든 사전 처리는 아파치 HTTPD에서 수행
• Integrated load balancer
Sticky sessions
Failover
Domain Model Clustering
AJP Protocol
18 Copyright 2012 , Open Source Consulting, Inc. All Right Reserved
Apache Setting
• mod_jk 컴파일 또는 다운로드 후 modules 디렉토리에 복사
• httpd.conf 파일에 mod_jk.conf를 포함시킴
[root@ip-10-144-81-93 ~]# vi httpd.conf
Include conf/mod_jk.conf
• mod_jk.conf 파일 편집
LoadModule jk_module modules/mod_jk.so
JkWorkersFile conf/workers.properties
JkLogFile logs/mod_jk.log
JkShmFile logs/mod_jk.shm
# Set the jk log level [debug/error/info]
JkLogLevel info
# Select the log format
JkLogStampFormat "[%a %b %d %H:%M:%S %Y] "
# JkOptions indicate to send SSL KEY SIZE,
JkOptions +ForwardKeySize +ForwardURICompatUnparsed -ForwardDirectories
# JkRequestLogFormat set the request format
JkRequestLogFormat "%w %V %T"
# Setting Global JkMount Configuration
JkMount /frontend/*.jsp sli_balancer
JkMount /jkstatus* jkstatus
ErrorLog "logs/sli_error_log"
TransferLog "logs/sli_access_log"
19 Copyright 2012 , Open Source Consulting, Inc. All Right Reserved
Apache Setting(Cont.)
• Tomcat 정보를 포함하는 workers.properties 세팅
worker.list=jkstatus
worker.jkstatus.type=status
worker.jkstatus.read_only=true
worker.list=jk-manager
worker.jk-manager.type=status
##########################
# Balacer Configuration #
##########################
worker.list=sli_balancer
worker.sli_balancer.type=lb
worker.sli_balancer.error_escalation_time=0
worker.sli_balancer.max_reply_timeouts=10
##########################
# Balacer List #
##########################
worker.sli_balancer.balance_workers=tomcat7,tomcat7_1
worker.tomcat7.reference=worker.template
worker.tomcat7.host=127.0.0.1
worker.tomcat7.port=8009
worker.tomcat7.activation=A
worker.tomcat7_1.reference=worker.template
worker.tomcat7_1.host=127.0.0.1
worker.tomcat7_1.port=8109
worker.tomcat7_1.activation=A
#################################################
# This is workers template for OSCI project #
#################################################
worker.template.type=ajp13
# - socket_connect_timeout: milliseconds, default=0
# Since: 1.2.27
worker.template.socket_connect_timeout=5000
# - socket_keepalive: boolean, default=false
# Should we send TCP keepalive packets
# when connection is idle (socket option)?
worker.template.socket_keepalive=true
# - ping_mode: Character, default=none
# When should we use cping/cpong connection probing?
# C = directly after establishing a new connection
# P = directly before sending each request
# I = in regular intervals for idle connections
# using the watchdog thread
# A = all of the above
# Since: 1.2.27
worker.template.ping_mode=A
# - ping_timeout: milliseconds, default=10000
# Wait timeout for cpong after cping
# Can be overwritten for modes C and P
# Using connect_timeout and prepost_timeout.
# Since: 1.2.27
worker.template.ping_timeout=10000
# - connection_pool_minsize: number, default=connection_pool_size
# Lower pool size when shrinking pool due
# to idle connections
# We want all connections to be closed when
# idle for a long time in order to prevent
# firewall problems.
# Since: 1.2.16
worker.template.connection_pool_minsize=0
# - connection_pool_timeout: seconds, default=0
# Idle time, before a connection is eligible
# for being closed (pool shrinking).
# This should be the same value as connectionTimeout
# in the Tomcat AJP connector, but there it is
# milliseconds, here seconds.
worker.template.connection_pool_timeout=600
# - reply_timeout: milliseconds, default=0
# Any pause longer than this timeout during waiting
# for a part of the reply will abort handling the request
# in mod_jk. The request will proceed running in
# Tomcat, but the web server resources will be freed
# and an error is send to the client.
# For individual requests, the timeout can be overwritten
# by the Apache environment variable JK_REPLY_TIMEOUT.
# JK_REPLY_TIMEOUT since: 1.2.27
worker.template.reply_timeout=300000
# - recovery_options: number, default=0
# Bit mask to configure, if a request, which was send
# to a backend successfully, should be retried on another backend
# in case there's a problem with the response.
# Value "3" disables retries, whenever a part of the request was
# successfully send to the backend.
worker.template.recovery_options=3
20 Copyright 2012 , Open Source Consulting, Inc. All Right Reserved
<Service name=“Catalina”>
<!-- A AJP 1.3 Connector on port 8009 -->
<Connector port=“8009” address=“100.101.102.103”
enableLookups="false" redirectPort=“8443” debug=“0“
maxThreads=“150” minSpareThreads=“25”
protocol=“AJP/1.3”/>
<Engine name=“standalone” defaultHost=“localhost”
jvmRoute=“host1”>
server.xml httpd.conf
<IfModule worker.c>
StartServers 2
MaxClients 150
MinSpareThreads 25
MaxSpareThreads 75
ThreadsPerChild 25
MaxRequestsPerChild 0
</IfModule>
workers.properties
worker.host1.type=ajp13
worker.host1.port=8009
worker.host1.host=100.101.102.103
worker.host1.connection_pool_size=25
HTTPD – Tomcat Relationship
• 설정 연관 관계 파악 필요
21 Copyright 2012 , Open Source Consulting, Inc. All Right Reserved
mod_proxy
• mod_proxy
Parent process
Child Process
Listen
er So
cket
Worker #1
Worker #2
Worker #n
Child Process
Worker #1
Worker #2
Worker #n
Scoreboard
• Worker #1 • status • elected • read • transferred • …
Worker #2
Worker #n
22 Copyright 2012 , Open Source Consulting, Inc. All Right Reserved
• Virtual Proxy 사용
다른 프로토콜과 같으나 prefix로 balancer://의 문법을 사용
• 1 … n protocol workers
LoadModule balancer_module modules/mod_proxy_balancer.so
<Proxy balancer://cluster>
BalancerMember http://remote:port
…
ProxySet lbmethod=byrequests
</Proxy>
ProxyPass /examples balancer://cluster/examples
mod_jk vs mod_proxy: http://stackoverflow.com/questions/1081918/apache-to-tomcat-mod-jk-vs-mod-proxy
mod_proxy