CentOS6-7安装nginx和Tomcat8

CentOS7看这里 https://www.howtoforge.com/tutorial/how-to-install-tomcat-on-centos/

安装nginx

第一步 - 安装EPEL
EPEL代表企业Linux的额外包。因为yum作为软件包管理器不在其默认存储库中包括nginx的最新版本，安装EPEL将确保CentOS上的nginx保持最新。

要安装EPEL，请打开终端并输入：

sudo yum install epel-release

第二步 - 安装nginx

要安装nginx，打开终端并输入：

sudo yum install nginx

这样就安装好了。用下面这些命令启动（停止|查看状态）Nginx
安装路径在/etc/nginx

启动
service nginx start
停止
service nginx stop
查看状态
service nginx status

启动后在浏览器输入
http://server_ip 就能看到nginx 的欢迎页面了

Nginx
把nginx设成自动重启

chkconfig nginx on

打开防火墙
firewall-cmd --zone=public --add-port=80/tcp --permanent 
重启防火墙
systemctl restart  firewalld.service

安装Tomcat 8

先安装JDK

去官网找到最新的JDK下载地址，把下面对应的地址替换掉。

wget --no-cookies --no-check-certificate --header "Cookie: gpw_e24=http%3A%2F%2Fwww.oracle.com%2F; oraclelicense=accept-securebackup-cookie" "http://download.oracle.com/otn-pub/java/jdk/8u161-b12/2f38c3b165be4555a1fa6e98c45e0808/jdk-8u161-linux-x64.rpm"

rpm -ivh jdk-8u161-linux-x64.rpm

装好了，验证一下

java -version

应该能看到如下信息

java version "1.8.0_161"
Java(TM) SE Runtime Environment (build 1.8.0_161-b12)
Java HotSpot(TM) 64-Bit Server VM (build 25.161-b12, mixed mode)

安装Tomcat 8

First

create a new tomcat group:

sudo groupadd tomcat

Next

create a new tomcat user. We'll make this user a member of the tomcat group, with a home directory of /opt/tomcat (where we will install Tomcat), and with a shell of /bin/false (so nobody can log into the account):

sudo useradd -s /bin/false -g tomcat -d /opt/tomcat tomcat

Now that our tomcat user is set up, let's download and install Tomcat.

Step 3:

The best way to install Tomcat 8 is to download the latest binary release then configure it manually.

Find the latest version of Tomcat 8 at the Tomcat 8 Downloads page. At the time of writing, the latest version is 8.5.5, but you should use a later stable version if it is available. Under the Binary Distributionssection, then under the Core list, copy the link to the "tar.gz".

Next, change to the /tmp directory on your server. This is a good directory to download ephemeral items, like the Tomcat tarball, which we won't need after extracting the Tomcat contents:

cd /tmp

Use curl to download the link that you copied from the Tomcat website:

curl -O http://apache.mirrors.ionfish.org/tomcat/tomcat-8/v8.5.5/bin/apache-tomcat-8.5.5.tar.gz

用wget也行，现在最新是8.5.28
wget http://mirrors.hust.edu.cn/apache/tomcat/tomcat-8/v8.5.28/bin/apache-tomcat-8.5.28.tar.gz

We will install Tomcat to the /opt/tomcat directory. Create the directory, then extract the archive to it with these commands:

sudo mkdir /opt/tomcat
sudo tar xzvf apache-tomcat-8*tar.gz -C /opt/tomcat --strip-components=1

Next, we can set up the proper user permissions for our installation.

Step 4: Update Permissions

The tomcat user that we set up needs to have access to the Tomcat installation. We'll set that up now.

Change to the directory where we unpacked the Tomcat installation:

cd /opt/tomcat

Give the tomcat group ownership over the entire installation directory:

sudo chgrp -R tomcat /opt/tomcat

Next, give the tomcat group read access to the conf directory and all of its contents, and execute access to the directory itself:

sudo chmod -R g+r conf
sudo chmod g+x conf

Make the tomcat user the owner of the webapps, work, temp, and logs directories:

sudo chown -R tomcat webapps/ work/ temp/ logs/

Now that the proper permissions are set up, we can create a systemd service file to manage the Tomcat process.

Step 5: Create a systemd Service File

We want to be able to run Tomcat as a service, so we will set up systemd service file.

Tomcat needs to know where Java is installed. This path is commonly referred to as "JAVA_HOME". The easiest way to look up that location is by running this command:

Your JAVA_HOME may be different.

With this piece of information, we can create the systemd service file. Open a file called tomcat in the /etc/init.d/ directory by typing:

sudo nano /etc/init.d/tomcat

Paste the following contents into your service file. Modify the value of JAVA_HOME if necessary to match the value you found on your system. You may also want to modify the memory allocation settings that are specified in CATALINA_OPTS:

注意 脚本中的JAVA_HOME，TOMCAT_HOME，TOMCAT_USER,CATALINA_OPTS根据自己电脑自行修改，XX:MaxPermSize 参数根据内存大小自己调整。

#!/bin/bash
#
# tomcat
#
# chkconfig: - 80 20
#
### BEGIN INIT INFO
# Provides: tomcat8
# Required-Start: $network $syslog
# Required-Stop: $network $syslog
# Default-Start:
# Default-Stop:
# Description: Tomcat 8
# Short-Description: start and stop tomcat
### END INIT INFO

## Source function library.
#. /etc/rc.d/init.d/functions
export JAVA_HOME=/usr/java/jdk1.8.0_161
export JAVA_OPTS="-Dfile.encoding=UTF-8 \
  -Dnet.sf.ehcache.skipUpdateCheck=true \
  -XX:+UseConcMarkSweepGC \
  -XX:+CMSClassUnloadingEnabled \
  -XX:+UseParNewGC \
  -XX:MaxPermSize=128m \
  -Xms256m -Xmx256m"
export PATH=$JAVA_HOME/bin:$PATH
TOMCAT_HOME=/opt/tomcat
TOMCAT_USER=tomcat
SHUTDOWN_WAIT=20

tomcat_pid() {
  echo `ps aux | grep org.apache.catalina.startup.Bootstrap | grep -v grep | awk '{ print $2 }'`
}

start() {
  pid=$(tomcat_pid)
  if [ -n "$pid" ] 
  then
    echo "Tomcat is already running (pid: $pid)"
  else
    # Start tomcat
    echo "Starting tomcat"
    ulimit -n 100000
    umask 007
    /bin/su -p -s /bin/sh $TOMCAT_USER $TOMCAT_HOME/bin/startup.sh
  fi


  return 0
}

stop() {
  pid=$(tomcat_pid)
  if [ -n "$pid" ]
  then
    echo "Stoping Tomcat"
    /bin/su -p -s /bin/sh $TOMCAT_USER $TOMCAT_HOME/bin/shutdown.sh

    let kwait=$SHUTDOWN_WAIT
    count=0;
    until [ `ps -p $pid | grep -c $pid` = '0' ] || [ $count -gt $kwait ]
    do
      echo -n -e "\nwaiting for processes to exit";
      sleep 1
      let count=$count+1;
    done

    if [ $count -gt $kwait ]; then
      echo -n -e "\nkilling processes which didn't stop after $SHUTDOWN_WAIT seconds"
      kill -9 $pid
    fi
  else
    echo "Tomcat is not running"
  fi
 
  return 0
}

case $1 in
start)
  start
;; 
stop)   
  stop
;; 
restart)
  stop
  start
;;
status)
  pid=$(tomcat_pid)
  if [ -n "$pid" ]
  then
    echo "Tomcat is running with pid: $pid"
  else
    echo "Tomcat is not running"
  fi
;; 
esac    
exit 0

When you are finished, save and close the file.

Next, make the script executable using chmod:

chmod +x /etc/init.d/tomcat

Start the Tomcat service by typing:

service tomcat start

Double check that it started without errors by typing:

service tomcat status

image.png

Add the Tomcat service to system startup:

chkconfig tomcat on

Open in web browser http://server_domain_or_IP:8080

image.png

Configure Tomcat Web Management Interface

In order to use the manager web app that comes with Tomcat, we must add a login to our Tomcat server. We will do this by editing the tomcat-users.xml file:

sudo nano /opt/tomcat/conf/tomcat-users.xml

You will want to add a user who can access the manager-gui and admin-gui (web apps that come with Tomcat). You can do so by defining a user, similar to the example below, between the tomcat-users tags. Be sure to change the username and password to something secure:

tomcat-users.xml — Admin User

<tomcat-users . . .>
    <user username="admin" password="password" roles="manager-gui,admin-gui"/>
</tomcat-users>

Save and close the file when you are finished.

By default, newer versions of Tomcat restrict access to the Manager and Host Manager apps to connections coming from the server itself. Since we are installing on a remote machine, you will probably want to remove or alter this restriction. To change the IP address restrictions on these, open the appropriate context.xml files.

For the Manager app, type:

sudo nano /opt/tomcat/webapps/manager/META-INF/context.xml

For the Host Manager app, type:

sudo nano /opt/tomcat/webapps/host-manager/META-INF/context.xml

Inside, comment out the IP address restriction to allow connections from anywhere. Alternatively, if you would like to allow access only to connections coming from your own IP address, you can add your public IP address to the list:

context.xml files for Tomcat webapps

<Context antiResourceLocking="false" privileged="true" >
  <!--<Valve className="org.apache.catalina.valves.RemoteAddrValve"
         allow="127\.\d+\.\d+\.\d+|::1|0:0:0:0:0:0:0:1" />-->
</Context>

Save and close the files when you are finished.

To put our changes into effect, restart the Tomcat service:

sudo systemctl restart tomcat

用nginx反向代理tomcat

mkdir /etc/nginx/sites-enabled

新版的nginx中一般都有这个目录，没有的自己建一个
目录下建一个名叫tomcat的文件， 如有其它文件请删掉.

 nano /etc/nginx/sites-enabled/tomcat

写入一下代码

upstream tomcat8080  {
        ip_hash;
        server 127.0.0.1:8080;
   } 

# Default server configuration

server {
    listen 80 default_server;
    listen [::]:80 default_server;

    server_name _;

    location / {
        # First attempt to serve request as file, then
        # as directory, then fall back to displaying a 404.
        ## try_files $uri $uri/ =404;
        proxy_pass  http://tomcat8080;
    }
}

保存重启nginx

service nginx restart

输入 浏览器访问 http://YOU_IP
如果502了(google vm会)，看一下error_log， 解决办法：
https://stackoverflow.com/questions/23948527/13-permission-denied-while-connecting-to-upstreamnginx

setsebool -P httpd_can_network_connect 1

OK了，变成tomcat的欢迎页了。

附：
nginx服务器安装及配置文件详解