Apache, Tomcat, JK Configuration Example
Example of worker.properties:
worker.list=myWorker,yourWorker worker.myWorker.port=7505
worker.myWorker.host=my.host.com
worker.myWorker.type=ajp13
worker.myWorker.secret=secretword worker.yourWorker.port=7505
worker.yourWorker.host=your.host.com
worker.yourWorker.type=ajp13
worker.yourWorker.secret=yoursecretword
Example of httpd.conf
#
## httpd.conf -- Apache HTTP server main configuration file
##
## This is an attempt to make a minimal, generic and yet useful configuration
##
## For INTERNAL UBS IB users (read the comments #@).
## - See complete original file ./conf/original/httpd.conf with syntax comments.
## - More documentation: http://goto/apache and http://httpd.apache.org
##
## For EXTERNAL Hosted web servers, you MUST read and change all sections marked #@SECURITY
# # 'Main' server configuration
ServerRoot "/home/tp/apache"
ServerAdmin someone@qq.com
ServerName someone.host.com:8585
DocumentRoot "/home/tp/apache/htdocs"
# User and group Apache run-as
User someone_id
#Group some_group_id # UseCanonicalName: how SERVER_NAME and SERVER_PORT variables are set.
# Off -> Apache will use the Hostname and Port supplied by the client.
# On -> Apache will use the value of the ServerName directive.
UseCanonicalName Off Listen 8585 # The accept serialization lock file MUST BE STORED ON A LOCAL DISK.
#LockFile logs/accept.lock
#ScoreBoardFile logs/apache_runtime_status
#PidFile /sbclocal/web/dyn/data/myproject/logs/httpd.pid
# location for the core dump
CoreDumpDirectory logs # Performance settings
# ServerLimit default is 16 (worker) and 256 (prefork,compiled hard limit 20000) # Performance settings - prefork MPM #ServerLimit 256
StartServers 5
MinSpareServers 5
MaxSpareServers 10
MaxClients 150
MaxRequestsPerChild 10000 # Performance settings - Threaded MPM #ThreadLimit 64
#ServerLimit 16
StartServers 2
MaxClients 150
MinSpareThreads 25
MaxSpareThreads 75
ThreadsPerChild 25
MaxRequestsPerChild 0 #@ Uncomment for a potential performance boost on Solaris, although at the expense of %cpu
#AcceptMutex sysvsem # Persistence connections
KeepAlive On
MaxKeepAliveRequests 500
KeepAliveTimeout 1 # Amount of time the server will wait for certain events before failing a request
#@ you might want to consider lowering this amount
Timeout 300 #@SECURITY to minimize a kind of DoS attack - limit the headers (see docs for more directives)
#LimitRequestFields 30
#RequestReadTimeout header=2 body=10
#@ or more complete and select appropriate values for TIMEOUT MINRATE for your application
#RequestReadTimeout header=TIMEOUT,MinRate=MINRATE body=TIMEOUT,MinRate=MINRATE #@ Due to large cookies you might see errors such as 413 Request Entity Too Large or 400 Bad Reques,
#@ to mitigate uncomment the following
#LimitRequestFieldSize 12288 #@ Give reasonable requests the chance to stop naturally before they are ended
#@ but keep the wait short enough to not frustrate support people
GracefulShutDownTimeout 5 HostnameLookups Off # Turned off when serving from networked-mounted
EnableMMAP off
EnableSendfile off #
# Dynamic Shared Object (DSO) Support (see ./conf/original/httpd.conf)
#@SECURITY load only what you really need - Comment all other LoadModules you don't need
#
LoadModule alias_module modules/mod_alias.so
LoadModule authz_host_module modules/mod_authz_host.so
LoadModule deflate_module modules/mod_deflate.so
LoadModule dir_module modules/mod_dir.so
#@ mod_rewrite is not required by default
#LoadModule rewrite_module modules/mod_rewrite.so
LoadModule log_config_module modules/mod_log_config.so
#LoadModule logio_module modules/mod_logio.so
LoadModule env_module modules/mod_env.so
LoadModule expires_module modules/mod_expires.so
LoadModule mime_magic_module modules/mod_mime_magic.so
LoadModule mime_module modules/mod_mime.so
LoadModule headers_module modules/mod_headers.so
LoadModule reqtimeout_module modules/mod_reqtimeout.so
LoadModule setenvif_module modules/mod_setenvif.so
LoadModule version_module modules/mod_version.so #LoadModule asis_module modules/mod_asis.so
#LoadModule ident_module modules/mod_ident.so
#LoadModule negotiation_module modules/mod_negotiation.so
#LoadModule usertrack_module modules/mod_usertrack.so
#LoadModule unique_id_module modules/mod_unique_id.so
#LoadModule vhost_alias_module modules/mod_vhost_alias.so
#LoadModule imagemap_module modules/mod_imagemap.so
#LoadModule actions_module modules/mod_actions.so #@SECURITY Commenting the following line ensures that there will be no accidental directory listing
#@ Also check/uncomment httpd-autoindex.conf below
LoadModule autoindex_module modules/mod_autoindex.so LoadModule cgi_module modules/mod_cgi.so LoadModule cgid_module modules/mod_cgid.so # On threaded servers, the path to the UNIX socket used to communicate with the CGI daemon.
#Scriptsock logs/cgisock LoadModule ssl_module modules/mod_ssl.so LoadModule perl_module apache_modules/2.2.20/mod_perl/2.0.5+perl-5.12.3/modules/mod_perl.so #@SECURITY PLEASE DO NOT REMOVE - SECURITY RISK EXCEPTION
TraceEnable Off #@SECURITY PLEASE UNCOMMENT FOR EXTERNAL CUSTOMER SITES (amber or green zone) - IT AUDIT
#ServerTokens Prod
#ServerSignature Off # protect the document root Options FollowSymLinks
AllowOverride None
Order deny,allow
Deny from all <Directory "/home/tp/apache/htdocs">
#@SECURITY FOR PRODUCTION - EXTERNAL CUSTOMER SITES (amber or green zone)
#@ Replace with Options None
Options Indexes FollowSymLinks
AllowOverride None
Order allow,deny
Allow from all DirectoryIndex index.html <FilesMatch "^\.ht">
Order allow,deny
Deny from all
Satisfy All # Logging
ErrorLog logs/error.log # Possible values: debug, info, notice, warn, error, crit, alert, emerg.
LogLevel warn LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%h %l %u %t \"%r\" %>s %b" common # You need to uncomment mod_logio.c to use %I and %O
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %I %O" combined CustomLog logs/access.log combined #@SECURITY FOR PRODUCTION - REMOVE OR SECURE AS REQUIRED THIS cgi-bin section !!
#ScriptAlias /cgi-bin/ "/sbcimp/run/pd/apache/2.2.20/cgi-bin/" <Directory "/sbcimp/run/pd/apache/2.2.20/cgi-bin/">
AllowOverride None
Options None
Order allow,deny
Allow from all DefaultType text/plain TypesConfig conf/mime.types
AddType application/x-compress .Z
AddType application/x-gzip .gz .tgz TypesConfig /sbcimp/run/pd/apache/2.2.20/conf/mime.types
MIMEMagicFile /sbcimp/run/pd/apache/2.2.20/conf/magic #@ Sample custom error message - repeat for 404, 503,... can be a html or a script.
#@ and support multilangual
ErrorDocument 500 "Your Custom error 500 message here." #@ If you uncomment any of these, be sure to uncomment negotiation_module
#Include /sbcimp/run/pd/apache/2.2.20/conf/extra/httpd-autoindex.conf
#Include /sbcimp/run/pd/apache/2.2.20/conf/extra/httpd-multilang-errordoc.conf
#Include /sbcimp/run/pd/apache/2.2.20conf/extra/httpd-languages.conf
# Not needed: Apache user manual and documentation (same as .org)
#Include /sbcimp/run/pd/apache/2.2.20/conf/extra/httpd-manual.conf # Real-time info on requests and configuration
#@SECURITY FOR PRODUCTION - REMOVE OR SECURE AS REQUIRED THESE Includes !!
#Include /sbcimp/run/pd/apache/2.2.20/conf/extra/httpd-info.conf # Secure (SSL/TLS) connections if module loaded Include conf/extra/httpd-ssl.conf # e.g. Virtual hosts for a virtual site on port 10010
#Include conf/httpd-vsite-10010.conf # Load Apache JK
LoadModule jk_module "/sbcimp/run/pd/apache_modules/2.2.20/mod_jk/1.2.32/modules/mod_jk.so" # Set up the JK worker properties
JkWorkersFile conf/workers.properties # Log and level
#JkLogFile logs/mod_jk.log
JkLogFile "|/sbcimp/run/pd/apache/2.2.20/bin/rotatelogs -l /home/tp/apache/logs/mod_jk.%Y-%m-%d.log 86400"
JkLogLevel info
# Uncomment the following directive to log each jk requests for Tomcat.
# Since 1.2.26 you can log the duration in the apache custom log
# http://tomcat.apache.org/connectors-doc/reference/apache.html
# If commented there will be no requests information in the log
#JkRequestLogFormat "%b %H %m %p %q %r %s %v %w %V %T"
# For the perl analysis scripts:
#JkRequestLogFormat "%w %V %U %s %T %B %H %m" # Make sure that Apache cannot serve content from these directories
<LocationMatch "/WEB-INF/" >
deny from all <LocationMatch "/META-INF/" >
deny from all #@ Customize error pages in the main apache conf and use an html or a cgi
ErrorDocument 503 "Error 503: Tomcat is down, please contact DL-APAC-Ops-SAR-Team-All@ubs.com"
#ErrorDocument 404 "Error 404: not found" # Some jk options to read about - see http://tomcat -> FAQ
#JkOptions +ForwardKeySize +ForwardURICompat -ForwardDirectories
JkOptions +FlushPackets
##################################################################
#
# Application mapping to Tomcat
#
##################################################################
# Instead of the jkMount below, you can map dynamically update the mappings
# The file's content is checked by default every 60 sec. The content format is:
# /examples/*=myfirstapp
#JkMountFile conf/uriworkermap.properties
################################################################## # Enable the JK manager status page access from ipaddr or localhost only.
# This does not work w/o the load balancer setup in worker.properties;
# properties can be set to make the jk status mgr read only or read/write. JkMount jkstatus
Order deny,allow
Deny from all
Allow from 127.0.0.1 swissbank.com ubsw.net
#or Allow from 127.0.0.1 ##################################################################
#
#
# See FAQs to set Apache httpd to serve static content and Tomcat
# only to serve servlet/* and *.jsp
# You can have Tomcat serve it all, see special context: ROOT.xml
# JkMount /* myWorker
#
JkMount /my-web|/* myWorker
JkMount /your-web|/* yourWorker
Example of server.xml
<?xml version='1.0' encoding='utf-8'?>
<!--
Licensed to the Apache Software Foundation (ASF) under one or more
contributor license agreements. See the NOTICE file distributed with
this work for additional information regarding copyright ownership.
The ASF licenses this file to You under the Apache License, Version 2.0
(the "License"); you may not use this file except in compliance with
the License. You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
-->
<Server port="8005" shutdown="RaNdOm-SeCrEt-CoDe"> <!--Initialize Jasper prior to webapps are loaded. Documentation at /docs/jasper-howto.html -->
<Listener className="org.apache.catalina.core.JasperListener" />
<!-- Prevent memory leaks due to use of particular java/javax APIs-->
<Listener className="org.apache.catalina.core.JreMemoryLeakPreventionListener" />
<Listener className="org.apache.catalina.mbeans.GlobalResourcesLifecycleListener" />
<Listener className="org.apache.catalina.core.ThreadLocalLeakPreventionListener" /> <!-- Global JNDI resources
Documentation at /docs/jndi-resources-howto.html
-->
<GlobalNamingResources>
<!-- Editable user database that can also be used by UserDatabaseRealm to authenticate users -->
<!-- used for the manager and admin demo not to be used in production as is !! -->
<Resource name="UserDatabase" auth="Container"
type="org.apache.catalina.UserDatabase"
description="User database that can be updated and saved"
factory="org.apache.catalina.users.MemoryUserDatabaseFactory"
pathname="conf/tomcat-users.xml" />
</GlobalNamingResources> <!-- A "Service" is a collection of one or more "Connectors" that share a single "Container" -->
<Service name="Catalina"> <!-- Define a non-SSL HTTP/1.1 Connector on port 8080 -->
<!-- NOTE: MUST only be used as a development aid. It is banned in production "as-is".-->
<Connector protocol="HTTP/1.1"
port="8855"
maxHttpHeaderSize="8192"
maxThreads="150"
minSpareThreads="25"
enableLookups="false"
redirectPort="8443"
acceptCount="100"
connectionTimeout="20000"
disableUploadTimeout="true" /> <!-- Define an AJP 1.3 Connector on port 7505 for the Apache mod_jk -->
<!-- ** AMEND: port and requiredSecret parameters as required -->
<!-- See workers.properties if you need: connectionTimeout="600000" -->
<Connector port="7505"
protocol="AJP/1.3"
enableLookups="false"
redirectPort="8443"
requiredSecret="secretword"/> <!-- An Engine represents the entry point that processes analyzes the HTTP headers
included with the request, and passes them on to the appropriate Host (virtual host). -->
<Engine name="Catalina" defaultHost="localhost"> <!-- Use the LockOutRealm to prevent attempts to guess user passwords
via a brute-force attack -->
<Realm className="org.apache.catalina.realm.LockOutRealm"> <!-- This Realm uses the UserDatabase configured in the global JNDI -->
<Realm className="org.apache.catalina.realm.UserDatabaseRealm"
resourceName="UserDatabase"/>
</Realm> <Host name="localhost" appBase="webapps"
unpackWARs="true" autoDeploy="true" > <!-- You must set an access log -->
<Valve className="org.apache.catalina.valves.AccessLogValve" directory="logs/tomcat"
prefix="localhost_access_log." suffix=".txt"
pattern="%h %l %u %t "%r" %s %b" resolveHosts="false"/> </Host>
</Engine>
</Service>
</Server>
Apache, Tomcat, JK Configuration Example的更多相关文章
- Apache Tomcat 7 Configuration BIO NIO AIO APR ThreadPool
Apache Tomcat 7 Configuration Reference (7.0.93) - The Executor (thread pool)https://tomcat.apache.o ...
- Linux中Apache+Tomcat+JK实现负载均衡和群集的完整过程
人原创,一个字一个字地码的,尊重版权,转载请注明出处! http://blog.csdn.net/chaijunkun/article/details/6987443 最近在开发的项目需要承受很高的并 ...
- Apache+Tomcat+jk windows环境下的集群部署
记一次在Windows服务器上搭建apatch+tomcat+jk的集群搭建过程,其中也遇到了很多问题,总结一下. 一.准备工作 1.apache-tomcat-7.0.88 2.Apche http ...
- Apache + Tomcat + JK 集群
原文请见http://www.cnblogs.com/dennisit/p/3370220.html 本文介绍了集群和负载均衡的基本开源实现,实现了用Apache分发请求到多个Tomcat里面相应的应 ...
- ubuntu eclipse 建立server 提示coud not load the tomcat server configuration at /opt/apache ...的解决方法
ubuntu eclipse 建立server 提示coud not load the tomcat server configuration at /opt/apache ...的解决方法 & ...
- Apache + Tomcat + 连接器JK
一 安装Apache 下载apache: https://www.apache.org/ -> http://mirrors.cnnic.cn/apache/ -> http:// ...
- apache + tomcat 集群
apache2.2与tomcat集成(可以多个tomcat) 需求概况: 有3个服务: localhost:9091, localhost:9190. localhost:9191分别对应3个tomc ...
- Apache + Tomcat + mod_jk实现集群服务及session共享
实现效果:用apache 分发请求到tomcat中的对应的项目 原理:
- 整合apache+tomcat+keepalived实现高可用tomcat集群
Apache是一个强大的Web服务器在处理静态页面.处理大量网络客户请求.支持服务的种类以及可配置方面都有优势,高速并且强壮.但是没有JSP/Servlet的解析能力.整合Apache和Tomcat可 ...
随机推荐
- nginx虚拟主机配置小结
nginx的安装在lnmp环境搭建中已经介绍过了,配置文件在安装目录下的conf子目录下,主要主要分成四部分:main(全局设置).server(主机设置).upstream(负载均衡服务器设置).l ...
- centos 7.0 编译安装php 5.6.7
编译安装php参考资料 MySQL PHP API http://dev.mysql.com/doc/apis-php/en/index.html nginx + php +mysql 最简单安装 官 ...
- SSH搭建
1.首先在lib中导入ssh需要的jar包: 如图: 2.其次配置web.xml (在WEB-INF目录下) <?xml version="1.0" encoding=&qu ...
- angularjs 中state.go 跳转并且打开新的浏览器窗口
包子最近遇到业务人员提的非常无厘头的需求,就是调页面的时候,一定要打开一个新的浏览器窗口...>o<奇葩!!! 但是我的页面都是state.go跳转的呀,我各种百度,发现,貌似state, ...
- PHP判断文件或者目录是否可写
在PHP中,可用is_writable()函数来判断一个 文件/目录 是否可写,详情如下: 参考 is_writable (PHP 4, PHP 5) is_writable — 判断给定的文件名是否 ...
- 【重点】Shell入门教程:流程控制(2)条件判断的写法
第三节:条件判断的写法 if条件判断中,if的语法结构中的“条件判断”可以有多种形式.测试结果是真是假,就看其传回的值是否为0. 条件测试的写法,有以下10种: 1.执行某个命令的结果 这里的命令,可 ...
- OpenVPN使用用户名/密码验证方式
OpenVPN推荐使用证书进行认证,安全性很高,但是配置起来很麻烦.还好它也能像pptp等vpn一样使用用户名/密码进行认证. 不管何种认证方式,服务端的ca.crt, server.crt, ser ...
- 1.2Web API 2中的Action返回值
本主题描述 ASP.NET Web API 将返回值转换从一个控制器动作到 HTTP 响应消息. 一个 Web API 控制器动作可以返回下列任一操作 ︰ 1.void 2.IHttpActionRe ...
- linux各目录的作用
- Linux ftp访问控制配置,包括访问ftp权限和访问ftp目录权限
在Linux 上建立用户为website1 home目录是/data/home/website1 但是用ftp登录以后,路径可以随便切换,并且可以进入别的站点下 进行增.删.改 本篇的目的是:在lin ...