写给java开发的运维笔记(中级篇)-极客文库-知识库

如果图片无法查看或格式错乱,请前往极客文库-知识库查看原文

中级篇

  1. 配置tomcat为服务
  2. 配置tomcat+nginx反向代理
  3. 使用jemeter测试tomcat性能
  4. 优化tomcat8
  5. 配置多个tomcat
  6. 优化nginx配置
  7. 优化mysql配置
  8. nginx+startssl配置https

配置tomcat为服务

[root@localhost ~]# vim /etc/init.d/tomcat8

tomcat服务脚本

#!/bin/bash
#
# description: Apache Tomcat init script
# processname: tomcat  
# chkconfig: 234 20 80  
#
#
# Copyright (C) 2014 Miglen Evlogiev
#
# This program is free software: you can redistribute it and/or modify it under
# the terms of the GNU General Public License as published by the Free Software
# Foundation, either version 3 of the License, or (at your option) any later
# version.
#
# This program is distributed in the hope that it will be useful, but WITHOUT
# ANY WARRANTY; without even the implied warranty of  MERCHANTABILITY or FITNESS
# FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License along with
# this program.  If not, see <http://www.gnu.org/licenses/>.
#
# Initially forked from: gist.github.com/valotas/1000094
# Source: gist.github.com/miglen/5590986


#Location of JAVA_HOME (bin files)
export JAVA_HOME=/usr/local/java/jdk1.8.0_102
export JRE_HOME=/usr/local/java/jdk1.8.0_102/jre

#Add Java binary files to PATH
export PATH=$JAVA_HOME/bin:$PATH

#CATALINA_HOME is the location of the bin files of Tomcat  
export CATALINA_HOME=/usr/local/tomcat8

#CATALINA_BASE is the location of the configuration files of this instance of Tomcat
export CATALINA_BASE=/usr/local/tomcat8


#TOMCAT_USAGE is the message if this script is called without any options
TOMCAT_USAGE="Usage: $0 {\e[00;32mstart\e[00m|\e[00;31mstop\e[00m|\e[00;31mkill\e[00m|\e[00;32mstatus\e[00m|\e[00;31mrestart\e[00m}"

#SHUTDOWN_WAIT is wait time in seconds for java proccess to stop
SHUTDOWN_WAIT=20

tomcat_pid() {
        echo `ps -fe | grep $CATALINA_BASE | grep -v grep | tr -s " "|cut -d" " -f2`
}

start() {
  pid=$(tomcat_pid)
  if [ -n "$pid" ]
  then
    echo -e "\e[00;31mTomcat is already running (pid: $pid)\e[00m"
  else
    # Start tomcat
    echo -e "\e[00;32mStarting tomcat\e[00m"
    #ulimit -n 100000
    #umask 007
    #/bin/su -p -s /bin/sh $TOMCAT_USER
        if [ `user_exists $TOMCAT_USER` = "1" ]
        then
                /bin/su $TOMCAT_USER -c $CATALINA_HOME/bin/startup.sh
        else
                echo -e "\e[00;31mTomcat user $TOMCAT_USER does not exists. Starting with $(id)\e[00m"
                sh $CATALINA_HOME/bin/startup.sh
        fi
        status
  fi
  return 0
}

status(){
          pid=$(tomcat_pid)
          if [ -n "$pid" ]
            then echo -e "\e[00;32mTomcat is running with pid: $pid\e[00m"
          else
            echo -e "\e[00;31mTomcat is not running\e[00m"
            return 3
          fi
}

terminate() {
    echo -e "\e[00;31mTerminating Tomcat\e[00m"
    kill -9 $(tomcat_pid)
}

stop() {
  pid=$(tomcat_pid)
  if [ -n "$pid" ]
  then
    echo -e "\e[00;31mStoping Tomcat\e[00m"
    #/bin/su -p -s /bin/sh $TOMCAT_USER
        sh $CATALINA_HOME/bin/shutdown.sh

    let kwait=$SHUTDOWN_WAIT
    count=0;
    until [ `ps -p $pid | grep -c $pid` = '0' ] || [ $count -gt $kwait ]
    do
      echo -n -e "\n\e[00;31mwaiting for processes to exit\e[00m";
      sleep 1
      let count=$count+1;
    done

    if [ $count -gt $kwait ]; then
      echo -n -e "\n\e[00;31mkilling processes didn't stop after $SHUTDOWN_WAIT seconds\e[00m"
      terminate
    fi
  else
    echo -e "\e[00;31mTomcat is not running\e[00m"
  fi

  return 0
}

user_exists(){
        if id -u $1 >/dev/null 2>&1; then
        echo "1"
        else
                echo "0"
        fi
}

case $1 in
    start)
      start
    ;;
    stop)  
      stop
    ;;
    restart)
      stop
      start
    ;;
    status)
        status
        exit $?  
    ;;
    kill)
        terminate
    ;;      
    *)
        echo -e $TOMCAT_USAGE
    ;;
esac    
exit 0

这个脚本中需要注意你的jdk,jre位置和tomcat所在位置, 修改正确后保存。

给服务授权

[root@localhost ~]# chmod +x /etc/init.d/tomcat8

使用服务

[root@localhost ~]# service tomcat8 status
Tomcat is not running

[root@localhost ~]# service tomcat8 start
Starting tomcat
Using CATALINA_BASE:   /usr/local/tomcat8
Using CATALINA_HOME:   /usr/local/tomcat8
Using CATALINA_TMPDIR: /usr/local/tomcat8/temp
Using JRE_HOME:        /usr/local/java/jdk1.8.0_102/jre
Using CLASSPATH:       /usr/local/tomcat8/bin/bootstrap.jar:/usr/local/tomcat8/bin/tomcat-juli.jar
Tomcat started.
Tomcat is running with pid: 15282

[root@localhost ~]# service tomcat8 stop
Stoping Tomcat
Using CATALINA_BASE:   /usr/local/tomcat8
Using CATALINA_HOME:   /usr/local/tomcat8
Using CATALINA_TMPDIR: /usr/local/tomcat8/temp
Using JRE_HOME:        /usr/local/java/jdk1.8.0_102/jre
Using CLASSPATH:       /usr/local/tomcat8/bin/bootstrap.jar:/usr/local/tomcat8/bin/tomcat-juli.jar

waiting for processes to exit

设置开机启动

[root@localhost ~]# chkconfig --add tomcat8
[root@localhost ~]# chkconfig
auditd          0:off   1:off   2:on    3:on    4:on    5:on    6:off
blk-availability    0:off   1:on    2:on    3:on    4:on    5:on    6:off
crond           0:off   1:off   2:on    3:on    4:on    5:on    6:off
ip6tables       0:off   1:off   2:on    3:on    4:on    5:on    6:off
iptables        0:off   1:off   2:on    3:on    4:on    5:on    6:off
iscsi           0:off   1:off   2:off   3:on    4:on    5:on    6:off
iscsid          0:off   1:off   2:off   3:on    4:on    5:on    6:off
lvm2-monitor    0:off   1:on    2:on    3:on    4:on    5:on    6:off
mdmonitor       0:off   1:off   2:on    3:on    4:on    5:on    6:off
multipathd      0:off   1:off   2:off   3:off   4:off   5:off   6:off
mysqld          0:off   1:off   2:on    3:on    4:on    5:on    6:off
netconsole      0:off   1:off   2:off   3:off   4:off   5:off   6:off
netfs           0:off   1:off   2:off   3:on    4:on    5:on    6:off
network         0:off   1:off   2:on    3:on    4:on    5:on    6:off
nginx           0:off   1:off   2:on    3:on    4:on    5:on    6:off
postfix         0:off   1:off   2:on    3:on    4:on    5:on    6:off
rdisc           0:off   1:off   2:off   3:off   4:off   5:off   6:off
redis_6379      0:off   1:off   2:on    3:on    4:on    5:on    6:off
restorecond     0:off   1:off   2:off   3:off   4:off   5:off   6:off
rsyslog         0:off   1:off   2:on    3:on    4:on    5:on    6:off
saslauthd       0:off   1:off   2:off   3:off   4:off   5:off   6:off
sshd            0:off   1:off   2:on    3:on    4:on    5:on    6:off
tomcat8         0:off   1:off   2:on    3:on    4:on    5:off   6:off
udev-post       0:off   1:on    2:on    3:on    4:on    5:on    6:off

配置tomcat+nginx反向代理

一般我们服务器对外只暴力22, 443, 80端口,其他的尽量都在内网访问,那么tomcat的8080端口是不应该对外访问的,
nginx作为一个性能卓越的web服务器提供了反向代理的功能,可以做到转发。

假设我们现在有一个域名绑定在服务器的80端口上,使用tomcat搭建的程序,但是我又不想修改tomcat端口,该怎么办呢?

nginx默认监听了80端口,配置文件在 /usr/local/nginx/conf文件夹下的 nginx.conf

取消默认站点

[root@localhost]# cd /usr/local/nginx/conf
[root@localhost conf]# vim nginx.conf

server 块注释即可。然后我们在 conf 文件夹下创建一个 vhost 目录存储虚拟主机配置文件。

[root@localhost conf]# mkdir vhost

创建一个tomcat的虚拟主机配置文件。

[root@localhost conf]# vim vhost/tomcat8.conf

加入以下配置

server {
  listen       80;
  server_name localhost;

  location / {
    proxy_pass http://127.0.0.1:8080;
  }
}

nginx.conf 中将 vhost 文件夹下的配置文件引入,只需在 http 块中加入一行 include vhost/*.conf 保存即可。

重启nginx

[root@localhost conf]# service nginx restart
Stopping Nginx:                                            [  OK  ]
Starting Nginx:                                            [  OK  ]

查看tomcat是否已经启动,如果关闭将它开启,然后访问 http://192.168.100.128/

写给java开发的运维笔记(中级篇)-极客文库-知识库

这样tomcat的8080端口就被nginx转发了,我们此时用域名直接绑定到80端口即可!

使用jemeter测试tomcat性能

JMeter是Apache组织开发的基于Java的压力测试工具。用于对软件做压力测试,它最初被设计用于Web应用测试,但后来扩展到其他测试领域。

下载地址:http://jmeter.apache.org/download_jmeter.cgi

安装启动即可。

写给java开发的运维笔记(中级篇)-极客文库-知识库

服务器环境

  • CPU:Intel(R) Core(TM) i5-4590 CPU @ 3.30GHz
  • 内存:1G
  • 操作系统:CentOS6.8_x64
  • JDK:1.8.0_102
  • Tomcat:8.5.5

下面所有测试都是基于1000个请求做的,且都是访问Tomcat默认的ROOT首页

创建测试计划

写给java开发的运维笔记(中级篇)-极客文库-知识库
写给java开发的运维笔记(中级篇)-极客文库-知识库
写给java开发的运维笔记(中级篇)-极客文库-知识库

配置参数,这里我们进行多次测试.

写给java开发的运维笔记(中级篇)-极客文库-知识库
写给java开发的运维笔记(中级篇)-极客文库-知识库

并发用户数吞吐量/每秒请求等待时间/毫秒错误请求数/百分比
10199980.00
202667110.00
302746130.00
402730160.00
502682200.00
602756230.00
702764270.00
802714320.00
902131350.00
1002739380.00
2001404430.34%
3001066500.77%
400995521.23%
5001086461.42%
10001163592.83%

写给java开发的运维笔记(中级篇)-极客文库-知识库

写给java开发的运维笔记(中级篇)-极客文库-知识库

从上面的测试结果来看,在90-100个并发的时候出现不稳定,其他都比较平缓,请求时间一直在上涨。CPU负载均在60%左右。

在聚合报告中,会显示一行数据,共有10个字段,含义分别如下。

  • Label:每个 JMeter 的 element(例如 HTTP Request)都有一个 Name 属性,这里显示的就是 Name 属性的值

  • Samples:表示你这次测试中一共发出了多少个请求,如果模拟10个用户,每个用户迭代10次,那么这里显示100

  • Average:平均响应时间——默认情况下是单个 Request 的平均响应时间,当使用了 Transaction Controller 时,也可以以Transaction 为单位显示平均响应时间

  • Median:中位数,也就是 50% 用户的响应时间

  • 90% Line:90% 用户的响应时间

  • Min:最小响应时间

  • Max:最大响应时间

  • Error%:本次测试中出现错误的请求的数量/请求的总数

  • Throughput:吞吐量——默认情况下表示每秒完成的请求数(Request per Second)

  • KB/Sec:每秒从服务器端接收到的数据量,相当于LoadRunner中的Throughput/Sec

在下一章节我们介绍对tomcat8的优化。

优化tomcat8

我们优化tomcat的目的是提高并发性,即在多线程环境下能够快速响应,提高吞吐量。

首先在tomcat的bin目录下新建一个名为 setenv.sh 的文件,tomcat启动时会自动加载该文件。

[root@localhost bin]# vim setenv.sh

加入tomcat基础配置

#!/usr/bin

export CATALINA_HOME=/usr/local/tomcat8
export CATALINA_BASE=/usr/local/tomcat8

JAVA_OPTS

加入如下配置,我们服务器的内存是1G。这里我设置最大占用768

export JAVA_OPTS="$JAVA_OPTS\
 -server\
 -Xms768m\
 -Xmx768m\
 -Xss512k\
 -Djava.awt.headless=true\
 -Dfile.encoding=utf-8\
 -Djava.net.preferIPv4Stack=true\
 -Djava.security.egd=file:/dev/./urandom"
  • -server:表示这是应用于服务器的配置,JVM 内部会有特殊处理的
  • -Xms768m:设置JVM最大可用内存为768MB
  • -Xmx768m:设置JVM最小内存为768MB。此值可以设置与-Xmx相同,以避免每次垃圾回收完成后JVM重新分配内存。
  • -Dfile.encoding:默认文件编码
  • -Djava.net.preferIPv4Stack:使用IPV4
  • -Djava.security.egd:详细解释

优化server.xml

<Connector  port="8080" 
    maxThreads="8000"
        minSpareThreads="215"
        maxSpareThreads="2048"
        connectionTimeout="20000"
        redirectPort="8443"
    acceptCount="100"
        debug="0"
    enableLookups="false"
    disableUploadTimeout="true" URIEncoding="UTF-8" useBodyEncodingForURI="true" />

maxThreads 连接数限制

maxThreads 是 Tomcat 所能接受最大连接数。一般设置不要超过8000以上,如果你的网站访问量非常大可能使用运行多个Tomcat实例的方法。

安装apr

安装依赖

[root@localhost ~]# yum install -y openssl-devel

下载apr相关包

[root@localhost ~]# wget http://mirrors.tuna.tsinghua.edu.cn/apache//apr/apr-1.5.2.tar.gz
[root@localhost ~]# wget http://mirrors.tuna.tsinghua.edu.cn/apache//apr/apr-util-1.5.4.tar.gz
[root@localhost ~]# wget http://mirrors.tuna.tsinghua.edu.cn/apache//apr/apr-iconv-1.2.1.tar.gz

# 安装apr
[root@localhost ~]# tar -zxvf apr-1.5.2.tar.gz

[root@localhost ~]# cd apr-1.5.2
[root@localhost apr-1.5.2]# ./configure && make && make install

# 安装apr-util
[root@localhost ~]# tar -zxvf apr-util-1.5.4.tar.gz
[root@localhost ~]# cd apr-util-1.5.4
[root@localhost apr-util-1.5.4]# ./configure --with-apr=/usr/local/apr && make && make install

# 安装apr-iconv
[root@localhost ~]# cd apr-iconv-1.2.1
[root@localhost apr-iconv-1.2.1]# ./configure --with-apr=/usr/local/apr && make && make install

配置tomcat

[root@localhost apr-iconv-1.2.1]# cd /usr/local/tomcat8/bin/
[root@localhost bin]# tar -zxf tomcat-native.tar.gz
[root@localhost bin]# cd tomcat-native-1.2.8-src/native/
[root@localhost native]# ./configure --with-apr=/usr/local/apr && make && make install

这是提示我

configure: error: Your version of OpenSSL is not compatible with this version of tcnative

由于centos 当前的yum 库只有1.0.1 的OpenSSL,所以我们需要手工安装1.0.2

[root@localhost ~]# wget https://www.openssl.org/source/openssl-1.0.2-latest.tar.gz
[root@localhost ~]# tar -zxf openssl-1.0.2-latest.tar.gz
[root@localhost ~]# cd openssl-1.0.2h
[root@localhost openssl-1.0.2h]# ./config --prefix=/usr/local/openssl -fPIC

注意这里需要加入 -fPIC参数,否则后面在安装tomcat native 组件会出错
注意:不要按照提示去运行 make depend

[root@localhost openssl-1.0.2h]# make
[root@localhost openssl-1.0.2h]# make install
[root@localhost openssl-1.0.2h]# mv /usr/bin/openssl ~
[root@localhost openssl-1.0.2h]# ln -s /usr/local/openssl/bin/openssl /usr/bin/openssl
[root@localhost openssl-1.0.2h]# openssl version
OpenSSL 1.0.2h  3 May 2016

重新安装 tomcat-native组件

[root@localhost openssl-1.0.2h]# cd /usr/local/tomcat8/bin/tomcat-native-1.2.8-src/native/
[root@localhost native]# ./configure --with-apr=/usr/local/apr --with-ssl=/usr/local/openssl
[root@localhost native]# make && make install

setenv.sh 文件中添加

LD_LIBRARY_PATH=$LD_LIBRARY_PATH:/usr/local/apr/lib
export LD_LIBRARY_PATH

server.xml 中加

<Connector  port="8080" 
            protocol="org.apache.coyote.http11.Http11AprProtocol"
/>

启动tomcat,打开控制台日志可以看到如图所示的日志

写给java开发的运维笔记(中级篇)-极客文库-知识库

本站所有文章均来自互联网,如有侵权,请联系站长删除。极客文库 » 写给java开发的运维笔记(中级篇)-极客文库-知识库
分享到:
赞(0)

评论抢沙发

评论前必须登录!