How to deploy Play 1.2.x application on Tomcat on Debian
I wrote this because any tutorial on web about that had 3+ years, there were some errors on them, and I had error 403 or 404 after doing them.
1. Install apache 2.2 httpd server and tomcat6
login as root using su command:
suthen install some stuff
apt-get install apache2 libapache-mod-jk-doc libapache2-mod-jk tomcat6 tomcat6-admin2. Go to /var/lib/tomcat6/webapps and do
cd /var/lib/tomcat6/webapps3. Go to you play folder
mv ROOT oldroot
and do
play war --deps -o /var/lib/tomcat6/webapps/ROOTproblems? AttributeError: 'module' object has no attribute 'relpath' maybe?
you have to install python2.6 then by
apt-get install python2.6then edit play python executable by Vim for example and put
#!/usr/bin/python2.6
at the top of the file, the go to step 3 again
OK, so you have now server ready and tomcat, but nope, site isn't working yet
4. Edit server.xml
go to
cd /var/lib/tomcat6/confand comment HTTP connector and uncomment AJP13 connector (which rocks)
vim server.xml
example
<!-- COMMENTED BY ME -->
<!--
<Connector port="8080" protocol="HTTP/1.1"
connectionTimeout="20000"
URIEncoding="UTF-8"
redirectPort="8443" />
-->
<!-- A "Connector" using the shared thread pool-->
<!--
<Connector executor="tomcatThreadPool"
port="8080" protocol="HTTP/1.1"
connectionTimeout="20000"
redirectPort="8443" />
-->
<!-- Define a SSL HTTP/1.1 Connector on port 8443
This connector uses the JSSE configuration, when using APR, the
connector should be using the OpenSSL style configuration
described in the APR documentation -->
<!--
<Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true"
maxThreads="150" scheme="https" secure="true"
clientAuth="false" sslProtocol="TLS" />
-->
<!-- Define an AJP 1.3 Connector on port 8009 -->
<!--
<Connector port="8009" protocol="AJP/1.3" redirectPort="8443" />
-->
<!-- UNCOMMENTED BY ME -->
<Connector port="8009" protocol="AJP/1.3" redirectPort="8443" />
OK, so Tomcat part is over, now let's get back to Apache
5. Back to Apache
first, let assure we have mod_jk enabled
a2enmod jkthen restart apache
/etc/init.d/apache2 restartthen lets edit workers file
vim /etc/libapache2-mod-jk/workers.propertiesand replace
workers.tomcat_home=/usr/share/tomcat6
WITH
workers.tomcat_home=/var/lib/tomcat6
ok, two more steps and application will start
vim /etc/apache2/mods-enabled/jk.loadand put
<IfModule mod_jk.c>
JkWorkersFile /etc/libapache2-mod-jk/workers.properties
JkLogFile /var/log/apache2/mod_jk.log
JkLogLevel info
JkLogStampFormat "[%a %b %d %H:%M:%S %Y] "
JkRequestLogFormat "%w %V %T"
# Mount your applications
JkMount /var/lib/tomcat6/webapps/ROOT/WEB-INF ajp13_worker
JkShmFile /var/log/apache2/jk.shm
</IfModule>
there, and then
vim /etc/apache2/sites-enabled/000-defaultand there replace contents with
<VirtualHost *:80>
ServerAdmin webmaster@localhost
DocumentRoot /var/www
JkMount /* ajp13_worker
JkUnMount /*.jpg ajp13_worker
JkUnMount /*.gif ajp13_worker
UseCanonicalName On
DocumentRoot /var/lib/tomcat6/webapps/ROOT/WEB-INF/application/public
JkMount /* ajp13_worker
JkUnMount /*.jpg ajp13_worker
JkUnMount /*.gif ajp13_worker
JkUnMount /*.png ajp13_worker
JkUnMount /*.css ajp13_worker
JkUnMount /*.js ajp13_worker
ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
<Directory "/usr/lib/cgi-bin">
AllowOverride None
Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
Order allow,deny
Allow from all
</Directory>
ErrorLog ${APACHE_LOG_DIR}/error.log
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel warn
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
6. All done, restart apache and tomcat and all should work like charm
/etc/init.d/apache2 restart ; /etc/init.d/tomcat6 restart7. Now let's add varnish cache [optional]
apt-get install varnishthen, you need to
1) edit apache ports config, and change it to for example 8000
2) enable varnish autostart and set ports correctly
so:
vim /etc/default/varnish
and change
START=no
to
START=yes
then you need to configure Varnish correcly, to do so go to
vim /etc/varnish/default.vclbasically you need to change source port number to 8000, but you can do more
backend default {
.host = "127.0.0.1";
.port = "8000";
}
## Fetch
sub vcl_fetch {
## Remove the X-Forwarded-For header if it exists.
# remove req.http.X-Forwarded-For;
## insert the client IP address as X-Forwarded-For. This is the normal IP address of the user.
# set req.http.X-Forwarded-For = req.http.rlnclientipaddr;
## Added security, the "w00tw00t" attacks are pretty annoying so lets block it before it reaches our webserver
# if (req.url ~ "^/w00tw00t") {
error 403 "Not permitted";
# }
## Deliver the content
return(deliver);
}
## Deliver
sub vcl_deliver {
## We'll be hiding some headers added by Varnish. We want to make sure people are not seeing we're using Varnish.
## Since we're not caching (yet), why bother telling people we use it?
remove resp.http.X-Varnish;
remove resp.http.Via;
remove resp.http.Age;
## We'd like to hide the X-Powered-By headers. Nobody has to know we can run PHP and have version xyz of it.
remove resp.http.X-Powered-By;
## Remove the http.Server header
unset resp.http.Server;
## Change the http.Server header to something else
set resp.http.Server = "CERN";
}
then you need to change port number to 80
DAEMON_OPTS="-a :80 \
-T localhost:6082 \
-f /etc/varnish/default.vcl \
-S /etc/varnish/secret \
-s file,/var/lib/varnish/$INSTANCE/varnish_storage.bin,1G"
then go to /etc/apache2/ports.conf
vim /etc/apache2/ports.conf
and change all 80's to 8000, so it'll look like:
NameVirtualHost *:8000
Listen 8000almost done,
now edit vhost
vim /etc/apache2/sites-enabled/000-default
and change *.80 to *.8000
ALL DONE!
now restart apache2 & varnish and you have working supercharged play application
/etc/init.d/apache2 stop ; /etc/init.d/varnish start; /etc/init.d/apache2 start
Sample benchmark on this box, using Apache Benchmark with 64 connections:
play run --%production :
38 request / second
play @ tomcat
60 request / second
play @ tomcat + apache2 httpd
60-65 request / second
play @ tomcat + apache2 htttp + Varnish
3000 request / second
Brak komentarzy:
Prześlij komentarz