Как установить кота для многих экземпляров с ШЕФ-ПОВАРОМ?
Для некоторой основной информации и rogh обзора относительно основ обеспечения Apache HTTPD для окон Вы могли бы найти эту статью об Установках Apache Hardening Enterprise Против Нападений столь полезной, как я сделал.
1
задан Valter Silva
2 August 2013 в 22:21
Ссылка
1 ответ
Я создаю рецепт в chef, в котором вы просто определяете роль, для какого сервера вы помещаете эту роль, и он установит для вас множество экземпляров tomcat в другой порт.
Recipe : tomcat
атрибуты
default['tomcat']['default']['port'] = "8081"
files / default / catalina.sh
// this catalina.sh differs only with the JDK path inside of` it.
#!/bin/sh
# Licensed to the Apache Software Foundation (ASF) under one or more
# contributor license agreements. See the NOTICE file distributed with
# this work for additional information regarding copyright ownership.
# The ASF licenses this file to You under the Apache License, Version 2.0
# (the "License"); you may not use this file except in compliance with
# the License. You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# -----------------------------------------------------------------------------
# Start/Stop Script for the CATALINA Server
#
# Environment Variable Prerequisites
#
# CATALINA_HOME May point at your Catalina "build" directory.
#
# CATALINA_BASE (Optional) Base directory for resolving dynamic portions
# of a Catalina installation. If not present, resolves to
# the same directory that CATALINA_HOME points to.
#
# CATALINA_OUT (Optional) Full path to a file where stdout and stderr
# will be redirected.
# Default is $CATALINA_BASE/logs/catalina.out
#
# CATALINA_OPTS (Optional) Java runtime options used when the "start",
# or "run" command is executed.
#
# CATALINA_TMPDIR (Optional) Directory path location of temporary directory
# the JVM should use (java.io.tmpdir). Defaults to
# $CATALINA_BASE/temp.
#
# JAVA_HOME Must point at your Java Development Kit installation.
# Required to run the with the "debug" argument.
#
# JRE_HOME Must point at your Java Development Kit installation.
# Defaults to JAVA_HOME if empty.
#
# JAVA_OPTS (Optional) Java runtime options used when the "start",
# "stop", or "run" command is executed.
#
# JAVA_ENDORSED_DIRS (Optional) Lists of of colon separated directories
# containing some jars in order to allow replacement of APIs
# created outside of the JCP (i.e. DOM and SAX from W3C).
# It can also be used to update the XML parser implementation.
# Defaults to $CATALINA_HOME/endorsed.
#
# JPDA_TRANSPORT (Optional) JPDA transport used when the "jpda start"
# command is executed. The default is "dt_socket".
#
# JPDA_ADDRESS (Optional) Java runtime options used when the "jpda start"
# command is executed. The default is 8000.
#
# JPDA_SUSPEND (Optional) Java runtime options used when the "jpda start"
# command is executed. Specifies whether JVM should suspend
# execution immediately after startup. Default is "n".
#
# JPDA_OPTS (Optional) Java runtime options used when the "jpda start"
# command is executed. If used, JPDA_TRANSPORT, JPDA_ADDRESS,
# and JPDA_SUSPEND are ignored. Thus, all required jpda
# options MUST be specified. The default is:
#
# -agentlib:jdwp=transport=$JPDA_TRANSPORT,
# address=$JPDA_ADDRESS,server=y,suspend=$JPDA_SUSPEND
#
# CATALINA_PID (Optional) Path of the file which should contains the pid
# of catalina startup java process, when start (fork) is used
#
# LOGGING_CONFIG (Optional) Override Tomcat's logging config file
# Example (all one line)
# LOGGING_CONFIG="-Djava.util.logging.config.file=$CATALINA_BASE/conf/logging.properties"
#
# LOGGING_MANAGER (Optional) Override Tomcat's logging manager
# Example (all one line)
# LOGGING_MANAGER="-Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager"
#
# $Id: catalina.sh 1146097 2011-07-13 15:25:05Z markt $
# -----------------------------------------------------------------------------
# OS specific support. $var _must_ be set to either true or false.
cygwin=false
os400=false
darwin=false
case "`uname`" in
CYGWIN*) cygwin=true;;
OS400*) os400=true;;
Darwin*) darwin=true;;
esac
JAVA_HOME=/company/jdk6
JRE_HOME=/company/jdk6/jre
JAVA_OPTS="$JAVA_OPTS ""-Xms2048m ""-Xmx2048m ""-Dsun.jnu.encoding=ISO-8859-1 ""-Dfile.encoding=ISO-8859-1 ""-XX:MaxPermSize=256m ""-XX:+CMSClassUnloadingEnabled ""-XX:+CMSClassUnloadingEnabled"
# resolve links - $0 may be a softlink
PRG="$0"
while [ -h "$PRG" ]; do
ls=`ls -ld "$PRG"`
link=`expr "$ls" : '.*-> \(.*\)$'`
if expr "$link" : '/.*' > /dev/null; then
PRG="$link"
else
PRG=`dirname "$PRG"`/"$link"
fi
done
# Get standard environment variables
PRGDIR=`dirname "$PRG"`
# Only set CATALINA_HOME if not already set
[ -z "$CATALINA_HOME" ] && CATALINA_HOME=`cd "$PRGDIR/.." >/dev/null; pwd`
# Copy CATALINA_BASE from CATALINA_HOME if not already set
[ -z "$CATALINA_BASE" ] && CATALINA_BASE="$CATALINA_HOME"
# Ensure that any user defined CLASSPATH variables are not used on startup,
# but allow them to be specified in setenv.sh, in rare case when it is needed.
CLASSPATH=
if [ -r "$CATALINA_BASE/bin/setenv.sh" ]; then
. "$CATALINA_BASE/bin/setenv.sh"
elif [ -r "$CATALINA_HOME/bin/setenv.sh" ]; then
. "$CATALINA_HOME/bin/setenv.sh"
fi
# For Cygwin, ensure paths are in UNIX format before anything is touched
if $cygwin; then
[ -n "$JAVA_HOME" ] && JAVA_HOME=`cygpath --unix "$JAVA_HOME"`
[ -n "$JRE_HOME" ] && JRE_HOME=`cygpath --unix "$JRE_HOME"`
[ -n "$CATALINA_HOME" ] && CATALINA_HOME=`cygpath --unix "$CATALINA_HOME"`
[ -n "$CATALINA_BASE" ] && CATALINA_BASE=`cygpath --unix "$CATALINA_BASE"`
[ -n "$CLASSPATH" ] && CLASSPATH=`cygpath --path --unix "$CLASSPATH"`
fi
# For OS400
if $os400; then
# Set job priority to standard for interactive (interactive - 6) by using
# the interactive priority - 6, the helper threads that respond to requests
# will be running at the same priority as interactive jobs.
COMMAND='chgjob job('$JOBNAME') runpty(6)'
system $COMMAND
# Enable multi threading
export QIBM_MULTI_THREADED=Y
fi
# Get standard Java environment variables
if $os400; then
# -r will Only work on the os400 if the files are:
# 1. owned by the user
# 2. owned by the PRIMARY group of the user
# this will not work if the user belongs in secondary groups
BASEDIR="$CATALINA_HOME"
. "$CATALINA_HOME"/bin/setclasspath.sh
else
if [ -r "$CATALINA_HOME"/bin/setclasspath.sh ]; then
BASEDIR="$CATALINA_HOME"
. "$CATALINA_HOME"/bin/setclasspath.sh
else
echo "Cannot find $CATALINA_HOME/bin/setclasspath.sh"
echo "This file is needed to run this program"
exit 1
fi
fi
if [ -z "$CATALINA_BASE" ] ; then
CATALINA_BASE="$CATALINA_HOME"
fi
# Add tomcat-juli.jar and bootstrap.jar to classpath
# tomcat-juli.jar can be over-ridden per instance
if [ ! -z "$CLASSPATH" ] ; then
CLASSPATH="$CLASSPATH":
fi
if [ "$CATALINA_BASE" != "$CATALINA_HOME" ] && [ -r "$CATALINA_BASE/bin/tomcat-juli.jar" ] ; then
CLASSPATH="$CLASSPATH""$CATALINA_BASE"/bin/tomcat-juli.jar:"$CATALINA_HOME"/bin/bootstrap.jar
else
CLASSPATH="$CLASSPATH""$CATALINA_HOME"/bin/bootstrap.jar
fi
if [ -z "$CATALINA_OUT" ] ; then
CATALINA_OUT="$CATALINA_BASE"/logs/catalina.out
fi
if [ -z "$CATALINA_TMPDIR" ] ; then
# Define the java.io.tmpdir to use for Catalina
CATALINA_TMPDIR="$CATALINA_BASE"/temp
fi
# Bugzilla 37848: When no TTY is available, don't output to console
have_tty=0
if [ "`tty`" != "not a tty" ]; then
have_tty=1
fi
# For Cygwin, switch paths to Windows format before running java
if $cygwin; then
JAVA_HOME=`cygpath --absolute --windows "$JAVA_HOME"`
JRE_HOME=`cygpath --absolute --windows "$JRE_HOME"`
CATALINA_HOME=`cygpath --absolute --windows "$CATALINA_HOME"`
CATALINA_BASE=`cygpath --absolute --windows "$CATALINA_BASE"`
CATALINA_TMPDIR=`cygpath --absolute --windows "$CATALINA_TMPDIR"`
CLASSPATH=`cygpath --path --windows "$CLASSPATH"`
JAVA_ENDORSED_DIRS=`cygpath --path --windows "$JAVA_ENDORSED_DIRS"`
fi
# Set juli LogManager config file if it is present and an override has not been issued
if [ -z "$LOGGING_CONFIG" ]; then
if [ -r "$CATALINA_BASE"/conf/logging.properties ]; then
LOGGING_CONFIG="-Djava.util.logging.config.file=$CATALINA_BASE/conf/logging.properties"
else
# Bugzilla 45585
LOGGING_CONFIG="-Dnop"
fi
fi
if [ -z "$LOGGING_MANAGER" ]; then
JAVA_OPTS="$JAVA_OPTS -Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager"
else
JAVA_OPTS="$JAVA_OPTS $LOGGING_MANAGER"
fi
# ----- Execute The Requested Command -----------------------------------------
# Bugzilla 37848: only output this if we have a TTY
if [ $have_tty -eq 1 ]; then
echo "Using CATALINA_BASE: $CATALINA_BASE"
echo "Using CATALINA_HOME: $CATALINA_HOME"
echo "Using CATALINA_TMPDIR: $CATALINA_TMPDIR"
if [ "$1" = "debug" ] ; then
echo "Using JAVA_HOME: $JAVA_HOME"
else
echo "Using JRE_HOME: $JRE_HOME"
fi
echo "Using CLASSPATH: $CLASSPATH"
if [ ! -z "$CATALINA_PID" ]; then
echo "Using CATALINA_PID: $CATALINA_PID"
fi
fi
if [ "$1" = "jpda" ] ; then
if [ -z "$JPDA_TRANSPORT" ]; then
JPDA_TRANSPORT="dt_socket"
fi
if [ -z "$JPDA_ADDRESS" ]; then
JPDA_ADDRESS="8000"
fi
if [ -z "$JPDA_SUSPEND" ]; then
JPDA_SUSPEND="n"
fi
if [ -z "$JPDA_OPTS" ]; then
JPDA_OPTS="-agentlib:jdwp=transport=$JPDA_TRANSPORT,address=$JPDA_ADDRESS,server=y,suspend=$JPDA_SUSPEND"
fi
CATALINA_OPTS="$CATALINA_OPTS $JPDA_OPTS"
shift
fi
if [ "$1" = "debug" ] ; then
if $os400; then
echo "Debug command not available on OS400"
exit 1
else
shift
if [ "$1" = "-security" ] ; then
if [ $have_tty -eq 1 ]; then
echo "Using Security Manager"
fi
shift
exec "$_RUNJDB" "$LOGGING_CONFIG" $JAVA_OPTS $CATALINA_OPTS \
-Djava.endorsed.dirs="$JAVA_ENDORSED_DIRS" -classpath "$CLASSPATH" \
-sourcepath "$CATALINA_HOME"/../../java \
-Djava.security.manager \
-Djava.security.policy=="$CATALINA_BASE"/conf/catalina.policy \
-Dcatalina.base="$CATALINA_BASE" \
-Dcatalina.home="$CATALINA_HOME" \
-Djava.io.tmpdir="$CATALINA_TMPDIR" \
org.apache.catalina.startup.Bootstrap "$@" start
else
exec "$_RUNJDB" "$LOGGING_CONFIG" $JAVA_OPTS $CATALINA_OPTS \
-Djava.endorsed.dirs="$JAVA_ENDORSED_DIRS" -classpath "$CLASSPATH" \
-sourcepath "$CATALINA_HOME"/../../java \
-Dcatalina.base="$CATALINA_BASE" \
-Dcatalina.home="$CATALINA_HOME" \
-Djava.io.tmpdir="$CATALINA_TMPDIR" \
org.apache.catalina.startup.Bootstrap "$@" start
fi
fi
elif [ "$1" = "run" ]; then
shift
if [ "$1" = "-security" ] ; then
if [ $have_tty -eq 1 ]; then
echo "Using Security Manager"
fi
shift
exec "$_RUNJAVA" "$LOGGING_CONFIG" $JAVA_OPTS $CATALINA_OPTS \
-Djava.endorsed.dirs="$JAVA_ENDORSED_DIRS" -classpath "$CLASSPATH" \
-Djava.security.manager \
-Djava.security.policy=="$CATALINA_BASE"/conf/catalina.policy \
-Dcatalina.base="$CATALINA_BASE" \
-Dcatalina.home="$CATALINA_HOME" \
-Djava.io.tmpdir="$CATALINA_TMPDIR" \
org.apache.catalina.startup.Bootstrap "$@" start
else
exec "$_RUNJAVA" "$LOGGING_CONFIG" $JAVA_OPTS $CATALINA_OPTS \
-Djava.endorsed.dirs="$JAVA_ENDORSED_DIRS" -classpath "$CLASSPATH" \
-Dcatalina.base="$CATALINA_BASE" \
-Dcatalina.home="$CATALINA_HOME" \
-Djava.io.tmpdir="$CATALINA_TMPDIR" \
org.apache.catalina.startup.Bootstrap "$@" start
fi
elif [ "$1" = "start" ] ; then
if [ ! -z "$CATALINA_PID" ]; then
if [ -f "$CATALINA_PID" ]; then
if [ -s "$CATALINA_PID" ]; then
echo "Existing PID file found during start."
if [ -r "$CATALINA_PID" ]; then
PID=`cat "$CATALINA_PID"`
ps -p $PID >/dev/null 2>&1
if [ $? -eq 0 ] ; then
echo "Tomcat appears to still be running with PID $PID. Start aborted."
exit 1
else
echo "Removing/clearing stale PID file."
rm -f "$CATALINA_PID" >/dev/null 2>&1
if [ $? != 0 ]; then
if [ -w "$CATALINA_PID" ]; then
cat /dev/null > "$CATALINA_PID"
else
echo "Unable to remove or clear stale PID file. Start aborted."
exit 1
fi
fi
fi
else
echo "Unable to read PID file. Start aborted."
exit 1
fi
else
rm -f "$CATALINA_PID" >/dev/null 2>&1
if [ $? != 0 ]; then
if [ ! -w "$CATALINA_PID" ]; then
echo "Unable to remove or write to empty PID file. Start aborted."
exit 1
fi
fi
fi
fi
fi
shift
touch "$CATALINA_OUT"
if [ "$1" = "-security" ] ; then
if [ $have_tty -eq 1 ]; then
echo "Using Security Manager"
fi
shift
"$_RUNJAVA" "$LOGGING_CONFIG" $JAVA_OPTS $CATALINA_OPTS \
-Djava.endorsed.dirs="$JAVA_ENDORSED_DIRS" -classpath "$CLASSPATH" \
-Djava.security.manager \
-Djava.security.policy=="$CATALINA_BASE"/conf/catalina.policy \
-Dcatalina.base="$CATALINA_BASE" \
-Dcatalina.home="$CATALINA_HOME" \
-Djava.io.tmpdir="$CATALINA_TMPDIR" \
org.apache.catalina.startup.Bootstrap "$@" start \
>> "$CATALINA_OUT" 2>&1 &
else
"$_RUNJAVA" "$LOGGING_CONFIG" $JAVA_OPTS $CATALINA_OPTS \
-Djava.endorsed.dirs="$JAVA_ENDORSED_DIRS" -classpath "$CLASSPATH" \
-Dcatalina.base="$CATALINA_BASE" \
-Dcatalina.home="$CATALINA_HOME" \
-Djava.io.tmpdir="$CATALINA_TMPDIR" \
org.apache.catalina.startup.Bootstrap "$@" start \
>> "$CATALINA_OUT" 2>&1 &
fi
if [ ! -z "$CATALINA_PID" ]; then
echo $! > "$CATALINA_PID"
fi
elif [ "$1" = "stop" ] ; then
shift
SLEEP=5
if [ ! -z "$1" ]; then
echo $1 | grep "[^0-9]" >/dev/null 2>&1
if [ $? -gt 0 ]; then
SLEEP=$1
shift
fi
fi
FORCE=0
if [ "$1" = "-force" ]; then
shift
FORCE=1
fi
if [ ! -z "$CATALINA_PID" ]; then
if [ -f "$CATALINA_PID" ]; then
if [ -s "$CATALINA_PID" ]; then
kill -0 `cat "$CATALINA_PID"` >/dev/null 2>&1
if [ $? -gt 0 ]; then
echo "PID file found but no matching process was found. Stop aborted."
exit 1
fi
else
echo "PID file is empty and has been ignored."
fi
else
echo "\$CATALINA_PID was set but the specified file does not exist. Is Tomcat running? Stop aborted."
exit 1
fi
fi
"$_RUNJAVA" $JAVA_OPTS \
-Djava.endorsed.dirs="$JAVA_ENDORSED_DIRS" -classpath "$CLASSPATH" \
-Dcatalina.base="$CATALINA_BASE" \
-Dcatalina.home="$CATALINA_HOME" \
-Djava.io.tmpdir="$CATALINA_TMPDIR" \
org.apache.catalina.startup.Bootstrap "$@" stop
if [ ! -z "$CATALINA_PID" ]; then
if [ -f "$CATALINA_PID" ]; then
while [ $SLEEP -ge 0 ]; do
kill -0 `cat "$CATALINA_PID"` >/dev/null 2>&1
if [ $? -gt 0 ]; then
rm -f "$CATALINA_PID" >/dev/null 2>&1
if [ $? != 0 ]; then
if [ -w "$CATALINA_PID" ]; then
cat /dev/null > "$CATALINA_PID"
else
echo "Tomcat stopped but the PID file could not be removed or cleared."
fi
fi
break
fi
if [ $SLEEP -gt 0 ]; then
sleep 1
fi
if [ $SLEEP -eq 0 ]; then
if [ $FORCE -eq 0 ]; then
echo "Tomcat did not stop in time. PID file was not removed."
fi
fi
SLEEP=`expr $SLEEP - 1 `
done
fi
fi
if [ $FORCE -eq 1 ]; then
if [ -z "$CATALINA_PID" ]; then
echo "Kill failed: \$CATALINA_PID not set"
else
if [ -f "$CATALINA_PID" ]; then
PID=`cat "$CATALINA_PID"`
echo "Killing Tomcat with the PID: $PID"
kill -9 $PID
rm -f "$CATALINA_PID" >/dev/null 2>&1
if [ $? != 0 ]; then
echo "Tomcat was killed but the PID file could not be removed."
fi
fi
fi
fi
elif [ "$1" = "version" ] ; then
"$_RUNJAVA" \
-classpath "$CATALINA_HOME/lib/catalina.jar" \
org.apache.catalina.util.ServerInfo
else
echo "Usage: catalina.sh ( commands ... )"
echo "commands:"
if $os400; then
echo " debug Start Catalina in a debugger (not available on OS400)"
echo " debug -security Debug Catalina with a security manager (not available on OS400)"
else
echo " debug Start Catalina in a debugger"
echo " debug -security Debug Catalina with a security manager"
fi
echo " jpda start Start Catalina under JPDA debugger"
echo " run Start Catalina in the current window"
echo " run -security Start in the current window with security manager"
echo " start Start Catalina in a separate window"
echo " start -security Start in a separate window with security manager"
echo " stop Stop Catalina, waiting up to 5 seconds for the process to end"
echo " stop n Stop Catalina, waiting up to n seconds for the process to end"
echo " stop -force Stop Catalina, wait up to 5 seconds and then use kill -KILL if still running"
echo " stop n -force Stop Catalina, wait up to n seconds and then use kill -KILL if still running"
echo " version What version of tomcat are you running?"
echo "Note: Waiting for the process to end and use of the -force option require that \$CATALINA_PID is defined"
exit 1
fi
files / default / tomcat-users.xml
<tomcat-users><role rolename="manager-gui"/><role rolename="admin-gui"/><user username="admin" password="tucanoNAj4n3l4" roles="manager-gui,admin-gui"/></tomcat-users>
recipes / default.rb
#
# Cookbook Name:: tomcat-ii
# Recipe:: default
#
# Copyright 2013, company.com
#
# All rights reserved - Do Not Redistribute
#
return if tagged?('norun::tomcat-ii')
user "tomcat" do
system true
end
bash "download_tomcat_6" do
user "root"
code <<-EOH
cd /company/inst-files/
if [ ! -f /company/inst-files/tomcat-6.tar.gz ]; then
wget https://s3.amazonaws.com/company-backup/infra/linux/software/tomcat-6.tar.gz
tar xzvf tomcat-6.tar.gz -C /company/inst-files/
fi
EOH
end
node['tomcat']['port'].each do |port|
directory "/company/tomcat-6-port-#{port}" do
owner "tomcat"
group "tomcat"
mode 00755
action :create
end
directory "/company-logs/tomcat-6-port-#{port}/old" do
owner "tomcat"
group "tomcat"
mode 00755
action :create
recursive true
end
directory "/company/tomcat-6-port-#{port}/webapps" do
owner "tomcat"
group "tomcat_admin"
mode 00755
action :nothing
recursive true
end
bash "install_tomcat_6" do
user "root"
code <<-EOH
if [ ! -d "/company/tomcat-6-port-#{port}/conf" ]; then
cd /company/inst-files
cp -rv tomcat-6/* /company/tomcat-6-port-#{port}/
rm -rf /company/tomcat-6-port-#{port}/logs
ln -s /company-logs/tomcat-6-port-#{port}/ /company/tomcat-6-port-#{port}/logs
port="#{port}"
echo "$port" > /tmp/port.log
short_port="${port:2:2}";
sed 's:<Server port="8005" shutdown="SHUTDOWN">:<Server port="'"$short_port"05'" shutdown="SHUTDOWN">:' /company/tomcat-6-port-#{port}/conf/server.xml > /company/temp_server_1.xml;
sed 's:<Connector port="8080" protocol="HTTP/1\.1:<Connector port="'"$port"'" protocol="HTTP/1\.1:' /company/temp_server_1.xml > /company/temp_server_2.xml;
sed 's:<Connector port="8009" protocol="AJP/1\.3" redirectPort="8443" />:<Connector port="'"$short_port"09'" protocol="AJP/1.3" redirectPort="'"$short_port"43'" />":' /company/temp_server_2.xml > /company/temp_server_3.xml;
sed 's:<Engine name="Catalina" defaultHost="localhost">:<Engine name="Catalina" defaultHost="localhost" jvmRoute="'tomcat"$port"'">":' /company/temp_server_3.xml > /company/temp_server_4.xml;
mv /company/tomcat-6-port-#{port}/conf/server.xml /company/tomcat-6-port-#{port}/conf/server.xml.original;
mv /company/temp_server_4.xml /company/tomcat-6-port-#{port}/conf/server.xml;
rm /company/temp_server*;
/bin/chown tomcat:tomcat /company/tomcat-6-port-#{port}/ -R
/bin/chown tomcat:tomcat /company-logs/tomcat-6-port-#{port}/ -R
/bin/chown tomcat:tomcat /company/tomcat-6-port-#{port}/webapps -R
fi
EOH
end
execute "set permissions tomcat" do
command "/bin/chown tomcat:tomcat /company/tomcat-6-port-#{port}/ -R"
action :run
only_if do File.exists?("/company/tomcat-6-port-#{port}") end
end
execute "set permissions tomcat" do
command "/bin/chown tomcat:tomcat /company-logs/tomcat-6-port-#{port}/ -R"
action :run
only_if do File.exists?("/company-logs/tomcat-6-port-#{port}") end
end
execute "set permissions tomcat" do
command "/bin/chown tomcat:tomcat_admin /company/tomcat-6-port-#{port}/webapps -R"
action :run
only_if do File.exists?("/company/tomcat-6-port-#{port}/webapps") end
end
template "/etc/init.d/tomcat-6-port-#{port}" do
owner "root"
group "root"
mode "0755"
source "tomcat-service.erb"
variables(
:port => "#{port}"
)
end
cookbook_file "/company/tomcat-6-port-#{port}/conf/tomcat-users.xml" do
owner "tomcat"
group "tomcat"
mode "0755"
source "tomcat-users.xml"
end
cookbook_file "/company/tomcat-6-port-#{port}/bin/catalina.sh" do
owner "tomcat"
group "tomcat"
mode "0755"
source "catalina.sh"
end
service "tomcat-6-port-#{port}" do
supports :status => true,
:start => true,
:stop => true,
:restart => true
action [ :enable, :start ]
end
end
templates/default/tomcat-service.erb
# This is the init script for starting up the
# Jakarta Tomcat server
#
# chkconfig: 345 91 10
# description: Starts and stops the Tomcat daemon.
#
# Source function library.
. /etc/rc.d/init.d/functions
# Get config.
. /etc/sysconfig/network
# Check that networking is up.
[ "${NETWORKING}" = "no" ] && exit 0
tomcat=/company/tomcat-6-port-<%= @port %>
startup=$tomcat/bin/startup.sh
shutdown=$tomcat/bin/shutdown.sh
export JAVA_HOME=/company/jdk6
start(){
#move os arquivos de log para os arquivos antigos
/bin/ls /company-logs/tomcat-6-port-<%= @port %>/*.log > /dev/null 2>&1
if [ $? -eq 0 ]; then
mv -f /company-logs/tomcat-6-port-<%= @port %>/*.log /company-logs/tomcat-6-port-<%= @port %>/old/
fi
#move o catalina.out para os arquivos antigos
if [ -e /company-logs/tomcat-6-port-<%= @port %>/catalina.out ]; then
mv -f /company-logs/tomcat-6-port-<%= @port %>/catalina.out /company-logs/tomcat-6-port-<%= @port %>/old/
fi
numproc=`ps -ef | grep "/company/tomcat-6-port-<%= @port %>/bin/bootstrap.jar" | grep -v grep |awk -F' ' '{ print $2 }'`;
if [ $numproc ]; then
echo "Tomcat <%= @port %> is running!"
echo "Stop then first!"
else
action $"Starting Tomcat <%= @port %> service: " su - tomcat -c $startup
RETVAL=$?
fi
}
stop(){
numproc=`ps -ef | grep "/company/tomcat-6-port-<%= @port %>/bin/bootstrap.jar" | grep -v grep |awk -F' ' '{ print $2 }'`;
if [ $numproc ]; then
action $"Stopping Tomcat <%= @port %> service: " $shutdown
RETVAL=$?
else
echo "Tomcat <%= @port %> is not running..."
fi
numproc=`ps -ef | grep "/company/tomcat-6-port-<%= @port %>/bin/bootstrap.jar" | grep -v grep |awk -F' ' '{ print $2 }'`;
if [ $numproc ]; then
kill -9 $numproc
fi
}
restart(){
stop
start
}
status(){
numproc=`ps -ef | grep "/company/tomcat-6-port-<%= @port %>/bin/bootstrap.jar" | grep -v grep | wc -l`
if [ $numproc -gt 0 ]; then
echo "Tomcat is running..."
else
echo "Tomcat is stopped..."
fi
}
# See how we were called.
case "$1" in
start)
start
;;
stop)
stop
;;
status)
status
;;
restart)
restart
;;
*)
echo $"Usage: $0 {start|stop|status|restart}"
exit 1
esac
exit 0
Затем вы должны просто создать роль для сервера:
roles / tomcat-server93.rb
name "tomcat-server93"
description "Configuration to tomcat instances"
default_attributes(
"tomcat" => {
"port" => [ "8081", "8082", "8083" ]
}
)
run_list(
"recipe[tomcat]"
)
1