“Docker tomcat”的版本间的差异

来自linux中国网wiki
跳转至: 导航搜索
see also
on debian
(未显示同一用户的1个中间版本)
第1行: 第1行:
 
=docker tomcat=
 
=docker tomcat=
 +
==on debian==
 +
===目录===
 +
<pre>
 +
 +
tomcat]# tree .
 +
.
 +
|-- apache-tomcat-8.5.42.tar.gz
 +
|-- docker-compose.yml
 +
|-- Dockerfile
 +
|-- index.jsp
 +
|-- jdk-8u211-linux-x64.tar.gz
 +
|-- server.xml
 +
|-- webapps
 +
|  `-- ROOT
 +
|      `-- index.jsp
 +
`-- web.xml
 +
 +
 +
</pre>
 +
===dockerfile===
 +
<pre>
 +
 +
cat Dockerfile
 +
FROM debian:stretch-slim
 +
# 指定管理员
 +
MAINTAINER  linuxsa.org
 +
# 解压jdk包到指定目录
 +
ADD jdk-8u211-linux-x64.tar.gz /usr/local
 +
# 安装jdk包到指定目录
 +
ENV JAVA_HOME /usr/local/jdk1.8.0_211
 +
# 解压tomcat包到指定目录
 +
ADD apache-tomcat-8.5.42.tar.gz /usr/local
 +
 +
#RUN rm -f /usr/local/*.tar.gz            #删除安装包 容器轻量化
 +
RUN rm -rf /usr/local/apache-tomcat-8.5.42/webapps/ROOT/*
 +
RUN rm -rf /usr/local/apache-tomcat-8.5.42/webapps/ROOT/index.jsp
 +
# 将本地配置文件复制到镜像内
 +
#
 +
#COPY server.xml /usr/local/apache-tomcat-8.5.42/conf
 +
#COPY webapps /usr/local/apache-tomcat-8.5.42/
 +
ADD  index.jsp  /usr/local/apache-tomcat-8.5.42/webapps/ROOT/
 +
COPY  index.jsp  /usr/local/apache-tomcat-8.5.42/webapps/ROOT/
 +
#/usr/local/apache-tomcat-8.5.42/webapps/ROOT
 +
#RUN rm -rf /usr/local/apache-tomcat-8.5.42/webapps/ROOT/*
 +
# 指定服务暴露端口
 +
EXPOSE 8080
 +
# 启动tomcat服务
 +
ENTRYPOINT ["/usr/local/apache-tomcat-8.5.42/bin/catalina.sh", "run"]
 +
 +
</pre>
 +
 +
===server.xml===
 +
<pre>
 +
 +
<?xml version='1.0' encoding='utf-8'?>
 +
<!--
 +
  Licensed to the Apache Software Foundation (ASF) under one or more
 +
  contributor license agreements.  See the NOTICE file distributed with
 +
  this work for additional information regarding copyright ownership.
 +
  The ASF licenses this file to You under the Apache License, Version 2.0
 +
  (the "License"); you may not use this file except in compliance with
 +
  the License.  You may obtain a copy of the License at
 +
 +
      http://www.apache.org/licenses/LICENSE-2.0
 +
 +
  Unless required by applicable law or agreed to in writing, software
 +
  distributed under the License is distributed on an "AS IS" BASIS,
 +
  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 +
  See the License for the specific language governing permissions and
 +
  limitations under the License.
 +
-->
 +
<!-- Note:  A "Server" is not itself a "Container", so you may not
 +
    define subcomponents such as "Valves" at this level.
 +
    Documentation at /docs/config/server.html
 +
-->
 +
<Server port="8005" shutdown="SHUTDOWN">
 +
  <Listener className="org.apache.catalina.startup.VersionLoggerListener" />
 +
  <!-- Security listener. Documentation at /docs/config/listeners.html
 +
  <Listener className="org.apache.catalina.security.SecurityListener" />
 +
  -->
 +
  <!--APR library loader. Documentation at /docs/apr.html -->
 +
  <Listener className="org.apache.catalina.core.AprLifecycleListener" SSLEngine="on" />
 +
  <!-- Prevent memory leaks due to use of particular java/javax APIs-->
 +
  <Listener className="org.apache.catalina.core.JreMemoryLeakPreventionListener" />
 +
  <Listener className="org.apache.catalina.mbeans.GlobalResourcesLifecycleListener" />
 +
  <Listener className="org.apache.catalina.core.ThreadLocalLeakPreventionListener" />
 +
 +
  <!-- Global JNDI resources
 +
      Documentation at /docs/jndi-resources-howto.html
 +
  -->
 +
  <GlobalNamingResources>
 +
    <!-- Editable user database that can also be used by
 +
        UserDatabaseRealm to authenticate users
 +
    -->
 +
    <Resource name="UserDatabase" auth="Container"
 +
              type="org.apache.catalina.UserDatabase"
 +
              description="User database that can be updated and saved"
 +
              factory="org.apache.catalina.users.MemoryUserDatabaseFactory"
 +
              pathname="conf/tomcat-users.xml" />
 +
  </GlobalNamingResources>
 +
 +
  <!-- A "Service" is a collection of one or more "Connectors" that share
 +
      a single "Container" Note:  A "Service" is not itself a "Container",
 +
      so you may not define subcomponents such as "Valves" at this level.
 +
      Documentation at /docs/config/service.html
 +
  -->
 +
  <Service name="Catalina">
 +
 +
    <!--The connectors can use a shared executor, you can define one or more named thread pools-->
 +
    <!--
 +
    <Executor name="tomcatThreadPool" namePrefix="catalina-exec-"
 +
        maxThreads="150" minSpareThreads="4"/>
 +
    -->
 +
 +
 +
    <!-- A "Connector" represents an endpoint by which requests are received
 +
        and responses are returned. Documentation at :
 +
        Java HTTP Connector: /docs/config/http.html (blocking & non-blocking)
 +
        Java AJP  Connector: /docs/config/ajp.html
 +
        APR (HTTP/AJP) Connector: /docs/apr.html
 +
        Define a non-SSL/TLS HTTP/1.1 Connector on port 8080
 +
    -->
 +
    <Connector port="8080" protocol="HTTP/1.1"
 +
              connectionTimeout="20000"
 +
              redirectPort="8443" />
 +
    <!-- A "Connector" using the shared thread pool-->
 +
    <!--
 +
    <Connector executor="tomcatThreadPool"
 +
              port="8080" protocol="HTTP/1.1"
 +
              connectionTimeout="20000"
 +
              redirectPort="8443" />
 +
    -->
 +
    <!-- Define a SSL/TLS HTTP/1.1 Connector on port 8443
 +
        This connector uses the NIO implementation that requires the JSSE
 +
        style configuration. When using the APR/native implementation, the
 +
        OpenSSL style configuration is required as described in the APR/native
 +
        documentation -->
 +
    <!--
 +
    <Connector port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol"
 +
              maxThreads="150" SSLEnabled="true" scheme="https" secure="true"
 +
              clientAuth="false" sslProtocol="TLS" />
 +
    -->
 +
 +
    <!-- Define an AJP 1.3 Connector on port 8009 -->
 +
    <Connector port="8009" protocol="AJP/1.3" redirectPort="8443" />
 +
 +
 +
    <!-- An Engine represents the entry point (within Catalina) that processes
 +
        every request.  The Engine implementation for Tomcat stand alone
 +
        analyzes the HTTP headers included with the request, and passes them
 +
        on to the appropriate Host (virtual host).
 +
        Documentation at /docs/config/engine.html -->
 +
 +
    <!-- You should set jvmRoute to support load-balancing via AJP ie :
 +
    <Engine name="Catalina" defaultHost="localhost" jvmRoute="jvm1">
 +
    -->
 +
    <Engine name="Catalina" defaultHost="localhost">
 +
 +
      <!--For clustering, please take a look at documentation at:
 +
          /docs/cluster-howto.html  (simple how to)
 +
          /docs/config/cluster.html (reference documentation) -->
 +
      <!--
 +
      <Cluster className="org.apache.catalina.ha.tcp.SimpleTcpCluster"/>
 +
      -->
 +
 +
      <!-- Use the LockOutRealm to prevent attempts to guess user passwords
 +
          via a brute-force attack -->
 +
      <Realm className="org.apache.catalina.realm.LockOutRealm">
 +
        <!-- This Realm uses the UserDatabase configured in the global JNDI
 +
            resources under the key "UserDatabase".  Any edits
 +
            that are performed against this UserDatabase are immediately
 +
            available for use by the Realm.  -->
 +
        <Realm className="org.apache.catalina.realm.UserDatabaseRealm"
 +
              resourceName="UserDatabase"/>
 +
      </Realm>
 +
 +
      <Host name="localhost"  appBase="webapps"
 +
            unpackWARs="true" autoDeploy="true">
 +
 +
        <!-- SingleSignOn valve, share authentication between web applications
 +
            Documentation at: /docs/config/valve.html -->
 +
        <!--
 +
        <Valve className="org.apache.catalina.authenticator.SingleSignOn" />
 +
        -->
 +
 +
        <!-- Access log processes all example.
 +
            Documentation at: /docs/config/valve.html
 +
            Note: The pattern used is equivalent to using pattern="common" -->
 +
        <Valve className="org.apache.catalina.valves.AccessLogValve" directory="logs"
 +
              prefix="localhost_access_log" suffix=".txt"
 +
              pattern="%h %l %u %t &quot;%r&quot; %s %b" />
 +
 +
      </Host>
 +
    </Engine>
 +
  </Service>
 +
</Server>
 +
 +
 +
 +
 +
</pre>
 +
 +
 
[https://my.oschina.net/braveCS/blog/1504783 很值得参考 更新也有意思docker&k8s部署tomcat记录]
 
[https://my.oschina.net/braveCS/blog/1504783 很值得参考 更新也有意思docker&k8s部署tomcat记录]
  
第80行: 第283行:
 
6156c685fb3369d5d93ab391a75212b14b476959a38eef746871f4890021a53b
 
6156c685fb3369d5d93ab391a75212b14b476959a38eef746871f4890021a53b
 
docker: Error response from daemon: OCI runtime create failed: container_linux.go:345: starting container process caused "exec: \"/data/apps/tomcat/bin/catalina.sh\": stat /data/apps/tomcat/bin/catalina.sh: no such file or directory": unknown.
 
docker: Error response from daemon: OCI runtime create failed: container_linux.go:345: starting container process caused "exec: \"/data/apps/tomcat/bin/catalina.sh\": stat /data/apps/tomcat/bin/catalina.sh: no such file or directory": unknown.
 +
 +
 +
cat index.jsp
 +
java ***********
 +
3
 +
 +
 +
cat server.xml
 +
<?xml version='1.0' encoding='utf-8'?>
 +
<!--
 +
  Licensed to the Apache Software Foundation (ASF) under one or more
 +
  contributor license agreements.  See the NOTICE file distributed with
 +
  this work for additional information regarding copyright ownership.
 +
  The ASF licenses this file to You under the Apache License, Version 2.0
 +
  (the "License"); you may not use this file except in compliance with
 +
  the License.  You may obtain a copy of the License at
 +
 +
      http://www.apache.org/licenses/LICENSE-2.0
 +
 +
  Unless required by applicable law or agreed to in writing, software
 +
  distributed under the License is distributed on an "AS IS" BASIS,
 +
  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 +
  See the License for the specific language governing permissions and
 +
  limitations under the License.
 +
-->
 +
<!-- Note:  A "Server" is not itself a "Container", so you may not
 +
    define subcomponents such as "Valves" at this level.
 +
    Documentation at /docs/config/server.html
 +
-->
 +
<Server port="8005" shutdown="SHUTDOWN">
 +
  <Listener className="org.apache.catalina.startup.VersionLoggerListener" />
 +
  <!-- Security listener. Documentation at /docs/config/listeners.html
 +
  <Listener className="org.apache.catalina.security.SecurityListener" />
 +
  -->
 +
  <!--APR library loader. Documentation at /docs/apr.html -->
 +
  <Listener className="org.apache.catalina.core.AprLifecycleListener" SSLEngine="on" />
 +
  <!-- Prevent memory leaks due to use of particular java/javax APIs-->
 +
  <Listener className="org.apache.catalina.core.JreMemoryLeakPreventionListener" />
 +
  <Listener className="org.apache.catalina.mbeans.GlobalResourcesLifecycleListener" />
 +
  <Listener className="org.apache.catalina.core.ThreadLocalLeakPreventionListener" />
 +
 +
  <!-- Global JNDI resources
 +
      Documentation at /docs/jndi-resources-howto.html
 +
  -->
 +
  <GlobalNamingResources>
 +
    <!-- Editable user database that can also be used by
 +
        UserDatabaseRealm to authenticate users
 +
    -->
 +
    <Resource name="UserDatabase" auth="Container"
 +
              type="org.apache.catalina.UserDatabase"
 +
              description="User database that can be updated and saved"
 +
              factory="org.apache.catalina.users.MemoryUserDatabaseFactory"
 +
              pathname="conf/tomcat-users.xml" />
 +
 +
 +
 +
  
  
第132行: 第392行:
 
                 echo 'Package: *'; \
 
                 echo 'Package: *'; \
 
                 echo 'Pin: release n=stretch*'; \
 
                 echo 'Pin: release n=stretch*'; \
                 echo 'Pin-Priority: -10'; \
+
                 echo 'Pin-Priority:
                echo; \
 
# ... except OpenSSL, which is the reason we're here
 
                echo 'Package: openssl libssl*'; \
 
                echo "Pin: version $OPENSSL_VERSION"; \
 
                echo 'Pin-Priority: 990'; \
 
            } > /etc/apt/preferences.d/stretch-openssl; \
 
        fi; \
 
        apt-get update; \
 
        apt-get install -y --no-install-recommends openssl="$OPENSSL_VERSION"; \
 
        rm -rf /var/lib/apt/lists/*; \
 
    fi
 
 
 
RUN apt-get update && apt-get install -y --no-install-recommends \
 
        libapr1 \
 
    && rm -rf /var/lib/apt/lists/*
 
 
 
# see https://www.apache.org/dist/tomcat/tomcat-$TOMCAT_MAJOR/KEYS
 
# see also "update.sh" (https://github.com/docker-library/tomcat/blob/master/update.sh)
 
ENV GPG_KEYS 05AB33110949707C93A279E3D3EFE6B686867BA6 07E48665A34DCAFAE522E5E6266191C37C037D42 47309207D818FFD8DCD3F83F1931D684307A10A5 541FBE7D8F78B25E055DDEE13C370389288584E7 61B832AC2F1C5A90F0F9B00A1C506407564C17A3 713DA88BE50911535FE716F5208B0AB1D63011C7 79F7026C690BAA50B92CD8B66A3AD3F4F22C4FED 9BA44C2621385CB966EBA586F72C284D731FABEE A27677289986DB50844682F8ACB77FC2E86E29AC A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 DCFD35E0BF8CA7344752DE8B6FB21E8933C60243 F3A04C595DB5B6A5F1ECA43E3B7BBB100D811BBE F7DA48BB64BCB84ECBA7EE6935CD23C10D498E23
 
 
 
ENV TOMCAT_MAJOR 8
 
ENV TOMCAT_VERSION 8.5.32
 
ENV TOMCAT_SHA512 fc010f4643cb9996cad3812594190564d0a30be717f659110211414faf8063c61fad1f18134154084ad3ddfbbbdb352fa6686a28fbb6402d3207d4e0a88fa9ce
 
 
 
ENV TOMCAT_TGZ_URLS \
 
# https://issues.apache.org/jira/browse/INFRA-8753?focusedCommentId=14735394#comment-14735394
 
    https://www.apache.org/dyn/closer.cgi?action=download&filename=tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz \
 
# if the version is outdated, we might have to pull from the dist/archive :/
 
    https://www-us.apache.org/dist/tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz \
 
    https://www.apache.org/dist/tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz \
 
    https://archive.apache.org/dist/tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz
 
 
 
ENV TOMCAT_ASC_URLS \
 
    https://www.apache.org/dyn/closer.cgi?action=download&filename=tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc \
 
# not all the mirrors actually carry the .asc files :'(
 
    https://www-us.apache.org/dist/tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc \
 
    https://www.apache.org/dist/tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc \
 
    https://archive.apache.org/dist/tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc
 
 
 
RUN set -eux; \
 
    \
 
    savedAptMark="$(apt-mark showmanual)"; \
 
    apt-get update; \
 
    \
 
    apt-get install -y --no-install-recommends gnupg dirmngr; \
 
    \
 
    export GNUPGHOME="$(mktemp -d)"; \
 
    for key in $GPG_KEYS; do \
 
        gpg --keyserver ha.pool.sks-keyservers.net --recv-keys "$key"; \
 
    done; \
 
    \
 
    apt-get install -y --no-install-recommends wget ca-certificates; \
 
    \
 
    success=; \
 
    for url in $TOMCAT_TGZ_URLS; do \
 
        if wget -O tomcat.tar.gz "$url"; then \
 
            success=1; \
 
            break; \
 
        fi; \
 
    done; \
 
    [ -n "$success" ]; \
 
    \
 
    echo "$TOMCAT_SHA512 *tomcat.tar.gz" | sha512sum -c -; \
 
    \
 
    success=; \
 
    for url in $TOMCAT_ASC_URLS; do \
 
        if wget -O tomcat.tar.gz.asc "$url"; then \
 
            success=1; \
 
            break; \
 
        fi; \
 
    done; \
 
    [ -n "$success" ]; \
 
    \
 
    gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz; \
 
    tar -xvf tomcat.tar.gz --strip-components=1; \
 
    rm bin/*.bat; \
 
    rm tomcat.tar.gz*; \
 
    rm -rf "$GNUPGHOME"; \
 
    \
 
    nativeBuildDir="$(mktemp -d)"; \
 
    tar -xvf bin/tomcat-native.tar.gz -C "$nativeBuildDir" --strip-components=1; \
 
    apt-get install -y --no-install-recommends \
 
        dpkg-dev \
 
        gcc \
 
        libapr1-dev \
 
        libssl-dev \
 
        make \
 
        "openjdk-${JAVA_VERSION%%[.~bu-]*}-jdk=$JAVA_DEBIAN_VERSION" \
 
    ; \
 
    ( \
 
        export CATALINA_HOME="$PWD"; \
 
        cd "$nativeBuildDir/native"; \
 
        gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \
 
        ./configure \
 
            --build="$gnuArch" \
 
            --libdir="$TOMCAT_NATIVE_LIBDIR" \
 
            --prefix="$CATALINA_HOME" \
 
            --with-apr="$(which apr-1-config)" \
 
            --with-java-home="$(docker-java-home)" \
 
            --with-ssl=yes; \
 
        make -j "$(nproc)"; \
 
        make install; \
 
    ); \
 
    rm -rf "$nativeBuildDir"; \
 
    rm bin/tomcat-native.tar.gz; \
 
    \
 
# reset apt-mark's "manual" list so that "purge --auto-remove" will remove all build dependencies
 
    apt-mark auto '.*' > /dev/null; \
 
    [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark; \
 
    apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \
 
    rm -rf /var/lib/apt/lists/*; \
 
    \
 
# sh removes env vars it doesn't support (ones with periods)
 
# https://github.com/docker-library/tomcat/issues/77
 
    find ./bin/ -name '*.sh' -exec sed -ri 's|^#!/bin/sh$|#!/usr/bin/env bash|' '{}' +
 
 
 
# verify Tomcat Native is working properly
 
RUN set -e \
 
    && nativeLines="$(catalina.sh configtest 2>&1)" \
 
    && nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')" \
 
    && nativeLines="$(echo "$nativeLines" | sort -u)" \
 
    && if ! echo "$nativeLines" | grep 'INFO: Loaded APR based Apache Tomcat Native library' >&2; then \
 
        echo >&2 "$nativeLines"; \
 
        exit 1; \
 
    fi
 
 
 
EXPOSE 8080
 
CMD ["catalina.sh", "run"]
 
 
 
 
 
</pre>
 
  
 
=更新=
 
=更新=

2019年7月10日 (三) 13:47的版本

docker tomcat

on debian

目录


tomcat]# tree .
.
|-- apache-tomcat-8.5.42.tar.gz
|-- docker-compose.yml
|-- Dockerfile
|-- index.jsp
|-- jdk-8u211-linux-x64.tar.gz
|-- server.xml
|-- webapps
|   `-- ROOT
|       `-- index.jsp
`-- web.xml


dockerfile


cat Dockerfile 
FROM debian:stretch-slim
# 指定管理员
MAINTAINER  linuxsa.org
# 解压jdk包到指定目录
ADD jdk-8u211-linux-x64.tar.gz /usr/local
# 安装jdk包到指定目录
ENV JAVA_HOME /usr/local/jdk1.8.0_211
# 解压tomcat包到指定目录
ADD apache-tomcat-8.5.42.tar.gz /usr/local

#RUN rm -f /usr/local/*.tar.gz            #删除安装包 容器轻量化
RUN rm -rf /usr/local/apache-tomcat-8.5.42/webapps/ROOT/*
RUN rm -rf /usr/local/apache-tomcat-8.5.42/webapps/ROOT/index.jsp
# 将本地配置文件复制到镜像内
#
#COPY server.xml /usr/local/apache-tomcat-8.5.42/conf
#COPY webapps /usr/local/apache-tomcat-8.5.42/
ADD  index.jsp  /usr/local/apache-tomcat-8.5.42/webapps/ROOT/
COPY  index.jsp  /usr/local/apache-tomcat-8.5.42/webapps/ROOT/
#/usr/local/apache-tomcat-8.5.42/webapps/ROOT
#RUN rm -rf /usr/local/apache-tomcat-8.5.42/webapps/ROOT/*
# 指定服务暴露端口
EXPOSE 8080
# 启动tomcat服务
ENTRYPOINT ["/usr/local/apache-tomcat-8.5.42/bin/catalina.sh", "run"]

server.xml


<?xml version='1.0' encoding='utf-8'?>
<!--
  Licensed to the Apache Software Foundation (ASF) under one or more
  contributor license agreements.  See the NOTICE file distributed with
  this work for additional information regarding copyright ownership.
  The ASF licenses this file to You under the Apache License, Version 2.0
  (the "License"); you may not use this file except in compliance with
  the License.  You may obtain a copy of the License at

      http://www.apache.org/licenses/LICENSE-2.0

  Unless required by applicable law or agreed to in writing, software
  distributed under the License is distributed on an "AS IS" BASIS,
  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  See the License for the specific language governing permissions and
  limitations under the License.
-->
<!-- Note:  A "Server" is not itself a "Container", so you may not
     define subcomponents such as "Valves" at this level.
     Documentation at /docs/config/server.html
 -->
<Server port="8005" shutdown="SHUTDOWN">
  <Listener className="org.apache.catalina.startup.VersionLoggerListener" />
  <!-- Security listener. Documentation at /docs/config/listeners.html
  <Listener className="org.apache.catalina.security.SecurityListener" />
  -->
  <!--APR library loader. Documentation at /docs/apr.html -->
  <Listener className="org.apache.catalina.core.AprLifecycleListener" SSLEngine="on" />
  <!-- Prevent memory leaks due to use of particular java/javax APIs-->
  <Listener className="org.apache.catalina.core.JreMemoryLeakPreventionListener" />
  <Listener className="org.apache.catalina.mbeans.GlobalResourcesLifecycleListener" />
  <Listener className="org.apache.catalina.core.ThreadLocalLeakPreventionListener" />

  <!-- Global JNDI resources
       Documentation at /docs/jndi-resources-howto.html
  -->
  <GlobalNamingResources>
    <!-- Editable user database that can also be used by
         UserDatabaseRealm to authenticate users
    -->
    <Resource name="UserDatabase" auth="Container"
              type="org.apache.catalina.UserDatabase"
              description="User database that can be updated and saved"
              factory="org.apache.catalina.users.MemoryUserDatabaseFactory"
              pathname="conf/tomcat-users.xml" />
  </GlobalNamingResources>

  <!-- A "Service" is a collection of one or more "Connectors" that share
       a single "Container" Note:  A "Service" is not itself a "Container",
       so you may not define subcomponents such as "Valves" at this level.
       Documentation at /docs/config/service.html
   -->
  <Service name="Catalina">

    <!--The connectors can use a shared executor, you can define one or more named thread pools-->
    <!--
    <Executor name="tomcatThreadPool" namePrefix="catalina-exec-"
        maxThreads="150" minSpareThreads="4"/>
    -->


    <!-- A "Connector" represents an endpoint by which requests are received
         and responses are returned. Documentation at :
         Java HTTP Connector: /docs/config/http.html (blocking & non-blocking)
         Java AJP  Connector: /docs/config/ajp.html
         APR (HTTP/AJP) Connector: /docs/apr.html
         Define a non-SSL/TLS HTTP/1.1 Connector on port 8080
    -->
    <Connector port="8080" protocol="HTTP/1.1"
               connectionTimeout="20000"
               redirectPort="8443" />
    <!-- A "Connector" using the shared thread pool-->
    <!--
    <Connector executor="tomcatThreadPool"
               port="8080" protocol="HTTP/1.1"
               connectionTimeout="20000"
               redirectPort="8443" />
    -->
    <!-- Define a SSL/TLS HTTP/1.1 Connector on port 8443
         This connector uses the NIO implementation that requires the JSSE
         style configuration. When using the APR/native implementation, the
         OpenSSL style configuration is required as described in the APR/native
         documentation -->
    <!--
    <Connector port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol"
               maxThreads="150" SSLEnabled="true" scheme="https" secure="true"
               clientAuth="false" sslProtocol="TLS" />
    -->

    <!-- Define an AJP 1.3 Connector on port 8009 -->
    <Connector port="8009" protocol="AJP/1.3" redirectPort="8443" />


    <!-- An Engine represents the entry point (within Catalina) that processes
         every request.  The Engine implementation for Tomcat stand alone
         analyzes the HTTP headers included with the request, and passes them
         on to the appropriate Host (virtual host).
         Documentation at /docs/config/engine.html -->

    <!-- You should set jvmRoute to support load-balancing via AJP ie :
    <Engine name="Catalina" defaultHost="localhost" jvmRoute="jvm1">
    -->
    <Engine name="Catalina" defaultHost="localhost">

      <!--For clustering, please take a look at documentation at:
          /docs/cluster-howto.html  (simple how to)
          /docs/config/cluster.html (reference documentation) -->
      <!--
      <Cluster className="org.apache.catalina.ha.tcp.SimpleTcpCluster"/>
      -->

      <!-- Use the LockOutRealm to prevent attempts to guess user passwords
           via a brute-force attack -->
      <Realm className="org.apache.catalina.realm.LockOutRealm">
        <!-- This Realm uses the UserDatabase configured in the global JNDI
             resources under the key "UserDatabase".  Any edits
             that are performed against this UserDatabase are immediately
             available for use by the Realm.  -->
        <Realm className="org.apache.catalina.realm.UserDatabaseRealm"
               resourceName="UserDatabase"/>
      </Realm>

      <Host name="localhost"  appBase="webapps"
            unpackWARs="true" autoDeploy="true">

        <!-- SingleSignOn valve, share authentication between web applications
             Documentation at: /docs/config/valve.html -->
        <!--
        <Valve className="org.apache.catalina.authenticator.SingleSignOn" />
        -->

        <!-- Access log processes all example.
             Documentation at: /docs/config/valve.html
             Note: The pattern used is equivalent to using pattern="common" -->
        <Valve className="org.apache.catalina.valves.AccessLogValve" directory="logs"
               prefix="localhost_access_log" suffix=".txt"
               pattern="%h %l %u %t "%r" %s %b" />

      </Host>
    </Engine>
  </Service>
</Server>





很值得参考 更新也有意思docker&k8s部署tomcat记录

docker hub

docker pull  tomcat:8.5

docker exec -it tomcat1 /bin/bash

三、部署应用

部署应用有两种方式:
1、挂载宿主主机上的应用目录

假如我们的应用在目录:/Users/apple/webapp目录下

docker run --privileged=true -v /data/web1:/usr/local/tomcat/webapps/demo -d -p 8080:8080 --name tomcat1 tomcat:8.5

    其中:–privileged=true是授予docker挂载的权限
    /data/web1 宿主主机目录
    /usr/local/tomcat/webapps/demo docker容器tomcat目录
    -p 端口映射
    –name 容器名称


Docker使用Dockerfile创建Centos(tomcat+jdk)镜像


[root@localhost apps]# ls 
 Dockerfile  jdk  jdk-12.0.1_linux-x64_bin.tar.gz   tomcat 


 cat  Dockerfile 
#指定操作的镜像
FROM centos
# 维护者信息
MAINTAINER evan886@gmail.com
 
#执行命令:创建目录
RUN mkdir -p /data/apps/
#将jdk1.8.0_171添加到镜像centos的/usr/local/soft/目录下,并命名为jdk
ADD jdk /data/apps/
#将apache-tomcat-8.5.31添加到镜像centos的/usr/local/soft/目录下,并命名为tomcat
ADD tomcat  /data/apps/
 
#添加环境变量
ENV JAVA_HOME /data/apps/jdk
#ENV CATALINA_HOME /data/apps/tomcat
#ENV PATH $PATH:$JAVA_HOME/bin:$CATALINA_HOME/bin

#tomcat evan
ENV CATALINA_HOME /data/apps/tomcat
ENV PATH $CATALINA_HOME/bin:$PATH
RUN mkdir -p "$CATALINA_HOME"
WORKDIR $CATALINA_HOME
ENV PATH $PATH:$JAVA_HOME/bin:$CATALINA_HOME/bin
#ENV PATH $PATH:$JAVA_HOME/bin:$CATALINA_HOME/bin
# let "Tomcat Native" live somewhere isolated
# ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib
# ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR
 
#暴露8080端口
EXPOSE 8080
 
#启动时运行tomcat
#CMD ["/data/apps/tomcat/bin/catalina.sh","run"]
CMD ["/data/apps/tomcat/catalina.sh","run"]


docker build -t evan886/centos_tomcat:v1  .


docker run -d -p 8080:8080 --name  centos_tomcat evan886/centos_tomcat:v1



ot@k8s-node1:/data/apps# docker run -d -p 8080:8080 --name  centos_tomcat evan886/centos_tomcat:v1
6156c685fb3369d5d93ab391a75212b14b476959a38eef746871f4890021a53b
docker: Error response from daemon: OCI runtime create failed: container_linux.go:345: starting container process caused "exec: \"/data/apps/tomcat/bin/catalina.sh\": stat /data/apps/tomcat/bin/catalina.sh: no such file or directory": unknown.


 cat index.jsp 
java ***********
3 


 cat server.xml 
<?xml version='1.0' encoding='utf-8'?>
<!--
  Licensed to the Apache Software Foundation (ASF) under one or more
  contributor license agreements.  See the NOTICE file distributed with
  this work for additional information regarding copyright ownership.
  The ASF licenses this file to You under the Apache License, Version 2.0
  (the "License"); you may not use this file except in compliance with
  the License.  You may obtain a copy of the License at

      http://www.apache.org/licenses/LICENSE-2.0

  Unless required by applicable law or agreed to in writing, software
  distributed under the License is distributed on an "AS IS" BASIS,
  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  See the License for the specific language governing permissions and
  limitations under the License.
-->
<!-- Note:  A "Server" is not itself a "Container", so you may not
     define subcomponents such as "Valves" at this level.
     Documentation at /docs/config/server.html
 -->
<Server port="8005" shutdown="SHUTDOWN">
  <Listener className="org.apache.catalina.startup.VersionLoggerListener" />
  <!-- Security listener. Documentation at /docs/config/listeners.html
  <Listener className="org.apache.catalina.security.SecurityListener" />
  -->
  <!--APR library loader. Documentation at /docs/apr.html -->
  <Listener className="org.apache.catalina.core.AprLifecycleListener" SSLEngine="on" />
  <!-- Prevent memory leaks due to use of particular java/javax APIs-->
  <Listener className="org.apache.catalina.core.JreMemoryLeakPreventionListener" />
  <Listener className="org.apache.catalina.mbeans.GlobalResourcesLifecycleListener" />
  <Listener className="org.apache.catalina.core.ThreadLocalLeakPreventionListener" />

  <!-- Global JNDI resources
       Documentation at /docs/jndi-resources-howto.html
  -->
  <GlobalNamingResources>
    <!-- Editable user database that can also be used by
         UserDatabaseRealm to authenticate users
    -->
    <Resource name="UserDatabase" auth="Container"
              type="org.apache.catalina.UserDatabase"
              description="User database that can be updated and saved"
              factory="org.apache.catalina.users.MemoryUserDatabaseFactory"
              pathname="conf/tomcat-users.xml" />







Docker使用Dockerfile创建Centos(tomcat+jdk)镜像

Dockerfile 构建


#创建目录tomcat,用于存放后面的相关东西。
mkdir -p ~/tomcat/webapps ~/tomcat/logs ~/tomcat/conf

webapps目录将映射为tomcat容器配置的应用程序目录
logs目录将映射为tomcat容器的日志目录
conf目录里的配置文件将映射为tomcat容器的配置文件

进入创建的tomcat目录,创建Dockerfile

FROM openjdk:8-jre

ENV CATALINA_HOME /usr/local/tomcat
ENV PATH $CATALINA_HOME/bin:$PATH
RUN mkdir -p "$CATALINA_HOME"
WORKDIR $CATALINA_HOME

# let "Tomcat Native" live somewhere isolated
ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib
ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR

# runtime dependencies for Tomcat Native Libraries
# Tomcat Native 1.2+ requires a newer version of OpenSSL than debian:jessie has available
# > checking OpenSSL library version >= 1.0.2...
# > configure: error: Your version of OpenSSL is not compatible with this version of tcnative
# see http://tomcat.10.x6.nabble.com/VOTE-Release-Apache-Tomcat-8-0-32-tp5046007p5046024.html (and following discussion)
# and https://github.com/docker-library/tomcat/pull/31
ENV OPENSSL_VERSION 1.1.0f-3+deb9u2
RUN set -ex; \
    currentVersion="$(dpkg-query --show --showformat '${Version}\n' openssl)"; \
    if dpkg --compare-versions "$currentVersion" '<<' "$OPENSSL_VERSION"; then \
        if ! grep -q stretch /etc/apt/sources.list; then \
# only add stretch if we're not already building from within stretch
            { \
                echo 'deb http://deb.debian.org/debian stretch main'; \
                echo 'deb http://security.debian.org stretch/updates main'; \
                echo 'deb http://deb.debian.org/debian stretch-updates main'; \
            } > /etc/apt/sources.list.d/stretch.list; \
            { \
# add a negative "Pin-Priority" so that we never ever get packages from stretch unless we explicitly request them
                echo 'Package: *'; \
                echo 'Pin: release n=stretch*'; \
                echo 'Pin-Priority:

=更新=
==war包更新到容器 ==
<pre>
docker cp tomcataDemo.war 3cb492a27475 :/usr/local/tomcat/webapps #id

docker cp tomcatDemo.war tomcat1:/usr/local/tomcat/webapps  #name

#启动tomcat 或者重启 docker restart 【容器id】


docker restart    tomcat1

docker run -p 8081:8080 docker.io/tomcat


#cp 到母机
docker cp tomcat1:/usr/local/tomcat/webapps/examples/index.html .


tomcat 欢迎页面在  webapps/ROOT

第二种 写在dockerfile 然后重build 

from docker.io/tomcat:latest #你的 tomcat的镜像
 MAINTAINER XXX@qq.com #作者 
COPY NginxDemo.war /usr/local/tomcat/webapps #放置到tomcat的webapps目录下


volume

see also

很值得参考docker&k8s部署tomcat记录


https://docs.docker.com/samples/library/tomcat/

Docker 安装 Tomcat

Docker部署(三):Apache Tomcat

官方8.5dockerfile

docker容器下运行tomcat、部署应用


Docker部署Tomcat及Web应用


使用Docker运行Java Web应用