December 27, 2009

Apache HTTPD and Tomcat Easy & Fast installation guide

1) Install httpd and httpd_devel using yum.

# yum install httpd**

2) Download the latest tomcat and tomcat connectors

# wget
# wget

3) Compile tomcat connectors

# tar -xvfz
# cd tomcat-connectors-1.2.28-src/native
# ./configure --with-apxs=/usr/sbin/apxs
# make
# su -c 'make install'

4) Configurations

4-1) Add jk module to httpd.conf.
# vi /etc/httpd/conf/httpd.conf

LoadModule jk_module modules/
//JkMount /*.jsp ajp13

<ifmodule jk_module="">
  JkWorkersFile conf/
  JkLogFile logs/mod_jk.log
  JkLogLevel error

4-2) Set an tomcat/jdk home path.
# vi /etc/httpd/conf/


4-3) Edit {$TOMCAT_HOME}/server.xml

    <Host name=""  appbase="/home/test" unpackWARS="true" autoDeploy="true" xmlValidation="false" xmlNamespaceAware="false">
    <Context Path="" docBase="" debug="1" allowLinking="true" reloadable="true"></Context>

5) Changes SELinux policy

If you see something along the lines of:

Sep 15 10:56:57 fc5test kernel: audit(1158314217.408:259): avc:
denied  { name_connect } for  pid=2245 comm="httpd"
dest=8009 scontext=system_u:system_r:httpd_t:s0
tcontext=system_u:object_r:port_t:s0 tclass=tcp_socket

then there is some work to do. Note, the “avc: denied” message references httpd (the Apache daemon) and port 8009 as the destination for a tcp socket connection (this is the Tomcat port from earlier). To allow Apache to perform network connects, you can do the following:

setsebool -P httpd_can_network_connect=1

This will allow Apache to perform network connections and will store this change in the booleans.local file in /etc/selinux/targeted/modules/active so it wil be reloaded at next boot.

No comments:

Post a Comment