December 27, 2009

Apache HTTPD and Tomcat Easy & Fast installation guide

1) Install httpd and httpd_devel using yum.

# yum install httpd**

2) Download the latest tomcat and tomcat connectors

# wget http://mirror.khlug.org/apache/tomcat/tomcat-6/v6.0.20/bin/apache-tomcat-6.0.20.tar.gz
# wget http://www.apache.org/dist/tomcat/tomcat-connectors/jk/source/jk-1.2.28/tomcat-connectors-1.2.28-src.tar.gz

3) Compile tomcat connectors

# tar -xvfz http://www.apache.org/dist/tomcat/tomcat-connectors/jk/source/jk-1.2.28/tomcat-connectors-1.2.28-src.tar.gz
# cd tomcat-connectors-1.2.28-src/native
# ./configure --with-apxs=/usr/sbin/apxs
# make
# su -c 'make install'

4) Configurations

4-1) Add jk module to httpd.conf.
# vi /etc/httpd/conf/httpd.conf

LoadModule jk_module modules/mod_jk.so
//JkMount /*.jsp ajp13

<ifmodule jk_module="">
  JkWorkersFile conf/workers.properties
  JkLogFile logs/mod_jk.log
  JkLogLevel error
</ifmodule>

4-2) Set an tomcat/jdk home path.
# vi /etc/httpd/conf/workers.properties

workers.tomcat_home=/usr/local/src/tomcat6
workers.java_home=/usr/java/jdk_1.6.0.17

4-3) Edit {$TOMCAT_HOME}/server.xml

...
    <Host name="centos.com"  appbase="/home/test" unpackWARS="true" autoDeploy="true" xmlValidation="false" xmlNamespaceAware="false">
    <Context Path="" docBase="" debug="1" allowLinking="true" reloadable="true"></Context>
...

5) Changes SELinux policy

If you see something along the lines of:

Sep 15 10:56:57 fc5test kernel: audit(1158314217.408:259): avc:
denied  { name_connect } for  pid=2245 comm="httpd"
dest=8009 scontext=system_u:system_r:httpd_t:s0
tcontext=system_u:object_r:port_t:s0 tclass=tcp_socket

then there is some work to do. Note, the “avc: denied” message references httpd (the Apache daemon) and port 8009 as the destination for a tcp socket connection (this is the Tomcat port from earlier). To allow Apache to perform network connects, you can do the following:

setsebool -P httpd_can_network_connect=1

This will allow Apache to perform network connections and will store this change in the booleans.local file in /etc/selinux/targeted/modules/active so it wil be reloaded at next boot.

No comments:

Post a Comment