Info |
---|
Unix/ Linux installation: these instructions guide you to setting up tomcat to run as a service under the classic init mechanism on unix/ linux (System V) since this will be available on all platforms, but you should consider using Upstart, a more modern init mechanism that will be available on most modern unix/ linux distributions. Installation using upstart is widely covered on the web. Further, at some versions of tomcat, on certain unix/ linux versions, a complete tomcat installation can be performed using a few simple package commands. Before you begin, a web search for tomcat installation at the desired version of tomcat, on the installed version of your unix/ linux distribution, may give you a much simpler installation method. However you install tomcat, please note the settings that are needed under configuring tomcat |
Download
The System Administrator should have set up a linked directory structure like [c:]/opt/tomcat. The details of this may differ between installations so from this point on, the “root” Tomcat tomcat directory will be referred to as $TOMCAT.
Download the appropriate Tomcat 8.0 from tomcat.apache.org and unpack (unzip/uncompress) into the $TOMCAT.
Install
Some instructions are given here for installing tomcat, and making it run as a service. You should ensure that any installation meets with your company standards.
Installing on windows
Run the tomcat installation program.
Installing on
...
unix/
...
linux
...
Install the login scripts
...
Install the in tomcat login scripts in Appendix A into the tomcat user home directory. These scripts are correct as of Tomcat 8.0 but the PhixFlow consultant you should confirm that no changes are needed because of environment differences or because of different version versions of Tomcattomcat.
Installing on Windows
...
Anchor | ||||
---|---|---|---|---|
|
server.xml: Port Specification
Modify $TOMCAT/conf/server.xml to specify the port that PhixFlow will use (usually 8081). Find the following lines and change as needed:
Code Block | ||
---|---|---|
| ||
<!-- Define a non-SSL HTTP/1.1 Connector on port 8080 --> |
...
<Connector
<Connector port="8081" |
...
maxHttpHeaderSize="8192" |
...
... |
Remember to enable this port in the server’s firewall (if enabled).
...
Modify $TOMCAT/conf/web.xml to change the Tomcat session timeout period from its default value (30 mins). Find the following lines and change as needed:
Code Block | ||
---|---|---|
| ||
<session-config> |
...
<session- |
...
timeout>1440</session-timeout> |
...
</session-config> |
Update <session-timeout> to the value you need, e.g. to 1440 (minutes i.e. 1 day).
...
Option | Recommended Setting | Syntax | ||
Initial Memory Pool | 1024Mb on 32bit architecture. 40% of physical memory on x64 architecture. Consult your sys admin for recommended settings on virtual servers. | -Xms1024m | ||
Max Memory Pool | As much as possible. 1024Mb on 32bit architecture. 75% of physical memory on x64 architecture. Consult your sys admin for recommended settings on virtual servers. | -Xmx1024mMax PermGen Memory Pool | 150Mb on 32bit. 1024Mb on x64. | -XX:MaxPermSize=150m |
Garbage Collector Diagnostics | Enabled | -verbose:gc |
...
To set JVM options:
Windows |
| ||||
Unix/Linux | If you have installed the scripts in tomcat login scripts, these option will already be set however for clarity, these options are defined in the JAVA_OPTS environment variable set in the tomcat user’s shell startup file (e.g. .profile / .bash_profile / .cshrc in the user’s home directory – the actual startup file is determined by the user’s default shell settings).
|
Database JDBC Drivers
The drivers needed to connect to PhixFlow’s own database are now included in the release and do not have to be downloaded separately.
...
For information on using SQLServer with Integrated Authentication, see Appendix B SQLServer Integrated Authentication.
Start Tomcat
To start Tomcat:
Windows | Run the Tomcat Monitor. Click on Right mouse menu -> Start Service | ||||||
Unix | Login to the unix server as user tomcat.
|
To make Tomcat start automatically when the server boots:
Make tomcat run as a service
Windows
- Run the Tomcat Monitor.
- Right click on the Apache Tomcat icon in the system tray and select Configure …
- On the ‘General’ tab:
- Set Startup Type to Automatic.
Unix/ Linux
As the root user, install the
...
tomcat script listed in
...
in tomcat service scripts and create a softlink to it from the appropriate run-level directory. The actual run-level directories are specific to the particular unix variant.
...
You may wish to install tomcat to support secure connections over SSL.
This is described in the standard tomcat documentation - for example https://tomcat.apache.org/tomcat-8.0-doc/ssl-howto.html - but some notes are given here to get you started.
Obtain a certificate
If access to PhixFlow is only intended for people in your organisation, you may wish to create a self-signed certificate. This still provides a secure connection, but this will generate security warnings when users first connect, and they will not see a padlock in the address bar of their browser. If this is not acceptable to your users or by your company policy, or if you are going to provide access to people outside your organisation, you should obtain your certificate from a certificate authority.
Both approaches are well documented on the web. For example:
Generate a self-signed certificate on ubuntu: https://help.ubuntu.com/14.04/serverguide/certificates-and-security.html.
From the website of a certificate authority: a list of these is given on https://en.wikipedia.org/wiki/Certificate_authority.
Install certificate
The rest of these instructions assume that:
- you have a certificate file and private key - either a self-signed certificate you have generated, or obtained from a certificate authority
- the private key password, if you specified one
- if you obtained your certificate from a certificate authority, any intermediate certificates representing the chain of authenticating certificates up to a root certificate; your certificate authority should provide instructions for obtaining these
Linux
- Copy the private key to /etc/ssl/private, e.g.
Code Block |
---|
sudo cp server.crt /etc/ssl/certs |
- Copy the certificate to /etc/ssl/certs
Code Block |
---|
sudo cp server.key /etc/ssl/private |
Windows