Wednesday, October 21, 2009

Integrating Tomcat into Apache over Port 80

Objective: By default, Tomcat runs over port 8080. What if your organization, such as the US Government, likes to block port 8080 on the firewall? You can integrate Tomcat into Apache and run them both on port 80. This task is performed by the mod_jk.so module. When a request for a java page comes in over port 80, Apache will use this module to automatically forward the request to Tomcat. The biggest caveat to this task is the broken functionality of the auto-configurator in Tomcat 6.0  

OS: CentOS 5.3
Apache Version: 2.2
Tomcat Version: 6.0.20 

Prerequisites: Both Apache and Tomcat have been installed and are running properly. You can access the test page for both services over 80 and 8080 respectfully.
Mod_Jk.so: This is the module that will ultimately be the connection point between Apache and Tomcat. This can be obtained from: http://tomcat.apache.org/download-connectors.cgi It is suggested to use the precompiled binary, however the source is worth looking at as it contains a sample workers.properties file which will be created later in this document.
Document Conventions:
${tomcat_home} is the root directory of tomcat. I suggest using at least one symbolic link for your configuration files; this is from experience doing things the hard way.
#ln –s /usr/local/apache-tomcat.6.0.20     tomcat
${apache_home} is the root directory of apache. On CentOS 5.3 the default directory is /etc/httpd which contains symbolic links to (logs) /var/log/httpd, (modules) /usr/lib64/httpd/modules, and (run) /var/run. If your links or directories are different, please keep this in mind as this document cannot will reference these from time to time when necessary.

Instructions:
Place your obtained mod_jk.so module and place it in the preferred httpd/modules folder.
Create a workers.properties file in {$tomcat_home}/conf
It should, at minimum contain these lines:
worker.list=ajp13
worker.ajp13.type=ajp13
worker.ajp13.host=hostname.of.webserver (alias is acceptable, fqdn is recommended)
worker.ajp13.port=8009


Edit {$tomcat_home}/conf/server.xml
Change
To hostname.of.webserver">
Below the above statement add
Change   appBase="webapps"
unpackWARs="true" autoDeploy="true"
xmlValidation="false" xmlNamespaceAware="false">
To   appBase="webapps"
unpackWARs="true" autoDeploy="true"
xmlValidation="false" xmlNamespaceAware="false">

Create a mod_jk.conf file.
NOTE: Apache Tomcat documentation will reference a directory called {$tomcat_home}/conf/jk. This directory may not exist by default and the auto configuration file that is described does not get placed in this folder.
NOTE: There are two methods to create/modify your mod_jk.conf file – from a template or from scratch. It has been documented that the auto-configuration template option will be phased out in 7.0 and is currently pretty broken.

Method 1 – Auto-Configuration:
Make sure Tomcat is not running.
#cd {$tomcat_home}/bin/shutdown
#./shutdown.sh
Start Tomcat with the jkconf switch.
#./startup.sh –jkconf
Your newly created mod_jk.conf file will appear in {$tomcat_home}/conf/auto/
NOTE: Even after shutting down and restarting Tomcat without the jkconf switch, Tomcat may overwrite the mod_jk.conf file in the {$tomcat_home}/conf/auto/ directory. It is recommended that you move this file to {$tomcat_home}/conf/jk/
NOTE: It is possible that your mod_jk.conf file will work out of the box, however if you are not getting expected results, refer to method 2 and make any changes applicable.

Method 2 – Manual Configuration:
NOTE: The code below is based on the auto-configuration method. The comment lines are there to show what was changed to make this installation work properly. The virtualhost tags are only necessary if you have more than webhost/webserver on the same machine. If you receive this error in your logs when starting httpd, “JkWorkersFile cannot occur within section” either comment out the tags or move the JkWorkersFile line, both shown below.
Create a file called mod_jk.conf in /{$tomcat_home}/conf/jk/ with these lines:
LoadModule jk_module "/etc/httpd/modules/mod_jk.so"
JkWorkersFile /usr/local/tomcat/conf/workers.properties
JkLogLevel info
#JkOptions +ForwardDirectories
#hostname.of.webserver>
#ServerName hostname.of.webserver
JkMount /manager ajp13
JkMount /manager/* ajp13
JkMount /docs ajp13
JkMount /docs/* ajp13
JkMount /examples ajp13
JkMount /examples/* ajp13
JkMount /host-manager ajp13
JkMount /host-manager/* ajp13
#

NOTE: JkMount tells Apache which directories/files to redirect to Tomcat if those pages are requested. Add accordingly.

Editing httpd.conf
Open up your httpd.conf file (located in: /etc/httpd/conf)
Add Include {$tomcat_home}/conf/auto/mod_jk.conf
Because mod_jk.conf calls mod_jk.so make sure this line is not in effect:
LoadModule jk_module "/etc/httpd/modules/mod_jk.so"

Start/Restart Tomcat
Start/Restart Apache
If you are able to navigate to http://hostname.of.webserver/manager/html (the Tomcat manager webpage) then you have successfully integrated Tomcat into Apache.


No comments:

Post a Comment

Post a Comment