Content Comparison

...

Oracle requires that you have accepted the license before you download the tar.gz file.  This can be problematic for wget.  Following is the command to run the download.  Go to the Oracle Java download site, click on the accept license button, select the JDK version for this machine and copy the link. Use the "JDK Server" version if available.  Replace the link below in the following command with the one you have copied:

sudo wget --no-cookies \
--no-check-certificate \
--header "Cookie: oraclelicense=accept-securebackup-cookie" \
"http://download.oracle.com/otn-pub/java/jdk/7u55-b13/jdk-7u55-linux-x64.tar.gz"

For Java 8, check "http://www.oracle.com/technetwork/java/javase/downloads/jdk8-downloads-2133151.html" and select the bundle corresponding to "Linux x64", if using linux 64 bits.

• Once the file has completed downloading untar the java distribution and delete the tar file ( sudo tar zxvf jdk-7u55-linux-x64.tar.gz ).
• If the directory, /opt/java, did not exist create a "current" symlink to the new java directory (e.g. sudo ln -s jdk-7u55-linux-x64 current). If the directory, /opt/java, did exist and the link, current, was already there then you will need to sudo unlink current before linking it again.  NOTE: The reason for symlinking the directory is so any references to the current java installation (e.g. $JAVA_HOME, /etc/profile.d/java.sh...) do not have to be updated.  This simplifies maintenance.
• Remove any previous Java installation from the system. In Centos, get a list of packages:

...

• • Following are some reasonable defaults to run Tomcat under.  They include setting memory constraints, modest increase of PermGen so redeploying applications does not cause OutOfMemoryError PermGen space errors, Java GC and JMX file settings.  We encourage use of JMX because it is a standard we increasingly use for runtime monitoring and configuration and many applications now depend on JMX to run correctly.  Some of the settings will require editing to reflect your environment (e.g. ...jmx.rmi.server.hostname=192.168.1.xxx).
  • The following settings also define paths for "endorsed" lib and bin directories.  If you are unsure what these are for you probably don't need them but they should be configured in case they are needed.
  • If your current $CATALINA_HOME/bin/setenv.sh does not have setenv.sh then you will need to create it - sudo vi $CATALINA_HOME/bin/setenv.sh  This file is read by catalina.sh if it exists.  Copy/save into this file the following lines changing those configuration items that are different for your system (e.g. 192.168.1.xxx).

CATALINA_OPTS="-Xms512m -Xmx1024m \
-XX:NewSize=256m -XX:MaxNewSize=256m \
-XX:+DisableExplicitGC -XX:+UseParallelGC \
-Dcom.sun.management.jmxremote.ssl=false \
-Dcom.sun.management.jmxremote.password.file=$CATALINA_HOME/conf/jmxremote.password \
-Dcom.sun.management.jmxremote.access.file=$CATALINA_HOME/conf/jmxremote.access"

export CATALINA_OPTS
export LD_LIBRARY_PATH=$CATALINA_HOME/endorsed/current/lib:$LD_LIBRARY_PATH
export PATH="$PATH:$CATALINA_HOME/endorsed/current/bin"

For JMX configuration:

CATALINA_OPTS="-Dcom.sun.management.jmxremote \

...

-Djava.rmi.server.hostname=

...

HOSTNAME or IP \

...

-Xms512m -Xmx1024m \

...

-XX:NewSize

...

=256m -XX:

...

MaxNewSize=256m \

...

-XX:+

...

DisableExplicitGC -XX:+

...

UseParallelGC \

...

-Dcom.sun.management.jmxremote.ssl=false \

...

-Dcom.sun.management.jmxremote.password.file=$CATALINA_HOME/conf/jmxremote.password \

...

-Dcom.sun.management.jmxremote.access.file=$CATALINA_HOME/conf/jmxremote.access"

...

export LD_LIBRARY_PATH=$CATALINA_HOME/endorsed/current/lib:$LD_LIBRARY_PATH

export PATH="$PATH:$CATALINA_HOME/endorsed/current/bin"

Tomcat Manager
In order to use the ..../manager/html interface to un/deploy/stop/start applications, GC and in broad terms see what is going on in the Tomcat server (in addition to JMX) you need to configure access to the url.  This is done in the $CATALINA_HOME/conf/tomcat-users.xml file.  The file has instructions and in the Apache documentation there is more elaboration.  A starting point for basic but very insecure configuration can be copied from the above file and modified as needed.
If the server is to host a public IP and it is required that there is access to the Tomcat Manager then it is required that access be limited to the internal VPN.  To do so include the following RemoteValveAddr code to the <Context> </Context> in the applications context.xml located in webapps/manager/META-INF and webapps/host-manager/META-INF. 

...

• • Download log4j v.1.2 or greater. (e.g. wget http://archive.apache.org/dist/logging/log4j/1.2.17/log4j-1.2.17-javadoc.jar ) be sure to check the md5 signature ( http://archive.apache.org/dist/logging/log4j/1.2.17/log4j-1.2.17-javadoc.jar.md5 )
  • Install the log4j jar into $CATALINA_HOME/lib
  • Create a log4j.xml file and put it in $CATALINA_HOME/lib ( sudo vi $CATALINA_HOME/lib/log4j.xml ).
  • Download tomcat-juli.jar from Apache Tomcat Extras (wget http://mirror.reverse.net/pub/apache/tomcat/tomcat-7/v7.0.55/bin/extras/tomcat-juli.jar ) and install it in $CATALINA_HOME/bin where it will replace the existing file of the same name.
  • Download tomcat-juli-adapters.jar from Apache Tomcat Extras (wget http://mirror.reverse.net/pub/apache/tomcat/tomcat-7/v7.0.55/bin/extras/tomcat-juli-adapters.jar ) and install it in $CATALINA_HOME/lib
  • Starting/restarting Tomcat will use log4j for logging.

...