cookbook 'tomcat', '= 1.2.0'
tomcat
(87) Versions
1.2.0
-
-
5.0.21
-
5.0.20
-
5.0.19
-
5.0.18
-
5.0.17
-
5.0.16
-
5.0.15
-
5.0.14
-
5.0.13
-
5.0.12
-
5.0.11
-
5.0.10
-
5.0.9
-
5.0.8
-
5.0.7
-
5.0.6
-
5.0.5
-
5.0.4
-
5.0.3
-
5.0.2
-
5.0.1
-
5.0.0
-
4.2.2
-
4.2.1
-
4.2.0
-
4.1.0
-
4.0.0
-
3.5.0
-
3.4.0
-
3.3.0
-
3.2.2
-
3.2.1
-
3.2.0
-
3.0.0
-
2.5.2
-
2.5.1
-
2.5.0
-
2.4.0
-
2.3.4
-
2.3.3
-
2.3.2
-
2.3.1
-
2.3.0
-
2.2.3
-
2.2.2
-
2.2.1
-
2.2.0
-
2.1.3
-
2.1.2
-
2.1.1
-
2.1.0
-
2.0.5
-
2.0.4
-
2.0.3
-
2.0.2
-
2.0.1
-
2.0.0
-
1.3.0
-
1.2.1
-
1.2.0
-
1.1.0
-
1.0.1
-
1.0.0
-
0.17.3
-
0.17.2
-
0.17.1
-
0.17.0
-
0.16.2
-
0.16.0
-
0.15.12
-
0.15.10
-
0.15.8
-
0.15.6
-
0.15.4
-
0.15.2
-
0.15.0
-
0.14.4
-
0.14.2
-
0.14.0
-
0.13.0
-
0.12.0
-
0.11.0
-
0.10.4
-
0.10.3
-
0.10.2
-
0.10.1
-
0.10.0
Follow233
- 5.0.21
- 5.0.20
- 5.0.19
- 5.0.18
- 5.0.17
- 5.0.16
- 5.0.15
- 5.0.14
- 5.0.13
- 5.0.12
- 5.0.11
- 5.0.10
- 5.0.9
- 5.0.8
- 5.0.7
- 5.0.6
- 5.0.5
- 5.0.4
- 5.0.3
- 5.0.2
- 5.0.1
- 5.0.0
- 4.2.2
- 4.2.1
- 4.2.0
- 4.1.0
- 4.0.0
- 3.5.0
- 3.4.0
- 3.3.0
- 3.2.2
- 3.2.1
- 3.2.0
- 3.0.0
- 2.5.2
- 2.5.1
- 2.5.0
- 2.4.0
- 2.3.4
- 2.3.3
- 2.3.2
- 2.3.1
- 2.3.0
- 2.2.3
- 2.2.2
- 2.2.1
- 2.2.0
- 2.1.3
- 2.1.2
- 2.1.1
- 2.1.0
- 2.0.5
- 2.0.4
- 2.0.3
- 2.0.2
- 2.0.1
- 2.0.0
- 1.3.0
- 1.2.1
- 1.2.0
- 1.1.0
- 1.0.1
- 1.0.0
- 0.17.3
- 0.17.2
- 0.17.1
- 0.17.0
- 0.16.2
- 0.16.0
- 0.15.12
- 0.15.10
- 0.15.8
- 0.15.6
- 0.15.4
- 0.15.2
- 0.15.0
- 0.14.4
- 0.14.2
- 0.14.0
- 0.13.0
- 0.12.0
- 0.11.0
- 0.10.4
- 0.10.3
- 0.10.2
- 0.10.1
- 0.10.0
Installs Apache Tomcat and manages the service
cookbook 'tomcat', '= 1.2.0', :supermarket
knife supermarket install tomcat
knife supermarket download tomcat
tomcat Cookbook
Installs and configures Tomcat, Java servlet engine and webserver version 6 and 7 (8 not yet supported).
Requirements
Platforms
- Debian / Ubuntu derivatives
- RHEL derivatives
- Fedora
Chef
- Chef 12.1+
Cookbooks
- java
- openssl
- yum-epel
- compat_resource
Attributes
-
node['tomcat']['base_version']
- The version of tomcat to install, default6
. -
node['tomcat']['port']
- The network port used by Tomcat's HTTP connector, default8080
. -
node['tomcat']['proxy_port']
- if set, the network port used by Tomcat's Proxy HTTP connector, default nil. -
node['tomcat']['proxy_name']
- if set, the proxy name used by Tomcat's Proxy HTTP connector, default nil. -
node['tomcat']['ssl_port']
- The network port used by Tomcat's SSL HTTP connector, default8443
. -
node['tomcat']['ssl_proxy_port']
- if set, the network port used by Tomcat's Proxy SSL HTTP connector, default nil. -
node['tomcat']['ajp_port']
- The network port used by Tomcat's AJP connector, default8009
. -
node['tomcat']['ajp_redirect_port']
- The network port redirected to by Tomcat's AJP connector, defaultssl_port
. -
node['tomcat']['ajp_listen_ip']
- If set, the network address used by Tomcat's AJP connector, default nil. -
node['tomcat']['shutdown_port']
- The network port used by Tomcat to listen for shutdown requests, default8005
. -
node['tomcat']['catalina_options']
- Extra options to pass to the JVM only during start and run commands, default "". -
node['tomcat']['java_options']
- Extra options to pass to the JVM, default-Xmx128M -Djava.awt.headless=true -XX:+UseConcMarkSweepGC
. -
node['tomcat']['use_security_manager']
- Run Tomcat under the Java Security Manager, defaultfalse
. -
node['tomcat']['loglevel']
- Level for default Tomcat's logs, defaultINFO
. -
node['tomcat']['deploy_manager_apps']
- whether to deploy manager apps, defaulttrue
. -
node['tomcat']['authbind']
- whether to bind tomcat on lower port numbers, defaultno
. -
node['tomcat']['max_threads']
- maximum number of threads in the connector pool. -
node['tomcat']['tomcat_auth']
- -
node['tomcat']['client_auth']
- string Set to true if you want the SSL stack to require a valid certificate chain before accepting a connection, defaultfalse
. -
node['tomcat']['instances']
- A dictionary defining additional tomcat instances to run. -
node['tomcat']['run_base_instance']
- Whether or not to run the "base" tomcat instance, defaulttrue
. -
node['tomcat']['environment']
- Environment variables to be setup when starting Tomcat -
node['tomcat']['user']
- -
node['tomcat']['group']
- -
node['tomcat']['home']
- -
node['tomcat']['base']
- -
node['tomcat']['config_dir']
- -
node['tomcat']['log_dir']
- -
node['tomcat']['tmp_dir']
- -
node['tomcat']['work_dir']
- -
node['tomcat']['context_dir']
- -
node['tomcat']['webapp_dir']
- -
node['tomcat']['lib_dir']
- -
node['tomcat']['endorsed_dir']
- -
node['tomcat']['scheme']
set scheme for tomcat connector default value nil -
node['tomcat']['secure']
to enable secure on or off with false/true default value nil -
node['tomcat']['uriencoding']
configure uriencoding in server.xml default value 'UTF-8'
Attributes for SSL
-
node['tomcat']['ssl_cert_file']
- SSL certificate file -
node['tomcat']['ssl_chain_files']
- SSL CAcert chain files used for generating the SSL certificates -
node['tomcat']['ssl_max_threads']
- maximum number of threads in the ssl connector pool, default150
. -
node['tomcat']['ssl_enabled_protocols']
- SSL enabled protocols. Please use 'TLSv1.2,TLSv1.1,TLSv1' or a smaller subset to mitigate poodle attack issues via SSL. -
node['tomcat']['ciphers']
- SSL enabled ciphers -
node['tomcat']['keystore_file']
- Location of the file where the SSL keystore is located -
node['tomcat']['keystore_password']
- Generated by thesecure_password
method from the openssl cookbook; if you are using Chef Solo, set this attribute on the node -
node['tomcat']['truststore_password']
- Generated by thesecure_password
method from the openssl cookbook; if you are using Chef Solo, set this attribute on the node -
node['tomcat']['truststore_file']
- location of the file where the SSL truststore is located -
node['tomcat']['certificate_dn']
- DN for the certificate -
node['tomcat']['keytool']
- path to keytool, used for generating the certificate, location varies by platform
Prerequisites
Due to the multitude of Java implementations you might want to use, this cookbook does not attempt to address the installation of a JRE/JDK. Please make sure that Java has been configured on the machine prior to the application any resources or recipes shipped in this cookbook.
Usage
Simply include the recipe where you want Tomcat installed.
Due to the ways that some system init scripts call the configuration, you may wish to set the java options to include JAVA_OPTS
. As an example for a java app server role:
name "java-app-server" run_list("recipe[tomcat]") override_attributes( 'tomcat' => { 'java_options' => "${JAVA_OPTS} -Xmx128M -Djava.awt.headless=true" } )
Running Multiple Instances
To run multiple instances of Tomcat, populate the instances
attribute, which is a dictionary of instance name => array of attributes. Most of the same attributes that can be used globally for the tomcat cookbook can also be set per-instance - see resources/instance.rb for details.
If they are not set for a particular instance, the base
, home
, config_dir
, log_dir
, work_dir
, context_dir
, and webapp_dir
attributes are created by modifying the global values to use the instance name. For example, under Tomcat 7, with home
/usr/share/tomcat7, home
for instance "instance1" would be set to /usr/share/tomcat7-instance1. The port attributes - port
, proxy_port
, ssl_port
, ssl_proxy_port
, ajp_port
, and shutdown_port
- are not inherited and must be set per-instance, ajp_redirect_port
is also not inherited but defaults to ssl_port
. The ajp_listen_ip
is also not inherited and must be set per instance, when not set it defaults to listening on all adresses. Other attributes that are not set are inherited unmodified from the global attributes. Each instance must define shutdown_port
, and at least one of port
, ssl_port
or ajp_port
.
If you only want to run specific instances and not the "base" tomcat instances, you can set run_base_instance
to false
.
Here is an example partial role:
... "override_attributes": { "tomcat": { "run_base_instance": false, "instances": { "instance1": { "port": 8081, "shutdown_port": 8006 }, "lookup": { "port": 8082, "shutdown_port": 8007, "java_options": "-Xms1G -Xmx2G" } }, ... } ... }
Managing Tomcat Users
The recipe tomcat::users
included in this cookbook is used for managing Tomcat users. The recipe adds users and roles to the tomcat-users.xml
conf file.
Users are defined by creating a tomcat_users
data bag and placing Encrypted Data Bag Items in that data bag. Each encrypted data bag item requires an 'id', 'password', and a 'roles' field. The data bag key is retrieved from the default location /etc/chef/encrypted_data_bag_secret
.
{ "id": "reset", "password": "supersecret", "roles": [ "manager", "admin" ] }
If you are a Chef Solo user the data bag items are not required to be encrypted and should not be.
Defining Environment Variables
If your Tomcat application requires the usage of environment variables, you can define those into the environment
attribute.
This is a sample on how to set-up some environment variables:
... "override_attributes": { "tomcat": { "environment": [ { "VariableName": "LOCAL_HOME", "VariableValue": "/usr/root" }, { "VariableName": "CONFIG_URL", "VariableValue": "http://127.0.0.1/config" } ] } ... }
Experimental Functionality
This cookbook is currently undergoing a ground up rewrite that will convert it to a pure library cookbook, more appropriate for the multitude of ways that Tomcat can be installed. The existing attribute driven installs and tomcat_instance provider will eventually be deprecated in favor of a provider for installation, service management, and 1 or more providers for configuration.
tomcat_install
tomcat_install installs an instance of the tomcat binary direct from Apache's mirror site. As distro packages are not used we can easily deploy per-instance installations and any version available on the Apache archive site can be installed.
properties
-
version
: The version to install. Default: 8.0.32 -
path
: Full path to the install directory. Default: /opt/tomcat_INSTANCENAME_VERSION -
tarball_base_path
: The base path to the apache mirror containing the tarballs. Default: 'http://archive.apache.org/dist/tomcat/' -
sha1_base_path
: The base path to the apache mirror containing the sha1 file. Default: 'http://archive.apache.org/dist/tomcat/' -
exclude_docs
: Exclude ./webapps/docs from installation. Default true. -
exclude_examples
: Exclude ./webapps/examples from installation. Default true. -
exclude_manager
: Exclude ./webapps/manager from installation. Default: false. -
exclude_host-manager
: Exclude ./webapps/host-manager from installation. Default: false.
example
Install an Tomcat 8.0.32 instance named 'helloworld' to /opt/tomcat_helloworld_8_0_32/ with a symlink at /opt/tomcat_helloworld/
tomcat_install 'helloworld' do version '8.0.32' end
tomcat_service
tomcat_service sets up the installed tomcat instance to run using the appropriate init system (sys-v, upstart, or systemd)
properties
-
path
: Full path to the install directory. Default: /opt/tomcat_INSTANCENAME -
env_vars
: An array of hashes containing the environmental variables for Tomcat's setenv.sh script. Note: If CATALINA_BASE is not passed it will automatically be added as the first item in the array. Default: [ {'CATALINA_BASE' => '/opt/INSTANCE_NAME/'}, {'CATALINA_PID' => '$CATALINA_BASE/bin/tomcat.pid'} ]
actions
start
stop
disable
restart
example
tomcat_service 'helloworld' do action :start env_vars [{CATALINA_PID => '/my/special/path/tomcat.pid'}] end
License & Authors
- Author: Seth Chisamore (schisamo@chef.io)
- Author: Jamie Winsor (jamie@vialstudios.com)
- Author: Phillip Goldenburg (phillip.goldenburg@sailpoint.com)
- Auther: Mariano Cortesi (mariano@zauberlabs.com)
- Author: Brendan O'Donnell (brendan.james.odonnell@gmail.com)
Copyright:: 2010-2015, Chef Software, Inc Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.
Dependent cookbooks
java >= 1.36 |
openssl >= 0.0.0 |
yum-epel >= 0.0.0 |
compat_resource >= 12.7.3 |
Contingent cookbooks
tomcat Cookbook CHANGELOG
This file is used to list changes made in each version of the tomcat cookbook.
v1.2.0 (2016-02-25)
- Added systemd and upstart support to tomcat_service custom resource
- tomcat_install no longer creates a logs dir in /var/logs/ as logging is up to the users
- custom paths no longer throw an error in tomcat_install
- path property in tomcat_install is now renamed install_path to match the tomcat_service provider
- the test cookbook now installs two different instances and includes the java setup the same way a wrapper cookbook would
- ubuntu 15.10 has been removed from the Test Kitchen config since there is no published box for this version yet
- debian 8 is now properly identified as a systemd based system
- inspec tests for the test cookbook updated to pass
- nil default properties have been removed to resolve Chef deprecation warnings
v1.1.0 (2016-02-23)
- Included new experimental tomcat_install and tomcat_service custom resource for pulling down any specified tomcat release from the Apache Org site and managing the service. This allows for running any Tomcat release on any distro (no more packages) and will eventually replace the existing attribute and provider config methods
- Added compat_resource as a cookbook dependency for the new custom resources
- Depend on java cookbook >= 1.36 to allow for OpenJDK 1.8 installs along with many bugfixes
- Test Kitchen now tests the new providers in Travis CI using kitchen-dokken (docker)
- Existing test suites have been removed as that functionality will be deprecated in the near future
- UseConcMarkSweepGC is no longer hard coded in the Tomcat 6 config. Instead this is part of the JAVAOPTS attribute so it can be overwritten
- Added uriencoding to the instance provider. See the readme for details
- Added new attribute for the ajp listen IP. See the readme for details
v1.0.1 (2015-12-01)
- Resolved a missing method error in the instance provider
v1.0.0 (2015-11-30)
- BREAKING: This cookbook now requires Chef 12.1+ due to the use of multipackage installs
- Added support for OpenSUSE
- Added a new attribute ['tomcat']['client_auth'] to enable client auth
- Added new attribute ['tomcat']['ajp_redirect_port'] for specifying a redirect port in server.xml
- Added new attributes: ['tomcat']['proxy_name'], ['tomcat']['secure'], and ['tomcat']['scheme'] to support proxying
- Added new attribute ['tomcat']['ciphers'] to add SSL ciphers to the server.xml
- Added a new attribute ['tomcat']['ssl_enabled_protocols'] to add SSL protocols to the server.xml
- Added new attribute ['tomcat']['uriencoding'] to add uriencoding to server.xml with a default of 'UTF-8'
- Added new attribute ['tomcat']['environment'] to add environmental variables to the sysconfig on RHEL platforms
- Fixed EPEL tomcat when an empty string is provided as the Tomcat version
- Fixed generation of keystore file in the instance provider
- Fixed initialization of a constant twice
- Added back the automatic service restarts on the tomcat.conf changes
- Don't include the JasperListener if less than Tomcat 8
- Removed a hardcoded service name in the users recipe
- Improved requirements section of the readme and added travis / supermarket badges
- Added serverspec tests for Test Kitchen
- Added new source_url and issues_url metadata for supermarket
- Updated the Gemfile with the latest deps
- Updated Berskfile to the 3.X+ format
- Updated contributing, testing, and maintainers docs
- Added the chef standard rubocop config and resolve all warnings
- Updated the Kitchen CI config to work with the latest platforms
- Updated .gitignore and added a chefignore to limit files uploaded to the server
- Added a .foodcritic file to exclude rules
v0.17.3 (2015-02-22)
- Fix package names and directories for Tomcat 7 on RHEL
v0.17.2 (2015-02-18)
- reverting OpenSSL module namespace change
v0.17.1 (2015-02-17)
- updating to use the latest openssl
v0.17.0 (2014-12-11)
- Removed installation of Java
v0.16.2 (2014-08-06)
- #80 - Fix broken server.xml when not using ssl
v0.16.0 (2014-06-11)
- #70 - [COOK-4332] Support running multiple instance
- #73 - Be pedantic on where the data bag secret should be placed.
v0.15.12 (2014-04-23)
- [COOK-3745] - Scientific Linux support for Tomcat
- [COOK-4573] - Oracle Linux support for Tomcat
- [COOK-4574] - genkeypair is not a valid parameter to keytool
- [COOK-4575] - update test harness for Ubuntu 14.04'
v0.15.10 (2014-03-27)
- [COOK-4487] - Use tomcat group in /etc/default template
v0.15.8 (2014-03-19)
- [COOK-4209] - Remove "Host element/XML Validation" in tomcat 7 and above
v0.15.6 (2014-03-12)
- [COOK-4301] - Duplicate truststore settings added to java_options every chef-client run
v0.15.4 (2014-02-18)
Improvement
- COOK-4258 - tomcat: support for Apache mod_jk load balancing with jvmRoute
- COOK-3370 - Don't install the tomcat manager apps package if we're not going to use it
Bug
- COOK-4257 - tomcat: broken on SmartOS SmartMachine images 13.3.0+
- COOK-4097 - default["tomcat"]["keytool"] is set to non-existent file on Debian/Ubuntu
v0.15.2
New Feature
- [COOK-3622] - Add support for Amazon platform to the tomcat cookbook.
Bug
- [COOK-3379] - Only regenerate keystore and restart tomcat when source files change
- [COOK-1599] - Add retry and delay to tomcat service definition
v0.15.0
Improvement
- COOK-3565 - Make server.xml connectors maxThreads params configurable via attributes
New Feature
- COOK-3333 - Add SmartOS support
v0.14.4
Bug
- COOK-3378 - Use keystore in the port 8443 connector
-
COOK-3204 - Fix hard-coded path to
tomcat-users.xml
- COOK-3203 - Support "reload" on Ubuntu 12.04
Improvement
v0.14.2
Bug
- [COOK-3165]: Typo in tomcat attributes/default.rb file for
webapp_dir
attribute on Debian/Ubuntu
v0.14.0
Sub-task
- [COOK-1808]: Add Support for Tomcat 7 (ubuntu 12.04+, debian 7+)
v0.13.0
Improvement
- [COOK-2999]: Attributes are "set" and not "default"
Bug
- [COOK-2421]: Correct name of cookbook in attributes/default.rb
- [COOK-2838]: Fix foodcritic warnings in tomcat cookbook
New Feature
- [COOK-2422]: Support disabling Tomcat auth
- [COOK-2425]: Add SSL connector support
- [COOK-2533]: Ability to set loglevel
- [COOK-2736]: Add CATALINA_OPTS for Tomcat start/run options
v0.12.0
- [COOK-1736] - Add AUTHBIND attribute
v0.11.0
- [COOK-1499] - manage tomcat users
v0.10.4
- [COOK-1110] - remove deprecated (by upstream) jpackage recipe
Foodcritic Metric
1.2.0 failed this metric
FC016: LWRP does not declare a default action: /tmp/cook/a2ab96c05dcc57cc57846631/tomcat/resources/install.rb:1
FC016: LWRP does not declare a default action: /tmp/cook/a2ab96c05dcc57cc57846631/tomcat/resources/service_systemd.rb:1
FC016: LWRP does not declare a default action: /tmp/cook/a2ab96c05dcc57cc57846631/tomcat/resources/service_sysv_init.rb:1
FC016: LWRP does not declare a default action: /tmp/cook/a2ab96c05dcc57cc57846631/tomcat/resources/service_upstart.rb:1
FC023: Prefer conditional attributes: /tmp/cook/a2ab96c05dcc57cc57846631/tomcat/providers/instance.rb:58
FC023: Prefer conditional attributes: /tmp/cook/a2ab96c05dcc57cc57846631/tomcat/providers/instance.rb:279
FC033: Missing template: /tmp/cook/a2ab96c05dcc57cc57846631/tomcat/providers/instance.rb:87
FC033: Missing template: /tmp/cook/a2ab96c05dcc57cc57846631/tomcat/providers/instance.rb:123
FC033: Missing template: /tmp/cook/a2ab96c05dcc57cc57846631/tomcat/providers/instance.rb:141
FC033: Missing template: /tmp/cook/a2ab96c05dcc57cc57846631/tomcat/providers/instance.rb:160
FC033: Missing template: /tmp/cook/a2ab96c05dcc57cc57846631/tomcat/providers/instance.rb:189
FC033: Missing template: /tmp/cook/a2ab96c05dcc57cc57846631/tomcat/providers/instance.rb:218
FC033: Missing template: /tmp/cook/a2ab96c05dcc57cc57846631/tomcat/recipes/users.rb:22
1.2.0 failed this metric
FC016: LWRP does not declare a default action: /tmp/cook/a2ab96c05dcc57cc57846631/tomcat/resources/service_systemd.rb:1
FC016: LWRP does not declare a default action: /tmp/cook/a2ab96c05dcc57cc57846631/tomcat/resources/service_sysv_init.rb:1
FC016: LWRP does not declare a default action: /tmp/cook/a2ab96c05dcc57cc57846631/tomcat/resources/service_upstart.rb:1
FC023: Prefer conditional attributes: /tmp/cook/a2ab96c05dcc57cc57846631/tomcat/providers/instance.rb:58
FC023: Prefer conditional attributes: /tmp/cook/a2ab96c05dcc57cc57846631/tomcat/providers/instance.rb:279
FC033: Missing template: /tmp/cook/a2ab96c05dcc57cc57846631/tomcat/providers/instance.rb:87
FC033: Missing template: /tmp/cook/a2ab96c05dcc57cc57846631/tomcat/providers/instance.rb:123
FC033: Missing template: /tmp/cook/a2ab96c05dcc57cc57846631/tomcat/providers/instance.rb:141
FC033: Missing template: /tmp/cook/a2ab96c05dcc57cc57846631/tomcat/providers/instance.rb:160
FC033: Missing template: /tmp/cook/a2ab96c05dcc57cc57846631/tomcat/providers/instance.rb:189
FC033: Missing template: /tmp/cook/a2ab96c05dcc57cc57846631/tomcat/providers/instance.rb:218
FC033: Missing template: /tmp/cook/a2ab96c05dcc57cc57846631/tomcat/recipes/users.rb:22