CentOS7看這里 https://www.howtoforge.com/tutorial/how-to-install-tomcat-on-centos/

安裝nginx

第一步 - 安裝EPEL
EPEL代表企業(yè)Linux的額外包。因為yum作為軟件包管理器不在其默認存儲庫中包括nginx的最新版本，安裝EPEL將確保CentOS上的nginx保持最新泳桦。

要安裝EPEL盗迟，請打開終端并輸入：

sudo yum install epel-release

第二步 - 安裝nginx

要安裝nginx，打開終端并輸入：

sudo yum install nginx

這樣就安裝好了惭蹂。用下面這些命令啟動（停止|查看狀態(tài)）Nginx
安裝路徑在/etc/nginx

啟動
service nginx start
停止
service nginx stop
查看狀態(tài)
service nginx status

啟動后在瀏覽器輸入
http://server_ip 就能看到nginx 的歡迎頁面了

Nginx

chkconfig nginx on

打開防火墻
firewall-cmd --zone=public --add-port=80/tcp --permanent 
重啟防火墻
systemctl restart  firewalld.service

安裝Tomcat 8

先安裝JDK

去官網(wǎng)找到最新的JDK下載地址伞插，把下面對應(yīng)的地址替換掉。

wget --no-cookies --no-check-certificate --header "Cookie: gpw_e24=http%3A%2F%2Fwww.oracle.com%2F; oraclelicense=accept-securebackup-cookie" "http://download.oracle.com/otn-pub/java/jdk/8u161-b12/2f38c3b165be4555a1fa6e98c45e0808/jdk-8u161-linux-x64.rpm"

rpm -ivh jdk-8u161-linux-x64.rpm

裝好了盾碗，驗證一下

java -version

應(yīng)該能看到如下信息

java version "1.8.0_161"
Java(TM) SE Runtime Environment (build 1.8.0_161-b12)
Java HotSpot(TM) 64-Bit Server VM (build 25.161-b12, mixed mode)

安裝Tomcat 8

First

create a new tomcat group:

sudo groupadd tomcat

Next

create a new tomcat user. We'll make this user a member of the tomcat group, with a home directory of /opt/tomcat (where we will install Tomcat), and with a shell of /bin/false (so nobody can log into the account):

sudo useradd -s /bin/false -g tomcat -d /opt/tomcat tomcat

Now that our tomcat user is set up, let's download and install Tomcat.

Step 3:

The best way to install Tomcat 8 is to download the latest binary release then configure it manually.

Find the latest version of Tomcat 8 at the Tomcat 8 Downloads page. At the time of writing, the latest version is 8.5.5, but you should use a later stable version if it is available. Under the Binary Distributionssection, then under the Core list, copy the link to the "tar.gz".

Next, change to the /tmp directory on your server. This is a good directory to download ephemeral items, like the Tomcat tarball, which we won't need after extracting the Tomcat contents:

cd /tmp

Use curl to download the link that you copied from the Tomcat website:

curl -O http://apache.mirrors.ionfish.org/tomcat/tomcat-8/v8.5.5/bin/apache-tomcat-8.5.5.tar.gz

用wget也行媚污，現(xiàn)在最新是8.5.28
wget http://mirrors.hust.edu.cn/apache/tomcat/tomcat-8/v8.5.28/bin/apache-tomcat-8.5.28.tar.gz

We will install Tomcat to the /opt/tomcat directory. Create the directory, then extract the archive to it with these commands:

sudo mkdir /opt/tomcat
sudo tar xzvf apache-tomcat-8*tar.gz -C /opt/tomcat --strip-components=1

Next, we can set up the proper user permissions for our installation.

Step 4: Update Permissions

The tomcat user that we set up needs to have access to the Tomcat installation. We'll set that up now.

Change to the directory where we unpacked the Tomcat installation:

cd /opt/tomcat

Give the tomcat group ownership over the entire installation directory:

sudo chgrp -R tomcat /opt/tomcat

Next, give the tomcat group read access to the conf directory and all of its contents, and execute access to the directory itself:

sudo chmod -R g+r conf
sudo chmod g+x conf

Make the tomcat user the owner of the webapps, work, temp, and logs directories:

sudo chown -R tomcat webapps/ work/ temp/ logs/

Now that the proper permissions are set up, we can create a systemd service file to manage the Tomcat process.

Step 5: Create a systemd Service File

We want to be able to run Tomcat as a service, so we will set up systemd service file.

Tomcat needs to know where Java is installed. This path is commonly referred to as "JAVA_HOME". The easiest way to look up that location is by running this command:

Your JAVA_HOME may be different.

With this piece of information, we can create the systemd service file. Open a file called tomcat in the /etc/init.d/ directory by typing:

sudo nano /etc/init.d/tomcat

Paste the following contents into your service file. Modify the value of JAVA_HOME if necessary to match the value you found on your system. You may also want to modify the memory allocation settings that are specified in CATALINA_OPTS:

注意 腳本中的JAVA_HOME，TOMCAT_HOME廷雅，TOMCAT_USER,CATALINA_OPTS根據(jù)自己電腦自行修改耗美，XX:MaxPermSize 參數(shù)根據(jù)內(nèi)存大小自己調(diào)整。

#!/bin/bash
#
# tomcat
#
# chkconfig: - 80 20
#
### BEGIN INIT INFO
# Provides: tomcat8
# Required-Start: $network $syslog
# Required-Stop: $network $syslog
# Default-Start:
# Default-Stop:
# Description: Tomcat 8
# Short-Description: start and stop tomcat
### END INIT INFO

## Source function library.
#. /etc/rc.d/init.d/functions
export JAVA_HOME=/usr/java/jdk1.8.0_161
export JAVA_OPTS="-Dfile.encoding=UTF-8 \
  -Dnet.sf.ehcache.skipUpdateCheck=true \
  -XX:+UseConcMarkSweepGC \
  -XX:+CMSClassUnloadingEnabled \
  -XX:+UseParNewGC \
  -XX:MaxPermSize=128m \
  -Xms256m -Xmx256m"
export PATH=$JAVA_HOME/bin:$PATH
TOMCAT_HOME=/opt/tomcat
TOMCAT_USER=tomcat
SHUTDOWN_WAIT=20

tomcat_pid() {
  echo `ps aux | grep org.apache.catalina.startup.Bootstrap | grep -v grep | awk '{ print $2 }'`
}

start() {
  pid=$(tomcat_pid)
  if [ -n "$pid" ] 
  then
    echo "Tomcat is already running (pid: $pid)"
  else
    # Start tomcat
    echo "Starting tomcat"
    ulimit -n 100000
    umask 007
    /bin/su -p -s /bin/sh $TOMCAT_USER $TOMCAT_HOME/bin/startup.sh
  fi


  return 0
}

stop() {
  pid=$(tomcat_pid)
  if [ -n "$pid" ]
  then
    echo "Stoping Tomcat"
    /bin/su -p -s /bin/sh $TOMCAT_USER $TOMCAT_HOME/bin/shutdown.sh

    let kwait=$SHUTDOWN_WAIT
    count=0;
    until [ `ps -p $pid | grep -c $pid` = '0' ] || [ $count -gt $kwait ]
    do
      echo -n -e "\nwaiting for processes to exit";
      sleep 1
      let count=$count+1;
    done

    if [ $count -gt $kwait ]; then
      echo -n -e "\nkilling processes which didn't stop after $SHUTDOWN_WAIT seconds"
      kill -9 $pid
    fi
  else
    echo "Tomcat is not running"
  fi
 
  return 0
}

case $1 in
start)
  start
;; 
stop)   
  stop
;; 
restart)
  stop
  start
;;
status)
  pid=$(tomcat_pid)
  if [ -n "$pid" ]
  then
    echo "Tomcat is running with pid: $pid"
  else
    echo "Tomcat is not running"
  fi
;; 
esac    
exit 0

When you are finished, save and close the file.

Next, make the script executable using chmod:

chmod +x /etc/init.d/tomcat

Start the Tomcat service by typing:

service tomcat start

Double check that it started without errors by typing:

service tomcat status

image.png

Add the Tomcat service to system startup:

chkconfig tomcat on

Open in web browser http://server_domain_or_IP:8080

image.png

Configure Tomcat Web Management Interface

In order to use the manager web app that comes with Tomcat, we must add a login to our Tomcat server. We will do this by editing the tomcat-users.xml file:

sudo nano /opt/tomcat/conf/tomcat-users.xml

You will want to add a user who can access the manager-gui and admin-gui (web apps that come with Tomcat). You can do so by defining a user, similar to the example below, between the tomcat-users tags. Be sure to change the username and password to something secure:

tomcat-users.xml — Admin User

<tomcat-users . . .>
    <user username="admin" password="password" roles="manager-gui,admin-gui"/>
</tomcat-users>

Save and close the file when you are finished.

By default, newer versions of Tomcat restrict access to the Manager and Host Manager apps to connections coming from the server itself. Since we are installing on a remote machine, you will probably want to remove or alter this restriction. To change the IP address restrictions on these, open the appropriate context.xml files.

For the Manager app, type:

sudo nano /opt/tomcat/webapps/manager/META-INF/context.xml

For the Host Manager app, type:

sudo nano /opt/tomcat/webapps/host-manager/META-INF/context.xml

Inside, comment out the IP address restriction to allow connections from anywhere. Alternatively, if you would like to allow access only to connections coming from your own IP address, you can add your public IP address to the list:

context.xml files for Tomcat webapps

<Context antiResourceLocking="false" privileged="true" >
  <!--<Valve className="org.apache.catalina.valves.RemoteAddrValve"
         allow="127\.\d+\.\d+\.\d+|::1|0:0:0:0:0:0:0:1" />-->
</Context>

Save and close the files when you are finished.

To put our changes into effect, restart the Tomcat service:

sudo systemctl restart tomcat

用nginx反向代理tomcat

mkdir /etc/nginx/sites-enabled

新版的nginx中一般都有這個目錄航缀，沒有的自己建一個
目錄下建一個名叫tomcat的文件商架， 如有其它文件請刪掉.

 nano /etc/nginx/sites-enabled/tomcat

寫入一下代碼

upstream tomcat8080  {
        ip_hash;
        server 127.0.0.1:8080;
   } 

# Default server configuration

server {
    listen 80 default_server;
    listen [::]:80 default_server;

    server_name _;

    location / {
        # First attempt to serve request as file, then
        # as directory, then fall back to displaying a 404.
        ## try_files $uri $uri/ =404;
        proxy_pass  http://tomcat8080;
    }
}

保存重啟nginx

service nginx restart

輸入 瀏覽器訪問 http://YOU_IP
如果502了(google vm會)，看一下error_log芥玉， 解決辦法：
https://stackoverflow.com/questions/23948527/13-permission-denied-while-connecting-to-upstreamnginx

setsebool -P httpd_can_network_connect 1

OK了蛇摸，變成tomcat的歡迎頁了。

附：
nginx服務(wù)器安裝及配置文件詳解