2. IT
    3. centos 7 启用系统预装tomcat

    centos 7 启用系统预装tomcat

    xiaoxiao2021-03-25  130

    centos安装时预装了tomcat,但是默认不启用。

    用systemctl is-enabled tomcat 进行检查,返回disabled。

    首先启用并启动tomcat

    执行:

    systemctl enable tomcat

    systemctl start tomcat

    用ps -ef | grep tomcat检查

    [username@hostname ~]$ ps -ef | grep tomcat tomcat 1235 1 1 19:07 ? 00:00:08 java -classpath /usr/share/tomcat/bin/bootstrap.jar:/usr/share/tomcat/bin/tomcat-juli.jar:/usr/shar e/java/commons-daemon.jar -Dcatalina.base=/usr/share/tomcat -Dcatalina.home=/usr/share/tomcat -Djava.endorsed.dirs= -Djava.io.tmpdir=/var/cache/tom cat/temp -Djava.util.logging.config.file=/usr/share/tomcat/conf/logging.properties -Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManage r org.apache.catalina.startup.Bootstrap start 可见tomcat运行在tomcat用户下,pid是1235

    用 sudo netstat -tupln检查端口(注意,这里要使用sudo,否则看不到pid)

    [fuxiaodong@fxd ~]$ sudo netstat -tupln | grep 1235 tcp6 0 0 :::8080 :::* LISTEN 1235/java tcp6 0 0 127.0.0.1:8005 :::* LISTEN 1235/java tcp6 0 0 :::8009 :::* LISTEN 1235/java 可见8080端口已经listen

    但是由于防火墙,这时候用浏览器还是无法访问。

    在centos 7上,防火墙是firewalld。可以用 systemctl status firewalld查看防火墙状态。

    [root@fxd ~]# systemctl status firewalld ?firewalld.service - firewalld - dynamic firewall daemon Loaded: loaded (/usr/lib/systemd/system/firewalld.service; enabled; vendor preset: enabled) Active: active (running) since ?2017-03-09 19:58:50 CST; 1min 40s ago Docs: man:firewalld(1) Main PID: 864 (firewalld) CGroup: /system.slice/firewalld.service 忖864 /usr/bin/python -Es /usr/sbin/firewalld --nofork --nopid 3?09 19:58:50 fxd.test.zte systemd[1]: Starting firewalld - dynamic firew.... 3?09 19:58:50 fxd.test.zte systemd[1]: Started firewalld - dynamic firewa.... Hint: Some lines were ellipsized, use -l to show in full. 用systemctl stop firewalld可以规避这个问题,但是不好。

    执行  firewall-cmd --list-all-zones,可以看到默认网卡设置为public区域,仅允许 dhcpv6-client ssh

    public (active) target: default icmp-block-inversion: no interfaces: enp0s25 sources: services: dhcpv6-client ssh ports: protocols: masquerade: no forward-ports: sourceports: icmp-blocks: rich rules: 当前在办公室,修改固网为internal。执行  firewall-cmd --zone=internal --change-interface=enp0s25

    启用internal区域的http和https服务

    firewall-cmd --permanent --zone=internal --add-service=http firewall-cmd --permanent --zone=internal --add-service=https

    启用tomcat使用的端口

    firewall-cmd --permanent --zone=internal --add-port=8080/tcp firewall-cmd --permanent --zone=internal --add-port=8005/tcp firewall-cmd --permanent --zone=internal --add-port=8009/tcp

    重新加载防火墙: firewall-cmd --reload

    在查看防火墙状态  firewall-cmd --list-all-zones

    internal (active) target: default icmp-block-inversion: no interfaces: enp0s25 sources: services: dhcpv6-client http https mdns samba-client ssh ports: 8009/tcp 8005/tcp 8080/tcp protocols: masquerade: no forward-ports: sourceports: icmp-blocks: rich rules: 用浏览器访问,网页可以打开。

    参考资料:

    linux下如何使用systemctl管理systemd服务与单元          http://blog.csdn.net/drdairen/article/details/51441040

    CentOS7下Firewall防火墙配置用法详解                           http://www.centoscn.com/CentOS/Intermediate/2015/0313/4879.html

    转载请注明原文地址: https://ju.6miu.com/read-9988.html

    技术

    最新回复(0)