Apache Tomcat 8 optimized images

This repository contains Dockerfile of Apache Tomcat 8.

It use a Docker's personal build published to the public Docker Registry.

Design

This docker apache tomcat images supports production and development. A lot of other tomcat docker images exist, but the only support development or not use the newest version or bundle an open jdk. We want build a nicer one. Send us your missing features!

Goals

• use minimal ubuntu and java8 base images (work in progress)
• inject libs and wars as volumes (data container)
• deploy the manager app and generate password at start
• clean up installation and remove examples and unused *.bat, .. files.
• squash footprint and clean up build artefacts
• use a nicer access log pattern :-)
• use a cleanup server.xml without comments
  • use separate executor
  • setup HTTP (8080) and AJP (8009) connectors and expose ports
  • currently not support APR Connectors or configure other then standard NIO
• reuse existing cool ideas from other nice guys. Many thanks;)

You can deploy your own webapps and tomcat extended library with local volumens or better with a docker data container.

Found the tomcat docker images

Currently the apache tomcat8 images are available as automatic docker hub build and a squash version.

• docker hub build
• optimized squash build (s. build.sh)

Dependencies

• alpine
• benyoo/jdk
• Apache Tomcat 8 Download

Installation

1. Install Docker.
2. Download benyoo/tomcat :

docker pull benyoo/tomcat

Usage

docker run -it --rm -P benyoo/tomcat

Run tomcat8 with a sample hello world

mkdir -p hello
cd hello
echo "Hello Docker Tomcat World" >index.jsp
jar -cf ../hello.war .
cd ..
docker run --name=tomcat8 -d -p 8080:8080 -v `pwd`:/webapps benyoo/tomcat
curl http://127.0.0.1:8080/hello/index.html

Run tomcat8 with a sample hello world at a data container

mkdir -p hello
cd hello
echo "Hello Docker Tomcat World" >index.jsp
jar -cf ../hello.war .
cd ..
vi Dockerfile

Running

docker build -t="benyoo/hello-app".
docker run -it --name=hello-app benyoo/hello-app ls /webapps
docker run --name=tomcat8 -d -p 8080:8080 --volumes-from hello-app benyoo/tomcat
curl http://127.0.0.1:8080/hello/index.html

deploy with your system parameters

docker run -it --rm --env CATALINA_OPTS="-Ddb.user=admin -Ddb.password=secret" -v `pwd`/webapps:/webapps -v `pwd`/libs:/libs benyoo/tomcat

use your own JVM_ROUTE

docker run -it --rm --env TOMCAT_JVM_ROUTE=tomcat79 -p 7980:8080 -p 7909:8009 -v `pwd`/webapps:/webapps benyoo/tomcat

stop tomcat

docker stop --time=10 tomcat8

• This send SIGTERM and after 10 seconds sends SIGKILL, if tomcat process is not stopped before.

tomcat docker images ENV parameter

Parameter	Default	Comment
JAVA_MAXMEMORY	256	setup jvm max memory
TOMCAT_MAXTHREADS	250	setup max executor threads
TOMCAT_MINSPARETHREADS	4	setup min spare executor threads
TOMCAT_HTTPTIMEOUT	20000	setup http connector timeout
TOMCAT_JVM_ROUTE	tomcat80	support session sticky ness suffix
TOMCAT_JVM_ROUTE	tomcat80	support session sticky ness suffix
TOMCAT_PASS	random generated	admin password
CATALINA_OPTS	s. tomcat.sh	tomcat start parameter
JAVA_OPTS	s. tomcat.sh	spezial java start/stop parameter
TOMCAT_HTTP_PORT	8080	HTTP port
TOMCAT_AJP_PORT	8009	AJP port
TOMCAT_SERVER_PORT	8005	Server port

get tomcat container IP and ports

$ DOCKER_HOST_IP=$(docker inspect -f '{{.NetworkSettings.IPAddress}}'
$ docker inspect -f '{{ range $key, $value := .NetworkSettings.Ports }}{{ $key }}='"${DOCKER_HOST_IP}:"'{{ (index $value 0).HostPort }} {{ end }}‘ tomcat | tr " " "\n"
8080/tcp=172.17.0.30:8080
8009/tcp=172.17.0.30:8009

Run list all deployed apps

$ DOCKER_HOST_IP=$(docker inspect -f '{{.NetworkSettings.IPAddress}}' tomcat8)
$ curl --user "admin:password" http://${DOCKER_HOST_IP}:8080/manager/text/list
OK - Listed applications for virtual host localhost
/manager:running:0:manager

The admin password can be extract from logs:

$ docker logs tomcat8 | head
=> Creating and admin user with a random password in Tomcat
=> Done!
========================================================================
You can now configure to this Tomcat server using:

    admin:H4t4bbyZxjNh

========================================================================
Checking *.war in /webapps
Checking tomcat extended libs *.jar in /libs

or set at your password at container starts:

docker run -d --name=tomcat8 --env TOMCAT_PASS=password benyoo/tomcat

debug tomcat with nsenter

Install nsenter:

sudo docker run --rm -v /usr/local/bin:/target jpetazzo/nsenter

Tail tomcat app or access logs

sudo docker-enter tomcat8 tail -f /opt/tomcat/logs/catalina-2016-08-27.log
sudo docker-enter tomcat8 tail -f /opt/tomcat/logs/access-2016-08-27.log

or

sudo docker logs tail tomcat8

Run jstat

sudo docker-enter tomcat8 su tomcat --shell /bin/bash -c 'jstat -gc 1 5000'

More space for research:

• run jonsole?
  • add jmx port and expose
  • secure
• load jolokia and monitor via http

manually build, squash and push

sudo bash
cd /tmp
docker build -t="rossbachp/tomcat8" .
ID=$(docker inspect -f '{{ .Id }}' rossbachp/tomcat8)
docker save $ID > tomcat8.tar
sudo docker-squash -verbose -i tomcat8.tar -o tomcat8-squash.tar -t benyoo/tomcat:squash
cat tomcat8-squash.tar | docker load
rm tomcat8.tar
rm tomcat8-squash.tar

or simple use the ``./build.shor with cleanup./build.sh --rmi`

Push to docker hub registry

docker login
docker push benyoo/tomcat:latest
docker push benyoo/tomcat:<DATE TAG>

Links

• squashing-docker article
• github squashing-docker

Option for better logging

• Use a volume for logging sudo docker run --rm -t -v /var/log/tomcat8:/opt/tomcat/logs benyoo/tomcat and delegate it to logstash-forwarder or rsyslog.
  • Use only stdout/stderr or file output handler
  • Don't let make file rotation, compression and archive control from outside

The current configured logging need a better solutions!

• Docker logstash
  • syslog-docker
  • SyslogValve
  • tomcat-slf4j-logback
  • Logback appenders
  • Graylog2 Logger
  • logback-gelf
    • Only supports UDP
    • Java Implementation
    • Test TCP GELF: echo -e '{"version": "1.1","host":"example.org","short_message":"A short message that helps you identify what is going on","full_message":"Backtrace here\n\nmore stuff","level":1,"_user_id":9001,"_some_info":"foo","_some_env_var":"bar"}\0' | nc -w 1 my.graylog.server 12201
      • See send null character at end of your multiline messages!

At your application you can use beter directly use syslog but how we configure syslog host?:

<appender name="SYSLOG" class="ch.qos.logback.classic.net.SyslogAppender">
        <syslogHost>localhost</syslogHost>
        <facility>LOCAL6</facility>
        <suffixPattern>app: %logger{20} %msg</suffixPattern>
</appender>

• Use DNS link name at /etc/hosts with new writable docker >= 1.2 feature
  • @{syslog.PrivateIpAddress} syslog
  • docker-leaving-immutable-infrastructure
  • Logback can read OS Env vars, that means docker link argument works!

Other nice tomcat docker images

• ConSol docker-appserver
  • tutum docker tomcat images Many thanks for that.

Todo

• setup better logging
  • setup JMX and monitoring
  • support APR Connector
  • support SSL
  • setup your own server.xml
  • integrate a check api
    • use coda hale metrics
    • build my own checker
    • test nagios checks
  • more samples
    • JDBC sample with fig setup
    • auto scaling apache/mod_jk ectd sample

Have fun with this tomcat images and give feedback!