由于公司产品的一致性需求,我们又从Jetty切换到GlassFish3.1.2. 这次是在Ubuntu 12.04 Server(64bit)上安装 GlassFish web profile.
本文内容主要来源于http://www.nabisoft.com/tutorials/glassfish/installing-glassfish-311-on-ubuntu
上文非常全面,我做了删减,去掉了不需要的iptables一节,因为我们用nginx做转发。同时也解决了一些其他问题。
比如GlassFish3.1.2改变了安全规则。需要一些额外的步骤。
一 安装JDK,设置好环境变量。
我安装的是jdk1.6
root@ www :~# java -version
java version "1.6.0_32"
Java(TM) SE Runtime Environment (build 1.6.0_32-b05)
Java HotSpot(TM) 64-Bit Server VM (build 20.7-b02, mixed mode)
二 创建专用帐号
先创建glassfish系统帐号
# adduser --home /home/glassfish --system --shell /bin/bash glassfish
Adding system user `glassfish' (UID 108) ...
Adding new user `glassfish' (UID 108) with group `nogroup' ...
Creating home directory `/home/glassfish' ...
再创建用户组glassfishadmin
# groupadd glassfishadm
将glassfish加入glassfishadm组,glassfishadmin组的目录也设为/home/glassfish
# usermod -a -G glassfishadm glassfish
chgrp -R glassfishadm /home/glassfish
三 安装unzip
apt-get install unzip
四 下载glassfish
切换到glassfish用户,并下载和解压
su glassfish
cd /home/glassfish
mkdir downloads
cd downloads
wget http://download.java.net/glassfish/3.1.2/release/glassfish-3.1.2-web.zip
unzip glassfish-3.1.2.zip
将解压后的文件复制到/hom/glassfish目录下,然后退出该用户
mv /home/glassfish/downloads/glassfish3/* /home/glassfish/
mv /home/glassfish/downloads/glassfish3/.org.opensolaris,pkg /home/glassfish/.org.opensolaris,pkg
exit
五 修改目录权限
确保程序可以在glassfish用户下运行
root@ www :~# chown -R glassfish /home/glassfish
root@ www :~# chmod -R ug+rwx /home/glassfish/bin/
root@ www :~# chmod -R ug+rwx /home/glassfish/glassfish/bin/
root@ www :~# chmod -R o-rwx /home/glassfish/bin/
root@ www :~# chmod -R o-rwx /home/glassfish/glassfish/bin/
六 修改端口
修改/hom/glassfish/domains/domain1/config/domain.xml如下:
<network-listeners>
<network-listener port="8081" protocol="http-listener-1" transport="tcp" name="http-listener-1" thread-pool="http-thread-pool"></network-listener>
<network-listener port="8181" protocol="http-listener-2" transport="tcp" name="http-listener-2" thread-pool="http-thread-pool"></network-listener>
<network-listener port="4848" protocol="admin-listener" transport="tcp" name="admin-listener" thread-pool="admin-thread-pool"></network-listener>
</network-listeners>
这样,http采用8081,https采用8181,AdminGUI采用4848端口。
七 启动服务
$ su glassfish
$ /home/glassfish/bin/asadmin start-domain domain1
There is a process already using the admin port 4848 -- it probably is another instance of a GlassFish server.
这是个GlassFish启动常见的错误,到/etc/hosts目录下看一下
原来这里错了,hostname命令返回的是
127.0.1.1 Ubuntu1204TEMPLATE
修改成:
127.0.0.1www
现在启动成功了。
glassfish@ www :/root$ /home/glassfish/bin/asadmin start-domain domain1
Waiting for domain1 to start .......
Successfully started the domain : domain1
domain Location: /home/glassfish/glassfish/domains/domain1
Log File: /home/glassfish/glassfish/domains/domain1/logs/server.log
Admin Port: 4848
Command start-domain executed successfully.
打开网页http://10.112.18.178:4848/ 无法登录,用户名是admin,密码是adminadmin。为什么?
因为3.1.2加强了安全性。游戏规则改变了。默认admin密码也不再是adminadmin,而是空。
八 启动后启用secure-admin
修改admin默认密码
./asadmin change-admin-password
Enter admin user name [default: admin]> (Press enter to use the default user name)
Enter admin password> (Press enter to use the default password)
Enter new admin password>
Enter new admin password again>
Command change-admin-password executed successfully.<strong>
</strong>
特别注意前面两个问题都直接按回车即可。然后设置新密码,比如123456,输入两次。
./asadmin --host 10.112.18.178 --port 4848 enable-secure-admin
--host 指定glassfish所在IP,回答两个问题,用户名和密码,分别是admin/123456.
重新启动glassfish.
再次打开网站myserver:4848,突然进行HTTPS提示,同意后。登录,终于看到了。
九 查看glassfish的用户
下面这个命令帮助我们查看当前glassfish的用户:
./asadmin list-file-users --authrealmname admin-realm
只有一个admin.
十 创建系统服务
先创建/etc/init.d/glassfish脚本
export AS_JAVA=/usr/lib/jvm/java-6-sun
GLASSFISHPATH=/home/glassfish/bin
case "$1" in
start)
echo "starting glassfish from $GLASSFISHPATH"
sudo -u glassfish $GLASSFISHPATH/asadmin start-domain domain1
;;
restart)
$0 stop
$0 start
;;
stop)
echo "stopping glassfish from $GLASSFISHPATH"
sudo -u glassfish $GLASSFISHPATH/asadmin stop-domain domain1
;;
*)
echo $"usage: $0 {start|stop|restart}"
exit 3
;;
esac
:
增加可执行权限:
chmod +x ./glassfish
创建自启动脚本
update-rc.d glassfish defaults
现在可以通过
servcie glassfis (start|stop|restart) 来测试了
然后重新启动后继续看是否已经自启动。
产品环境下使用还需要修改默认的master password,可以参考前面引用文章的最后一节:
6. Security configuration before first startup