Apache HTTPD 설치 보고서

구매회사구축프로젝트 Apache HTTPD 설치보고서 2018-05-22 오픈나루

Table of Contents Table of Contents... ii Revision History... iv 1. 개요... 1 1.1 수행자정보... 1 1.2 고객정보... 1 2. 설치서버정보... 2 3. 시스템환경... 2 3.1 운영체제정보... 2 서버정보요약... 2 서버정보 : TOMCAT88(192.168.23.88)... 2 4. Apache HTTPD 설정정보... 5 4.1 설치디렉터리구성... 5 5. 운영체제환경설정... 6 5.1 커널파라미터... 6 5.2 적용한커널파라미터값... 7 5.3 사용자 limit 값설정... 8 6. Apache HTTPD 환경설정... 10 6.1 Apache HTTPD 환경설정... 10 MPM 모듈... 10 httpd.conf 설정... 10 6.2 Connector 모듈설정... 11 mod_jk.conf... 12 workers.properties( 예시 )... 12 7. JBoss 운영방법... 14 7.1 Apache 운영방법... 14 Apache 확인방법... 14 Apache 운영방법... 14 Apache 서비스등록방법... 15 7.2 Apache HTTPD, Tomcat 테스트를위한웹페이지... 15 오픈나루 ii opennaru.com

Apache HTTPD 자동생성웹페이지... 16 Apache HTTPD jkstatus 페이지... 16 8. 도움이필요하십니까?... 18 9. References... 19 오픈나루 iii opennaru.com

Revision History Name Date Reason For Changes Version 오픈나루 (service@opennaru.com) 2014/1/22 Initial Version 1.0 오픈나루 iv opennaru.com

1. 개요 1.1 수행자정보 본문서는오픈나루 (opennaru.com) 의자동설치제품인 KHAN [provisioning] 을이용하여생성된 문서입니다. 웹서버 / APM(Apache PHP MySQL) / WAS(Tomcat, JBoss) 미들웨어자동설치 제품에대한문의는 service@opennaru.com 으로하시면됩니다. 설치한제품및설치지원회사의정보는다음과같습니다. 항목 내용 설치제품 Apache HTTPD 2.4.33 수행일시설치지원회사명수행자이메일 2018-05-22_21-34-33 오픈나루오픈나루 support@opennaru.com 전화번호 02-469-5426 1.2 고객정보 구분고객사프로젝트명담당자 내용구매회사구축프로젝트홍길동 고객연락처 abcde@customer.co.kr (010-1234-1234) 수행시간 2018-05-22_21-34-33 오픈나루 1 opennaru.com

2. 설치서버정보 호스트 IP 서비스 URL 192.168.23.88 http://192.168.23.88/ 3. 시스템환경 설치한시스템기본환경에대한정보입니다. 3.1 운영체제정보 서버정보요약 서버 TOMCAT88 (192.168.23.88) 정보운영체제메모리 CPU Core Red Hat Enterprise Linux Server release 7.3 (Maipo) x86_64 2048988 KB 1 개 1 개 서버정보 : TOMCAT88(192.168.23.88) 구분 정보 오픈나루 2 opennaru.com

호스트이름 TOMCAT88 IP 주소 192.168.23.88 OS 버전 Kernel 버전아키텍쳐 (bit 수 ) CPU 정보 Red Hat Enterprise Linux Server release 7.3 (Maipo) 3.10.0-514.el7.x86_64 x86_64 Intel(R) Core(TM) i7-7700 CPU @ 3.60GHz CPU 개수 1 Core 개수 1 CPU 당 Core 수 1 메모리 (KB) Disk 사용량 Disk 정보 2048988 KB Filesystem Size Used Avail Use% Mounted on /dev/sda3 90G 3.6G 87G 4% / devtmpfs 991M 0 991M 0% /dev tmpfs 1001M 0 1001M 0% /dev/shm tmpfs 1001M 17M 984M 2% /run tmpfs 1001M 0 1001M 0% /sys/fs/cgroup /dev/sda1 2.0G 115M 1.9G 6% /boot tmpfs 201M 0 201M 0% /run/user/1106 tmpfs 201M 0 201M 0% /run/user/0 Disk /dev/sda: 107.4 GB, 107374182400 bytes, 209715200 sectors Units = sectors of 1 * 512 = 512 bytes Sector size (logical/physical): 512 bytes / 512 bytes I/O size (minimum/optimal): 512 bytes / 512 bytes Disk label type: dos Disk identifier: 0x000ac226 Device Boot Start End Blocks Id System /dev/sda1 * 2048 4196351 2097152 83 Linux /dev/sda2 4196352 20973567 8388608 82 Linux swap / Solaris /dev/sda3 20973568 209715199 94370816 83 Linux 네트워크설정 ens192: flags=4163<up,broadcast,running,multicast> mtu 1500 inet 192.168.23.88 netmask 255.255.255.0 broadcast 192.168.23.255 ether 00:50:56:bc:af:e9 txqueuelen 1000 (Ethernet) RX packets 2580053 bytes 570410244 (543.9 MiB) RX errors 0 dropped 538028 overruns 0 frame 0 TX packets 1216033 bytes 323766351 (308.7 MiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 오픈나루 3 opennaru.com

lo: flags=73<up,loopback,running> mtu 65536 inet 127.0.0.1 netmask 255.0.0.0 loop txqueuelen 1 (Local Loopback) RX packets 1470854 bytes 2096843748 (1.9 GiB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 1470854 bytes 2096843748 (1.9 GiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 라우팅정보 Kernel IP routing table Destination Gateway Genmask Flags MSS Window irtt Iface 0.0.0.0 192.168.23.1 0.0.0.0 UG 0 0 0 ens192 192.168.23.0 0.0.0.0 255.255.255.0 U 0 0 0 ens192 오픈나루 4 opennaru.com

4. Apache HTTPD 설정정보 4.1 설치디렉터리구성 Apache HTTPD 버전 2.4.33 MPM 형식 worker APR 버전 1.6.2 APR Util 버전 1.6.0 mod_jk 버전 1.2.42 설치디렉토리 설정파일디렉토리 Log 디렉토리 /svc/test/web/apache2 /svc/test/web/apache2/conf /svc/test/logs/apache2 오픈나루 5 opennaru.com

5. 운영체제환경설정 5.1 커널파라미터 웹서버와웹기반미들웨어서버는모두네트워크를통해서비스를제공하는시스템이다. 네트워크를통해데이터를전달하기때문에, 운영체제의 TCP/IP 에대한튜닝은필수적이다. 아래표에서설명한핵심적인파라미터를적용하는것이좋다. 특히 TCP 의수신, 송신버퍼의크기는운영체제가기본적으로제공하는것보다크게설정해야서버의성능을향상할수있다. 다음설정을웹서버와 JBoss 운영서버에대해모두적용한다. 파라미터권장값설명 net.ipv4.tcp_keepalive_time 30 keep-alive 시간을줄인다. net.ipv4.tcp_fin_timeout 10 FIN 타임아웃시간을줄여 FD 를빨리확보할 수있도록한다. net.core.netdev_max_backlog 2500 백로그에들어오는소켓개수를늘린다. net.ipv4.tcp_retries1 3 TCP 연결에문제가있을때연결을재시도하는 횟수 ( 최솟값은 3 이다 ) net.ipv4.tcp_retries2 3 TCP 연결을끊기전에재시도하는횟수를 줄인다. net.ipv4.ip_local_port_range 1024 65000 사용할수있는로컬포트범위를늘린다. net.core.rmem_max 56777216 TCP 수신버퍼크기최댓값을늘린다. net.core.rmem_default 16777216 TCP 수신버퍼크기기본값을늘린다. net.core.wmem_max 56777216 TCP 전송버퍼크기최댓값을늘린다. net.core.wmem_default 16777216 TCP 수신버퍼크기기본값을늘린다. net.ipv4.tcp_window_scaling 1 65kb 이상의큰 TCP 윈도우스케일링을 오픈나루 6 opennaru.com

사용한다. net.ipv4.tcp_orphan_retries 0 서버측에서닫은 TCP 연결을끊기전에 확인하는횟수를줄인다. 기본값은 7 로 50 초 ~16 분정도걸린다. net.ipv4.tcp_sack 0 SYNC 패킷을전송한후일부 ACK 를받지못했을경우선택적으로받지못한 ACK 패킷을받도록설정할수있다. 0 은받지않는설정이다. 패킷유실이많은네트워크에서는 1 로설정한다. 5.2 적용한커널파라미터값 /etc/sysctl.conf Updates net.ipv4.neigh.default.unres_qlen=100 net.ipv4.tcp_keepalive_time = 30 net.ipv4.tcp_fin_timeout = 10 net.core.netdev_max_backlog = 2500 net.ipv4.tcp_retries1 = 2 net.ipv4.tcp_retries2 = 3 net.ipv4.ip_local_port_range = 1024 65000 net.core.rmem_max = 56777216 net.core.rmem_default = 16777216 net.core.wmem_max = 56777216 net.core.wmem_default = 16777216 net.ipv4.tcp_window_scaling = 1 net.ipv4.tcp_timestamps = 0 net.ipv4.tcp_sack = 0 net.ipv4.tcp_orphan_retries = 0 오픈나루 7 opennaru.com

5.3 사용자 limit 값설정 /etc/security/limits.conf This file sets the resource limits for the users logged in via PAM. It does not affect resource limits of the system services. Each line describes a limit for a user in the form: <domain> <type> <item> <value> Where: <domain> can be: - an user name - a group name, with @group syntax - the wildcard *, for default entry - the wildcard %, can be also used with %group syntax, for maxlogin limit <type> can have the two values: - "soft" for enforcing the soft limits - "hard" for enforcing hard limits <item> can be one of the following: - core - limits the core file size (KB) - data - max data size (KB) - fsize - maximum filesize (KB) - memlock - max locked-in-memory address space (KB) - nofile - max number of open files - rss - max resident set size (KB) - stack - max stack size (KB) - cpu - max CPU time (MIN) - nproc - max number of processes - as - address space limit (KB) - maxlogins - max number of logins for this user - maxsyslogins - max number of logins on the system - priority - the priority to run user process with - locks - max number of file locks the user can hold - sigpending - max number of pending signals - msgqueue - max memory used by POSIX message queues (bytes) 오픈나루 8 opennaru.com

- nice - max nice priority allowed to raise to values: [-20, 19] - rtprio - max realtime priority <domain> <type> <item> <value> * soft core 0 * hard rss 10000 @student hard nproc 20 @faculty soft nproc 20 @faculty hard nproc 50 ftp hard nproc 0 @student - maxlogins 4 apache hard nofile 65536 apache soft nofile 65536 apache soft nproc 2047 apache hard nproc 16384 End of file 오픈나루 9 opennaru.com

6. Apache HTTPD 환경설정 6.1 Apache HTTPD 환경설정 MPM 모듈 Apache HTTPD 는 prefork, worker, event 방식을모두지원한다. KHAN [provisioning] 을이용한 설치시에는 worker 을사용하도록설치하였다. httpd.conf 설정 Worker MPM 방식을사용할경우아래설정값이적용된다. worker MPM StartServers: initial number of server processes to start MaxClients: maximum number of simultaneous client connections MinSpareThreads: minimum number of worker threads which are kept spare MaxSpareThreads: maximum number of worker threads which are kept spare ThreadsPerChild: constant number of worker threads in each server process MaxRequestsPerChild: maximum number of requests a server process serves <IfModule mpm_worker_module> StartServers 10 MaxClients 960 MinSpareThreads 75 MaxSpareThreads 150 ThreadsPerChild 64 MaxRequestsPerChild 250 </IfModule> ListenBackLog 1000 Prefork 일경우아래설정값이적용된다. worker MPM StartServers: initial number of server processes to start MaxClients: maximum number of simultaneous client connections MinSpareThreads: minimum number of worker threads which are kept spare 오픈나루 10 opennaru.com

MaxSpareThreads: maximum number of worker threads which are kept spare ThreadsPerChild: constant number of worker threads in each server process MaxRequestsPerChild: maximum number of requests a server process serves <IfModule mpm_prefork_module> StartServers 5 MinSpareServers 5 MaxSpareServers 10 MaxRequestWorkers 250 MaxConnectionsPerChild 0 </IfModule> 그외속도를빠르게하기위해 KeepAlive 를 On 으로설정하였다. KeepAlive: Whether or not to allow persistent connections (more than one request per connection). Set to "Off" to deactivate. KeepAlive On MaxKeepAliveRequests: The maximum number of requests to allow during a persistent connection. Set to 0 to allow an unlimited amount. We recommend you leave this number high, for maximum performance. MaxKeepAliveRequests 1000... ListenBackLog 1000... LoadModule proxy_balancer_module modules/mod_proxy_balancer.so... ExtendedStatus controls whether Apache will generate "full" status information (ExtendedStatus On) or just basic information (ExtendedStatus Off) when the "server-status" handler is called. The default is Off. ExtendedStatus On 6.2 Connector 모듈설정 오픈나루 11 opennaru.com

Apache HTTPD 는 WAS 서버와 mod_jk 방식을사용하도록설정하였다. $khanconfig.webproperty.property.svc_web_home/httpd/conf.d 디렉토리에 mod_jk.conf, workers.properties 파일에설정이저장되어있다. mod_jk.conf Load mod_jk module Update this path to match your modules location LoadModule jk_module modules/mod_jk.so Where to find workers.properties Update this path to match your conf directory location (put workers.properties next to httpd.conf) JkWorkersFile conf.d/workers.properties Where to put jk logs Update this path to match your logs directory location (put mod_jk.log next to access_log) JkLogFile /svc/test/logs/web/mod_jk.log JkShmFile /svc/test/logs/web/mod_jk.shm Set the jk log level [debug/error/info] JkLogLevel debug JkLogLevel info Select the log format JkLogStampFormat "[%a %b %d %H:%M:%S %Y] " JkOptions indicate to send SSL KEY SIZE, JkOptions +ForwardKeySize +ForwardURICompat -ForwardDirectories +ForwardURICompatUnparsed JkRequestLogFormat set the request format JkRequestLogFormat "%w %V %T" Send everything for context /examples to worker named worker1 (ajp13) JkMount /*.jsp lb JkMount /*.do lb JkMount /*.mvc lb JkMount /jkstatus* jkstatus workers.properties( 예시 ) 오픈나루 12 opennaru.com

Define load balancer worker using ajp13 worker.list=lb,jkstatus Templates worker.template.type=ajp13 worker.template.maintain=60 worker.template.lbfactor=1 worker.template.ping_mode=a worker.template.ping_timeout=2000 worker.template.prepost_timeout=2000 worker.template.socket_timeout=60 worker.template.socket_connect_timeout=2000 worker.template.socket_keepalive=true worker.template.connection_pool_timeout=60 worker.template.connect_timeout=10000 worker.template.recovery_options=7 Set properties for server11 (ajp13) worker.server11.reference=worker.template worker.server11.host=192.168.0.20 worker.server11.port=8109 Set properties for server12 (ajp13) worker.server12.reference=worker.template worker.server12.host=192.168.0.20 worker.server12.port=8209 Set properties for server13 (ajp13) worker.server13.reference=worker.template worker.server13.host=192.168.0.20 worker.server13.port=8309 worker.lb.type=lb worker.lb.balance_workers=server11,server12,server13, worker.lb.method=session worker.lb.sticky_session=true worker.jkstatus.type=status 오픈나루 13 opennaru.com

7. JBoss 운영방법 7.1 Apache 운영방법 Apache 확인방법 확인항목 명령어 컴파일옵션확인 $ /svc/test/web/apache2/httpd/sbin/httpd V HTTPD 버전확인 $ /svc/test/web/apache2/httpd/sbin/httpd v 컴파일된모듈확인 $ /svc/test/web/apache2/httpd/sbin/httpd l config 문법체크 $ /svc/test/web/apache2/httpd/sbin/httpd t Apache 운영방법 $ cd /svc/test/web/apache2/httpd /sbin/ 명령 명령어 시작종료재시작상태체크프로세스확인 $./apachectl start $./apachectl stop $./apachectl restart $./apachectl status $ ps ef grep httpd 오픈나루 14 opennaru.com

Apache 서비스등록방법 RHEL 시작시 Apache HTTPD 가자동으로시작될수있도록, apache-httpd 서비스등록 스크립트가설치되어있다. 리눅스시작시자동으로시작되도록설정되어있지는않다. 다음명령으로 Apache HTTPD 를서비스로등록할수있다. $ chkconfig apache-httpd on $ chkconfig list apache-httpd apache-httpd 0:off 1:off 2:on 3:on 4:on 5:on 6:off 서비스로등록한후에는다음과같이 service 명령을사용하여 Apache HTTPD 를관리할수있다. 명령 명령어 시작종료재시작상태체크 $ service apache-httpd start $ service apache-httpd stop $ service apache-httpd restart $ service apache-httpd status 7.2 Apache HTTPD, Tomcat 테스트를위한웹페이지 설치된 Apache HTTPD, Tomcat 서버들에접근할수있는 HTML 페이지를자동으로생성하여설치하였다. Apache HTTPD 서버들의목록과각서버들의 mod_jk 상태정보를확인해볼수있는페이지 (jkstatus) 들에접근할수있는링크들을제공하고있다. 또한, Tomcat 인스턴스들의목록 ( 도메인모드와 Standalone 모드 ) 과 Tomcat 의웹관리콘솔에접근할수있도록콘솔접근 URL 들을출력한다. Tomcat 인스턴스에직접접근할수있는 URL 과 Apache 를통하여접근하는 URL 들을제공하고있다. 오픈나루 15 opennaru.com

Apache HTTPD 자동생성웹페이지 Apache HTTPD jkstatus 페이지 오픈나루 16 opennaru.com

오픈나루 17 opennaru.com

8. 도움이필요하십니까? 만약이문서에설명된절차를수행할때문제를겪는다면, 오픈나루고객 포털 (http://support.opennaru.com) 을방문하십시오. 오픈나루 18 opennaru.com

9. References Red Hat Documentation http://docs.redhat.com/ 오픈나루고객지원포탈 http://support.opennaru.com 오픈나루기술 Blog http://opennaru.tistory.com 오픈나루 Facebook Page https://www.facebook.com/opennaru t : +82-2-469-5426 f : +82-2-469-7247 e : service@opennaru.com, sales@opennaru.com h : http://www.opennaru.com 본문서는오픈나루 (opennaru.com) 의자동설치제품인 KHAN [provisioning] 을이용하여생성된문서입니다. 본문서에 대한저작권은오픈나루주식회사에있습니다. 오픈나루 19 opennaru.com