- added tomcatctl script
- added logname to the restart notification email
- changed PID ownership
- improved OS support
- improves eyp-systemd compatibility
- changed default connection timeout for AJP and HTTPS connectors to 30s
- Added address option for HTTP and HTTPS connectors
- Updated metadata for eyp-systemd 0.2.0
- updated max eyp-auditd version
- added sendReasonPhrase option to HTTP/HTTPS connectors (tomcat >=8.5 < 9.0)
- added URIEncoding to AJP connector
- bugfix audit rules
- added client_https_protocols option to tomcat::instance
- added webapps_mode_recursive to tomcat::instance to be able to recursively change mode for webapps directory
- added option in tomcat::instance to be able to enable SecurityListener
- configurable directory mode for:
- logs
- temp
- bin
- add default auditd rules for config files
- added tomcat::instance variable to control allowUnsafeLegacyRenegotiation
- added variable to be able to set conf's dir mode: conf_dir_mode to tomcat::intance
- added variable connector_ajp_redirect_port
- added tomcat::java_property
- added unlock_commercial_features, flight_recorder, debug_non_safepoints, print_string_table_statistics
- added variables to managed tomcat::webxml's file mode
- added catalina_disable_http_keepalive
- added maxPostSize to AJP, HTTP and HTTPS connectors
- added JVM options:
- use_par_new_gc
- max_tenuring_threshold
- survivor_ratio
- unlock_diagnostic_vm_options
- par_gc_cards_per_stride_chunk
- bind_gc_task_threads_to_cpus
- use_gc_task_affinity
- always_pre_touch
- scavenge_before_full_gc
- agressive_opts
- use_biased_locking
- print_gc_cause
- target_survivor_ratio
- parallel_gc_threads
- http_max_connections
- jvm_prefer_ip4_stack
- rmi_port
- connector_ajp_accept_count
- connector_ajp_acceptor_threadcount
- added HTTPS connector and thuststore/keystore management
- added connector_ajp_connection_timeout to tomcat::instance
- bugfix start_stop_threads and connector_ajp_max_threads
- added custom_jar to tomcat::agent
- added connector_ajp_max_threads to tomcat::instance to define maxThreads for AJP
- added start_stop_threads to tomcat::instance
- added email notification in init script
- minor changes
- bugfix tomcat::agent: tomcat service may not be not managed
- added connector_http_enabled to enable/disable HTTP connector in tomcat::instance
- added config_files_mode to tomcat::instance to be able to set default mode for config files
- added file_mode to tomcat::webxml
- added default web.xml file mode under puppet management
- changed default shutdown command
- added access log related variables:
- log_pattern
- log_directory
- log_prefix
- log_suffix
- log_resolve_hosts
- INCOMPATIBLE CHANGE: set java.awt.headless variable to true by default - it should be harmless
- added debug options:
- debug
- runjdwp_dt_socket_address
- runjdwp_dt_socket_server
- runjdwp_dt_socket_suspend
- added UseParallelGC option
- added -server option, by default is not set as each JVM, platform and architecture combination behaves differently
- Redirected to /dev/null possible errors when deleting pid file from init script
- added catalina_stop_options to tomcat::instance
- added -Xmn using xmn tomcat instance variable
- added -Xmns and -Xmnx variables
- INCOMPATIBLE CHANGE set +UseConcMarkSweepGC by default (use_concurrent_mark_sweep: true)
- added GC variables:
- cms_initiating_occupancy_fraction
- use_cms_initiating_occupancy_only
- cms_scavenge_before_remark
- cms_parallel_remark_enabled
- print_tenuring_distribution
- disable_explicit_gc
- max_gc_pause_millis
- print_gc
- print_gc_details
- print_gc_datestamps
- print_gc_application_stopped_time
- print_gc_file
- added tomcat instance variable jvm_error_file
- added umask variable for tomcat::instance
- added puppet managed banner to setenv.sh, startup.sh, shutdown.sh and init script
- added locale and encoding variables to tomcat::instance:
- user_language
- user_region
- user_country
- user_variant
- file_encoding
- sun_jnu_encoding
- file_encoding_pkg
- java::agent notify untar on tar changes
- bugfix: CATALINA_OPTS loaded twice (catalina.sh & startup.sh)
- chown to tomcot for tomcat::agent
- tomcat::properties: allow custom dir
- bugfix mkdir srcdir dependencies on tomcat::agent
- bugfix: tar name in tomcat::agent
- added tomcat::agent::tarball_path to allow different agent tarballs for multiple instances
- bugfix tomcat::agent: allow installation agents on multiple instances using the same source tar
- tomcat::agent in tarball mode: added --no-same-owner and --strip 1
- bugfix tomcat-users.xml not present when userdatabase=false
- added variables to deploywar for file ownership and mode:
- war_owner
- war_group
- war_mode
- added tomcat::tomcatrole as a define (tomcat::instance has been rewritten to use it)
- renamed uppercase variables from tomcat::intance:
- redirectPort to redirect_port
- maxThreads to max_threads
- minSpareThreads to min_spare_threads
- deleted obsolete variable connectionTimeout from tomcat::instance
- INCOMPATIBLE CHANGE: renamed tomcat::instance variable errorReportValveClass to error_report_valve_class
- added variable to customize ErrorReportValve:
- add_error_report_valve_settings (default: true)
- error_report_valve_show_report (default: false)
- error_report_valve_show_server_info (default: false)
- added org.apache.catalina.valves.ErrorReportValve management (showReport and showServerInfo) to be able to disable stack traces by default
- added variable to enable/disable JasperListener
- bugfix tomcat-users.xml dependency
- INCOMPATIBLE CHANGE: added variable custom_webxml to tomcat::instance (default: false) it copies web.xml from catalina_home to catalina_base (if you need to use a custom web.xml you are going to need to set it to true)
- added tomcat::tomcatuser (tomcat-user.xml user management)
- tomcat::instance rewritten to use tomcat::tomcatuser
- added tar as a installation method for tomcat::agent (changed behaviour)
- added catalina_logrotate_ensure to enable/disable (present/absent) logrotate configuration
- added ensure for tomcat::jaas, tomcat::krb5, tomcat::jndi and tomcat::login
- lint AD SSO
- tomcat AD SSO cleanup
- added variable for pid_file
- logging properties:
- added default template for logging properties
- INCOMPATIBLE CHANGE: changed catalina.out default date format to ISO 8601
- added -Djava.util.logging.config.file to be able to configure an custom file
- bugfix connector_ajp_packet_size
- variables enctypes for krb5
- deleted eyp_tomcat_check_jdk
- template krb5, rc4 only
- template krb5
- arcfour-hmac-md5,aes256-cts-hmac-sha1-96,aes128-cts,rc4-hmac
- added tomcat::valve
- dropped debug for JNDI realm
- lint
- added JNDI realm debug
- enforced group ID if tomcat_user_uid is set
- PID path back to /var/run
- changed startup systemd's startup user
- bugfix systemd PID
- variable tomcat_user_uid to define tomcat's uid
- added "user" variable to tomcat::resource
- changed PID path
- changed systemd's init script to force /bin/bash
- updated systemd to use PIDfile
- template krb5 lowercase and weak crypto to false
- tomcat::krb5 added allow_weak_crypto
- added option add_root_ln to tomcat::deploywar to create a symlink for ROOT.war
- init script: cd to CATALINA_BASE
- jaas typo
- pushing back use tomcat:jvmproperty for java.security.auth.login.config instead of a template
- bugfix tomcat::jvmproperty
- added debug option for jaas
- rollback use tomcat:jvmproperty for java.security.auth.login.config instead of a template file due to this:
# puppet agent --test
Info: Retrieving pluginfacts
Info: Retrieving plugin
Info: Loading facts
Error: Could not retrieve catalog from remote server: Error 400 on SERVER: Duplicate declaration: Tomcat::Jvmproperty[java.security.auth.login.config] is already declared in file /etc/instance-puppet-modules/tomcat/manifests/jaas.pp:74; cannot redeclare at /etc/instance-puppet-modules/tomcat/manifests/jaas.pp:74 on node demotomcat.systemadmin.es
Warning: Not using cache on failed catalog
Error: Could not retrieve catalog; skipping run
- added defaults for tomcat::realm::jndi
- added tomcat::jvmproperty
- added app_base to tomcat::deploywar
- improved acceptance testing
- added concat serverxml: 29 - end host
- added tomcat::alias
- added debian 8 to acceptance testing
- tomcat::jaas rewritten to use tomcat:jvmproperty for java.security.auth.login.config instead of a template file
- tomcat::krb5:
- added debug and forwardable options
- added java.security.krb5.conf as a tomcat::jvmproperty
- added javax.security.auth.useSubjectCredsOnly as tomcat::jvmproperty
- minor change krb5 template
- added default_keytab
- contextxml lint
- rewrite servei instancia
- keytab full path
- added tomcat::deploywar
- bugfix krb5 file naming
- tomcat::contextxml::environment and tomcat::contextxml::resourcelink aligment
- bugfix SPN tomcat::jaas
- tomcat::krb5 added keytab_source
- tomcat::contextxml: bugfix
- deleted type option from tomcat::jaas
- renaming variables from tomcat::jaas for krb5 to a more meaningful name
- tomcat::contextxml:
- estil tomcat::contextxml
- INCOMPATIBLE CHANGE: manager default value changed from '' to undef
- bugfix tomcat::contextxml
- added enable_default_access_log to be able to disable default Valve
- tomcat::context:
- reloadable set by default to true
- path is now mandatory
- path related bugfix
- flag to be able to disable version_logger_listener
- added option packetSize (connector_ajp_packet_size) for the AJP connector
Major release with incompatible changes, please review this list carefully:
- added combined realm by default to allow multiple realms (COMPATIBILITY ISSUE: LockOutRealm cannot be enabled on tomcat 7.0.32 or older because we are using CombinedRealm by default)
- added jvmRoute support as jvm_route
- server.xml concat rewrite - it's going to change due to this, service will be restarted unless manage_service is set to false
- tomcat::resource added max_wait
- added tomcat::realm::jndi
- added tomcat::catalinapolicy
- added tomcat::login
- added tomcat::context for server.xml context definition
- tomcat::context renamed to tomcat::contextxml:
- INCOMPABLE CHANGE variable rename:
- watchedResource to watched_resource
- antiJARLocking to anti_jar_locking, changed default value from false to undef
- sessionCookiePath to session_cookie_path
- antiResourceLocking to anti_resource_locking, changed default value from false to undef
- INCOMPABLE CHANGE variable rename:
- addded tomcat::loggingproperties (from source file)
- modified startup, shutdown and configtest scripts to be able to work in a CATALINA_HOME==CATALINA_BASE environments
- tomcat configtest WARNING init script it's going to change, service will be reloaded unless manage_service is set to false
- added the following tomcat::instance options WARNING server.xml
- connector_http_max_header_size
- connector_http_max_threads
- connector_http_min_spare_threads
- connector_http_max_spare_threads
- connector_http_enable_lookups
- connector_http_accept_count
- WARNING renamed connectionTimeout to connector_http_connection_timeout
- connector_http_disable_upload_timeout
- connector_http_uri_encoding
- xml_validation
- xml_namespace_aware
- bugfix: added notification on systemd changes
- bugfix: avoid service notifications if manage_service=false
- bugfix: honor userdatabase setting
- added path and session_cookie_name to tomcat::context
- added configurable HTTP Server header (connector_http_server) to tomcat::instance
- Added tomcat::agent
- SERVICE RESTART REQUIRED (unless manage_service=false) - added headpdump and treadump functions to init script:
Info: Computing checksum on file /etc/init.d/tomcat-8081
Info: /Stage[main]/Main/Node[ldapm]/Tomcat::Instance[tomcat-8081]/File[/etc/init.d/tomcat-8081]: Filebucketed /etc/init.d/tomcat-8081 to puppet with sum b06f4ada432b23db81a6c8d33a311e78
Notice: /Stage[main]/Main/Node[ldapm]/Tomcat::Instance[tomcat-8081]/File[/etc/init.d/tomcat-8081]/content: content changed '{md5}b06f4ada432b23db81a6c8d33a311e78' to '{md5}ecb7c3003a37ac6bc8f3940adc1cc717'
Info: /Stage[main]/Main/Node[ldapm]/Tomcat::Instance[tomcat-8081]/File[/etc/init.d/tomcat-8081]: Scheduling refresh of Service[tomcat-8081]
Notice: /Stage[main]/Main/Node[ldapm]/Tomcat::Instance[tomcat-8081]/Service[tomcat-8081]: Triggered 'refresh' from 1 events
- INCOMPATIBLE CHANGE: variable rename:
- LockOutRealm to lockoutrealm
- UserDatabase to userdatabase