为 Azure 应用服务配置 Java 应用Configure a Java app for Azure App Service

Azure 应用服务可让 Java 开发人员在完全托管服务中快速生成、部署和缩放其 Java SE、Tomcat 和 JBoss EAP Web 应用程序。Azure App Service lets Java developers to quickly build, deploy, and scale their Java SE, Tomcat, and JBoss EAP web applications on a fully managed service. 可以在命令行或者 IntelliJ、Eclipse 或 Visual Studio Code 等编辑器中使用 Maven 插件部署应用程序。Deploy applications with Maven plugins, from the command line, or in editors like IntelliJ, Eclipse, or Visual Studio Code.

本指南为使用应用服务的 Java 开发人员提供了重要概念和说明。This guide provides key concepts and instructions for Java developers using App Service. 如果你从未用过 Azure 应用服务,首先应该通读 Java 快速入门If you've never used Azure App Service, you should read through the Java quickstart first. 应用服务常见问题解答中解答了有关使用应用服务且非特定于 Java 开发的一般问题。General questions about using App Service that aren't specific to Java development are answered in the App Service FAQ.

部署应用Deploying your app

可以使用适用于 Maven 的 Azure Web 应用插件来部署 .war 或 .jar 文件。You can use Azure Web App Plugin for Maven to deploy your .war or .jar files. Azure Toolkit for IntelliJAzure Toolkit for Eclipse 还支持通过流行的 IDE 进行部署。Deployment with popular IDEs is also supported with the Azure Toolkit for IntelliJ or Azure Toolkit for Eclipse.

否则,则部署方法将取决于存档类型:Otherwise, your deployment method will depend on your archive type:

Java SEJava SE

若要将 .jar 文件部署到 Java SE,请使用 Kudu 站点的 /api/zipdeploy/ 终结点。To deploy .jar files to Java SE, use the /api/zipdeploy/ endpoint of the Kudu site. 有关此 API 的详细信息,请参阅此文档For more information on this API, please see this documentation.

TomcatTomcat

若要将 .war 文件部署到 Tomcat,请使用 /api/wardeploy/ 终结点对存档文件执行 POST 操作。To deploy .war files to Tomcat, use the /api/wardeploy/ endpoint to POST your archive file. 有关此 API 的详细信息,请参阅此文档For more information on this API, please see this documentation.

JBoss EAPJBoss EAP

若要将 .war 文件部署到 JBoss,请使用 /api/wardeploy/ 终结点对存档文件执行 POST 操作。To deploy .war files to JBoss, use the /api/wardeploy/ endpoint to POST your archive file. 有关此 API 的详细信息,请参阅此文档For more information on this API, please see this documentation.

若要部署 .ear 文件,请使用 FTPTo deploy .ear files, use FTP.

不要使用 FTP 来部署 .war 或 .jar。Do not deploy your .war or .jar using FTP. FTP 工具设计用来上传启动脚本、依赖项或其他运行时文件。The FTP tool is designed to upload startup scripts, dependencies, or other runtime files. 它不是用于部署 Web 应用的最佳选项。It is not the optimal choice for deploying web apps.

日志记录和调试应用Logging and debugging apps

可以通过 Azure 门户对每个应用使用性能报告、流量可视化和运行状况检查。Performance reports, traffic visualizations, and health checkups are available for each app through the Azure portal.

网络流量记录器Flight Recorder

应用服务上使用 Azul JVM 的所有 Java 运行时均附带 Zulu 网络流量记录器。All Java runtimes on App Service using the Azul JVMs come with the Zulu Flight Recorder. 可以使用它来记录 JVM、系统和应用程序事件,并对 Java 应用程序中的问题进行故障排除。You can use this to record JVM, system, and application events and troubleshoot problems in your Java applications.

计时记录Timed Recording

若要进行定时记录,需要 Java 应用程序的 PID(进程 ID)。To take a timed recording you will need the PID (Process ID) of the Java application. 若要查找 PID,请打开浏览器,导航到 Web 应用的 SCM 站点 https://.scm.chinacloudsites.cn/ProcessExplorer/。To find the PID, open a browser to your web app's SCM site at https://.scm.chinacloudsites.cn/ProcessExplorer/. 此页面显示 Web 应用中正在运行的进程。This page shows the running processes in your web app. 在表中找到名为“java”的进程,并复制相应的 PID(进程 ID)。Find the process named "java" in the table and copy the corresponding PID (Process ID).

接下来,打开 SCM 站点顶部工具栏中的“调试控制台”,运行以下命令。Next, open the Debug Console in the top toolbar of the SCM site and run the following command. <pid> 替换为此前复制的进程 ID。Replace <pid> with the process ID you copied earlier. 此命令会启动对 Java 应用程序的 30 秒探查器记录,并在 D:\home 目录中生成名为 timed_recording_example.jfr 的文件。This command will start a 30 second profiler recording of your Java application and generate a file named timed_recording_example.jfr in the D:\home directory.

jcmd <pid> JFR.start name=TimedRecording settings=profile duration=30s filename="D:\home\timed_recording_example.JFR"

使用 SSH 进入应用服务,运行 jcmd 命令以查看所有正在运行的 Java 进程的列表。SSH into your App Service and run the jcmd command to see a list of all the Java processes running. 除了 jcmd 本身,你还会看到正在运行的 Java 应用程序以及进程 ID 号 (PID)。In addition to jcmd itself, you should see your Java application running with a process ID number (pid).

078990bbcd11:/home# jcmd
Picked up JAVA_TOOL_OPTIONS: -Djava.net.preferIPv4Stack=true
147 sun.tools.jcmd.JCmd
116 /home/site/wwwroot/app.jar

执行以下命令以启动对 JVM 的 30 秒记录。Execute the command below to start a 30-second recording of the JVM. 此操作将分析 JVM 并创建一个名为“jfr_example.jfr”的 JFR 文件。This will profile the JVM and create a JFR file named jfr_example.jfr in the home directory. (将 116 替换为 Java 应用的 PID。)(Replace 116 with the pid of your Java app.)

jcmd 116 JFR.start name=MyRecording settings=profile duration=30s filename="/home/jfr_example.jfr"

在 30 秒的间隔内,你可以通过运行 jcmd 116 JFR.check 来验证记录是否正在进行。During the 30 second interval, you can validate the recording is taking place by running jcmd 116 JFR.check. 这会显示给定 Java 进程的所有记录。This will show all recordings for the given Java process.

连续记录Continuous Recording

你可以使用 Zulu 网络流量记录器在对运行时的性能影响最小的情况下连续分析 Java 应用程序()。You can use Zulu Flight Recorder to continuously profile your Java application with minimal impact on runtime performance (source). 为此,请运行以下 Azure CLI 命令,通过必要的配置创建名为 JAVA_OPTS 的应用设置。To do so, run the following Azure CLI command to create an App Setting named JAVA_OPTS with the necessary configuration. 应用启动后,JAVA_OPTS 应用设置的内容会被传递到 java 命令。The contents of the JAVA_OPTS App Setting are passed to the java command when your app is started.

az webapp config appsettings set -g <your_resource_group> -n <your_app_name> --settings JAVA_OPTS=-XX:StartFlightRecording=disk=true,name=continuous_recording,dumponexit=true,maxsize=1024m,maxage=1d

开始记录后,你可以使用 JFR.dump 命令随时转储当前的记录数据。Once the recording has started, you can dump the current recording data at any time using the JFR.dump command.

jcmd <pid> JFR.dump name=continuous_recording filename="/home/recording1.jfr"

分析 .jfr 文件Analyze .jfr files

使用 FTPS 将 JFR 文件下载到本地计算机。Use FTPS to download your JFR file to your local machine. 如果要分析 JFR 文件,请下载并安装 Zulu Mission ControlTo analyze the JFR file, download and install Zulu Mission Control. 有关 Zulu Mission Control 的说明,请参阅 Azul 文档安装说明For instructions on Zulu Mission Control, see the Azul documentation and the installation instructions.

应用日志记录App logging

通过 Azure 门户或 Azure CLI 启用应用程序日志记录,以将应用服务配置为向本地文件系统或 Azure Blob 存储写入应用程序的标准控制台输出和标准控制台错误流。Enable application logging through the Azure portal or Azure CLI to configure App Service to write your application's standard console output and standard console error streams to the local filesystem or Azure Blob Storage. 在完成配置并经过 12 个小时后,将禁用记录到应用服务本地文件系统实例。Logging to the local App Service filesystem instance is disabled 12 hours after it is configured. 如果需要保留日志更长时间,请将应用程序配置为向 Blob 存储容器写入输出。If you need longer retention, configure the application to write output to a Blob storage container. Java 和 Tomcat 应用日志位于 /home/LogFiles/Application/ 目录中。Your Java and Tomcat app logs can be found in the /home/LogFiles/Application/ directory.

通过 Azure 门户或 Azure CLI 启用应用程序日志记录,以将应用服务配置为向本地文件系统或 Azure Blob 存储写入应用程序的标准控制台输出和标准控制台错误流。Enable application logging through the Azure portal or Azure CLI to configure App Service to write your application's standard console output and standard console error streams to the local filesystem or Azure Blob Storage. 如果需要保留日志更长时间,请将应用程序配置为向 Blob 存储容器写入输出。If you need longer retention, configure the application to write output to a Blob storage container. Java 和 Tomcat 应用日志位于 /home/LogFiles/Application/ 目录中。Your Java and Tomcat app logs can be found in the /home/LogFiles/Application/ directory.

只能使用 Azure Monitor(预览版)配置适用于基于 Linux 的应用服务的 Azure Blob 存储日志记录功能Azure Blob Storage logging for Linux based App Services can only be configured using Azure Monitor (preview)

如果应用程序使用 LogbackLog4j 进行跟踪,则你可以遵照在 Application Insights 中浏览 Java 跟踪日志中的日志记录框架配置说明,将这些用于审查的跟踪写入到 Azure Application Insights。If your application uses Logback or Log4j for tracing, you can forward these traces for review into Azure Application Insights using the logging framework configuration instructions in Explore Java trace logs in Application Insights.

自定义和优化Customization and tuning

适用于 Linux 的 Azure 应用服务原生支持通过 Azure 门户和 CLI 进行优化和自定义。Azure App Service for Linux supports out of the box tuning and customization through the Azure portal and CLI. 请查看以下文章,了解非特定于 Java 的 Web 应用配置:Review the following articles for non-Java-specific web app configuration:

设置 Java 运行时选项Set Java runtime options

若要设置分配的内存或其他 JVM 运行时选项,请使用这些选项创建名为 JAVA_OPTS应用设置To set allocated memory or other JVM runtime options, create an app setting named JAVA_OPTS with the options. 应用服务在启动时,会将此设置作为环境变量传递给 Java 运行时。App Service passes this setting as an environment variable to the Java runtime when it starts.

在 Azure 门户中 Web 应用的“应用程序设置”下,创建名为 JAVA_OPTS 且包含其他设置的新应用设置,例如 -Xms512m -Xmx1204mIn the Azure portal, under Application Settings for the web app, create a new app setting named JAVA_OPTS that includes the additional settings, such as -Xms512m -Xmx1204m.

若要通过 Maven 插件配置应用设置,请在 Azure 插件部分中添加设置/值标记。To configure the app setting from the Maven plugin, add setting/value tags in the Azure plugin section. 以下示例设置特定的最小和最大 Java 堆大小:The following example sets a specific minimum and maximum Java heap size:

<appSettings>
    <property>
        <name>JAVA_OPTS</name>
        <value>-Xms512m -Xmx1204m</value>
    </property>
</appSettings>

在应用服务计划中运行包含一个部署槽位的单个应用程序的开发人员可以使用以下选项:Developers running a single application with one deployment slot in their App Service plan can use the following options:

  • B1 和 S1 实例:-Xms1024m -Xmx1024mB1 and S1 instances: -Xms1024m -Xmx1024m
  • B2 和 S2 实例:-Xms3072m -Xmx3072mB2 and S2 instances: -Xms3072m -Xmx3072m
  • B3 和 S3 实例:-Xms6144m -Xmx6144mB3 and S3 instances: -Xms6144m -Xmx6144m

优化应用程序堆设置时,请查看应用服务计划详细信息,并考虑多个应用程序和部署槽位方面的需求,以得出最佳内存分配。When tuning application heap settings, review your App Service plan details and take into account multiple applications and deployment slot needs to find the optimal allocation of memory.

启用 Web 套接字Turn on web sockets

在 Azure 门户中应用程序的“应用程序设置”中启用 Web 套接字支持。Turn on support for web sockets in the Azure portal in the Application settings for the application. 需要重启应用程序才能使设置生效。You'll need to restart the application for the setting to take effect.

在 Azure CLI 中使用以下命令启用 Web 套接字支持:Turn on web socket support using the Azure CLI with the following command:

az webapp config set --name <app-name> --resource-group <resource-group-name> --web-sockets-enabled true

然后重启应用程序:Then restart your application:

az webapp stop --name <app-name> --resource-group <resource-group-name>
az webapp start --name <app-name> --resource-group <resource-group-name>

设置默认的字符编码Set default character encoding

在 Azure 门户中 Web 应用的“应用程序设置”下,创建名为 JAVA_OPTS 且包含值 -Dfile.encoding=UTF-8 的新应用设置。In the Azure portal, under Application Settings for the web app, create a new app setting named JAVA_OPTS with value -Dfile.encoding=UTF-8.

或者,可以使用应用服务 Maven 插件配置应用设置。Alternatively, you can configure the app setting using the App Service Maven plugin. 在插件配置中添加设置名称和值标记:Add the setting name and value tags in the plugin configuration:

<appSettings>
    <property>
        <name>JAVA_OPTS</name>
        <value>-Dfile.encoding=UTF-8</value>
    </property>
</appSettings>

预编译 JSP 文件Pre-Compile JSP files

要提高 Tomcat 应用程序的性能,可以先编译 JSP 文件,再部署到应用服务。To improve performance of Tomcat applications, you can compile your JSP files before deploying to App Service. 你可以使用由 Apache Sling 提供的 Maven 插件,也可以使用此 Ant 生成文件You can use the Maven plugin provided by Apache Sling, or using this Ant build file.

安全应用程序Secure applications

对用户进行身份验证(简易身份验证)Authenticate users (Easy Auth)

在 Azure 门户中使用“身份验证和授权”选项设置应用身份验证。Set up app authentication in the Azure portal with the Authentication and Authorization option. 在此处,可以使用 Azure Active Directory 或社交登录名(例如 GitHub)启用身份验证。From there, you can enable authentication using Azure Active Directory or social logins like GitHub. 仅当配置单个身份验证提供程序时,Azure 门户配置才起作用。Azure portal configuration only works when configuring a single authentication provider. 有关详细信息,请参阅将应用服务应用配置为使用 Azure Active Directory 登录,以及其他标识提供者的相关文章。For more information, see Configure your App Service app to use Azure Active Directory login and the related articles for other identity providers. 如果需要启用多个登录提供程序,请遵照自定义应用服务身份验证一文中的说明。If you need to enable multiple sign-in providers, follow the instructions in the customize App Service authentication article.

Java SEJava SE

Spring Boot 开发人员可以使用 Azure Active Directory Spring Boot Starter 通过熟悉的 Spring Security 注释和 API 来保护应用程序。Spring Boot developers can use the Azure Active Directory Spring Boot starter to secure applications using familiar Spring Security annotations and APIs. 务必增加 application.properties 文件中的最大标头大小。Be sure to increase the maximum header size in your application.properties file. 我们建议值为 16384We suggest a value of 16384.

TomcatTomcat

Tomcat 应用程序可通过将 Principal 对象强制转换为 Map 对象这种方式,直接从 Servlet 访问用户的声明。Your Tomcat application can access the user's claims directly from the servlet by casting the Principal object to a Map object. Map 对象会将每个声明类型映射到该类型的声明集合。The Map object will map each claim type to a collection of the claims for that type. 在下面的代码中,requestHttpServletRequest 的实例。In the code below, request is an instance of HttpServletRequest.

Map<String, Collection<String>> map = (Map<String, Collection<String>>) request.getUserPrincipal();

现在,你可以检查 Map 对象是否有任何特定的声明。Now you can inspect the Map object for any specific claim. 例如,以下代码片段循环访问所有声明类型,并输出各集合的内容。For example, the following code snippet iterates through all the claim types and prints the contents of each collection.

for (Object key : map.keySet()) {
        Object value = map.get(key);
        if (value != null && value instanceof Collection {
            Collection claims = (Collection) value;
            for (Object claim : claims) {
                System.out.println(claims);
            }
        }
    }

若要注销用户,请使用 /.auth/ext/logout 路径。To sign users out, use the /.auth/ext/logout path. 若要执行其他操作,请参阅介绍应用服务身份验证和授权的用法的文档。To perform other actions, please see the documentation on App Service Authentication and Authorization usage. 还可以阅读关于 Tomcat HttpServletRequest 接口及其方法的官方文档。There is also official documentation on the Tomcat HttpServletRequest interface and its methods. 以下 Servlet 方法是基于你的应用服务配置解除冻结的:The following servlet methods are also hydrated based on your App Service configuration:

public boolean isSecure()
public String getRemoteAddr()
public String getRemoteHost()
public String getScheme()
public int getServerPort()

要禁用此功能,请创建一个名为 WEBSITE_AUTH_SKIP_PRINCIPAL 的应用程序设置,其值为 1To disable this feature, create an Application Setting named WEBSITE_AUTH_SKIP_PRINCIPAL with a value of 1. 若要禁用应用服务添加的所有 servlet 筛选器,请创建名为 WEBSITE_SKIP_FILTERS、值为 1 的设置。To disable all servlet filters added by App Service, create a setting named WEBSITE_SKIP_FILTERS with a value of 1.

配置 TLS/SSLConfigure TLS/SSL

按照在 Azure 应用服务中使用 SSL 绑定保护自定义 DNS 名称中的说明上传现有的 SSL 证书,并将其绑定到应用程序的域名。Follow the instructions in the Secure a custom DNS name with an SSL binding in Azure App Service to upload an existing SSL certificate and bind it to your application's domain name. 默认情况下,应用程序仍允许 HTTP 连接 - 请遵循教程中的具体步骤来强制实施 SSL 和 TLS。By default your application will still allow HTTP connections-follow the specific steps in the tutorial to enforce SSL and TLS.

使用 Key Vault 引用Use KeyVault References

Azure Key Vault 通过访问策略和审核历史记录提供集中式机密管理。Azure KeyVault provides centralized secret management with access policies and audit history. 你可以在 Key Vault 中存储机密(例如密码或连接字符串),并通过环境变量在应用程序中访问这些机密。You can store secrets (such as passwords or connection strings) in KeyVault and access these secrets in your application through environment variables.

首先,请按照说明执行以下操作:授予应用对 Key Vault 的访问权限以及在应用程序设置中创建对机密的 Key Vault 引用First, follow the instructions for granting your app access to Key Vault and making a KeyVault reference to your secret in an Application Setting. 你可以验证在远程访问应用服务终端时,该引用是否通过输出环境变量解析为机密。You can validate that the reference resolves to the secret by printing the environment variable while remotely accessing the App Service terminal.

若要在 Spring 或 Tomcat 配置文件中注入这些机密,请使用环境变量注入语法(即 ${MY_ENV_VAR})。To inject these secrets in your Spring or Tomcat configuration file, use environment variable injection syntax (${MY_ENV_VAR}). 请参阅有关外化配置的文档,了解 Spring 配置文件。For Spring configuration files, please see this documentation on externalized configurations.

使用 Java 密钥存储Use the Java Key Store

在容器启动时,系统会默认将上传到应用服务 Linux 的公用或专用证书都加载到各自的 Java 密钥存储中。By default, any public or private certificates uploaded to App Service Linux will be loaded into the respective Java Key Stores as the container starts. 上传证书后,你需要重启应用服务,以便将它加载到 Java 密钥存储中。After uploading your certificate, you will need to restart your App Service for it to be loaded into the Java Key Store. 系统会将公用证书加载到位于 $JAVA_HOME/jre/lib/security/cacerts 的密钥存储中,将专用证书存储到 $JAVA_HOME/lib/security/client.jks 中。Public certificates are loaded into the Key Store at $JAVA_HOME/jre/lib/security/cacerts, and private certificates are stored in $JAVA_HOME/lib/security/client.jks.

如果要在 Java 密钥存储中使用证书加密 JDBC 连接,可能需要其他配置。Additional configuration may be necessary for encrypting your JDBC connection with certificates in the Java Key Store. 请参阅适用于你所选的 JDBC 驱动程序的文档。Please refer to the documentation for your chosen JDBC driver.

初始化 Java 密钥存储Initialize the Java Key Store

要初始化 import java.security.KeyStore 对象,请使用密码加载密钥存储文件。To initialize the import java.security.KeyStore object, load the keystore file with the password. 两个密钥存储的默认密码均为“changeit”。The default password for both key stores is "changeit".

KeyStore keyStore = KeyStore.getInstance("jks");
keyStore.load(
    new FileInputStream(System.getenv("JAVA_HOME")+"/lib/security/cacets"),
    "changeit".toCharArray());

KeyStore keyStore = KeyStore.getInstance("pkcs12");
keyStore.load(
    new FileInputStream(System.getenv("JAVA_HOME")+"/lib/security/client.jks"),
    "changeit".toCharArray());

手动加载密钥存储Manually load the key store

可以手动向密钥存储加载证书。You can load certificates manually to the key store. 创建应用设置 SKIP_JAVA_KEYSTORE_LOAD,将其值设置为 1,以禁止应用服务自动将证书加载到密钥存储。Create an app setting, SKIP_JAVA_KEYSTORE_LOAD, with a value of 1 to disable App Service from loading the certificates into the key store automatically. 所有通过 Azure 门户上传到应用服务的公用证书都存储在 /var/ssl/certs/ 下。All public certificates uploaded to App Service via the Azure portal are stored under /var/ssl/certs/. 专用证书则存储在 /var/ssl/private/ 下。Private certificates are stored under /var/ssl/private/.

打开与应用服务的 SSH 连接并运行命令 keytool,即可与 Java 密钥工具进行交互或对它进行调试。You can interact or debug the Java Key Tool by opening an SSH connection to your App Service and running the command keytool. 请参阅密钥工具文档,获取命令列表。See the Key Tool documentation for a list of commands. 有关密钥存储 API 的详细信息,请参阅官方文档For more information on the KeyStore API, please refer to the official documentation.

配置 APM 平台Configure APM platforms

本部分介绍如何使用 NewRelic 和 AppDynamics 应用程序性能监视 (APM) 平台连接在 Linux 上的 Azure 应用服务上部署的 Java 应用程序。This section shows how to connect Java applications deployed on Azure App Service on Linux with the NewRelic and AppDynamics application performance monitoring (APM) platforms.

配置 NewRelicConfigure New Relic

  1. NewRelic.com 上创建一个 NewRelic 帐户Create a NewRelic account at NewRelic.com

  2. 从 NewRelic 下载 Java 代理,该代理的文件名类似于 newrelic-java-x.x.x.zip。Download the Java agent from NewRelic, it will have a file name similar to newrelic-java-x.x.x.zip.

  3. 复制你的许可证密钥,稍后需要使用它来配置代理。Copy your license key, you'll need it to configure the agent later.

  4. 通过 SSH 登录到应用服务实例,并创建新目录 /home/site/wwwroot/apm。SSH into your App Service instance and create a new directory /home/site/wwwroot/apm.

  5. 将解压缩的 NewRelic Java 代理文件上传到 /home/site/wwwroot/apm 下的一个目录中。Upload the unpacked NewRelic Java agent files into a directory under /home/site/wwwroot/apm. 代理的文件应位于 /home/site/wwwroot/apm/newrelic 中。The files for your agent should be in /home/site/wwwroot/apm/newrelic.

  6. 修改位于 /home/site/wwwroot/apm/newrelic/newrelic.yml 处的 YAML 文件,并将占位符许可证值替换为你自己的许可证密钥。Modify the YAML file at /home/site/wwwroot/apm/newrelic/newrelic.yml and replace the placeholder license value with your own license key.

  7. 在 Azure 门户中,浏览到你在应用服务中的应用程序并创建一个新的应用程序设置。In the Azure portal, browse to your application in App Service and create a new Application Setting.

    • 对于 Java SE 应用,请创建一个名为 JAVA_OPTS 且值为 -javaagent:/home/site/wwwroot/apm/newrelic/newrelic.jar 的环境变量。For Java SE apps, create an environment variable named JAVA_OPTS with the value -javaagent:/home/site/wwwroot/apm/newrelic/newrelic.jar.
    • 对于 Tomcat,请创建一个名为 CATALINA_OPTS 且值为 -javaagent:/home/site/wwwroot/apm/newrelic/newrelic.jar 的环境变量。For Tomcat, create an environment variable named CATALINA_OPTS with the value -javaagent:/home/site/wwwroot/apm/newrelic/newrelic.jar.
  1. NewRelic.com 上创建一个 NewRelic 帐户Create a NewRelic account at NewRelic.com

  2. 从 NewRelic 下载 Java 代理,该代理的文件名类似于 newrelic-java-x.x.x.zip。Download the Java agent from NewRelic, it will have a file name similar to newrelic-java-x.x.x.zip.

  3. 复制你的许可证密钥,稍后需要使用它来配置代理。Copy your license key, you'll need it to configure the agent later.

  4. 通过 SSH 登录到应用服务实例,并创建新目录 /home/site/wwwroot/apm。SSH into your App Service instance and create a new directory /home/site/wwwroot/apm.

  5. 将解压缩的 NewRelic Java 代理文件上传到 /home/site/wwwroot/apm 下的一个目录中。Upload the unpacked NewRelic Java agent files into a directory under /home/site/wwwroot/apm. 代理的文件应位于 /home/site/wwwroot/apm/newrelic 中。The files for your agent should be in /home/site/wwwroot/apm/newrelic.

  6. 修改位于 /home/site/wwwroot/apm/newrelic/newrelic.yml 处的 YAML 文件,并将占位符许可证值替换为你自己的许可证密钥。Modify the YAML file at /home/site/wwwroot/apm/newrelic/newrelic.yml and replace the placeholder license value with your own license key.

  7. 在 Azure 门户中,浏览到你在应用服务中的应用程序并创建一个新的应用程序设置。In the Azure portal, browse to your application in App Service and create a new Application Setting.

    • 对于 Java SE 应用,请创建一个名为 JAVA_OPTS 且值为 -javaagent:/home/site/wwwroot/apm/newrelic/newrelic.jar 的环境变量。For Java SE apps, create an environment variable named JAVA_OPTS with the value -javaagent:/home/site/wwwroot/apm/newrelic/newrelic.jar.
    • 对于 Tomcat,请创建一个名为 CATALINA_OPTS 且值为 -javaagent:/home/site/wwwroot/apm/newrelic/newrelic.jar 的环境变量。For Tomcat, create an environment variable named CATALINA_OPTS with the value -javaagent:/home/site/wwwroot/apm/newrelic/newrelic.jar.

如果你已有 JAVA_OPTSCATALINA_OPTS 的环境变量,请将 -javaagent:/... 选项追加到当前值的末尾。If you already have an environment variable for JAVA_OPTS or CATALINA_OPTS, append the -javaagent:/... option to the end of the current value.

配置 AppDynamicsConfigure AppDynamics

  1. AppDynamics.com 上创建一个 AppDynamics 帐户Create an AppDynamics account at AppDynamics.com

  2. 从 AppDynamics 网站下载 Java 代理,文件名将类似于 AppServerAgent-x.x.x.xxxxx.zipDownload the Java agent from the AppDynamics website, the file name will be similar to AppServerAgent-x.x.x.xxxxx.zip

  3. 使用 Kudu 控制台创建新目录 /home/site/wwwroot/apmUse the Kudu console to create a new directory /home/site/wwwroot/apm.

  4. 将 Java 代理文件上传到 /home/site/wwwroot/apm 下的一个目录中。Upload the Java agent files into a directory under /home/site/wwwroot/apm. 代理的文件应位于 /home/site/wwwroot/apm/appdynamics 中。The files for your agent should be in /home/site/wwwroot/apm/appdynamics.

  5. 在 Azure 门户中,浏览到你在应用服务中的应用程序并创建一个新的应用程序设置。In the Azure portal, browse to your application in App Service and create a new Application Setting.

    • 对于 Java SE 应用,请创建一个名为 JAVA_OPTS 且值为 -javaagent:/home/site/wwwroot/apm/appdynamics/javaagent.jar -Dappdynamics.agent.applicationName=<app-name> 的环境变量,其中,<app-name> 是你的应用服务名称。For Java SE apps, create an environment variable named JAVA_OPTS with the value -javaagent:/home/site/wwwroot/apm/appdynamics/javaagent.jar -Dappdynamics.agent.applicationName=<app-name> where <app-name> is your App Service name.
    • 对于 Tomcat 应用,请创建一个名为 CATALINA_OPTS 且值为 -javaagent:/home/site/wwwroot/apm/appdynamics/javaagent.jar -Dappdynamics.agent.applicationName=<app-name> 的环境变量,其中,<app-name> 是你的应用服务名称。For Tomcat apps, create an environment variable named CATALINA_OPTS with the value -javaagent:/home/site/wwwroot/apm/appdynamics/javaagent.jar -Dappdynamics.agent.applicationName=<app-name> where <app-name> is your App Service name.
  1. AppDynamics.com 上创建一个 AppDynamics 帐户Create an AppDynamics account at AppDynamics.com

  2. 从 AppDynamics 网站下载 Java 代理,文件名将类似于 AppServerAgent-x.x.x.xxxxx.zipDownload the Java agent from the AppDynamics website, the file name will be similar to AppServerAgent-x.x.x.xxxxx.zip

  3. 通过 SSH 登录到应用服务实例,并创建新目录 /home/site/wwwroot/apm。SSH into your App Service instance and create a new directory /home/site/wwwroot/apm.

  4. 将 Java 代理文件上传到 /home/site/wwwroot/apm 下的一个目录中。Upload the Java agent files into a directory under /home/site/wwwroot/apm. 代理的文件应位于 /home/site/wwwroot/apm/appdynamics 中。The files for your agent should be in /home/site/wwwroot/apm/appdynamics.

  5. 在 Azure 门户中,浏览到你在应用服务中的应用程序并创建一个新的应用程序设置。In the Azure portal, browse to your application in App Service and create a new Application Setting.

    • 对于 Java SE 应用,请创建一个名为 JAVA_OPTS 且值为 -javaagent:/home/site/wwwroot/apm/appdynamics/javaagent.jar -Dappdynamics.agent.applicationName=<app-name> 的环境变量,其中,<app-name> 是你的应用服务名称。For Java SE apps, create an environment variable named JAVA_OPTS with the value -javaagent:/home/site/wwwroot/apm/appdynamics/javaagent.jar -Dappdynamics.agent.applicationName=<app-name> where <app-name> is your App Service name.
    • 对于 Tomcat 应用,请创建一个名为 CATALINA_OPTS 且值为 -javaagent:/home/site/wwwroot/apm/appdynamics/javaagent.jar -Dappdynamics.agent.applicationName=<app-name> 的环境变量,其中,<app-name> 是你的应用服务名称。For Tomcat apps, create an environment variable named CATALINA_OPTS with the value -javaagent:/home/site/wwwroot/apm/appdynamics/javaagent.jar -Dappdynamics.agent.applicationName=<app-name> where <app-name> is your App Service name.

备注

如果你已有 JAVA_OPTSCATALINA_OPTS 的环境变量,请将 -javaagent:/... 选项追加到当前值的末尾。If you already have an environment variable for JAVA_OPTS or CATALINA_OPTS, append the -javaagent:/... option to the end of the current value.

配置数据源Configure data sources

Java SEJava SE

若要连接 Spring Boot 中的数据源,我们建议创建连接字符串并将它们注入 application.properties 文件中。To connect to data sources in Spring Boot applications, we suggest creating connection strings and injecting them into your application.properties file.

  1. 在应用服务页面的“配置”部分,为字符串设置一个名称,将 JDBC 连接字符串粘贴到值字段中,然后将类型设置为“自定义”。In the "Configuration" section of the App Service page, set a name for the string, paste your JDBC connection string into the value field, and set the type to "Custom". 你可以选择将此连接字符串设置为槽设置。You can optionally set this connection string as slot setting.

    此连接字符串可作为名为 CUSTOMCONNSTR_<your-string-name> 的环境变量供应用程序访问。This connection string is accessible to our application as an environment variable named CUSTOMCONNSTR_<your-string-name>. 例如,我们在上面创建的连接字符串将被命名为 CUSTOMCONNSTR_exampledbFor example, the connection string we created above will be named CUSTOMCONNSTR_exampledb.

  2. 在 application.properties 文件中,通过环境变量名称引用此连接字符串。In your application.properties file, reference this connection string with the environment variable name. 在我们的示例中,我们将使用以下代码。For our example, we would use the following.

    app.datasource.url=${CUSTOMCONNSTR_exampledb}
    

请查看有关数据访问的 Spring Boot 文档外化配置,详细了解此主题。Please see the Spring Boot documentation on data access and externalized configurations for more information on this topic.

TomcatTomcat

这些说明适用于所有数据库连接。These instructions apply to all database connections. 你需要使用你选择的数据库的驱动程序类名称和 JAR 文件来填充占位符。You will need to fill placeholders with your chosen database's driver class name and JAR file. 下面提供了一个表,其中包含了常见数据库的类名称和驱动程序下载。Provided is a table with class names and driver downloads for common databases.

数据库Database 驱动程序类名称Driver Class Name JDBC 驱动程序JDBC Driver
PostgreSQLPostgreSQL org.postgresql.Driver 下载Download
MySQLMySQL com.mysql.jdbc.Driver 下载(选择“独立于平台”)Download (Select "Platform Independent")
SQL ServerSQL Server com.microsoft.sqlserver.jdbc.SQLServerDriver 下载Download

若要将 Tomcat 配置为使用 Java Database Connectivity (JDBC) 或 Java 持久性 API (JPA),请先自定义在启动时由 Tomcat 读取的 CATALINA_OPTS 环境变量。To configure Tomcat to use Java Database Connectivity (JDBC) or the Java Persistence API (JPA), first customize the CATALINA_OPTS environment variable that is read in by Tomcat at start-up. 应用服务 Maven 插件中通过某个应用设置来设置这些值:Set these values through an app setting in the App Service Maven plugin:

<appSettings>
    <property>
        <name>CATALINA_OPTS</name>
        <value>"$CATALINA_OPTS -Ddbuser=${DBUSER} -Ddbpassword=${DBPASSWORD} -DconnURL=${CONNURL}"</value>
    </property>
</appSettings>

或者在 Azure 门户的“配置” > “应用程序设置”页中设置环境变量 。Or set the environment variables in the Configuration > Application Settings page in the Azure portal.

接下来,确定数据源应当供一个应用程序使用,还是供在 Tomcat servlet 上运行的所有应用程序使用。Next, determine if the data source should be available to one application or to all applications running on the Tomcat servlet.

应用程序级的数据源Application-level data sources

  1. 在项目的 META-INF/ 目录中创建一个 META-INF/ 文件 。Create a context.xml file in the META-INF/ directory of your project. 如果没有 META-INF/ 目录,则创建一个。Create the META-INF/ directory if it does not exist.

  2. 在 context.xml 中,添加一个 Context 元素以将数据源链接到 JNDI 地址。In context.xml, add a Context element to link the data source to a JNDI address. driverClassName 占位符替换为上表中你的驱动程序的类名称。Replace the driverClassName placeholder with your driver's class name from the table above.

    <Context>
        <Resource
            name="jdbc/dbconnection"
            type="javax.sql.DataSource"
            url="${dbuser}"
            driverClassName="<insert your driver class name>"
            username="${dbpassword}"
            password="${connURL}"
        />
    </Context>
    
  3. 更新应用程序的 web.xml,以便在应用程序中使用该数据源。Update your application's web.xml to use the data source in your application.

    <resource-env-ref>
        <resource-env-ref-name>jdbc/dbconnection</resource-env-ref-name>
        <resource-env-ref-type>javax.sql.DataSource</resource-env-ref-type>
    </resource-env-ref>
    

完成配置Finalize configuration

最后,将驱动程序 JAR 放在 Tomcat 类路径中并重启应用服务。Finally, we will place the driver JARs in the Tomcat classpath and restart your App Service. 将 JDBC 驱动程序文件放入 /home/tomcat/lib 目录,确保它们可供 Tomcat 类加载器使用。Ensure that the JDBC driver files are available to the Tomcat classloader by placing them in the /home/tomcat/lib directory. (如果此目录尚未存在,请创建它。)若要将这些文件上传到应用服务实例,请执行以下步骤:(Create this directory if it does not already exist.) To upload these files to your App Service instance, perform the following steps:

  1. Azure CLI 中安装 webapp 扩展:In Azure CLI, install the webapp extension:

    az extension add --name webapp
    
  2. 运行以下 CLI 命令,创建从本地系统到应用服务的 SSH 隧道:Run the following CLI command to create an SSH tunnel from your local system to App Service:

    az webapp remote-connection create --resource-group <resource-group-name> --name <app-name> --port <port-on-local-machine>
    
  3. 使用 SFTP 客户端连接到本地隧道端口,并将文件上传到 /home/tomcat/lib 文件夹。Connect to the local tunneling port with your SFTP client and upload the files to the /home/tomcat/lib folder.

另外,也可以使用某个 FTP 客户端上传 JDBC 驱动程序。Alternatively, you can use an FTP client to upload the JDBC driver. 请遵循这些用于获取 FTP 凭据的说明Follow these instructions for getting your FTP credentials.


TomcatTomcat

这些说明适用于所有数据库连接。These instructions apply to all database connections. 你需要使用你选择的数据库的驱动程序类名称和 JAR 文件来填充占位符。You will need to fill placeholders with your chosen database's driver class name and JAR file. 下面提供了一个表,其中包含了常见数据库的类名称和驱动程序下载。Provided is a table with class names and driver downloads for common databases.

数据库Database 驱动程序类名称Driver Class Name JDBC 驱动程序JDBC Driver
PostgreSQLPostgreSQL org.postgresql.Driver 下载Download
MySQLMySQL com.mysql.jdbc.Driver 下载(选择“独立于平台”)Download (Select "Platform Independent")
SQL ServerSQL Server com.microsoft.sqlserver.jdbc.SQLServerDriver 下载Download

若要将 Tomcat 配置为使用 Java Database Connectivity (JDBC) 或 Java 持久性 API (JPA),请先自定义在启动时由 Tomcat 读取的 CATALINA_OPTS 环境变量。To configure Tomcat to use Java Database Connectivity (JDBC) or the Java Persistence API (JPA), first customize the CATALINA_OPTS environment variable that is read in by Tomcat at start-up. 应用服务 Maven 插件中通过某个应用设置来设置这些值:Set these values through an app setting in the App Service Maven plugin:

<appSettings>
    <property>
        <name>CATALINA_OPTS</name>
        <value>"$CATALINA_OPTS -Ddbuser=${DBUSER} -Ddbpassword=${DBPASSWORD} -DconnURL=${CONNURL}"</value>
    </property>
</appSettings>

或者在 Azure 门户的“配置” > “应用程序设置”页中设置环境变量 。Or set the environment variables in the Configuration > Application Settings page in the Azure portal.

接下来,确定数据源应当供一个应用程序使用,还是供在 Tomcat servlet 上运行的所有应用程序使用。Next, determine if the data source should be available to one application or to all applications running on the Tomcat servlet.

应用程序级的数据源Application-level data sources

  1. 在项目的 META-INF/ 目录中创建一个 META-INF/ 文件 。Create a context.xml file in the META-INF/ directory of your project. 如果没有 META-INF/ 目录,则创建一个。Create the META-INF/ directory if it does not exist.

  2. 在 context.xml 中,添加一个 Context 元素以将数据源链接到 JNDI 地址。In context.xml, add a Context element to link the data source to a JNDI address. driverClassName 占位符替换为上表中你的驱动程序的类名称。Replace the driverClassName placeholder with your driver's class name from the table above.

    <Context>
        <Resource
            name="jdbc/dbconnection"
            type="javax.sql.DataSource"
            url="${dbuser}"
            driverClassName="<insert your driver class name>"
            username="${dbpassword}"
            password="${connURL}"
        />
    </Context>
    
  3. 更新应用程序的 web.xml以便在应用程序中使用该数据源。Update your application's web.xml to use the data source in your application.

    <resource-env-ref>
        <resource-env-ref-name>jdbc/dbconnection</resource-env-ref-name>
        <resource-env-ref-type>javax.sql.DataSource</resource-env-ref-type>
    </resource-env-ref>
    

共享的服务器级资源Shared server-level resources

添加共享的服务器级数据源需要编辑 Tomcat 的 server.xml。Adding a shared, server-level data source will require you to edit Tomcat's server.xml. 首先,上传启动脚本,然后在“配置” > “启动命令”中设置该脚本的路径 。First, upload a startup script and set the path to the script in Configuration > Startup Command. 你可以使用 FTP 上传启动脚本。You can upload the startup script using FTP.

启动脚本将进行 xsl 转换,转换为 server.xml 文件,并将所得的 xml 文件输出到 /usr/local/tomcat/conf/server.xmlYour startup script will make an xsl transform to the server.xml file and output the resulting xml file to /usr/local/tomcat/conf/server.xml. 启动脚本应通过 apk 安装 libxslt。The startup script should install libxslt via apk. 你的 xsl 文件和启动脚本均可通过 FTP 上传。Your xsl file and startup script can be uploaded via FTP. 下面是一个示例启动脚本。Below is an example startup script.

# Install libxslt. Also copy the transform file to /home/tomcat/conf/
apk add --update libxslt

# Usage: xsltproc --output output.xml style.xsl input.xml
xsltproc --output /home/tomcat/conf/server.xml /home/tomcat/conf/transform.xsl /usr/local/tomcat/conf/server.xml

下面提供了一个示例 xsl 文件。An example xsl file is provided below. 该文件向 Tomcat server.xml 添加了一个新的连接器节点。The example xsl file adds a new connector node to the Tomcat server.xml.

<xsl:stylesheet version="1.0" xmlns:xsl="http://www.w3.org/1999/XSL/Transform">
  <xsl:output method="xml" indent="yes"/>

  <xsl:template match="@* | node()" name="Copy">
    <xsl:copy>
      <xsl:apply-templates select="@* | node()"/>
    </xsl:copy>
  </xsl:template>

  <xsl:template match="@* | node()" mode="insertConnector">
    <xsl:call-template name="Copy" />
  </xsl:template>

  <xsl:template match="comment()[not(../Connector[@scheme = 'https']) and
                                 contains(., '&lt;Connector') and
                                 (contains(., 'scheme=&quot;https&quot;') or
                                  contains(., &quot;scheme='https'&quot;))]">
    <xsl:value-of select="." disable-output-escaping="yes" />
  </xsl:template>

  <xsl:template match="Service[not(Connector[@scheme = 'https'] or
                                   comment()[contains(., '&lt;Connector') and
                                             (contains(., 'scheme=&quot;https&quot;') or
                                              contains(., &quot;scheme='https'&quot;))]
                                  )]
                      ">
    <xsl:copy>
      <xsl:apply-templates select="@* | node()" mode="insertConnector" />
    </xsl:copy>
  </xsl:template>

  <!-- Add the new connector after the last existing Connnector if there is one -->
  <xsl:template match="Connector[last()]" mode="insertConnector">
    <xsl:call-template name="Copy" />

    <xsl:call-template name="AddConnector" />
  </xsl:template>

  <!-- ... or before the first Engine if there is no existing Connector -->
  <xsl:template match="Engine[1][not(preceding-sibling::Connector)]"
                mode="insertConnector">
    <xsl:call-template name="AddConnector" />

    <xsl:call-template name="Copy" />
  </xsl:template>

  <xsl:template name="AddConnector">
    <!-- Add new line -->
    <xsl:text>&#xa;</xsl:text>
    <!-- This is the new connector -->
    <Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true" 
               maxThreads="150" scheme="https" secure="true" 
               keystroreFile="${{user.home}}/.keystore" keystorePass="changeit"
               clientAuth="false" sslProtocol="TLS" />
  </xsl:template>

</xsl:stylesheet>

完成配置Finalize configuration

最后,将驱动程序 JAR 放置在 Tomcat 类路径中并重启你的应用服务。Finally, place the driver JARs in the Tomcat classpath and restart your App Service.

  1. 将 JDBC 驱动程序文件放入 /home/tomcat/lib 目录,确保它们可供 Tomcat 类加载器使用。Ensure that the JDBC driver files are available to the Tomcat classloader by placing them in the /home/tomcat/lib directory. (如果此目录尚未存在,请创建它。)若要将这些文件上传到应用服务实例,请执行以下步骤:(Create this directory if it does not already exist.) To upload these files to your App Service instance, perform the following steps:

    1. 在 Azure CLI 中,安装 webapp 扩展:In the Azure CLI, install the webapp extension:
    az extension add --name webapp
    
    1. 运行以下 CLI 命令,创建从本地系统到应用服务的 SSH 隧道:Run the following CLI command to create an SSH tunnel from your local system to App Service:
    az webapp remote-connection create --resource-group <resource-group-name> --name <app-name> --port <port-on-local-machine>
    
    1. 使用 SFTP 客户端连接到本地隧道端口,并将文件上传到 /home/tomcat/lib 文件夹。Connect to the local tunneling port with your SFTP client and upload the files to the /home/tomcat/lib folder.

    另外,也可以使用某个 FTP 客户端上传 JDBC 驱动程序。Alternatively, you can use an FTP client to upload the JDBC driver. 请遵循这些用于获取 FTP 凭据的说明Follow these instructions for getting your FTP credentials.

  2. 如果你创建了服务器级数据源,请重启应用服务 Linux 应用程序。If you created a server-level data source, restart the App Service Linux application. Tomcat 会将 CATALINA_BASE 重置为 /home/tomcat,并使用更新后的配置。Tomcat will reset CATALINA_BASE to /home/tomcat and use the updated configuration.

JBoss EAPJBoss EAP

使用 JBoss EAP 注册数据源时,有三个核心步骤:上传 JDBC 驱动程序、添加 JDBC 驱动程序作为模块以及注册此模块。There are three core steps when registering a data source with JBoss EAP: uploading the JDBC driver, adding the JDBC driver as a module, and registering the module. 应用服务是一种无状态托管服务,因此,必须对用于添加和注册数据源模块的配置命令编写脚本并在容器启动时应用该脚本。App Service is a stateless hosting service, so the configuration commands for adding and registering the data source module must be scripted and applied as the container starts.

  1. 获取数据库的 JDBC 驱动程序。Obtain your database's JDBC driver.

  2. 为 JDBC 驱动程序创建 XML 模块定义文件。Create an XML module definition file for the JDBC driver. 下面显示的示例是 PostgreSQL 的模块定义。The example shown below is a module definition for PostgreSQL.

    <?xml version="1.0" ?>
    <module xmlns="urn:jboss:module:1.1" name="org.postgres">
        <resources>
        <!-- ***** IMPORTANT : REPLACE THIS PLACEHOLDER *******-->
        <resource-root path="/home/site/deployments/tools/postgresql-42.2.12.jar" />
        </resources>
        <dependencies>
            <module name="javax.api"/>
            <module name="javax.transaction.api"/>
        </dependencies>
    </module>
    
  3. 将 JBoss CLI 命令放入名为 jboss-cli-commands.cli 的文件中。Put your JBoss CLI commands into a file named jboss-cli-commands.cli. JBoss 命令必须添加模块,并将其注册为数据源。The JBoss commands must add the module and register it as a data source. 以下示例显示了用于 PostgreSQL 的 JBoss CLI 命令。The example below shows the JBoss CLI commands for PostgreSQL.

    #!/usr/bin/env bash
    module add --name=org.postgres --resources=/home/site/deployments/tools/postgresql-42.2.12.jar --module-xml=/home/site/deployments/tools/postgres-module.xml
    
    /subsystem=datasources/jdbc-driver=postgres:add(driver-name="postgres",driver-module-name="org.postgres",driver-class-name=org.postgresql.Driver,driver-xa-datasource-class-name=org.postgresql.xa.PGXADataSource)
    
    data-source add --name=postgresDS --driver-name=postgres --jndi-name=java:jboss/datasources/postgresDS --connection-url=${POSTGRES_CONNECTION_URL,env.POSTGRES_CONNECTION_URL:jdbc:postgresql://db:5432/postgres} --user-name=${POSTGRES_SERVER_ADMIN_FULL_NAME,env.POSTGRES_SERVER_ADMIN_FULL_NAME:postgres} --password=${POSTGRES_SERVER_ADMIN_PASSWORD,env.POSTGRES_SERVER_ADMIN_PASSWORD:example} --use-ccm=true --max-pool-size=5 --blocking-timeout-wait-millis=5000 --enabled=true --driver-class=org.postgresql.Driver --exception-sorter-class-name=org.jboss.jca.adapters.jdbc.extensions.postgres.PostgreSQLExceptionSorter --jta=true --use-java-context=true --valid-connection-checker-class-name=org.jboss.jca.adapters.jdbc.extensions.postgres.PostgreSQLValidConnectionChecker
    
  4. 创建调用此 JBoss CLI 命令的启动脚本 startup_script.shCreate a startup script, startup_script.sh that calls the JBoss CLI commands. 以下示例演示了如何调用 jboss-cli-commands.cliThe example below shows how to call your jboss-cli-commands.cli. 稍后,你需要将应用服务配置为在容器启动时运行此脚本。Later you will configre App Service to run this script when the container starts.

    $JBOSS_HOME/bin/jboss-cli.sh --connect --file=/home/site/deployments/tools/jboss-cli-commands.cli
    
  5. 使用所选的 FTP 客户端,将 JDBC 驱动程序、jboss-cli-commands.clistartup_script.sh 和模块定义上传到 /site/deployments/tools/Using an FTP client of your choice, upload your JDBC driver, jboss-cli-commands.cli, startup_script.sh, and the module definition to /site/deployments/tools/.

  6. 将站点配置为在容器启动时运行 startup_script.shConfigure your site to run startup_script.sh when the container starts. 在 Azure 门户中,导航到“配置” > “通用设置” > “启动命令” 。In the Azure Portal, navigate to Configuration > General Settings > Startup Command. 将“启动命令”字段设置为 /home/site/deployments/tools/startup_script.shSet the startup command field to /home/site/deployments/tools/startup_script.sh. 单击“保存”以保存更改。Save your changes.

若要确认已将数据源添加到 JBoss 服务器,请使用 SSH 进入 webapp 并运行 $JBOSS_HOME/bin/jboss-cli.sh --connectTo confirm that the datasource was added to the JBoss server, SSH into your webapp and run $JBOSS_HOME/bin/jboss-cli.sh --connect. 连接到 JBoss 后,运行 /subsystem=datasources:read-resource 以打印数据源列表。Once you are connected to JBoss run the /subsystem=datasources:read-resource to print a list of the data sources.

日志中的 robots933456robots933456 in logs

你可能会在容器日志中看到以下消息:You may see the following message in the container logs:

2019-04-08T14:07:56.641002476Z "-" - - [08/Apr/2019:14:07:56 +0000] "GET /robots933456.txt HTTP/1.1" 404 415 "-" "-"

可以放心忽略此消息。You can safely ignore this message. /robots933456.txt 是一个虚拟 URL 路径,应用服务使用它来检查容器能否为请求提供服务。/robots933456.txt is a dummy URL path that App Service uses to check if the container is capable of serving requests. 404 响应只是指示该路径不存在,但它让应用服务知道容器处于正常状态并已准备就绪,可以响应请求。A 404 response simply indicates that the path doesn't exist, but it lets App Service know that the container is healthy and ready to respond to requests.

选择 Java 运行时版本Choosing a Java runtime version

通过应用服务,用户可以选择 JVM 的主要版本(如 Java 8 或 Java 11)和次要版本(如 1.8.0_232 或 11.0.5)。App Service allows users to choose the major version of the JVM, such as Java 8 or Java 11, as well as the minor version, such as 1.8.0_232 or 11.0.5. 还可以选择在新的次要版本可用时自动更新次要版本。You can also choose to have the minor version automatically updated as new minor versions become available. 在大多数情况下,生产站点应使用 JVM 的固定次要版本。In most cases, production sites should use pinned minor JVM versions. 这将防止在次要版本自动更新期间发生意外中断。This will prevent unnanticipated outages during a minor version auto-update.

如果选择固定次要版本,则需要定期更新站点上 JVM 的次要版本。If you choose to pin the minor version, you will need to periodically update the JVM minor version on the site. 为了确保应用程序在较新的次要版本上运行,请创建一个过渡槽并在暂存站点上递增次要版本。To ensure that your application runs on the newer minor version, create a staging slot and increment the minor version on the staging site. 确认应用程序在新的次要版本上正常运行后,可以交换过渡槽和生产槽。Once you have confirmed the application runs correctly on the new minor version, you can swap the staging and production slots.

JBoss EAP 硬件选项JBoss EAP hardware options

JBoss EAP 仅适用于高级和独立硬件选项。JBoss EAP is only available on the Premium and Isolated hardware options. 在公共预览期间在免费层、共享层、基本层或标准层上创建了 JBoss EAP 站点的客户应纵向扩展到“高级”或“独立”硬件层,以避免出现意外行为。Customers that created a JBoss EAP site on a Free, Shared, Basic, or Standard tier during the public preview should scale up to Premium or Isolated hardware tier to avoid unexpected behavior.

Java 运行时支持声明Java runtime statement of support

JDK 版本和维护JDK versions and maintenance

Azure 支持的 Java 开发工具包 (JDK) 为提供 Azul Systems 提供的 ZuluAzure's supported Java Development Kit (JDK) is Zulu provided through Azul Systems. Azul Zulu Enterprise 内部版 OpenJDK 是适用于 Azure 和 Azure Stack 的 OpenJDK 的免费、多平台、生产就绪型发行版,由 Microsoft 及 Azul Systems 提供支持。Azul Zulu Enterprise builds of OpenJDK are a no-cost, multi-platform, production-ready distribution of the OpenJDK for Azure and Azure Stack backed by Microsoft and Azul Systems. 这些版本包含构建和运行 Java SE 应用程序所需的所有组件。They contain all the components for building and running Java SE applications. 你可以通过 Java JDK 安装安装 JDK。You can install the JDK from Java JDK Installation.

主要版本更新将通过 Azure 应用服务中的新运行时选项提供。Major version updates will be provided through new runtime options in Azure App Service. 客户可以通过配置应用服务部署来更新到这些较新的 Java 版本,他们需要负责测试和确保重大更新符合其需求。Customers update to these newer versions of Java by configuring their App Service deployment and are responsible for testing and ensuring the major update meets their needs.

支持的 JDK 将在每年的 1 月、4 月、7 月和 10 月按季度自动修补。Supported JDKs are automatically patched on a quarterly basis in January, April, July, and October of each year. 有关 Azure 上的 Java 的详细信息,请参阅此支持文档For more information on Java on Azure, please see this support document.

安全更新Security updates

重大安全漏洞的修补程序和修复程序将在 Azul Systems 提供后立即发布。Patches and fixes for major security vulnerabilities will be released as soon as they become available from Azul Systems. “重大”漏洞是根据 NIST 常见漏洞评分系统版本 2 提供的基本评分 9.0 或以上来定义的。A "major" vulnerability is defined by a base score of 9.0 or higher on the NIST Common Vulnerability Scoring System, version 2.

Tomcat 8.0 已经在 2018 年 9 月 30 日生命周期终止 (EOL)。Tomcat 8.0 has reached End of Life (EOL) as of September 30, 2018. 尽管该运行时在 Azure 应用服务上仍然可用,但 Azure 不会为 Tomcat 8.0 应用安全更新。While the runtime is still available on Azure App Service, Azure will not apply security updates to Tomcat 8.0. 如果可能,请将你的应用程序迁移到 Tomcat 8.5 或 9.0。If possible, migrate your applications to Tomcat 8.5 or 9.0. Tomcat 8.5 和 9.0 在 Azure 应用服务上都可用。Both Tomcat 8.5 and 9.0 are available on Azure App Service. 有关详细信息,请查看 Tomcat 官方网站See the official Tomcat site for more information.

弃用和停用Deprecation and retirement

如果即将停用某个受支持的 Java 运行时,则从停用该运行时之前的至少六个月开始,使用受影响运行时的 Azure 开发人员会收到弃用通知。If a supported Java runtime will be retired, Azure developers using the affected runtime will be given a deprecation notice at least six months before the runtime is retired.

本地开发Local development

开发人员可以从 Azul 下载站点下载 Azul Zulu Enterprise JDK Production Edition 进行本地开发。Developers can download the Production Edition of Azul Zulu Enterprise JDK for local development from Azul's download site.

开发支持Development support

使用符合条件的 Azure 支持计划进行 Azure 或 Azure Stack 方面的开发时,可以通过 Microsoft 获得对 Azure 支持的 Azul Zulu JDK 的产品支持。Product support for the Azure-supported Azul Zulu JDK is available through Microsoft when developing for Azure or Azure Stack with a qualified Azure support plan.

后续步骤Next steps

请访问面向 Java 开发人员的 Azure 中心查找 Azure 快速入门、教程和 Java 参考文档。Visit the Azure for Java Developers center to find Azure quickstarts, tutorials, and Java reference documentation.

应用服务 Linux 常见问题解答中解答了并不特定于 Java 开发的、适用于 Linux 的应用服务的一般用法问题。General questions about using App Service for Linux that aren't specific to the Java development are answered in the App Service Linux FAQ.