Apache Tomcat is an open-source Java servlet and Java Server Page container. It has enabled developers to build and deploy dynamic java-based applications. Java servlets are small java programs defining how a server handles requests and responses. Developers write the servlets while Tomcat handles all the backend and routing work. Being opensource, Apache Tomcat is contributed by developers all over the world.
Features of Apache Tomcat 10
Apache Tomcat 10 is the latest version and applications running an version 9 and earlier need to be changed in order to run on version 10. Some of the changes made on version 10 include:
- Re-work the HTTP/2 overhead protection to reduce the likelihood of false positives.
- Update to Eclipse JDT compiler 4.20.
- Fix regressions in JSP compilation in the previous release
Installing Apache Tomcat 10 on CentOS 8|7 and Rocky Linux 8
Installation of Apache Tomcat requires a number of step as discussed below:
Step 1: System Update
As always run package update on your server to ensure that you have the latest packages during installation
sudo dnf -y update
Step 2: Set Hostname and Hosts File
Set server hostname and configure hosts file with the below commands
$ sudo hostnamectl set-hostname tomcat.example.com
$ sudo vim /etc/hosts
192.168.50.3 tomcat.example.comYou can then reboot for the above changes to take effect
sudo rebootStep 3: Install OpenJDK on CentOS / Rocky
We need to insall OpenJDK runtime environment as below. I am going to be installing version 11 but you can also choose to install version 8. For developers, they can opt for the development environment
# OpenJDK 11
sudo dnf -y install java-11-openjdk java-11-openjdk-devel
# OpenJDK 8
sudo dnf install java-1.8.0-openjdk java-1.8.0-openjdk-devel
Step 4: Create a non-root user and a Directory for Tomcat
We need to create a non-root user that will only be accessing Tomcat and no other use. We also need a directory to place tomcat files.
# Add Tomcat group
sudo groupadd tomcat
# Create Tomcat directory
sudo mkdir /opt/tomcat
# Create tomcat user, disable login and give rights
sudo useradd -s /bin/nologin -g tomcat -d /opt/tomcat tomcatStep 5: Download Tomcat 10 on CentOS 8|7 / Rocky Linux 8
Now, visit Apache Tomcat official site to download the latest Tomcat version. Once on the page, right click on the .tar.gz file and copy the link address.
Use wget to download Apache Tomcat binaries as below.
sudo dnf install wget
VER="10.0.22"
wget https://archive.apache.org/dist/tomcat/tomcat-10/v${VER}/bin/apache-tomcat-${VER}.tar.gzExtract the archived file and copy the extracted files to the tomcat directory previously created
sudo mkdir -p /opt/tomcat
sudo tar -xvf apache-tomcat-${VER}.tar.gz -C /opt/tomcat --strip-components=1Step 6: Set Permissions on Tomcat directories
We need to allow the tomcat user to read files in the tomcat directory. Also enable the scripts in the directory to be executable.
sudo chown -R tomcat: /opt/tomcat
sudo sh -c 'chmod +x /opt/tomcat/bin/*.sh'Step 7: Create Apache Tomcat Systemd file
We can create a systemd file for starting and stopping Apache Tomcat. It is also quite helpful for tomcat autostart on system reboot. We require to pass java installation location as a variable in the systemd file. To get the path, run the below command:
$ sudo alternatives --list | grep ^java
java auto /usr/lib/jvm/java-11-openjdk-11.0.15.0.10-2.el8_6.x86_64/bin/java
javac auto /usr/lib/jvm/java-11-openjdk-11.0.15.0.10-2.el8_6.x86_64/bin/javac
java_sdk_openjdk auto /usr/lib/jvm/java-11-openjdk-11.0.15.0.10-2.el8_6.x86_64
java_sdk_11 auto /usr/lib/jvm/java-11-openjdk-11.0.15.0.10-2.el8_6.x86_64
java_sdk_11_openjdk auto /usr/lib/jvm/java-11-openjdk-11.0.15.0.10-2.el8_6.x86_64Proceed to create apache tomcat service file
sudo vim /etc/systemd/system/tomcat.servicePaste the following content
[Unit]
Description=Apache Tomcat Web Application Container
Wants=network.target
After=network.target
[Service]
Type=forking
Environment=JAVA_HOME=/usr/lib/jvm/jre
Environment=CATALINA_PID=/opt/tomcat/temp/tomcat.pid
Environment=CATALINA_HOME=/opt/tomcat
Environment='CATALINA_OPTS=-Xms512M -Xmx1G -Djava.net.preferIPv4Stack=true'
Environment='JAVA_OPTS=-Djava.awt.headless=true'
ExecStart=/opt/tomcat/bin/startup.sh
ExecStop=/opt/tomcat/bin/shutdown.sh
SuccessExitStatus=143
User=tomcat
Group=tomcat
UMask=0007
RestartSec=10
Restart=always
[Install]
WantedBy=multi-user.target
Step 8: Start and Enable Tomcat Service
Now that we have a service file, we can easily start and enable Apache Tomcat to automatically start at system reboot
sudo systemctl daemon-reload
sudo systemctl start tomcat
sudo systemctl enable tomcatConfirm Tomcat status that it is running
systemctl status status tomcatThe below output shows it is running
Step 9: Configure Tomcat Web Management
Apache Tomcat can be fully managed from the web interface. We need to create a user and password for we management access as below:
sudo vim /opt/tomcat/conf/tomcat-users.xmlAdd the highlighted lines between the <tomcat-users> tag to look as shown:
<tomcat-users
...
<!--
<role rolename="tomcat"/>
<role rolename="role1"/>
<user username="tomcat" password="must-be-changed" roles="tomcat"/>
<user username="both" password="must-be-changed" roles="tomcat,role1"/>
<user username="role1" password="must-be-changed" roles="role1"/>
-->
<role rolename="admin-gui"/>
<user username="admin" password="MyAdminPassword" roles="admin-gui"/>
<role rolename="manager-gui"/>
<user username="admin" password="MyManagerPassword" roles="manager-gui"/>
</tomcat-users>We also need to allow Tomcat to be accessible remotely both for manager and host manager apps. By default, tomcat is only accessible locally.
For connection to manager:
sudo vim /opt/tomcat/webapps/manager/META-INF/context.xmlEnter the remote IPs addresses to access tomcat from, separated by a pipe. In my case, 192.168.50.2 is the remote IP.
...
<Context antiResourceLocking="false" privileged="true" >
<Valve className="org.apache.catalina.valves.RemoteAddrValve"
allow="127\.\d+\.\d+\.\d+|::1|0:0:0:0:0:0:0:1|192.168.50.2" />
...
</Context>For Host Manager;
sudo vim /opt/tomcat/webapps/host-manager/META-INF/context.xmlAdd the remote IP
...
<Context antiResourceLocking="false" privileged="true" >
<Valve className="org.apache.catalina.valves.RemoteAddrValve"
allow="127\.\d+\.\d+\.\d+|::1|0:0:0:0:0:0:0:1|192.168.50.2" />
...
</Context>Step 10: Allow Apache Tomcat through the firewall
If you are running an active firewall, you need to open Tomcat port on the firewall
sudo firewall-cmd --add-port=8080/tcp --permanent
sudo firewall-cmd --reloadAt this point, you have successfully installed Apache Tomcat and you can test from the browser with http://<your-server-ip>:8080. You should see the below page open
Step 11: Configure Nginx as Apache Tomcat Reverse Proxy
In our installation, we are goingto be using Nginx Web server to access our Apache Tomcat application.
Install Nginx on CentOS 8 | Rocky Linux
We begin by installing nginx
sudo dnf install -y nginxThen start and enable Nginx
sudo systemctl start nginx
sudo systemctl enable nginxCreate Nginx Virtual Host for Apache Tomcat
Create virtual host configuration file as below:
sudo vim /etc/nginx/conf.d/tomcat.confAdd the following content
server {
listen 80;
server_name tomcat.example.com;
root /opt/tomcat/webapps/;
location / {
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://127.0.0.1:8080/;
}
}Test nginx configuration
sudo nginx -tRestart nginx
sudo systemctl restart nginxNow head to your browser and Apache Tomcat using the server hostname. For my case, http://example.com
If you click on Server Status or Manager App, it should prompt you for username and password to be able to access.
Enter the Admin or Manager username and password you configured in tomcat-users.xml and you ready to use Apache Tomcat web interface. That’s it. You have successfully installed Apache Tomcat on CentOS 8|7 and on Rocky Linux.
Learning Video course & Book:
I trust the guide has been helpful. Check below more informative guides you may like:
