The Apache Tomcat software is an open source implementation of the Java Servlet, JavaServer Pages, Java Expression Language and Java WebSocket technologies.
Tomcat requires java to run any Java web application, so the first thing we install is the latest Java JDK.
yum install java-latest-openjdk
We will create user tomcat, our tomcat server will run under this user. For security reasons its not desirable to run it with root privileges.
useradd -s /bin/false -d /opt/tomcat tomcat
Next we download the latest tomcat 9 binary from https://tomcat.apache.org/download-90.cgi.
wget https://www-us.apache.org/dist/tomcat/tomcat-9/v9.0.30/bin/apache-tomcat-9.0.30.tar.gz
Now lets extract the this tar archive in /opt
cd /opt tar zxf apache-tomcat-9.0.30.tar.gz rm -fr tomcat ln -s apache-tomcat-9.0.30 tomcat
As tomcat will be running under user tomcat we will change the ownership accordingly
chown -R tomcat:tomcat /opt/apache-tomcat-9.0.30
Next lets create a systemd service for tomcat. We need to know the JAVA_HOME environment variable to set, for this run
alternatives --config java
This will show a output like
Note the path before bin/java i.e, /usr/lib/jvm/java-13-openjdk-13.0.1.9-2.rolling.el8.x86_64 is our JAVA_HOME.
With this information we are ready to create /etc/systemd/system/tomcat.service, add below lines in this file
[Unit] Description=Apache Tomcat Web Application Container After=network.target [Service] Type=forking Environment=JAVA_HOME=/usr/lib/jvm/java-13-openjdk-13.0.1.9-2.rolling.el8.x86_64 Environment=CATALINA_PID=/opt/tomcat/temp/tomcat.pid Environment=CATALINA_HOME=/opt/tomcat Environment=CATALINA_BASE=/opt/tomcat Environment='CATALINA_OPTS=-Xms256M -Xmx256M -server -XX:+UseParallelGC' Environment='JAVA_OPTS=-Djava.awt.headless=true -Djava.security.egd=file:/dev/./urandom' ExecStart=/opt/tomcat/bin/startup.sh ExecStop=/opt/tomcat/bin/shutdown.sh User=tomcat Group=tomcat UMask=0007 RestartSec=10 Restart=always [Install] WantedBy=multi-user.target
Note the JAVA_HOME environment set in this file.
You can adjust the maximum memory allocation pool for a Java virtual machine Xmx and initial memory allocation pool Xms in CATALINA_OPTS as required by your application or available RAM on server.
Time to reload systemd so that it reads our new tomcat service.
systemctl daemon-reload
Lets start tomcat now
systemctl start tomcat
Tomcat should now be running you can check the status by running
systemctl status tomcat
The output will be like
We can now access the tomcat splash page on port 8080, point your browsers to http://server-ip:8080/. But at this point host manager and manager app will still not be accessible, as they are restricted access from server itself only.
To be able to access the host manager and manager app we need to add user to tomcat users file, /opt/tomcat/conf/tomcat-users.xml. Edit this file so it looks like
<tomcat-users>
<role rolename="manager-gui"/>
<role rolename="admin-gui"/>
<user username="tomcatadmin" password="SuP3RS3cRe7" roles="manager-gui,admin-gui"/>
</tomcat-users>
We will also have to remove restriction so that we can access them from any IP, to do this edit 2 files /opt/tomcat/webapps/manager/META-INF/context.xml and /opt/tomcat/webapps/host-manager/META-INF/context.xml for manager-app and host-manager and comment as below
<Context antiResourceLocking="false" privileged="true" >
<!--<Valve className="org.apache.catalina.valves.RemoteAddrValve"
allow="127\.\d+\.\d+\.\d+|::1|0:0:0:0:0:0:0:1" />-->
</Context>
Or better just allow your IPs to access list
<Context antiResourceLocking="false" privileged="true" >
<Valve className="org.apache.catalina.valves.RemoteAddrValve"
allow="127\.\d+\.\d+\.\d+|11.22.33.44|::1|0:0:0:0:0:0:0:1" />
</Context>
Restart tomcat, now we can access host-manager at http://server-IP:8080/host-manager/html and manager-app at http://server-ip:8080/manager/html
Tomcat installation is now complete, you can now start deploying your Java Web Applications using the manager-app.