Apache Tomcat 8.5.23 Installation on CentOS
Tomcat:-
Tomcat is an open source Java Servlet implementation developed by the Apache Software Foundation. Beside Java Servlets, Tomcat implements several Java server technologies including JavaServer Pages (JSP), Java Expression Language, and Java WebSocket. Tomcat provides an HTTP Web Server for Java applications with support for HTTP/2, OpenSSL for JSSE and TLS virtual hosting.
Step1-Install Java
As a first thing, we need to install Java JRE and JDK from the CentOS repository. We will install Java 1.8.13 on the server.
# yum -y install java-1.8.0-openjdk.x86_64 java-1.8.0-openjdk-devel.x86_64
It will take some time, wait until the installation finished. After completing the installation check the Java version.
# java -version
[root@newdelhihosting ~]# java -version openjdk version "1.8.0_151" OpenJDK Runtime Environment (build 1.8.0_151-b12) OpenJDK 64-Bit Server VM (build 25.151-b12, mixed mode) [root@newdelhihosting ~]#
Step2-Configuring the Java Environment
In the first step, we have installed Java, and now we need to configure the JAVA_HOME environment variable on the CentOS server so that Java applications can find the right Java version and also the Tomcat requires the JAVA_HOME environment to be setup properly.
Before, configuring the JAVA_HOME environment, we need to know where the Java directory is.
To check the Java directory
# sudo update-alternatives --config java
Java Directory=java-1.8.0-openjdk.x86_64 (/usr/lib/jvm/java-1.8.0-openjdk-1.8.0.151-1.b12.el7_4.x86_64/jre/bin/java)
Now, we can proceed with editing the environment file.
JAVA_HOME="/usr/lib/jvm/java-1.8.0-openjdk-1.8.0.151-1.b12.el7_4.x86_64/jre"
Save the file and exit.
Next, edit the .bash_profile file and add the JAVA_HOME variable as well
export JAVA_HOME=/usr/lib/jvm/java-1.8.0-openjdk-1.8.0.151-1.b12.el7_4.x86_64/jre export PATH=$JAVA_HOME/bin:$PATH
Save the file and exit.
Now, we need to reload the bash profile file.
# source ~/.bash_profile
Make sure there is no error while reloading the bash file, Finally check the JAVA_HOME environment variable.
# echo $JAVA_HOME
[root@newdelhihosting ~]# echo $JAVA_HOME /usr/lib/jvm/java-1.8.0-openjdk-1.8.0.151-1.b12.el7_4.x86_64/jre [root@newdelhihosting ~]#
Step3-Install Apache Tomcat 8.5.23
As a important thing we to know here is, installing Apache Tomcat under the user tomcat.
Let we create a user and group named tomcat.
# groupadd tomcat
# useradd -s /bin/false -g tomcat -d /opt/tomcat tomcat
Note that,
-s /bin/false – disable shell access
-g tomcat – assign new user to the group tomcat
-d /opt/tomcat – define the home directory for the user
Now, go to the /opt directory and download tomcat.
#cd /opt/
# wget http://www-us.apache.org/dist/tomcat/tomcat-8/v8.5.23/bin/apache-tomcat-8.5.23.tar.gz
Extract Tomcat and move all the files and directories that are in the ‘apache-tomcat-8.5.6’ directory to the ‘tomcat’ directory.
# tar -xzvf apache-tomcat-8.5.23.tar.gz # mv apache-tomcat-8.5.23/* tomcat/
Next, change the owner of the tomcat directory to the “tomcat” user and group.
# chown -hR tomcat:tomcat tomcat
Finally you have installed Apache Tomcat.
Step4-Test Apache Tomcat
Now, we just want to run a short test to make sure there are no errors in our installation.
Go to, /opt/tomcat/bin/ directory and run the command ‘startup.sh’ to test Apache Tomcat.
# cd /opt/tomcat/bin/ # ./startup.sh
you will get the out put as follows:-
[root@newdelhihosting bin]# ./startup.sh Using CATALINA_BASE: /opt/tomcat Using CATALINA_HOME: /opt/tomcat Using CATALINA_TMPDIR: /opt/tomcat/temp Using JRE_HOME: /usr/lib/jvm/java-1.8.0-openjdk-1.8.0.151-1.b12.el7_4.x86_64/jre Using CLASSPATH: /opt/tomcat/bin/bootstrap.jar:/opt/tomcat/bin/tomcat-juli.jar Tomcat started. [root@newdelhihosting bin]#
Tomcat is using port 8080 now, check the open port on the server with the netstat command.
# netstat -plntu
Note : If netstat command is not working, you have to install net-tools using,
# yum install net-tools
You will get the output for netstat -plntu as
[root@newdelhihosting bin]# netstat -plntu Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 707/sshd tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 819/master tcp6 0 0 :::8080 :::* LISTEN 15865/java tcp6 0 0 :::22 :::* LISTEN 707/sshd tcp6 0 0 127.0.0.1:8005 :::* LISTEN 15865/java tcp6 0 0 :::8009 :::* LISTEN 15865/java udp 0 0 103.14.120.207:123 0.0.0.0:* 476/ntpd udp 0 0 127.0.0.1:123 0.0.0.0:* 476/ntpd udp 0 0 0.0.0.0:123 0.0.0.0:* 476/ntpd udp6 0 0 fe80::216:3eff:fe70:123 :::* 476/ntpd udp6 0 0 ::1:123 :::* 476/ntpd udp6 0 0 :::123 :::* 476/ntpd [root@newdelhihosting bin]#
Now, visit the server IP address with port 8080, with a web browser(your_server_ip:8080). You will see the Apache Tomcat default page.
Now, stop Apache Tomcat , because we need to run Tomcat with a systemd service file in the final configuration. Also make sure the tomcat directory is owned by the “tomcat” user and group.
# cd /opt/tomcat/bin/ # ./shutdown.sh # chown -hR tomcat:tomcat /opt/tomcat/
[root@newdelhihosting bin]# ./shutdown.sh Using CATALINA_BASE: /opt/tomcat Using CATALINA_HOME: /opt/tomcat Using CATALINA_TMPDIR: /opt/tomcat/temp Using JRE_HOME: /usr/lib/jvm/java-1.8.0-openjdk-1.8.0.151-1.b12.el7_4.x86_64/jre Using CLASSPATH: /opt/tomcat/bin/bootstrap.jar:/opt/tomcat/bin/tomcat-juli.jar [root@newdelhihosting bin]#
Step 5 – Setup Apache Tomcat Service
Now,we need to run Apache Tomcat as tomcat user with a systemd service file for easy starting and stopping of the service. So the next step is to create a ‘tomcat.service’ file.
Go to the systemd system directory and create a new file ‘tomcat.service’.
# cd /etc/systemd/system/ # touch tomcat.service # nano tomcat.service
Paste the configuration below:
[Unit] Description=Apache Tomcat 8 Servlet Container After=syslog.target network.target [Service] User=tomcat Group=tomcat Type=forking Environment=CATALINA_PID=/opt/tomcat/tomcat.pid Environment=CATALINA_HOME=/opt/tomcat Environment=CATALINA_BASE=/opt/tomcat ExecStart=/opt/tomcat/bin/startup.sh ExecStop=/opt/tomcat/bin/shutdown.sh Restart=on-failure [Install] WantedBy=multi-user.target
Save the file and exit from tomcat.service file.
Now, we have to reload the systemd daemon, then start and add the Apache Tomcat service at boot time.
# systemctl daemon-reload # systemctl start tomcat # systemctl enable tomcat
Now check that tomcat is running by checking the open port 8080. and check the status.
# netstat -plntu # systemctl status tomcat
Step 6 – Configure Apache Tomcat Users
Here, we need to configure the users for Apache Tomcat. Tomcat is installed, and it’s running by default on port 8080, we can access it with a web browser, but we can not access the site-manager dashboard yet. To enable and configure Tomcat users, edit the file ‘tomcat-users.xml’.
Go to the tomcat configuration directory and edit the tomcat-users.xml file.
# cd /opt/tomcat/conf/ # nano tomcat-users.xml
Create a new line under line 43 and paste below configuration.
<role rolename=”manager-gui”/>
<user username=”admin” password=”password” roles=”manager-gui,admin-gui”/>
Save and exit from tomcat-users.xml.
NOTE: Don’t forget to remove the commented marks ( <!– … –> )
Your user configurations should be as follows
<role rolename="tomcat"/> <role rolename="manager-script"/> <role rolename="manager-jmx"/> <role rolename="manager-status"/> <role rolename="manager-gui"/> <role rolename="admin-gui"/> <role rolename="manager"/> <user username="admin" password="EQcJhHW4Ud" roles="manager-gui,manager-status,admin-gui,manager"/> </tomcat-users>
Next, go to the manager directory and edit the context.xml file.
# cd /opt/tomcat/webapps/manager/META-INF/ # nano context.xml
Comment or remove the below lines from this file.
<Valve className=”org.apache.catalina.valves.RemoteAddrValve” # allow=”127\.\d+\.\d+\.\d+|::1|0:0:0:0:0:0:0:1″ />
Now, Save the file and exit.
Go to the host-manager directory and edit the context.xml file again.
# cd /opt/tomcat/webapps/host-manager/META-INF/ # nano context.xml
Comment or remove the below lines from this file.
<Valve className=”org.apache.catalina.valves.RemoteAddrValve” # allow=”127\.\d+\.\d+\.\d+|::1|0:0:0:0:0:0:0:1″ />
Save the file and exit, then restart tomcat.
# systemctl restart tomcat
Step 7 – Configure Firewalld
In CentOS 7, we have a default firewall tool named firewalld. It replaces the iptables interface and connects to the Netfilter kernel code.
Here, we will start the firewalld service and open port 8080 so we can access the Apache Tomcat server from the outside of the network.
Start the firewalld service and add it to start at boot time.
# systemctl start firewalld # systemctl enable firewalld
Next, add the apache tomcat port 8080 to the firewall, and reload the firewalld service.
# firewall-cmd --zone=public --permanent --add-port=8080/tcp # firewall-cmd --reload
Check that all the services are available in the firewall and check that the Apache Tomcat port 8080 is open.
# firewall-cmd --list-ports # firewall-cmd --list-services
Now, Apache Tomcat port 8080 is accessible from outside of the network, and the ssh port is open by default as well.
Step 8 – Testing Apache Tomcat
Now, open your web browser and type in your server IP with port 8080. You will see the Apache Tomcat default page.
http://your_server_ip:8080/
Go to the manager dashboard with below URL ,
http://your_server_ip:8080/manager/html
Now, you have installed Apache Tomcat 8.5.23 on your centOS 7.3 Server.
