Contents
Install Apache Tomcat on CentOS
Apache Tomcat is an opensource web server used to server Java Applications. It is an opensource implementation of Java Servlet, Java Server Pages and Java Expression Language. In this tutorial, you are going to learn how to Install Apache Tomcat on CentOS 7.
Prerequisites
Before you start to install Apache Tomcat on CentOS 7. You must have the non-root user account on your system with sudo privileges.
Install Java with OpenJDK
It required to have Java installed on your system before we start to install Tomcat. Run following commands to install Java.
First, check if Java is already installed on your system running following command.
java -version
If Java does not installed on your system install it by running following command.
sudo yum install java-1.8.0-openjdk-devel
Now Java is installed on your system.
Create Tomcat User
Becuase of security reason Tomcat should not run as root user. So now you should create a non-root user for Tomcat typing following command.
sudo useradd -r -m -U -d /opt/tomcat -s /bin/false tomcat
Now you are ready to install Tomcat on CentOS 7.
Install Tomcat
To install Tomcat 9 you need to download latest binaries from Tomcat Download Page. At the time creating this tutorial latest version is 9.0.14. But you can use the latest stable version.
First navigate insode /tmp directory.
cd /tmp
To download Tomcat run following command.
wget http://www-eu.apache.org/dist/tomcat/tomcat-9/v9.0.14/bin/apache-tomcat-9.0.14.tar.gz -P
After downloading extract Tomcat archive and move to /opt/tomcat directory.
sudo tar xf /apache-tomcat-9*.tar.gz -C /opt/tomcat
Now create a symbolic link for installation directory so if you want to migrate to next Tomcat version you need to only change this symbolic link.
sudo ln -s /opt/tomcat/apache-tomcat-9.0.14 /opt/tomcat/enabled
Set Permissions
As Tomcat should run under tomcat user created previously. You need to give permissions to tomcat user to access tomcat installation directory.
Run following command to give installation directory ownership to tomcat user and tomcat group.
sudo chown -RH tomcat: /opt/tomcat/enabled
Set non executable flag for bin directory.
sudo chmod o+x /opt/tomcat/enabled/bin/
Create Systemd Unit File
To run Tomcat as a service you need to create a new unit file.
Run following command to create tomcat.service unit file inside /etc/systemd/system/ directory;
sudo nano /etc/systemd/system/tomcat.service
Copy the following code and paste it inside the above file.
NOTE: Modify JAVA_HOME path if it does not match with the value found on your system.
[Unit] Description=Tomcat 9 servlet container After=network.target [Service] Type=forking User=tomcat Group=tomcat Environment="JAVA_HOME=/usr/lib/jvm/default-java" Environment="JAVA_OPTS=-Djava.security.egd=file:///dev/urandom -Djava.awt.headless=true" Environment="CATALINA_BASE=/opt/tomcat/latest" Environment="CATALINA_HOME=/opt/tomcat/latest" Environment="CATALINA_PID=/opt/tomcat/latest/temp/tomcat.pid" Environment="CATALINA_OPTS=-Xms512M -Xmx1024M -server -XX:+UseParallelGC" ExecStart=/opt/tomcat/latest/bin/startup.sh ExecStop=/opt/tomcat/latest/bin/shutdown.sh [Install] WantedBy=multi-user.target
Now reload systemd daemon to notify new file created.
sudo systemctl daemon-reload
Now start the Tomcat service running following command.
sudo systemctl start tomcat
Check the status if tomcat running using the following command.
sudo systemctl status tomcat
If everything is ok then run the following command to autostart Tomcat after boot.
sudo systemctl enable tomcat
Update The Firewall Settings
If you are running Firewall then update settings then you should open port 8080 to access Tomcat from outside of your local system.
Run following command to allow traffic on port 8080:
sudo firewall-cmd --zone=public --permanent --add-port=8080/tcp sudo firewall-cmd --reload
Configure Tomcat Web Management Interface
To use manager web app you should edit tomcat-users.xml file. This file contains users and roles. Edit tomcat-users.xml file by running following command:
sudo nano /opt/tomcat/latest/conf/tomcat-users.xml
Now add username and password for admin-gui and manager-gui. Make it sure you are setting strong username and password.
....
....
<role rolename="admin-gui"/>
<role rolename="manager-gui"/>
<user username="admin" password="admin_password" roles="admin-gui,manager-gui"/>
Now save and close the above file opened.
By default, Apache Tomcat restricts access to Manager and Host Manager apps to connections coming from the server also. You should remove these restrictions.
To change IP address restriction open following files.
Open Manager app context file using below command.
sudo nano /opt/tomcat/latest/webapps/manager/META-INF/context.xml
Open Host Manager app context file using below command.
sudo nano /opt/tomcat/latest/webapps/host-manager/META-INF/context.xml
Add commnets as given in following file.
<Context antiResourceLocking="false" privileged="true" >
<!--
<Valve className="org.apache.catalina.valves.RemoteAddrValve"
allow="127\.\d+\.\d+\.\d+|::1|0:0:0:0:0:0:0:1" />
-->
</Context>Save and close the file and restart the Tomcat server.
sudo systemctl restart tomcat
NOTE: You can add only IP address to the file to allow connection as given below. In following file for example 192.0.0.0 IP address added.
<Context antiResourceLocking="false" privileged="true" >
<Valve className="org.apache.catalina.valves.RemoteAddrValve"
allow="127\.\d+\.\d+\.\d+|::1|0:0:0:0:0:0:0:1|192.0.0.0" />
</Context>
Testing Tomcat
Open browser and visit following link : http://YOUR_SERVER_DOMAIN_OR_IP_ADDRESS:8080
You should get the following output for the successful installation.
Now use Manager App visiting http://YOUR_SERVER_DOMAIN_OR_IP_ADDRESS:8080/manager/html. Now to login enter username and password you have created in tomcat-users.xml file.
The Virtual Host Manager App is available at http://YOUR_SERVER_DOMAIN_OR_IP_ADDRESS:8080/host-manager/html. By using this app you can manage virtual hosts.
Conclusion
You have successfully installed Tomcat 9 on CentOS 7. If you have any queries regarding this please don’t forget to comment below.