Apache Tomcat (aka Tomcat Server) is an open source Java servlet container developed by the Apache Software Foundation.
Tomcat implements Java Servlet, JavaServer Pages (JSP), Java EL, and WebSocket, and provides a “pure Java” HTTP web server environment for running Java codes.
Here is the post about how to install Apache Tomcat 9.0 / 8.5 on Ubuntu 18.04 / Linux Mint 19.
Requirement
Update the repository index.
sudo apt update
Tomcat requires Java JDK to be installed on the machine. You can either install Oracle JDK or OpenJDK.
| Apache Tomcat Version | Latest Released Version | Supported Java Versions |
|---|---|---|
| 9.0.x | 9.0.11 | 8 and later |
| 8.5.x | 8.5.33 | 7 and later |
For this demo, I am going with OpenJDK.
### OpenJDK 8 ###
sudo apt install -y openjdk-8-jdk wget
### OpenJDK 10 ###
sudo apt install -y default-jdk wget
Once Java is installed, you can verify the Java version by using the following command.
java -version
Output:
openjdk version "1.8.0_181" OpenJDK Runtime Environment (build 1.8.0_181-8u181-b13-0ubuntu0.18.04.1-b13) OpenJDK 64-Bit Server VM (build 25.181-b13, mixed mode)
Create Tomcat Service Account
For best practice, Tomcat should never be run as a privileged user (root). So, create a low-privilege user for running the Tomcat service.
sudo groupadd tomcat sudo mkdir /opt/tomcat sudo useradd -g tomcat -d /opt/tomcat -s /bin/nologin tomcat
Download & Configure Apache Tomcat
Download the Apache Tomcat package from the official website.
Browser
Apache Tomcat 9:
Apache Tomcat 8.5:
Terminal
### Apache Tomcat 9.0 ###
wget http://www-us.apache.org/dist/tomcat/tomcat-9/v9.0.11/bin/apache-tomcat-9.0.11.tar.gz
### Apache Tomcat 8.5 ###
wget http://www-us.apache.org/dist/tomcat/tomcat-8/v8.5.33/bin/apache-tomcat-8.5.33.tar.gz
Extract the tomcat on to your desired (/opt/tomcat) directory.
sudo tar -zxvf apache-tomcat-*.tar.gz sudo mv apache-tomcat-*/* /opt/tomcat/
Change the ownership of the directory to allow the tomcat user to write files to it.
sudo chown -R tomcat:tomcat /opt/tomcat/
Controlling Apache Tomcat
We can also use systemd to start the Tomcat service on system startup automatically.
Tomcat’s systemd service file requires java location. So, run the below command to list the java versions available on your system.
sudo update-java-alternatives -l
Output:
java-1.8.0-openjdk-amd64 1081 /usr/lib/jvm/java-1.8.0-openjdk-amd64
At this time, I have Java 1.8 on my system.
Create a tomcat systemd service file. Green ones depend on the environment, so change them accordingly.
sudo nano /etc/systemd/system/tomcat.service
Add the below information to Tomcat systemd service file.
[Unit] Description=Apache Tomcat 9.x Web Application Container Wants=network.target After=network.target [Service] Type=forking Environment=JAVA_HOME=/usr/lib/jvm/java-1.8.0-openjdk-amd64 Environment=CATALINA_PID=/opt/tomcat/temp/tomcat.pid Environment=CATALINA_HOME=/opt/tomcat Environment='CATALINA_OPTS=-Xms512M -Xmx1G -Djava.net.preferIPv4Stack=true' Environment='JAVA_OPTS=-Djava.awt.headless=true' ExecStart=/opt/tomcat/bin/startup.sh ExecStop=/opt/tomcat/bin/shutdown.sh SuccessExitStatus=143 User=tomcat Group=tomcat UMask=0007 RestartSec=10 Restart=always [Install] WantedBy=multi-user.target
Reload systemd daemon.
sudo systemctl daemon-reload
To start the Tomcat service; run:
sudo systemctl start tomcat
Check the status of Tomcat, run:
sudo systemctl status tomcat
Enable the auto start of Tomcat service on system boot:
sudo systemctl enable tomcat
Verify Apache Tomcat
By default, Apache Tomcat runs on port 8080. Use the netstat command to check the Tomcat service listening status.
sudo netstat -antup | grep 8080
Output:
tcp 0 0 0.0.0.0:8080 0.0.0.0:* LISTEN 12224/java
Firewall
You may need to allow Apache Tomcat server requests in the firewall so that users can access the application from the external network.
sudo ufw allow 8080
Configure Apache Tomcat Web UI
Tomcat comes with the web-manager and Host Manager for managing Tomcat. Both the Host Manager and Web Manager are password protected, and it requires a username and password to access.
Create a user with the manager-gui and admin-gui role to have access to web application manager and host-manager respectively. These two roles are defined in the tomcat-users.xml file.
sudo nano /opt/tomcat/conf/tomcat-users.xml
Place the following two lines (role and user definition) just above the last line.
rolename="admin-gui,manager-gui"/> <user username="admin" password="password" roles="manager-gui,admin-gui"/>
For security reason, Web Manager and Host Manager are accessible only from the localhost, i.e., from the server itself.
To access web and host managers from the remote system, you would need to add your source network in the allow list. To do that, edit the below two files.
sudo nano /opt/tomcat/webapps/manager/META-INF/context.xml sudo nano /opt/tomcat/webapps/host-manager/META-INF/context.xml
Update the below line on above files with source IP from which your accessing the web and host Manager. .* will allow everyone to have access to both managers.
allow="127.d+.d+.d+|::1|0:0:0:0:0:0:0:1|.*" />
OR
You can also allow part of your network only. For example: To allow 192.168.0.0/24 network only, you can use the below values.
allow="127.d+.d+.d+|::1|0:0:0:0:0:0:0:1|192.168.*" />
Restart the Tomcat service.
sudo systemctl restart tomcat
Access Tomcat
Open a browser and go to the below URL.
http://ip.add.re.ss:8080
You would get the Tomcat default page, and this confirms you that Apache Tomcat is successfully installed.
Tomcat 9.0:
Tomcat 8.5:
Web Manager: – Login Required. Username: admin, Password: password
Using web manager, you can deploy a new application, deploy an application in a specified context, start, stop, reload, and un-deploy an application.
Also, you can check the server status.
Host Manager: – Login Required. Username: admin, Password: password
Here, you can manage virtual hosts of Tomcat.
That’s All.
