Need an expert to help you with
" How to install Tomcat 8.5 on CentOS 7" ?
" How to install Tomcat 8.5 on CentOS 7" ?
How to install Tomcat 8.5 on CentOS 7This tutorial shows you how to install Tomcat 8.5 on CentOS 7 . Tomcat is an open-source implementation of the Java Servlet, JavaServer Pages, Java Expression Language, and Java WebSocket technologies.
Check out Our Best VPS Hosting and Wodpress hosting for scaling your cloud-based applications and processes.
Install OpenJDKTomcat 8.5 requires Java SE 7 or later. In this tutorial, we will install OpenJDK, the open-source implementation of the Java Platform that is the default Java development and runtime in CentOS 7. The installation is simple and straightforward:
If you want to install Oracle Java instead of OpenJDK, please check this guide.
sudo yum install java-1.8.0-openjdk-devel
Create Tomcat system userRunning Tomcat as a root user is a security risk and is not recommended. Instead, we will create a new system user and group with home directory /opt/tomcat that will run the Tomcat service:
sudo useradd -m -U -d /opt/tomcat -s /bin/false tomcat
Download TomcatWe will download the latest version of Tomcat 8.5.x from the Tomcat downloads page. At the time of this writing, the latest version is 8.5.31. Before continuing with the next step, you should check the download page for any new version. Change to the /tmp directory and use wget to download the zip file:
Once the download is complete, extract the zip file and move it to the /opt/tomcatdirectory:
cd /tmp wget http://www-us.apache.org/dist/tomcat/tomcat-8/v8.5.31/bin/apache-tomcat-8.5.31.zip
Because Tomcat 8.5 is updated frequently to have more control over versions and updates, we will create a symbolic link which will point to the latest Tomcat installation directory:
unzip apache-tomcat-*.zip sudo mv apache-tomcat-*/ /opt/tomcat/
The tomcat user that we previously set up needs to have access to the tomcat directory, so we will change the directory ownership to user and group tomcat:
sudo ln -s /opt/tomcat/apache-tomcat-* /opt/tomcat/latest
and we will also make the scripts inside the bin directory executable:
sudo chown -R tomcat: /opt/tomcat
sudo chmod +x /opt/tomcat/latest/bin/*.sh
Create a systemd unit fileTo run Tomcat as a service, we will create a tomcat.service unit file in the /etc/systemd/system/ directory with the following contents:
/etc/systemd/system/tomcat.service [Unit] Description=Tomcat 8.5 servlet container After=network.target [Service] Type=forking User=tomcat Group=tomcat Environment="JAVA_HOME=/usr/lib/jvm/jre" Environment="JAVA_OPTS=-Djava.security.egd=file:///dev/urandom" Environment="CATALINA_BASE=/opt/tomcat/latest" Environment="CATALINA_HOME=/opt/tomcat/latest" Environment="CATALINA_PID=/opt/tomcat/latest/temp/tomcat.pid" Environment="CATALINA_OPTS=-Xms512M -Xmx1024M -server -XX:+UseParallelGC" ExecStart=/opt/tomcat/latest/bin/startup.sh ExecStop=/opt/tomcat/latest/bin/shutdown.sh [Install] WantedBy=multi-user.targetNotify systemd that we created a new unit file and start the Tomcat service by executing:
You can check the service status with the the following command:
sudo systemctl daemon-reload sudo systemctl start tomcat
sudo systemctl status tomcat
tomcat.service - Tomcat 8.5 servlet container Loaded: loaded (/etc/systemd/system/tomcat.service; disabled; vendor preset: disabled) Active: active (running) since Sat 2018-03-31 16:30:48 UTC; 3s ago Process: 23826 ExecStart=/opt/tomcat/latest/bin/startup.sh (code=exited, status=0/SUCCESS) Main PID: 23833 (java) CGroup: /system.slice/tomcat.service └─23833 /usr/lib/jvm/jre/bin/java -Djava.util.logging.config.file=/opt/tomcat/latest/conf/logging.properties -Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager -Djava.security.egd=fi...and if there are no errors, you can enable the Tomcat service to be automatically started at boot time:
sudo systemctl enable tomcat
Adjust the FirewallIf you are running a firewall and you want to access the tomcat interface from the outside the local network, you also need to open port 8080. You can use the following commands to open the necessary port:
In most cases, when running Tomcat in a production environment, you will use a load balancer or reverse proxy. It’s a best practice to allow access to port 8080 only to your internal network.
sudo firewall-cmd --zone=public --permanent --add-port=8080/tcp sudo firewall-cmd --reload
Configure Tomcat Web Management InterfaceAt this point, Tomcat is installed and we can access it with a web browser on port 8080, but we cannot access the web management interface because we have not created a user yet. Tomcat users and their roles are defined in the tomcat-users.xml file. If you open the file you will notice that it is filled with comments and examples describing how to configure the file.
To add a new user who will be able to access the tomcat web interface (manager-gui and admin-gui), we need to define the user in the tomcat-users.xml file as shown below. Make sure you change the username and password to something more secure:
sudo vim /opt/tomcat/latest/conf/tomcat-users.xml
/opt/tomcat/latest/conf/tomcat-users.xml <tomcat-users> <!-- Comments --> <role rolename="admin-gui"/> <role rolename="manager-gui"/> <user username="admin" password="admin_password" roles="admin-gui,manager-gui"/> </tomcat-users>
Tomcat’s web management interfaceBy default, Tomcat’s web management interface is configured to allow access only from the localhost; if you want to be able to access the web interface from a remote IP, or from anywhere which is not recommended because it is a security risk, you can open the following files and make the following changes. Open the following files and comment or remove the lines highlighted in yellow:
/opt/tomcat/latest/webapps/manager/META-INF/context.xml <Context antiResourceLocking="false" privileged="true" > <!-- <Valve className="org.apache.catalina.valves.RemoteAddrValve" allow="127\.\d+\.\d+\.\d+|::1|0:0:0:0:0:0:0:1" /> --> </Context> Copy /opt/tomcat/latest/webapps/host-manager/META-INF/context.xml <Context antiResourceLocking="false" privileged="true" > <!-- <Valve className="org.apache.catalina.valves.RemoteAddrValve" allow="127\.\d+\.\d+\.\d+|::1|0:0:0:0:0:0:0:1" /> --> </Context>If you need to access the web interface only from a specific IP, instead of commenting the blocks, add your public IP to the list. Let’s say your public IP is 188.8.131.52 and you want to allow access only from that IP:
/opt/tomcat/latest/webapps/manager/META-INF/context.xml <Context antiResourceLocking="false" privileged="true" > <Valve className="org.apache.catalina.valves.RemoteAddrValve" allow="127\.\d+\.\d+\.\d+|::1|0:0:0:0:0:0:0:1|184.108.40.206" /> </Context> Copy /opt/tomcat/latest/webapps/host-manager/META-INF/context.xml <Context antiResourceLocking="false" privileged="true" > <Valve className="org.apache.catalina.valves.RemoteAddrValve" allow="127\.\d+\.\d+\.\d+|::1|0:0:0:0:0:0:0:1|220.127.116.11" /> </Context>The list of allowed IP addresses is a list separated with vertical bars |. You can add single IP addresses or use a regular expression.
Test the InstallationOpen your browser and type: http://<your_domain_or_IP_address>:8080 Assuming that installation is successful, a screen similar to the following will appear: Tomcat web application manager dashboard is available at http://<your_domain_or_IP_address>:8080/manager/html. From here you can deploy, undeploy, start, stop and reload your applications.
ConclusionThat’s it! You have successfully installed Tomcat 8.5 on your CentOS 7 system. If you encounter any problems, leave a comment below. Do let us know if you want to add any specific Linux or Windows hosting topics into this tutorial series. and one more thing… here are a few hand-picked guides that must read next:
Updated on 11 Aug 2018
Add a comment