In this tutorial, we will see how it is easy to install Tomcat 9 on CentOS 8. For this demonstration purpose, we will install Tomcat 9.0.39 version.
Apache Tomcat is an open-source web server that is designed to serve Java web pages. It is widely deployed and powers various mission-critical web applications around the world.
Apache Tomcat is a web server and servlet container that is used to serve Java applications. Tomcat is an open source implementation of the Java Servlet and JavaServer Pages technologies, released by the Apache Software Foundation.
- Dedicated server with CentOS 8 installed
- root or non-root sudo user
Step 1 – Keep the server up to date
First, we will install EPEL and update the server.
# yum install epel-release -y
# yum update -y
Step 2 – Install JAVA
Following command will install JAVA JDK 11.
# dnf install java-11-openjdk-devel -y
Check the version of the JAVA to verify the installation
# java -version
openjdk version “11.0.8” 2020-07-14 LTS
OpenJDK Runtime Environment 18.9 (build 11.0.8+10-LTS)
OpenJDK 64-Bit Server VM 18.9 (build 11.0.8+10-LTS, mixed mode, sharing)
Step 3 – Create Tomcat User
For security purposes, Tomcat should be run as an unprivileged user (i.e. not root). We will create a new user with /bin/nologin bash so that, nobody can login with the user and also that will run the Tomcat service.
# useradd -s /bin/nologin tomcat
Next, we are going to create a directory and we will download Tomcat.
# mkdir /usr/local/tomcat9
Step 4 – Download and extract Apache Tomcat 9.0.39
Now, let’s download the Tomcat archive using wget. If wget is not installed, you can install using # dnf install wget -y command.
Find the latest version of Tomcat 9 at the Tomcat 9 Downloads page.
# wget http://www-us.apache.org/dist/tomcat/tomcat-9/v9.0.39/bin/apache-tomcat-9.0.39.tar.gz
Extract the archive to it with these commands:
# tar -xvf apache-tomcat-*tar.gz -C /usr/local/tomcat9/ –strip-components=1
Now, we need to modify the ownership of the /usr/local/tomcat9/ directory.
# chown -R tomcat:tomcat /usr/local/tomcat9
Step 5 – Setup a Systemd unit file for Apache Tomcat
To run Tomcat as a service, we need to set up systemd service file. Create file in /etc/systemd/system directory by typing:
# vi /etc/systemd/system/tomcat.service
Add the following information into your service file. Modify the value of JAVA_HOME if necessary to match the value you found on your system.
Description=Apache Tomcat Server
Save and exit.
Next, reload the systemd daemon so that it knows about our service file:
# systemctl daemon-reload
Start and enable the Tomcat service using following command:
# systemctl start tomcat
# systemctl enable tomcat.service
To verify that the tomcat.service has been successfully started and active, run following command:
# systemctl status tomcat
We can check the version and information about Tomcat using following command:
Step 6 – Configure firewall
In order to test Apache Tomcat in a web browser, you need to modify the firewall rules:
# firewall-cmd –zone=public –permanent –add-port=8080/tcp
# firewall-cmd –reload
Step 7 – Add users
We need to configure a username and password to login into the Tomcat server. We will do this by editing the tomcat-users.xml file.
# vi /usr/local/tomcat9/conf/tomcat-users.xml
Add following lines between <tomcat-users> </tomcat-users> tags and assign roles to the server like who can access the manager-gui and admin-gui. You can assign both roles to one user.
<!– user admin can access manager and admin section both –>
<role rolename=”admin-gui” />
<user username=”admin” password=”_SECRET_PASSWORD_” roles=”manager-gui,admin-gui” />
Note: You can set any username and password.
Save and exit.
Step – 8 Configure Tomcat Web Management Interface
The newer version of Apache Tomcat restricts access to the Manager App and Host Manager. We need to alter the restriction to access the manager app and host manager. We can do that in the context.xml file.
For the Manager app, type:
# vi /opt/tomcat/webapps/manager/META-INF/context.xml
For the Host Manager app, type:
# vi /opt/tomcat/webapps/host-manager/META-INF/context.xml
Inside, comment out the IP address restriction to allow connections from anywhere. Alternatively, if you would like to allow access only to connections coming from your own IP address, you can add your public IP address to the list:
<Context antiResourceLocking=”false” privileged=”true” >
Save and exit.
To put our changes into effect, restart the Tomcat service:
# systemctl restart tomcat
That’s it. We have completed with the installation and configuration.
Now, you can test your installation of Apache Tomcat by visiting the following URL from a web browser: