Scribd
Upload
90 views3 pages

Tomcat Intallation As A Service

The document outlines the steps to install Tomcat as a service on a Linux system: 1. Install Java and create a tomcat user and group. 2. Download and extract Tomcat, then update file permissions to be owned by the tomcat user. 3. Create a systemd service file to manage Tomcat as a service and configure it to start on boot. 4. Open the necessary port in the firewall and test that the Tomcat default page loads. 5. Configure the Tomcat management interface by adding admin users and removing IP restrictions.

Uploaded by

Rajesh k
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
90 views3 pages

Tomcat Intallation As A Service

The document outlines the steps to install Tomcat as a service on a Linux system: 1. Install Java and create a tomcat user and group. 2. Download and extract Tomcat, then update file permissions to be owned by the tomcat user. 3. Create a systemd service file to manage Tomcat as a service and configure it to start on boot. 4. Open the necessary port in the firewall and test that the Tomcat default page loads. 5. Configure the Tomcat management interface by adding admin users and removing IP restrictions.

Uploaded by

Rajesh k
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
You are on page 1/ 3

Tomcat Installation as a service:

===================================================================================
====
Step 1: Install Java
sudo apt-get update
sudo apt-get install default-jdk

Step 2: Create Tomcat User, For security purposes, Tomcat should be run as an
unprivileged user (i.e. not root). We will create a new user and group that will
run the Tomcat service.

sudo groupadd tomcat

Next, create a new tomcat user. We'll make this user a member of the tomcat group,
with a home directory of /opt/tomcat (where we will install Tomcat), and with a
shell of /bin/false (so nobody can log into the account):

sudo useradd -s /bin/false -g tomcat -d /opt/tomcat tomcat

Step 3: Install Tomcat


cd /opt
sudo wget http://mirrors.estointernet.in/apache/tomcat/tomcat-9/v9.0.17/bin/apache-
tomcat-9.0.17.tar.gz
sudo mv apache-tomcat-9.0.17.tar.gz tomcat9
sudo tar -xzvf apache-tomcat-9.0.17.tar.gz

Step 4: Update Permissions


cd /opt/tomcat

sudo chown -R tomcat:tomcat /opt/tomcat


sudo chmod -R g+r conf
sudo chmod g+x conf

Step 5: Create a systemd Service File


sudo update-java-alternatives -l
Output
java-1.8.0-openjdk-amd64 1081 /usr/lib/jvm/java-1.8.0-openjdk-amd64

sudo vi /etc/systemd/system/tomcat.service
Paste the following contents into your service file. Modify the value of JAVA_HOME
if necessary to match the value you found on your system. You may also want to
modify the memory allocation settings that are specified in CATALINA_OPTS:
------------------------------------------------------------------------
[Unit]
Description=Apache Tomcat Web Application Container
After=syslog.target network.target

[Service]
Type=forking

User=tomcat
Group=tomcat

Environment=JAVA_HOME=/usr/lib/jvm/java-1.8.0-openjdk-amd64/jre
Environment=CATALINA_PID=/opt/tomcat9/temp/tomcat.pid
Environment=CATALINA_HOME=/opt/tomcat9
Environment=CATALINA_BASE=/opt/tomcat9
#Environment='CATALINA_OPTS=-Xms512M -Xmx1024M -server -XX:+UseParallelGC'
#Environment='JAVA_OPTS=-Djava.awt.headless=true
-Djava.security.egd=file:/dev/./urandom'

ExecStart=/opt/tomcat9/bin/startup.sh
ExecStop=/opt/tomcat9/bin/shutdown.sh

[Install]
WantedBy=multi-user.target
-----------------------------------------------------------------------
When you are finished, save and close the file.

Next, reload the systemd daemon so that it knows about our service file:
sudo systemctl daemon-reload

Start the Tomcat service by typing:


sudo systemctl start tomcat
sudo systemctl status tomcat

Step 6: Adjust the Firewall and Test the Tomcat Server


Now that the Tomcat service is started, we can test to make sure the default page
is available.

Tomcat uses port 8080 to accept conventional requests. Allow traffic to that port
by typing:
sudo ufw allow 8080
With the firewall modified, you can access the default splash page by going to your
domain or IP address followed by :8080 in a web browser:

Open in web browser, You will see the default Tomcat splash page
http://server_domain_or_IP:8080

Tomcat automatically starts at boot:


sudo systemctl enable tomcat

Step 7: Configure Tomcat Web Management Interface


In order to use the manager web app that comes with Tomcat, we must add a login to
our Tomcat server. We will do this by editing the tomcat-users.xml file:

sudo vi /opt/tomcat/conf/tomcat-users.xml

tomcat-users.xml — Admin User


<role rolename="admin-gui"/>
<role rolename="admin-script"/>
<role rolename="manager-gui"/>
<role rolename="manager-status"/>
<role rolename="manager-script"/>
<role rolename="manager-jmx"/>
<user username="admin" password="admin" roles="admin-gui,admin-script,manager-
gui,manager-status,manager-script,manager-jmx"/>
<user username="tomcat" password="tomcat" roles="manager-gui" />

Save and close the file when you are finished.

By default, newer versions of Tomcat restrict access to the Manager and Host
Manager apps to connections coming from the server itself. Since we are installing
on a remote machine, you will probably want to remove or alter this restriction. To
change the IP address restrictions on these, open the appropriate context.xml
files.

For the Manager app, type:


sudo nano /opt/tomcat/webapps/manager/META-INF/context.xml
sudo nano /opt/tomcat/webapps/host-manager/META-INF/context.xml
Inside, comment out the IP address restriction to allow connections from anywhere.

<!-- <Valve className="org.apache.catalina.valves.RemoteAddrValve"


allow="127\.\d+\.\d+\.\d+|::1|0:0:0:0:0:0:0:1" /> -->
Save and close the files when you are finished.

sudo systemctl restart tomcat

You might also like