How To Install Apache Tomcat On Ubuntu 20.04 / Ubuntu 18.04

0

Apache Tomcat (aka Tomcat Server) is an open-source Java servlet container developed by the Apache Software Foundation.

Tomcat implements Java Servlet, JavaServer Pages (JSP), Java EL, and WebSocket, and provides a “pure Java” HTTP web server environment for running Java codes.

Here is the post about how to install Apache Tomcat on Ubuntu 20.04 / Ubuntu 18.04.

Prerequisites

Update the repository index.

sudo apt update

Install Java

Tomcat requires Java JDK to be installed on the machine. You can either install Oracle JDK or OpenJDK.

For this demo, I am going with OpenJDK.

sudo apt install -y openjdk-11-jdk

Once Java is installed, you can verify the Java version by using the following command.

java -version

Output:

openjdk version "11.0.7" 2020-04-14
OpenJDK Runtime Environment (build 11.0.7+10-post-Ubuntu-3ubuntu1)
OpenJDK 64-Bit Server VM (build 11.0.7+10-post-Ubuntu-3ubuntu1, mixed mode)

Tomcat Service Account

For best practice, Tomcat should never be run as a privileged user (root). So, create a low-privilege user for running the Tomcat service.

sudo groupadd tomcat

sudo mkdir /opt/tomcat

sudo useradd -g tomcat -d /opt/tomcat -s /usr/sbin/nologin tomcat

Download Tomcat

You can download the latest version of the Apache Tomcat package from the official website.

Download Apache Tomcat 9.0

OR

In the terminal use the wget command to download the Apache Tomcat.

wget https://downloads.apache.org/tomcat/tomcat-9/v9.0.36/bin/apache-tomcat-9.0.36.tar.gz

Extract the tomcat on to your desired (/opt/tomcat) directory.

sudo tar -zxvf apache-tomcat-*.tar.gz

sudo mv apache-tomcat-*/* /opt/tomcat/

Change the ownership of the directory to allow the tomcat user to write files to it.

sudo chown -R tomcat:tomcat /opt/tomcat/

Setup Tomcat

Here, we use the systemd to start the Tomcat service. Tomcat’s systemd service file requires java location. So, run the below command to list the java versions available on your system.

sudo update-java-alternatives -l

Output:

java-1.11.0-openjdk-amd64 1111 /usr/lib/jvm/java-1.11.0-openjdk-amd6

At this time, I have Java 11 on my system.

Create a tomcat systemd service file. Green ones depend on the environment, so change them accordingly.

sudo nano /etc/systemd/system/tomcat.service

Add the below information to Tomcat systemd service file.

[Unit]
Description=Apache Tomcat 9.x Web Application Container
Wants=network.target
After=network.target

[Service]
Type=forking

Environment=JAVA_HOME=/usr/lib/jvm/java-1.11.0-openjdk-amd64/

Environment=CATALINA_PID=/opt/tomcat/temp/tomcat.pid
Environment=CATALINA_HOME=/opt/tomcat

Environment='CATALINA_OPTS=-Xms512M -Xmx1G -Djava.net.preferIPv4Stack=true'
Environment='JAVA_OPTS=-Djava.awt.headless=true'

ExecStart=/opt/tomcat/bin/startup.sh
ExecStop=/opt/tomcat/bin/shutdown.sh
SuccessExitStatus=143

User=tomcat
Group=tomcat
UMask=0007
RestartSec=10
Restart=always

[Install]
WantedBy=multi-user.target

Reload systemd daemon.

sudo systemctl daemon-reload

Start Tomcat

To start the Tomcat service; run:

sudo systemctl start tomcat

Check the status of Tomcat, run:

sudo systemctl status tomcat

Enable the auto start of Tomcat service on system boot:

sudo systemctl enable tomcat

By default, Apache Tomcat runs on port 8080. Use the netstat command to check the Tomcat service listening status.

sudo netstat -antup | grep 8080

Output:

tcp        0      0 0.0.0.0:8080            0.0.0.0:*               LISTEN      1611/java

READ: netstat command not found on Ubuntu – Quick Fix

Configure Apache Tomcat Web UI

Tomcat comes with the web-manager and Host Manager for managing Tomcat. Both the Host Manager and Web Manager are password-protected, and it requires a username and password to access.

Create a user with the manager-gui and admin-gui role to have access to web application manager and host-manager respectively. These two roles are defined in the tomcat-users.xml file.

sudo nano /opt/tomcat/conf/tomcat-users.xml

Place the following two lines (role and user definition) just above the last line.

rolename="admin-gui,manager-gui"/>
<user username="admin" password="password" roles="manager-gui,admin-gui"/>

For security reasons, Web Manager and Host Manager are accessible only from the localhost, i.e., from the server itself.

To access web and host managers from the remote system, you would need to add your source network in the allow list. To do that, edit the below two files.

sudo nano /opt/tomcat/webapps/manager/META-INF/context.xml

sudo nano /opt/tomcat/webapps/host-manager/META-INF/context.xml

Update the below line on the above files with source IP from which you are accessing the web and host Manager.

.* will allow all networks to have access to both managers.

allow="127\.\d+\.\d+\.\d+|::1|0:0:0:0:0:0:0:1|.*" />

OR

You can also allow part of your network only. For example: To allow the 192.168.0.0/24 network only, you can use the below values.

allow="127\.\d+\.\d+\.\d+|::1|0:0:0:0:0:0:0:1|192.168.0.*" />

Restart the Tomcat service.

sudo systemctl restart tomcat

Access Tomcat

Open a browser and go to the below URL.

http://ip.add.re.ss:8080

You would get the Tomcat’s default page, and this confirms that Apache Tomcat is successfully installed.

Tomcat 9.0 Default Page
Tomcat 9.0 Default Page

Click on the Manager App to access Web Manager (Login Required): Username: admin, Password: password.

Login Tomcat App Manager
Login Tomcat App Manager

Using web manager, you can deploy a new application, deploy an application in a specified context, start, stop, reload, and un-deploy an application.

Tomcat App Manager
Tomcat App Manager

Also, you can check the server status.

Tomcat Server Status
Tomcat Server Status

Click on Host Manager to access Tomcat host manager (Login Required): Username: admin, Password: password.

Login for Tomcat Host Manager
Login for Tomcat Host Manager

Here, you can manage virtual hosts of Tomcat.

Tomcat Virtual Host Manager
Tomcat Virtual Host Manager

Conclusion

That’s All. I hope you have learned how to install Apache Tomcat on Ubuntu 20.04 / Ubuntu 18.04. You are now ready for your first web application. As a security recommendation, consider implementing SSL/TLS for Tomcat

You might also like