Apache Tomcat is an open source implementation of Java Servlet, JavaServer Pages, Java Expression Language and Java WebSocket technologies. It is one of the most widely used application and web servers in the world today. Tomcat is easy to use and has a robust ecosystem.
This tutorial describes how to install Tomcat 9.0 on CentOS 8.
Install Java
Tomcat 9 requires Java SE 8 or higher. We will install OpenJDK 11 , which is an open source implementation of the Java platform.
Run the following command as root or as a user with sudo privileges to install Java.
|
|
After the installation is complete, verify by checking the Java version.
|
|
The output should look like the following.
Create a system user
Running Tomcat under the root user is a security risk. We will create a new system user and group it with the home directory /opt/tomcat
where the Tomcat service will be run. To do this, enter the following command.
|
|
Download Tomcat
The Tomcat binary distribution can be downloaded from the Tomcat download page. At the time of writing, the latest version of Tomcat is 9.0.30
. Before proceeding further, check the Tomcat 9 download page to see if a newer version is available.
Use wget
to download the Tomcat zip file to the /tmp
directory.
|
|
Once the download is complete, extract the tar file to the /opt/tomcat
directory.
|
|
Tomcat is updated periodically. To better control versioning and updates, we will create a symbolic link named latest
that points to the Tomcat installation directory.
|
|
The previously created system user must have access to the tomcat installation directory. Change the directory ownership to user and group tomcat.
|
|
Makes shell scripts in the bin
directory executable.
|
|
These scripts are used to start and stop Tomcat.
Create the Systemd Unit unit file
Instead of manually starting and stopping the Tomcat server, we set it to run as a service. Open your text editor and create a tomcat.service
Systemd Unit file in the /etc/systemd/system/
directory.
|
|
Paste the following.
/etc/systemd/system/tomcat.service
|
|
Save and close the file.
Notify systemd of the existence of a new service file by typing the following.
|
|
Enable and start the Tomcat service.
|
|
Check service status.
|
|
The output should show that the Tomcat server is enabled and running.
|
|
Configure firewall
If your server is protected by a firewall and you want to access the tomcat interface from outside your local network, you need to open port 8080
.
Open the required port using the following command.
|
|
Typically, a reverse proxy should be used when running Tomcat in a production environment. Best practice is to only allow access to port 8080
from the internal network.
Configuring the Tomcat Web Management Interface
At this point, you should be able to access Tomcat on port 8080
using a web browser. Since we have not created users yet, we cannot access the web administration interface.
Tomcat users and roles are defined in the tomcat-users.xml
file.
If you open the file, you will notice that it is full of comments and examples describing how to configure the file.
|
|
To create new users that can access the tomcat web interface (manager-gui and admin-gui), edit the file as follows. Ensure that the username and password are changed to a more secure way.
/opt/tomcat/latest/conf/tomcat-users.xml
By default, the Tomcat Web Management Interface is configured to allow access from the local host only.
If you need to access the web interface from anywhere, open the following file and comment out the lines.
/opt/tomcat/latest/webapps/manager/META-INF/context.xml
/opt/tomcat/latest/webapps/host-manager/META-INF/context.xml
Please note that it is not recommended to allow access from anywhere, as this poses a security risk.
If you only want to access the web interface from a specific IP, instead of commenting these blocks, add your public IP to the list.
Suppose your public IP is 41.41.41.41
and you only want to allow access from that IP.
/opt/tomcat/latest/webapps/manager/META-INF/context.xml
/opt/tomcat/latest/webapps/host-manager/META-INF/context.xml
The list of allowed IP addresses is a list separated by vertical lines |
. You can add individual IP addresses or use regular expressions.
When finished, restart the Tomcat service for the changes to take effect.
|
|
Test if the installation is successful
Open your browser and type: http://<your_domain_or_IP_address>:8080
The Tomcat Web Application Manager dashboard allows you to deploy, undeploy, start, stop and reload applications. It can be found at the following location: http://<your_domain_or_IP_address>:8080/manager/html
.
The Tomcat Virtual Host Manager dashboard allows you to create, delete and manage Tomcat virtual hosts. It can be found at the following location: http://<your_domain_or_IP_address>:8080/host-manager/html
.
Conclusion
We have shown you how to install Tomcat 9.0 on CentOS 8 and how to access the Tomcat administration interface. For more information about Apache Tomcat, please visit the official documentation page.