Tomcat 8.5.27 in Centos 7

Prerequisites

  • CentOS 7 Server – 64bit
  • 524 MB de RAM (2 GB or more RAM)
  • Root privileges
  • Tomcat 8.5.27

yum -y install java-1.8.0-openjdk.x86_64 java-1.8.0-openjdk-devel.x86_64

yum -y install java-1.8.0-openjdk

java -versionjava -version

openjdk version "1.8.0_161"OpenJDK Runtime Environment (build 1.8.0_161-b14)OpenJDK 64-Bit Server VM (build 25.161-b14, mixed mode)

cd /opt/

wget http://download.oracle.com/otn-pub/java/jdk/8u161-b12/2f38c3b165be4555a1fa6e98c45e0808/jdk-8u161-linux-x64.tar.gz

Check Java directory with the command below:

update-alternatives –config java

There is 2 program that provides 'java'. Selection Command-----------------------------------------------
1 java-1.7.0-openjdk.x86_64 (/usr/lib/jvm/java-1.7.0-openjdk-1.7.0.161-2.6.12.0.el7_4.x86_64/jre/bin/java)
*+ 2 java-1.8.0-openjdk.x86_64 (/usr/lib/jvm/java-1.8.0-openjdk-1.8.0.161-0.b14.el7_4.x86_64/jre/bin/java)
Enter to keep the current selection[+], or type selection number:

INSTALL  Apache Tomcat 8 .

Create a user and group named tomcat:

groupadd tomcat

useradd -s /bin/false -g tomcat -d /opt/tomcat tomcat

Note:
-s /bin/false = disable shell access
-g tomcat = assign new user to the group tomcat
-d /opt/tomcat = define the home directory for the user

In /opt directory download tomcat:

cd /opt/

wget http://apache.rediris.es/tomcat/tomcat-8/v8.5.27/bin/apache-tomcat-8.5.27.tar.gz

( for Apache Tomcat 9 wget http://apache.uvigo.es/tomcat/tomcat-9/v9.0.5/bin/apache-tomcat-9.0.5.tar.gz)

Extract Tomcat and move all  from‘apache-tomcat-8.5.6′ to ‘tomcat’ directory.

tar -xzvf apache-tomcat-8.5.6.tar.gz

mv apache-tomcat-8.5.6/* tomcat/

Change the owner of the tomcat directory to the tomcat user and group.

chown -hR tomcat:tomcat tomcat

Run a test to check the installation. Get into tomcat/bin directory  and run ‘startup.sh‘ command.

cd /opt/tomcat/bin/

./startup.sh

Using CATALINA_BASE: /opt/tomcat
Using CATALINA_HOME: /opt/tomcat
Using CATALINA_TMPDIR: /opt/tomcat/temp
Using JRE_HOME: /usr
Using CLASSPATH: /opt/tomcat/bin/bootstrap.jar:/opt/tomcat/bin/tomcat-juli.jar
Tomcat started.

Open the appropiate port/s.

firewall-cmd –permanent –add-port=8080/tcp

firewall-cmd –reload

Check the open port on the server with the netstat command.

netstat -plntu | grep 8080

tcp6 0 0 :::8080 :::* LISTEN 5483/javatcp6 0 0 :::80 :::* LISTEN 1394/httpdtcp6 0 0 127.0.0.1:8005 :::* LISTEN 5483/javatcp6 0 0 :::8009 :::* LISTEN 5483/java

Stop Apache Tomcat,

./shutdown.sh

A ‘tomcat.service’ file will be created for easy starting and stopping of the service. Tomcat8 will be run with a systemd service, first check the owner of the director. In systemd system directory create a file named ‘tomcat8.service’.

nano /etc/systemd/system/tomcat8.service

[Unit]
Description=Apache Tomcat Web 8.x Application ContainerWants=network.target
After=network.target
[Service]
Type=forking
Environment=JAVA_HOME=/usr/lib/jvm/java-1.8.0-openjdk-1.8.0.161-0.b14.el7_4.x86_64/jre/
Environment=CATALINA_PID=/opt/tomcat/temp/tomcat.pid
Environment=CATALINA_HOME=/opt/tomcat
Environment=CATALINA_BASE=/opt/tomcat
Environment='CATALINA_OPTS=-Xms512M
-Xmx1024M
-Djava.net.preferIPv4Stack=true'
Environment='JAVA_OPTS=-Djava.awt.headless=true'
ExecStart=/opt/tomcat/bin/startup.sh
ExecStop=/opt/tomcat/bin/shutdown.shSuccessExitStatus=143
User=tomcat
Group=tomcat
UMask=0007
RestartSec=10Restart=always
[Install]
WantedBy=multi-user.target
Reload the systemd daemon, then start and add the Apache Tomcat service at boot time.

systemctl daemon-reload

systemctl start tomcat8

systemctl enable tomcat

systemctl stop tomcat8

 

USERS FOR APACHE TOMCAT8

Tomcat users are defined in the file $TOMCAT_HOME/conf/tomcat-users.xml, by default, there is NO user, it means no one can access the Tomcat manager page.

To enable users to access the Tomcat manager page, add a user as the role manager-gui as follow:

nano /opt/tomcat/conf/tomcat-users.xml

<role rolename="admin-gui,manager-gui"/>
<user username="admin" password="admin" roles="admin-gui,manager-gui"/>

By default, since Tomcat7 restrict the access to the Manager and Host Manager apps, so these restriction hasve to be removed or altered. To change the IP address restrictions on these, open the appropriate context.xml files.

For Manager: $TOMCAT_HOME/webapps/manager/META-INF/context.xml.

nano /opt/tomcat/webapps/manager/META-INF/context.xml

<Valve className="org.apache.catalina.valves.RemoteAddrValve" allow="127\.\d+\.\d+\.\d+|::1|0:0:0:0:0:0:0:1|192.168\.\d+\.\d" />
<Manager sessionAttributeValueClassNameFilter="java\.lang\.(?:Boolean|Integer|Long|Number|String)|$

For host-manager: $TOMCAT_HOME/webapps/host-manager/META-INF/context.xml( .* will allow everyone to have access to manager and host-manager).

nano /opt/tomcat/webapps/host-manager/META-INF/context.xml

<Context antiResourceLocking="false" privileged="true" > <Valve className="org.apache.catalina.valves.RemoteAddrValve" allow="127\.\d+\.\d+\.\d+|::1|0:0:0:0:0:0:0:1|.*" />
<Manager sessionAttributeValueClassNameFilter="java\.lang\.(?:Boolean|Integer|Long|Number|String)|$</Context>

systemctl restart tomcat8

 

REFERENCES

http://tomcat.apache.org/

https://www.howtoforge.com/tutorial/how-to-install-tomcat-on-centos/

Anuncios

Responder

Introduce tus datos o haz clic en un icono para iniciar sesión:

Logo de WordPress.com

Estás comentando usando tu cuenta de WordPress.com. Cerrar sesión /  Cambiar )

Google+ photo

Estás comentando usando tu cuenta de Google+. Cerrar sesión /  Cambiar )

Imagen de Twitter

Estás comentando usando tu cuenta de Twitter. Cerrar sesión /  Cambiar )

Foto de Facebook

Estás comentando usando tu cuenta de Facebook. Cerrar sesión /  Cambiar )

Conectando a %s