A Step-by-Step Guide to Installing Apache Tomcat on Ubuntu

A Step-by-Step Guide to Installing Apache Tomcat on Ubuntu

If you're looking to set up Apache Tomcat on your Ubuntu system, you've come to the right place. Apache Tomcat is a popular open-source application server used for deploying Java web applications. In this article, we will walk you through the installation process step by step, ensuring a smooth and hassle-free experience.

Prerequisites

Before we dive into the installation, make sure you have the following prerequisites in place:

  1. An Ubuntu-based system.

  2. Administrative (sudo) access to the server.

  3. An internet connection.

Now, let's get started with the installation.

Step 1: Update Your System

The first step is to ensure that your system's package repository is up to date. Open your terminal and run the following command:

sudo apt-get update

This command will refresh the package list, ensuring that you have access to the latest software packages.

Step 2: Install Java Development Kit (JDK)

Tomcat requires Java to run. You can install the default Java Development Kit (JDK) using the following command:

sudo apt install default-jdk

This command installs the necessary Java runtime environment on your system.

Step 3: Download Apache Tomcat

Navigate to the /opt/ directory where we will install Apache Tomcat:

cd /opt/

Next, download the Apache Tomcat archive using wget. We use wget because it is a command-line tool that allows us to retrieve files from the internet. In this case, we are fetching the Apache Tomcat distribution file:

wget https://dlcdn.apache.org/tomcat/tomcat-9/v9.0.80/bin/apache-tomcat-9.0.80.tar.gz

Step 4: Extract Apache Tomcat

Once the download is complete, extract the archive using the tar command with the -xzvf option:

tar -xzvf apache-tomcat-9.0.80.tar.gz

Here's why we use the -xzvf option with tar:

  • -x (extract): This option tells tar to extract the files from the archive.

  • -z (gzip): Apache Tomcat is typically distributed in a compressed format to reduce file size. The -z option tells tar to use gzip decompression to extract the archive.

  • -v (verbose): This option is helpful for showing the progress and details of the extraction process. It allows you to see which files are being extracted and their paths. This can be especially useful for troubleshooting or verifying that the extraction is proceeding as expected.

  • -f (file): This option specifies the archive file that tar should work with. In this case, it's apache-tomcat-9.0.80.tar.gz. By including the -f option followed by the filename, you indicate which archive should be extracted.

Step 5: Move Tomcat to Its Final Location

Move the extracted Apache Tomcat directory to /opt/tomcat/ for better organization:

mv apache-tomcat-9.0.80 /opt/tomcat/

Step 6: Create a Tomcat User

For security purposes, create a dedicated user for running Tomcat:

adduser tomcat

Step 7: Set Permissions and Environment Variables

Set the ownership of the Tomcat directory to the newly created user and group:

chown -R tomcat:tomcat /opt/tomcat/

Make the Tomcat startup scripts executable:

chmod -R u+x /opt/tomcat/bin/

Step 8: Create a Systemd Service File

To manage Tomcat as a service, create a systemd service file:

vi /etc/systemd/system/tomcat.service

Copy and paste the following configuration into the file:

[Unit]
Description=Tomcat
After=network.target

[Service]
Type=forking
User=tomcat
Group=tomcat
Environment="JAVA_HOME=/usr/lib/jvm/java-1.11.0-openjdk-amd64"
Environment="JAVA_OPTS=-Djava.security.egd=file:///dev/urandom"
Environment="CATALINA_BASE=/opt/tomcat"
Environment="CATALINA_HOME=/opt/tomcat"
Environment="CATALINA_PID=/opt/tomcat/temp/tomcat.pid"
Environment="CATALINA_OPTS=-Xms512M -Xmx1024M -server -XX:+UseParallelGC"
ExecStart=/opt/tomcat/bin/startup.sh
ExecStop=/opt/tomcat/bin/shutdown.sh
RestartSec=10
Restart=always

[Install]
WantedBy=multi-user.target

Save and exit the text editor.

Step 9: Start Tomcat

Start the Tomcat service:

systemctl start tomcat

Check the status to ensure it's running without errors:

systemctl status tomcat

The output of running the `systemctl status tomcat` command when the Tomcat service is running should be similar to the following:

● tomcat.service - Tomcat
   Loaded: loaded (/etc/systemd/system/tomcat.service; enabled; vendor preset: enabled)
   Active: active (running) since Thu 2023-09-21 10:30:15 UTC; 1 day  ago
  Process: 1234 ExecStart=/opt/tomcat/bin/startup.sh (code=exited, status=0/SUCCESS)
 Main PID: 5678 (java)
   CGroup: /system.slice/tomcat.service
           └─5678 /usr/lib/jvm/java-1.11.0-openjdk-amd64/bin/java -Djava.util.logging.config.file=/opt/tomcat/conf/logging.properties -Djava.security.egd=file:/dev/urandom -Djava.awt.headless=true -Xmx1024M -XX:MaxPermSize=256M -XX:+UseConcMarkSweepGC -Djava....

Sep 21 10:30:15 ubuntu systemd[1]: Starting Tomcat...
Sep 21 10:30:15 ubuntu startup.sh[1234]: Tomcat started.
Sep 21 10:30:15 ubuntu systemd[1]: Started Tomcat.

Step 10: Configure Tomcat Users

To manage user access to the Tomcat Manager and Host Manager applications, you need to configure user roles and permissions in the tomcat-users.xml file. This file is located in the conf directory within your Tomcat installation directory.

  1. Open the tomcat-users.xml file for editing:
vi /opt/tomcat/conf/tomcat-users.xml
  1. Add the following sample configuration to create a user with manager and admin roles. Replace your_username and your_password with your desired credentials:
<tomcat-users>
    <!-- Define a user with manager and admin roles -->
    <user username="your_username" password="your_password" roles="manager-gui,admin-gui"/>
</tomcat-users>

This configuration grants the user the roles required to access the Tomcat Manager and Host Manager applications.

  1. Save and exit the text editor.

  2. Optionally, you can configure additional users and roles as needed by adding more <user> elements within the <tomcat-users> section.

Now, your Tomcat Manager and Host Manager applications are configured with the specified user credentials and roles. You can use these credentials to access and manage your web applications through the Tomcat Manager web interface.

Remember to keep your credentials secure and choose strong passwords to ensure the security of your Tomcat server.

Step 11: Comment Out Valve Tags

To enhance the security of the Tomcat Manager and Host Manager applications, it's a good practice to comment out the Valve tags in their respective context.xml files. This helps prevent unauthorized access.

Tomcat Manager:

  1. Open the context.xml file for the Tomcat Manager application:
vi /opt/tomcat/webapps/manager/META-INF/context.xml
  1. Locate the Valve tag and comment it out by adding <!-- before the opening tag and --> after the closing tag. Here's a sample:
<!-- Comment out the Valve tag for enhanced security -->
<!--
<Valve className="org.apache.catalina.valves.RemoteAddrValve"
       allow="127\.\d+\.\d+\.\d+|::1|0:0:0:0:0:0:0:1|0\.0\.0\.0|0:0:0:0:0:0:0:0"
       deny=""/>
-->
  1. Save and exit the text editor.

Host Manager:

  1. Open the context.xml file for the Host Manager application:
vi /opt/tomcat/webapps/host-manager/META-INF/context.xml
  1. Locate the Valve tag and comment it out using after the closing tag. Here's a sample:
<!-- Comment out the Valve tag for enhanced security -->
<!--
<Valve className="org.apache.catalina.valves.RemoteAddrValve"
       allow="127\.\d+\.\d+\.\d+|::1|0:0:0:0:0:0:0:1|0\.0\.0\.0|0:0:0:0:0:0:0:0"
       deny=""/>
-->
  1. Save and exit the text editor.

By commenting out the Valve tags as shown in the samples, you restrict access to the Tomcat Manager and Host Manager applications to specific IP addresses. This added layer of security helps prevent unauthorized access and enhances the overall security of your Tomcat server.

Step 12: Reload systemd and Check Status

After making these changes, reload systemd for the changes to take effect:

systemctl daemon-reload

Check the status of the Tomcat service again:

systemctl status tomcat.service

The output of running the systemctl status tomcat.service command when the Tomcat service is running should be similar to the following:

● tomcat.service - Tomcat
   Loaded: loaded (/etc/systemd/system/tomcat.service; enabled; vendor preset: enabled)
   Active: active (running) since Thu 2023-09-21 10:30:15 UTC; 1 day  ago
  Process: 1234 ExecStart=/opt/tomcat/bin/startup.sh (code=exited, status=0/SUCCESS)
 Main PID: 5678 (java)
   CGroup: /system.slice/tomcat.service
           └─5678 /usr/lib/jvm/java-1.11.0-openjdk-amd64/bin/java -Djava.util.logging.config.file=/opt/tomcat/conf/logging.properties -Djava.security.egd=file:/dev/urandom -Djava.awt.headless=true -Xmx1024M -XX:MaxPermSize=256M -XX:+UseConcMarkSweepGC -Djava....

Sep 21 10:30:15 ubuntu systemd[1]: Starting Tomcat...
Sep 21 10:30:15 ubuntu startup.sh[1234]: Tomcat started.
Sep 21 10:30:15 ubuntu systemd[1]: Started Tomcat.

You have successfully installed and configured Apache Tomcat on your Ubuntu system. You can now deploy your Java web applications and enjoy the benefits of this powerful application server.

In this guide, we've covered every step in detail to ensure a smooth installation process for Tomcat. Whether you're a beginner or an experienced user, you should now have a fully functional Tomcat server ready to host your Java web applications. Happy coding!

Did you find this article valuable?

Support Mantra Tech by becoming a sponsor. Any amount is appreciated!