Apache Tomcat is an opensource http server that used to implement Java Servlet, JavaServer Pages, Java Expression Language, and Java WebSocket technologies. This tutorial explains steps to Install Apache Tomcat on Ubuntu 20.04.
Prerequisites
Before you start installation, make sure you are logged in as root or user with sudo privileges.
Installing Java
Java SE 8 or later required to be installed on the server before we start installing Tomcat 9. Run following commands to install OpenJDK package.
sudo apt update
sudo apt install openjdk-11-jdk
Java is installed on your system, you can verify the installation by typing:
java -version
It should show output as following:
openjdk version "11.0.7" 2020-04-14
OpenJDK Runtime Environment (build 11.0.7+10-post-Ubuntu-3ubuntu1)
OpenJDK 64-Bit Server VM (build 11.0.7+10-post-Ubuntu-3ubuntu1, mixed mode, sharing)Create Tomcat User
In order to run Tomcat service, we’ll need to set up a new Tomcat user. Its recommended that, Tomcat should not run as root user due to security risk. Run the following command to do so:
sudo useradd -m -U -d /opt/tomcat -s /bin/false tomcat
Now you are ready to install Tomcat on your Ubuntu system.
Install Tomcat
At the time of writing this tutorial, the latest Tomcat version is 9.0.35. Its best practice to check the latest version at Tomcat 9 download page if any new version available.
Next, navigate to the /tmp directory to download the latest Tomcat binary release using wget:
cd /tmp
wget https://www-eu.apache.org/dist/tomcat/tomcat-9/v9.0.35/bin/apache-tomcat-9.0.35.tar.gz
Once download complete, extract archive and move to /opt/tomcat directory.
sudo tar -xf apache-tomcat-9.0.35.tar.gz
sudo mv apache-tomcat-9.0.35 /opt/tomcat/
Now, We will create a symbolic link by setting latest as name, that points to the Tomcat installation directory. Later, when upgrading Tomcat, you can easily migrate to another Tomcat version just by changing the symlink to point to the desired version.
sudo ln -s /opt/tomcat/apache-tomcat-9.0.35 /opt/tomcat/latest
Set Permissions
You must change the ownership of the /opt/tomcat directory to previously created tomcat user and group. So that user can have access to the installation directory. Run the below command:
sudo chown -R tomcat: /opt/tomcat
Make a script inside the bin directory executable:
sudo sh -c 'chmod +x /opt/tomcat/latest/bin/*.sh'
Create Systemd Unit File
To run Tomcat as a service we will create a new file. Open your favorite text editor to create a tomcat.service file inside /etc/systemd/system/ directory:
sudo nano /etc/systemd/system/tomcat.service
Now, add the following code into the file.
[Unit]
Description=Tomcat 9.0 servlet container
After=network.target
[Service]
Type=forking
User=tomcat
Group=tomcat
Environment="JAVA_HOME=/usr/lib/jvm/default-java"
Environment="JAVA_OPTS=-Djava.security.egd=file:///dev/urandom"
Environment="CATALINA_BASE=/opt/tomcat/latest"
Environment="CATALINA_HOME=/opt/tomcat/latest"
Environment="CATALINA_PID=/opt/tomcat/latest/temp/tomcat.pid"
Environment="CATALINA_OPTS=-Xms512M -Xmx1024M -server -XX:+UseParallelGC"
ExecStart=/opt/tomcat/latest/bin/startup.sh
ExecStop=/opt/tomcat/latest/bin/shutdown.sh
[Install]
WantedBy=multi-user.targetNote : If the path to your Java installation is different than default, you should replace JAVA_HOME variable.
Save and close the file. After that reload systemd daemon to notify systemd that a new file created and start the Tomcat service:
sudo systemctl daemon-reload
sudo systemctl start tomcat
Check the status of the Tomcat service using below command:
sudo systemctl status tomcat
● tomcat.service - Tomcat 9 servlet container
Loaded: loaded (/etc/systemd/system/tomcat.service; enabled; vendor preset: enabled)
Active: active (running) since Mon 2020-05-27 08:28:37 UTC; 4s ago
Process: 5104 ExecStart=/opt/tomcat/latest/bin/startup.sh (code=exited, status=0/SUCCESS)
Main PID: 5221 (java)
...If there is no error then enable the Tomcat service to auto-start at boot:
sudo systemctl enable tomcat
Adjusting Firewall
If firewall is running on your server then you should open port 8080 to access Tomcat from outside of your local system.
sudo ufw allow 8080/tcp
Configure Tomcat Web Management Interface
Now, Tomcat is installed and time to create user and roles to access web interface. The tomcat-users.xml file contains Tomcat users and their roles. Edit tomcat-users.xml file by running following command:
sudo nano /opt/tomcat/latest/conf/tomcat-users.xml
We will define a new user in this file with access to the tomcat manager-gui and admin-gui. It strongly recommended to set strong password for users.
<tomcat-users>
<!--
Comments
-->
<role rolename="admin-gui"/>
<role rolename="manager-gui"/>
<user username="admin" password="admin_password" roles="admin-gui,manager-gui"/>
</tomcat-users>Save and close the above file.
By default the Tomcat web management interface does not allow access the web interface from a remote IP. It’s a security risk to allow access from a remote IP or from anywhere. If you need to access the web interface from anywhere open the following files and make file content as given below.
Open Manager app context file using below command:
sudo nano /opt/tomcat/latest/webapps/manager/META-INF/context.xml
<Context antiResourceLocking="false" privileged="true" >
<!--
<Valve className="org.apache.catalina.valves.RemoteAddrValve"
allow="127\.\d+\.\d+\.\d+|::1|0:0:0:0:0:0:0:1" />
-->
</Context>Run below command to open Host Manager app context file:
sudo nano /opt/tomcat/latest/webapps/host-manager/META-INF/context.xml
<Context antiResourceLocking="false" privileged="true" >
<!--
<Valve className="org.apache.catalina.valves.RemoteAddrValve"
allow="127\.\d+\.\d+\.\d+|::1|0:0:0:0:0:0:0:1" />
-->
</Context>Save and close the files and restart the Tomcat server, type:
sudo systemctl restart tomcat
It is also allowed to set a specific IP to access web interface instead of from anywhere. Do not comment the blocks add your public IP to the list. For example, your public IP is 152.18.101.2 then it should look like below:
<Context antiResourceLocking="false" privileged="true" >
<Valve className="org.apache.catalina.valves.RemoteAddrValve"
allow="127\.\d+\.\d+\.\d+|::1|0:0:0:0:0:0:0:1|152.18.101.2" />
</Context>You can add more IP address with vertical bar separator. Again, Restart the Tomcat service for changes to take effect:
sudo systemctl restart tomcat
Testing Tomcat
Open your favorite web browser and type: http://your_domain_or_IP_address:8080
It should appear page as given below if your installation is successful.
Visit http://your_domain_or_IP_address:8080/manager/html to open Tomcat web application manager dashboard. Enter the credentials which we created previously in tomcat-users.xml file.
The Virtual Host Manager App is available at http://your_domain_or_IP_address:8080/host-manager/html. By using this app you can manage virtual hosts.
Conclusion
In this tutorial explained how to install Tomcat 9 on your Ubuntu 20.04 machine. To learn more about the Apache Tomcat visit the official Apache Tomcat 9.0 Documentation.
If you have question or suggestion, please leave a comment below.