We need a system running on Debian 9, and having a user to login on the system with sudo privileges to execute installation command without any issue.
Tomcat application server needs Java to installed on the system. Here, we will install OpenJDK, which is default Java Development and runtime environment provided by Debian 9.
You can install any java in your system ether OpenJDK or Oracle Java, follow this to install Java into Debian.
The installation of OpenJDK is straightforward, first update the Debian package repository index:
$ sudo apt update
Now, install OpenJDK using following command:
$ sudo apt install openjdk-11-jdk
Create Tomcat User
$ sudo useradd -r -m -U -d /opt/tomcat -s /bin/false tomcat
Install Tomcat Application Server
$ wget http://www-eu.apache.org/dist/tomcat/tomcat-9/v9.0.27/bin/apache-tomcat-9.0.27.tar.gz -P /tmp
After completing the download of Tomcat binary package, extract the package and move it to the “/opt/tomcat” directory using the following command:
$ sudo tar xf /tmp/apache-tomcat-9*.tar.gz -C /opt/tomcat
We can control Tomcat versions and updates by creating a symbolic link of tomcat installation directory with the name of “latest” as shown below:
$ sudo ln -s /opt/tomcat/apache-tomcat-9.0.27 /opt/tomcat/latest
$ sudo chown -RH tomcat: /opt/tomcat/latest
The scripts available inside “bin” directory must be having executable permission:
$ sudo sh -c 'chmod +x /opt/tomcat/latest/bin/*.sh'
Create a system Unit File
$ sudo vim /etc/systemd/system/tomcat.service
Copy and paste the following configuration into the service file:
/etc/systemd/system/tomcat.service [Unit] Description=Tomcat 9 servlet container After=network.target [Service] Type=forking User=tomcat Group=tomcat Environment="JAVA_HOME=/usr/lib/jvm/default-java" Environment="JAVA_OPTS=-Djava.security.egd=file:///dev/urandom -Djava.awt.headless=true" Environment="CATALINA_BASE=/opt/tomcat/latest" Environment="CATALINA_HOME=/opt/tomcat/latest" Environment="CATALINA_PID=/opt/tomcat/latest/temp/tomcat.pid" Environment="CATALINA_OPTS=-Xms512M -Xmx1024M -server -XX:+UseParallelGC" ExecStart=/opt/tomcat/latest/bin/startup.sh ExecStop=/opt/tomcat/latest/bin/shutdown.sh [Install] WantedBy=multi-user.target
“you should modify the “JAVA_HOME” path as per your installation path”.
After saving the above service file, notify the system that we have a new unit file using the following command:
$ sudo systemctl daemon-reload
Now, start Tomcat service by executing the below command:
$ sudo systemctl start tomcat
We can use the following command to check the service status:
$ sudo systemctl status tomcat
Output- * tomcat.service - Tomcat 9 servlet container Loaded: loaded (/etc/systemd/system/tomcat.service; disabled; vendor preset: enabled) Active: active (running) since Wed 2019-06-05 15:45:28 PDT; 20s ago Process: 1712 ExecStart=/opt/tomcat/latest/bin/startup.sh (code=exited, status=0/SUCCESS) Main PID: 1402 (java) Tasks: 47 (limit: 2319) CGroup: /system.slice/tomcat.service
If we are not getting any error in the service file, we will enable the Tomcat service to start it automatically on system boot time:
$ sudo systemctl enable tomcat
Adjust the Firewall
If a firewall protects your Debian 9 Operating system, and you want to access your Tomcat from the outside of your local network, need to open port 8080 on the firewall as tomcat service is running on default port 8080.
$ sudo ufw allow 8080/tcp
Generally, we are using the Tomcat application server with a load balancer or reverse proxy server. It is the best practice to restrict access on port 8080 for the local network and use the application on a proxy server.
Configure Tomcat Web Management Interface
Now the Tomcat is successfully installed and running into the Debian 9 machine. In the next step, we will check how to create a user to access the Tomcat’s web management interface.
$ sudo vim /opt/tomcat/latest/conf/tomcat-users.xml
/opt/tomcat/latest/conf/tomcat-users.xml <tomcat-users> <!-- Comments --> <role rolename="admin-gui"/> <role rolename="manager-gui"/> <user username="admin" password="admin_password" roles="admin-gui,manager-gui"/> </tomcat-users>
context.xml <Context antiResourceLocking="false" privileged="true" > <!-- <Valve className="org.apache.catalina.valves.RemoteAddrValve" allow="127.d+.d+.d+|::1|0:0:0:0:0:0:0:1" /> --> </Context>
context.xml <Context antiResourceLocking="false" privileged="true" > <Valve className="org.apache.catalina.valves.RemoteAddrValve" allow="127.d+.d+.d+|::1|0:0:0:0:0:0:0:1|220.127.116.11" /> </Context>
The allowed IP addresses separated by vertical bar “|”. You can use it to add a single IP address or use a regular expression. To take effect of the above configuration, always restart Tomcat services when you edit Tomcat configuration files:
$ sudo systemctl restart tomcat
Test the Tomcat Installation
The Tomcat web application manager dashboard is available on url “http://<your_domain_or_IP_address>:8080/manager/html”. You can deploy, undeploy, start, stop and reload application from this manager window.
Similarly, Tomcat virtual host manager dashboard is available on url “http://<your_domain_or_IP_address>:8080/host-manager/html”. This dashboard you can use to create, delete and manage Tomcat virtual hosts.
To sign in above both panel, you can use username and password which have created for tomcat web interface access in the above steps.
You have installed Tomcat 9 on your Debian 9 machine. You have learned to access tomcat applications, manager and host-manager dashboard. You lean to configure tomcat user to access web interfaces to manage tomcat services and virtual hosts.