Today we’ll look at how you can install Apache Tomcat 9 on CentOS 7 / Fedora 39/38/37/36/35. Tomcat Server is an open-source Java Servlet Container developed by the Apache Software Foundation (ASF) and released under the Apache License version 2. This tool enables you to host web applications written in Java. Tomcat executes Java servlets and renders Web pages that include Java Server Page coding.

Tomcat 9 is built on top of the latest Java EE 8 specifications such as Servlet 4.0, EL 3.1, JSP 2.4 and WebSocket 1.2. Below are the steps to install Apache Tomcat 9 on CentOS 7 / Fedora.

1) Disable SELinux and Install curl

Since we will be running tomcat service as tomcat user, disable or set SELinux in permissive mode:

sudo yum -y install curl vim wget
sudo setenforce 0
sudo sed -i 's/^SELINUX=.*/SELINUX=permissive/g' /etc/selinux/config

To completely disable it, run:

sudo sed -i 's/^SELINUX=.*/SELINUX=disabled/g' /etc/selinux/config
sudo reboot

2) Install Java OpenJDK 11

The first step is to install OpenJDK 11 on CentOS 7 / Fedora as it is a Tomcat dependency. I had earlier written an article on how to install JDK on  CentOS 7 / Fedora. The link to the article is:

3) Install Apache Tomcat 9

After installing OpenJDK 11, proceed to download and install Tomcat 9 on CentOS 7 / Fedora. Check for the latest release of Tomcat 9 from Apache website before downloading.

export VER="9.0.83"
wget https://archive.apache.org/dist/tomcat/tomcat-9/v${VER}/bin/apache-tomcat-${VER}.tar.gz

Extract downloaded file:

tar xvf apache-tomcat-$VER.tar.gz

Move the resulting folder to /usr/libexec/tomcat9

sudo mv apache-tomcat-${VER} /usr/libexec/tomcat9

4) Add Tomcat user and group

We need to add a user to manage Tomcat. This user will be named tomcat

sudo groupadd --system tomcat
sudo useradd -M -d /usr/libexec/tomcat9 -g tomcat tomcat

Change the ownership of the /usr/libexec/tomcat9directory to the tomcat user and group.

sudo chown -R tomcat:tomcat /usr/libexec/tomcat9

5) Create Tomcat Systemd service

The last step is to create a service unit file for tomcat. Create a new file under:

sudo tee /etc/systemd/system/tomcat9.service<<EOF
[Unit]
Description=Apache Tomcat 9
Documentation=http://tomcat.apache.org/tomcat-9.0-doc/
After=network.target syslog.target

[Service]
User=tomcat
Group=tomcat
Type=oneshot
ExecStart=/usr/libexec/tomcat9/bin/startup.sh
ExecStop=/usr/libexec/tomcat9/bin/shutdown.sh
RemainAfterExit=yes
[Install]
WantedBy=multi-user.target
EOF

Reload systemd and start tomcat9 service:

sudo systemctl daemon-reload
sudo systemctl restart tomcat9.service

You can check service status using:

$ systemctl status tomcat9.service
● tomcat9.service - Apache Tomcat 9
     Loaded: loaded (/etc/systemd/system/tomcat9.service; disabled; preset: disabled)
    Drop-In: /usr/lib/systemd/system/service.d
             └─10-timeout-abort.conf
     Active: active (exited) since Fri 2023-11-17 02:51:00 UTC; 6s ago
       Docs: http://tomcat.apache.org/tomcat-9.0-doc/
    Process: 12510 ExecStart=/usr/libexec/tomcat9/bin/startup.sh (code=exited, status=0/SUCCESS)
   Main PID: 12510 (code=exited, status=0/SUCCESS)
      Tasks: 34 (limit: 4520)
     Memory: 95.7M
        CPU: 6.373s
     CGroup: /system.slice/tomcat9.service
             └─12524 /usr/bin/java -Djava.util.logging.config.file=/usr/libexec/tomcat9/conf/logging.properties -Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager -Djdk.tls.ephemeral>

Nov 17 02:51:00 fed39.mylab.io systemd[1]: Starting tomcat9.service - Apache Tomcat 9...
Nov 17 02:51:00 fed39.mylab.io startup.sh[12510]: Tomcat started.
Nov 17 02:51:00 fed39.mylab.io systemd[1]: Finished tomcat9.service - Apache Tomcat 9.

The service should be listening on port 8080

$ sudo ss -tunelp | grep 8080
tcp   LISTEN  0       100                         *:8080                *:*      users:(("java",pid=3241,fd=37)) uid:1001 ino:29845 sk:a v6only:0 <->

If you have an active firewall service, allow port 8080

sudo firewall-cmd --add-port=8080/tcp
sudo firewall-cmd --reload

Tomcat default website is available on [http://(server's hostname or IP address):8080/]

install tomcat on centos fedora

Administration guide is available on http://<IP>:8080/docs/index.html.

6) Proxy Pass Access ( Optional)

You can configure Apache http server to access Tomcat interface without specifying port 8080

Install and start Apache web server.

sudo yum -y install httpd
sudo systemctl start httpd && sudo systemctl enable httpd
sudo firewall-cmd --add-service=http --permanent
sudo firewall-cmd --reload

Create tomcat configuration file

sudo vim /etc/httpd/conf.d/proxy_tomcat.conf

Add:

ProxyPass /tomcat9/ ajp://localhost:8009/

Access to [http://(server's hostname or IP address)/tomcat9/] and confirm that the change is working as expected.

7) Configure Authentication

Create a Tomcat user to access Tomcat manager

sudo vim /usr/libexec/tomcat9/conf/tomcat-users.xml

Add the following lines to the file:

<role rolename="admin-gui" />
<user username="admin" password="StrongPassword" roles="manager-gui,admin-gui"
</tomcat-users>

Replace StrongPassword with your strong actual admin password.

Other Articles:

RELATED ARTICLESMORE FROM AUTHOR

LEAVE A REPLY

Please enter your comment!
Please enter your name here