How to Setup Apache Tomcat on Linux in Azure/AWS/GCP
To install Tomcat in any of the cloud platforms, the best way is to use the available images in the marketplace that run Apache Tomcat on Ubuntu, Debian or CentOS server with the recommended configuration and the Java JDK. Production ready. Click on the links below to deploy to your preferred cloud platform.
Setup Tomcat on Azure
Setup Tomcat on AWS
Setup Tomcat on GCP
Table of Contents
Apache Tomcat Server features
Apache Tomcat or Tomcat Server is a Java Server Page container that assist web developers building and maintaining dynamic websites and applications based on the Java software platform.
- Java Servlets container of the Java platform are: JavaServer Pages (JSP), Java Expression Language (Java EL) and WebSocket.
- The software enables a web server to handle dynamic Java-based web content using the HTTP protocol.
- It can handle both static pages and dynamic pages. The static pages are generated using HTML.
- Essentially a web server designed to serve files from the local system, like Apache.
- A Java enterprise application server is a full-blown implementation of the Java EE (now Jakarta EE) specification.
Getting Started with Apache Tomcat
SSH into new server
Once your Tomcat server has been deployed, the following links explain how to connect to a Linux VM:
- How to connect to a Linux VM on Azure
- How to connect to a Linux VM on AWS
- How to connect to a Linux VM on GCP
Once connected and logged in, the following section explains how to start using Apache Tomcat
Using Tomcat Server on Linux
Installation of Tomcat is in the following directory:
/opt/tomcat/9_37
You can access the Tomcat Web Admin Manager via the following URL:
http://ip-address:8080
In order to use Tomcat’s web management interface, you will need to create a user and also allow access to your remote IP (Instructions further down). Open the tomcat-users.xml file with the command:
sudo nano /opt/tomcat/9_37/conf/tomcat-users.xml
If nano editor isn’t found/installed, you can run the vim editor command instead:
sudo vim /opt/tomcat/9_37/conf/tomcat-users.xml
Scroll down and you will want to remove the following comments
Update the rolenames with the following:
manager-gui
admin-gui
Add a username and password and add the manager-gui,admin-gui roles to your user as the following screenshot:
Save the file and return to the command line and restart the tomcat service with the following command:
sudo systemctl restart tomcat
If you now access the Tomcat web admin manager (http://ip-address:8080) and click on ‘Manager App‘ or ‘Host Manager‘ add in your new username and password and you should see the following:
If you click on Manager App or Host Manager a login box should appear. If not scroll down to instructions on ‘Allow access to Tomcat from remote IP‘
Allow access to Tomcat from remote IP
By default Tomcat web management interface is configured to allow access only from the localhost. If you want to be able to access the web interface from a remote IP or from anywhere which is not recommended because it is a security risk you can open the following files and make the following changes.
If you need to access the web interface from anywhere open the following files and comment or remove the lines highlighted in yellow:
/opt/tomcat/9_37/webapps/manager/META-INF/context.xml
/opt/tomcat/9_37/webapps/host-manager/META-INF/context.xml
If you need to access the web interface only from a specific IP, instead of commenting the blocks add your public IP to the list. Let’s say your public IP is 41.41.41.41 and you want to allow access only from that IP:
/opt/tomcat/9_37/webapps/manager/META-INF/context.xml
<Context antiResourceLocking="false" privileged="true" >
<Valve className="org.apache.catalina.valves.RemoteAddrValve"
allow="127\.\d+\.\d+\.\d+|::1|0:0:0:0:0:0:0:1|41.41.41.41" />
/opt/tomcat/9_37/webapps/host-manager/META-INF/context.xml
<Context antiResourceLocking="false" privileged="true" >
<Valve className="org.apache.catalina.valves.RemoteAddrValve"
allow="127\.\d+\.\d+\.\d+|::1|0:0:0:0:0:0:0:1|41.41.41.41" />
The list of allowed IP addresses is a list separated with vertical bar |. You can add single IP addresses or use a regular expressions.
Once done, restart the Tomcat service for changes to take effect:
sudo systemctl restart tomcat
Tomcat Firewall Ports
Tomcat listens on port 8080 for HTTP, port 8443 for https and port 8009 for AJP
If you are using any firewalls, network security groups on any of the cloud platforms you will need to open these ports.
To setup AWS firewall rules refer to – AWS Security Groups
To setup Azure firewall rules refer to – Azure Network Security Groups
To setup Google GCP firewall rules refer to – Creating GCP Firewalls
Tomcat Documentation
Documentation on using Tomcat can be found on their website on the following URL:
https://tomcat.apache.org/tomcat-9.0-doc/index.html
Also Read:
How to setup Apache Tomcat on Windows in Azure/AWS/GCP
How to Setup Nginx Web Server on Ubuntu Server on Azure/AWS/GCP
Tomcat Support
Any issues with installing this solution into any of the cloud platforms, please leave a message below or contact us directly
For any Tomcat support, take a look at the support section on their website:
https://tomcat.apache.org/findhelp.html
Disclaimer: Apache Tomcat® is a registered trademark of Apache Software Foundation and is licensed under Apache License version 2. No warrantee of any kind, express or implied, is included with this software. Use at your risk, responsibility for damages (if any) to anyone resulting from the use of this software rest entirely with the user. The author is not responsible for any damage that its use could cause.
