How to Install Tomcat 8.5 on Ubuntu 18.04
Updated on
•5 min read
Apache Tomcat is an open-source implementation of Java Servlet, JavaServer Pages, Java Expression Language, and Java WebSocket technologies. It is one of the most widely adopted applications and web servers in the world today. Tomcat is simple to use and has a robust ecosystem of add-ons.
This tutorial demonstrates how to install Tomcat 8.5 on Ubuntu 18.04. The same instructions apply for Ubuntu 16.04 and any Ubuntu based distribution, including Linux Mint and Elementary OS.
Prerequisites
Before continuing with this tutorial, make sure you are logged in as a user with sudo privileges .
Install OpenJDK
OpenJDK, the open-source implementation of the Java Platform is the default Java development and runtime in Ubuntu 18.04.
The installation of the OpenJDK package is pretty straight forward:
sudo apt install default-jdk
Create Tomcat user
We will create a new system user
and group with home directory /opt/tomcat
which will run the Tomcat service:
sudo useradd -m -U -d /opt/tomcat -s /bin/false tomcat
Download Tomcat
We will use wget
and unzip
to download and extract the Tomcat archive. If you don’t have unzip
and wget
installed on your system install the packages with:
sudo apt install unzip wget
Download the latest version of Tomcat 8.5.x from the Tomcat downloads page . At the time of writing, the latest version is 8.5.37. Before continuing with the next step you should check the download page for a new version.
Change to the /tmp
directory and download the zip file with the following wget command
:
cd /tmp
wget http://www-us.apache.org/dist/tomcat/tomcat-8/v8.5.37/bin/apache-tomcat-8.5.37.zip
Once the download is completed, unzip the file
and move it to the /opt/tomcat
directory:
unzip apache-tomcat-*.zip
sudo mkdir -p /opt/tomcat
sudo mv apache-tomcat-8.5.37 /opt/tomcat/
In order to have more control over versions and updates, we will create a symbolic link
latest
which will point to the Tomcat installation directory:
sudo ln -s /opt/tomcat/apache-tomcat-8.5.37 /opt/tomcat/latest
Later if you want to upgrade your Tomcat installation you can simply unpack the newer version and change the symlink to point to the latest version.
The tomcat user that we previously set up needs to have access to the tomcat directory, so we will change the directory ownership to user and group tomcat:
sudo chown -R tomcat: /opt/tomcat
Make the scripts inside bin
directory executable by running the following chmod
command:
sudo sh -c 'chmod +x /opt/tomcat/latest/bin/*.sh'
Create a systemd unit file
To run Tomcat as a service we will create a new tomcat.service
unit file in the /etc/systemd/system/
directory with the following contents:
[Unit]
Description=Tomcat 8.5 servlet container
After=network.target
[Service]
Type=forking
User=tomcat
Group=tomcat
Environment="JAVA_HOME=/usr/lib/jvm/default-java"
Environment="JAVA_OPTS=-Djava.security.egd=file:///dev/urandom"
Environment="CATALINA_BASE=/opt/tomcat/latest"
Environment="CATALINA_HOME=/opt/tomcat/latest"
Environment="CATALINA_PID=/opt/tomcat/latest/temp/tomcat.pid"
Environment="CATALINA_OPTS=-Xms512M -Xmx1024M -server -XX:+UseParallelGC"
ExecStart=/opt/tomcat/latest/bin/startup.sh
ExecStop=/opt/tomcat/latest/bin/shutdown.sh
[Install]
WantedBy=multi-user.target
Notify systemd that we created a new unit file and start the Tomcat service by executing:
sudo systemctl daemon-reload
sudo systemctl start tomcat
You can check the service status with the following command:
sudo systemctl status tomcat
● tomcat.service - Tomcat 8.5 servlet container
Loaded: loaded (/etc/systemd/system/tomcat.service; disabled; vendor preset: enabled)
Active: active (running) since Sat 2018-05-05 11:04:40 UTC; 5s ago
Process: 13478 ExecStart=/opt/tomcat/latest/bin/startup.sh (code=exited, status=0/SUCCESS)
Main PID: 13499 (java)
Tasks: 45 (limit: 507)
CGroup: /system.slice/tomcat.service
└─13499 /usr/lib/jvm/default-java/bin/java -Djava.util.logging.config.file=/opt/tomcat/latest/conf/logging.properties -Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager -Djava.security.
and if there are no errors you can enable the Tomcat service to be automatically started at boot time:
sudo systemctl enable tomcat
Adjust the Firewall
If your server is protected by a firewall
and you want to access the tomcat interface from the outside of your local network you will need to open port 8080
.
To allow traffic on port 8080
type the following command:
sudo ufw allow 8080/tcp
Configure Tomcat Web Management Interface
Now that we have Tomcat installed on our Ubuntu server the next step is to create a user who will have access the web management interface.
Tomcat users and their roles are defined in the tomcat-users.xml
file.
If you open the file you will notice that it is filled with comments and examples describing how to configure the file.
sudo vim /opt/tomcat/latest/conf/tomcat-users.xml
To add a new user who can access the tomcat web interface (manager-gui and admin-gui) we need to define the user in the tomcat-users.xml
file as shown below. Be sure you change the username and password to something more secure:
<tomcat-users>
<!--
Comments
-->
<role rolename="admin-gui"/>
<role rolename="manager-gui"/>
<user username="admin" password="admin_password" roles="admin-gui,manager-gui"/>
</tomcat-users>
By default Tomcat web management interface is configured to allow access only from the localhost, if you want to be able to access the web interface from a remote IP or from anywhere which is not recommended because it is a security risk you can open the following files and make the following changes.
If you need to access the web interface from anywhere open the following files and comment or remove the lines highlighted in yellow:
<Context antiResourceLocking="false" privileged="true" >
<!--
<Valve className="org.apache.catalina.valves.RemoteAddrValve"
allow="127\.\d+\.\d+\.\d+|::1|0:0:0:0:0:0:0:1" />
-->
</Context>
<Context antiResourceLocking="false" privileged="true" >
<!--
<Valve className="org.apache.catalina.valves.RemoteAddrValve"
allow="127\.\d+\.\d+\.\d+|::1|0:0:0:0:0:0:0:1" />
-->
</Context>
If you need to access the web interface only from a specific IP, instead of commenting the blocks add your public IP to the list.
Let’s say your public IP is 32.32.32.32
and you want to allow access only from that IP:
<Context antiResourceLocking="false" privileged="true" >
<Valve className="org.apache.catalina.valves.RemoteAddrValve"
allow="127\.\d+\.\d+\.\d+|::1|0:0:0:0:0:0:0:1|32.32.32.32" />
</Context>
<Context antiResourceLocking="false" privileged="true" >
<Valve className="org.apache.catalina.valves.RemoteAddrValve"
allow="127\.\d+\.\d+\.\d+|::1|0:0:0:0:0:0:0:1|32.32.32.32" />
</Context>
The list of allowed IP addresses is a list separated with vertical bar |
. You can add single IP addresses or use a regular expressions.
Restart the Tomcat service for changes to take effect:
sudo systemctl restart tomcat
Test the Installation
Open your browser and type: http://<your_domain_or_IP_address>:8080
Assuming the installation is successful, a screen similar to the following will appear:
Tomcat web application manager dashboard is available at http://<your_domain_or_IP_address>:8080/manager/html
. From here, you can deploy, undeploy, start, stop and reload your applications.
Tomcat virtual host manager dashboard is available at http://<your_domain_or_IP_address>:8080/host-manager/html
. From here, you can create, delete and manage Tomcat virtual hosts.
Conclusion
You have successfully installed Tomcat 8.5 on your Ubuntu 18.04 system. You can now visit the official Apache Tomcat 8 Documentation and learn more about the Apache Tomcat features.
If you hit a problem or have feedback, leave a comment below.