Wednesday, 26 September 2012

How to install tomcat in rhel 6.3 / centos 6.3

This post will cover installing and basic configuration of apache-tomcat-7.0.30

If you do not already have the Java Development Kit (JDK) installed on your machine, you will need to download and install the required JDK for your platform.

If you do have the JDK installed, you can skip to: Step 2: Download and Install the  apache-tomcat-7.0.30

Step 1: Install the JDK

[root@station1 Downloads]# rpm -ivh jdk-7u7-linux-x64.rpm
-->
[root@station1 Downloads]# JAVA_HOME=/usr/java/jdk1.7.0_07
[root@station1 Downloads]# export JAVA_HOME
[root@station1 Downloads]# PATH=$JAVA_HOME/bin:$PATH
[root@station1 Downloads]# export PATH 
[root@station1 Downloads]# vim /root/.bash_profile
# .bash_profile

# Get the aliases and functions
if [ -f ~/.bashrc ]; then
        . ~/.bashrc
fi

# User specific environment and startup programs
JAVA_HOME=/usr/java/jdk1.7.0_07/
export JAVA_HOME
PATH=$JAVA_HOME/bin:$PATH
export PATH
#PATH=$PATH:$HOME/bin
#export PATH
Restart or logout and login
[root@station1 Downloads]# echo $JAVA_HOME
/usr/java/jdk1.7.0_07/


       Step 2: Download and Unpack apache-tomcat-7.0.30 (or latest)
To download apache-tomcat click here
[root@station1 Downloads]# tar -xzvf apache-tomcat-7.0.30.tar.gz
[root@station1 Downloads]# mv apache-tomcat-7.0.30 /usr/share/
[root@station1 Downloads]# vim /etc/init.d/tomcat
    #!/bin/bash
    # description: Tomcat Start Stop Restart
    # processname: tomcat
    # chkconfig: 234 20 80
    JAVA_HOME=/usr/java/jdk1.7.0_07
    export JAVA_HOME
    PATH=$JAVA_HOME/bin:$PATH
    export PATH
    CATALINA_HOME=/usr/share/apache-tomcat-7.0.30

    case $1 in
    start)
    sh $CATALINA_HOME/bin/startup.sh
    ;;
    stop)
    sh $CATALINA_HOME/bin/shutdown.sh
    ;;
    restart)
    sh $CATALINA_HOME/bin/shutdown.sh
    sh $CATALINA_HOME/bin/startup.sh
    ;;
    esac
    exit 0
[root@station1 ~]# chmod 755 /etc/init.d/tomcat
[root@station1 ~]# chkconfig --add tomcat
[root@station1 ~]# chkconfig --level 234 tomcat on
[root@station1 ~]# chkconfig --list tomcat
tomcat             0:off    1:off    2:on    3:on    4:on    5:off    6:off
[root@station1 ~]# service tomcat stop
Using CATALINA_BASE:   /usr/share/apache-tomcat-7.0.30
Using CATALINA_HOME:   /usr/share/apache-tomcat-7.0.30
Using CATALINA_TMPDIR: /usr/share/apache-tomcat-7.0.30/temp
Using JRE_HOME:        /usr/java/jdk1.7.0_07
Using CLASSPATH:       /usr/share/apache-tomcat-7.0.30/bin/bootstrap.jar:/usr/share/apache-tomcat-7.0.30/bin/tomcat-juli.jar
[root@station1 ~]# service tomcat start
Using CATALINA_BASE:   /usr/share/apache-tomcat-7.0.30
Using CATALINA_HOME:   /usr/share/apache-tomcat-7.0.30
Using CATALINA_TMPDIR: /usr/share/apache-tomcat-7.0.30/temp
Using JRE_HOME:        /usr/java/jdk1.7.0_07
Using CLASSPATH:       /usr/share/apache-tomcat-7.0.30/bin/bootstrap.jar:/usr/share/apache-tomcat-7.0.30/bin/tomcat-juli.jar
[root@station1 ~]# service tomcat restart
Using CATALINA_BASE:   /usr/share/apache-tomcat-7.0.30
Using CATALINA_HOME:   /usr/share/apache-tomcat-7.0.30
Using CATALINA_TMPDIR: /usr/share/apache-tomcat-7.0.30/temp
Using JRE_HOME:        /usr/java/jdk1.7.0_07
Using CLASSPATH:       /usr/share/apache-tomcat-7.0.30/bin/bootstrap.jar:/usr/share/apache-tomcat-7.0.30/bin/tomcat-juli.jar
Using CATALINA_BASE:   /usr/share/apache-tomcat-7.0.30
Using CATALINA_HOME:   /usr/share/apache-tomcat-7.0.30
Using CATALINA_TMPDIR: /usr/share/apache-tomcat-7.0.30/temp
Using JRE_HOME:        /usr/java/jdk1.7.0_07
Using CLASSPATH:       /usr/share/apache-tomcat-7.0.30/bin/bootstrap.jar:/usr/share/apache-tomcat-7.0.30/bin/tomcat-juli.jar

For logs

[root@station1 ~]# less /usr/share/apache-tomcat-7.0.30/logs/catalina.out
We can now access the Tomcat Manager page at
[root@station1 ~]# firefox http://station1.ranjihat.com:8080




Tomcat 7 contains a number of changes that offer finer-grain roles.

For security reasons, no users or passwords are created for the Tomcat manager roles by default. In a production deployment, it is always best to remove the Manager application.

To set roles, user name(s) and password(s), we need to configure the tomcat-users.xml file located at $CATALINA_HOME/conf/tomcat-users.xml.

In the case of our installation, $CATALINA_HOME is located at /usr/share/apache-tomcat-7.0.30.

By default the Tomcat 7 tomcat-users.xml file will have the elements between the and tags commented-out. .

New roles for Tomcat 7 offer finer-grained access and The following roles are now available:

manager-gui
manager-status
manager-jmx
manager-script
admin-gu
admin-script.

We can set the manager-gui role, for example as below

[root@station1 ~]# vim /usr/share/apache-tomcat-7.0.30/conf/tomcat-users.xml

<tomcat-users>
<role rolename="manager-gui"/>  <user username="tomcat" password="secret" roles="manager-gui"/>  </tomcat-users>


Manage Memory Usage Using JAVA_OPTS

 Getting the right heap memory settings for your installation will depend on a number of factors.

For simplicity, we will set our inital heap size, Xms, and our maximum heap size, Xmx, to the same value of 128 Mb

Simliarly, there are several approaches you can take as to where and how you set your JAVA_OPTS

Again, for simplicity, we will add our JAVA_OPTS memory parameters in our Catalina.sh file.

So, open the Catalina.sh file located under /usr/share/apache-tomcat-7.0.29/bin with a text editor or vi.

Since we are using 128 Mb for both initial and maximum heap size, add the following line to Catalina.sh

[root@station1 ~]# vim /usr/share/apache-tomcat-7.0.30/bin/catalina.sh
  1 #!/bin/sh
  2 JAVA_OPTS="-Xms128m -Xmx128m"

 How to Run Tomcat using Minimally Privileged (non-root) Use
In our Tomcat configuration above, we are running Tomcat as Root.

For security reasons, it is always best to run services with the only those privileges that are necessary.

There are some who make a strong case that this is not required, but it's always best to err on the side of caution.

To run Tomcat as non-root user, we need to do the following:

1. Create the group 'tomcat':
[root@station1 ~]# groupadd tomcat
[root@station1 ~]# useradd -s /bin/bash -g tomcat tomcat
Change ownership of the tomcat files to the user tomcat we created above
[root@station1 ~]# chown -Rf tomcat.tomcat /usr/share/apache-tomcat-7.0.30/
Adjust the start/stop service script we created above. In our new script, we need to su to the user tomcat:
 [root@station1 ~]# vim /etc/init.d/tomcat
    #!/bin/bash
    # description: Tomcat Start Stop Restart
    # processname: tomcat

    JAVA_HOME=/usr/java/jdk1.7.0_07
    export JAVA_HOME
    PATH=$JAVA_HOME/bin:$PATH
    export PATH
    CATALINA_HOME=/usr/share/apache-tomcat-7.0.30

    case $1 in
    start)
    /bin/su sh $CATALINA_HOME/bin/startup.sh
    ;;
    stop)
    /bin/su sh $CATALINA_HOME/bin/shutdown.sh
    ;;
    restart)
    /bin/su sh $CATALINA_HOME/bin/shutdown.sh
    /bin/su sh $CATALINA_HOME/bin/startup.sh
    ;;
    esac
    exit 0

               How to Run Tomcat on Port 80 as Non-Root User 
Note: the following applies when you are running Tomcat in "stand alone" mode with Tomcat running under the minimally privileged user Tomcat we created in the previous step.

To run services below port 1024 as a user other than root, you can add the following to your IP tables
iptables -t nat -A PREROUTING -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 8080 iptables -t nat -A PREROUTING -p udp -m udp --dport 80 -j REDIRECT --to-ports 8080
Be sure to save and restart your IP Tables

Running Tomcat behind Apache
As an alternative to running Tomcat on port 80, if you have Apache in front of Tomcat, you can use mod_proxy as well as ajp connector to map your domain to your Tomcat application(s) using an Apache vhost as shown below.

While Tomcat has improved it's 'standalone performance', I still prefer to have Apace in front of it for a number of reasons.

In your Apache config, be sure to set KeepAlive to 'on'. Apache tuning, of course, is a whole subject in itself...

 76 KeepAlive On

VHOST with mod_proxy 
<VirtualHost *:80>
    ServerAdmin tomcat@station1.ranjihat.com
    ServerName station1.ranjihat.com
    ServerAlias www.ranjihat.com 
 
 
    ProxyRequests Off 
    ProxyPreserveHost On 
    <Proxy *> 
       Order allow,deny 
       Allow from all 
    </Proxy> 
 
 
    ProxyPass / http://station1.ranjihat.com:8080/ 
    ProxyPassReverse / http://station1.ranjihat.com:8080/ 
 
 
    ErrorLog logs/station1.ranjihat.com-error_log 
    CustomLog logs/station1.ranjihat.com-access_log common 
 
</VirtualHost>

12 comments:

  1. This guide is very well.
    It helped me a lot to configure tomcat.
    There is a missing point in your script:
    /etc/init.d/tomcat

    we must add a line that chkconfig add comments for this service:

    # chkconfig 234 20 80

    We can also remove the command line indicating the levels.

    ReplyDelete
    Replies
    1. Hi Thierry Freres..

      Thanks for reading my blog and thanks for your suggestions as well.

      Delete
  2. Give me this file path

    ServerAdmin tomcat@station1.ranjihat.com
    ServerName station1.ranjihat.com
    ServerAlias www.ranjihat.com


    ProxyRequests Off
    ProxyPreserveHost On

    Order allow,deny
    Allow from all

    ReplyDelete
    Replies
    1. Its httpd.conf file. /etc/httpd/conf/httpd.conf

      Delete
  3. Give me this file path

    ServerAdmin tomcat@station1.ranjihat.com
    ServerName station1.ranjihat.com
    ServerAlias www.ranjihat.com


    ProxyRequests Off
    ProxyPreserveHost On

    Order allow,deny
    Allow from all

    ReplyDelete
  4. Here is another article, that explains the same task.

    http://kahimyang.info/kauswagan/howto_blogs/1422-install_tomcat_7_as_your_primary_webserver_in_centos_6_3

    ReplyDelete
  5. how to change tomcat port rhel 6?

    ReplyDelete
    Replies
    1. Mr. Sudhanshu

      Please refer to this link http://visitmeranjith.blogspot.in/2013/03/how-to-change-tomcat-port-number.html

      Delete
  6. hello ranjit.i had followed your procedure in installing tomcat in centos 6.3
    when i run the command
    [root@www ~]#service tomcat start
    Using CATALINA_BASE: /opt/tomcat/apache-tomcat-7.0.39-src
    Using CATALINA_HOME: /opt/tomcat/apache-tomcat-7.0.39-src
    Using CATALINA_TMPDIR: /opt/tomcat/apache-tomcat-7.0.39-src/temp
    Using JRE_HOME: /opt/jdk/jdk1.7.0_11
    Using CLASSPATH: /opt/tomcat/apache-tomcat-7.0.39-src/bin/bootstrap.jar:/opt/tomcat/apache-tomcat-7.0.39-src/bin/tomcat-juli.jar

    [root@www ~]#service tomcat stop
    Using CATALINA_BASE: /opt/tomcat/apache-tomcat-7.0.39-src
    Using CATALINA_HOME: /opt/tomcat/apache-tomcat-7.0.39-src
    Using CATALINA_TMPDIR: /opt/tomcat/apache-tomcat-7.0.39-src/temp
    Using JRE_HOME: /opt/jdk/jdk1.7.0_11
    Using CLASSPATH: /opt/tomcat/apache-tomcat-7.0.39-src/bin/bootstrap.jar:/opt/tomcat/apache-tomcat-7.0.39-src/bin/tomcat-juli.jar
    Error: Could not find or load main class org.apache.catalina.startup.Bootstrap

    plz help me out..

    ReplyDelete
    Replies
    1. Hi Anonymous

      check the contents of /root/.bash_profile & /etc/init.d/tomcat file and edit the contents according to the version you are trying.

      Delete
  7. Hi Ranjith,

    Really nice tutorial I found so far......

    Thanks a lot !!

    ReplyDelete