Skip to main content

Tomcat Administration Deep Dive

Course

Intro Video

Photo of Kevin James

Kevin James

Training Architect

Length

06:00:00

Difficulty

Intermediate

Videos

35

Hands-on Labs

15

Course Details

The Apache Tomcat® software is an open source implementation of the Java Servlet, JavaServer Pages, Java Expression Language, and Java WebSocket technologies.

In this course, we will dive into what Tomcat is, how it’s configured and installed, day-to-day maintenance tasks, and how to deploy your Java application. We will also go over basic troubleshooting and optimization to get the most out of your application server.

In this course we will be using Tomcat 9 and Red Hat Enterprise 8 in the the examples and hands-on lab environments.

The Git Repository used for this course can be found at [https://github.com/linuxacademy/tomcat-admin-deep-dive]

Syllabus

About This course

About This Course

00:03:33

Lesson Description:

Welcome to this course, about Tomcat 9 on Red Hat Enterprise Linux 8. The Apache Tomcat software is an implementation of Java Servlet, JavaServer Pages, Java Expression Language, and Java WebSocket technologies. It is open source and available to run on many different platforms, as long as they support Java. This course was designed using Red Hat Enterprise Linux 8 and uses Tomcat version 9.

About the Training Architect

00:01:35

Lesson Description:

Introducing the course author: Kevin James I hope you like this course and find it valuable. If you have questions relating to the course, then feel free to contact me in the Community on the Linux Academy website or via our Slack channel.

What Is Tomcat

What Is Tomcat

00:05:24

Lesson Description:

In this lesson we will learn about Tomcat and what it is. It's good to get an overview of what Tomcat actually does, so this lesson is higher-level than some of the following ones. Tomcat is licensed under the Apache License. More information about the license can be found at https://www.apache.org/licenses/

The Services Tomcat Provides

00:03:47

Lesson Description:

So what can Tomcat do? In this lesson we discuss Tomcat and why some developers believe it is a full application server, and then why some developers believe it is only a web application server. We discuss Java Platform Enterprise Edition certification and how Tomcat fits in to that vision.

WAR Files Only, Please

00:05:48

Lesson Description:

In this lesson let's talk about what WAR files are, and why we cant use EAR files. The project TomEE is mentioned in the lesson and for those interested in looking further into that project, here is the link: http://tomee.apache.org

Tomcat and Its Uses

00:05:49

Lesson Description:

Let's learn some more about Tomcat and how it runs. In this lesson we see how easy it is to deploy an application via the command line.

Tomcat Day-to-Day

00:06:11

Lesson Description:

In this lesson we discuss what sort of tasks a Tomcat administrator might have to perform. Some tasks might be performed daily, some monthly, and others very rarely.

Comparisons Between Java Application Servers

00:04:04

Lesson Description:

There are many solutions available if you want to use Java web applications or Java servlets. This course itself is about Tomcat but in this lesson we discuss two of the others, and give some more information about those solutions. If you're interested in JBoss EAP, then we have a course available that covers it. You can search for JBoss EAP Administration on the site to find it.

Install and Configure Tomcat

Installing on Linux

00:13:04

Lesson Description:

In this lesson we will install Tomcat 9 onto Red Hat Enterprise 8. These are the commands we'll use for this lesson: First we become the root user and check and install updates:

sudo su -
dnf update
Next we install java-11-openjdk-devel package:
dnf install java-11-openjdk-devel
We check the version of Java:
java --version
Then we go to a webpage to get the latest version of Tomcat 9. We copy the link to the clipboard:https://tomcat.apache.org/download-90.cgi We will paste that later when we use wget to obtain the Tomcat install files. Before we can get them, we need to ensure we have wget installed. We might as well also install some other software that will get used later. (Note: we use yum install here but could also use dnf install):
yum install wget tree vim 
wget {PASTE IN HERE THE DOWNLOAD LINK FROM THE TOMCAT PAGE}
Note: The URL I use for the video is a temporary that may not be available. Below is a link to a mirror that should be ok. It is preferable to use the link copied to the clipboard earlier:
wget http://mirror.cogentco.com/pub/apache/tomcat/tomcat-9/v9.0.31/bin/apache-tomcat-9.0.31.tar.gz
Now we go to the folder we want to put Tomcat into:
cd /usr/local
Extract the downloaded file to the current location. Note: Your filename may be slightly different than what I have here. That's ok:
tar -xvf /root/apache-tomcat-9.0.31.tar.gz
Now we use the mv command to change the folder name. Note: Your filename may be slightly different than what I have here. That's ok:
mv apache-tomcat-9.0.31 tomcat9
Now we add the tomcat user as a system account. This means we don't need to do anything special for SELinux, as the system account will allow things to just work as we require. If you don't use a system account, you may need to manually fix things up for use with SELinux:
useradd -r tomcat
Now we need to change the permissions of the tomcat folder so the tomcat user can use it:
chown -R tomcat:tomcat /usr/local/tomcat9
Now we need to create the tomcat service. We use Vim to edit the file, but feel free to use the editor of your own choice:
vim /etc/systemd/system/tomcat.service
Add these contents to the file:
[Unit]
Description=Apache Tomcat
After=syslog.target network.target

[Service]
Type=forking
User=tomcat
Group=tomcat

Environment=CATALINA_PID=/usr/local/tomcat9/temp/tomcat.pid
Environment=CATALINA_HOME=/usr/local/tomcat9
Environment=CATALINA_BASE=/usr/local/tomcat9

ExecStart=/usr/local/tomcat9/bin/catalina.sh start
ExecStop=/usr/local/tomcat9/bin/catalina.sh stop

RestartSec=12
Restart=always
[Install]
WantedBy=multi-user.target
Now we get the system to recognize a new service is available:
systemctl daemon-reload
Now let's start the service, then enable it to autostart and check its status:
systemctl start tomcat.service
systemctl enable tomcat.service
systemctl status tomcat.service
Check that Tomcat works by going to your server's web page on the port 8080:
http://YOURSERVERIP:8080
Let's add a user for the web console:
cd /usr/local/tomcat9/
vim conf/tomcat-users.xml
Go to the bottom of the file, and put the following just before the </tomcat-users> end block. Don't forget to change the YOURPASSWORDHERE to be your own password:
<role rolename="admin-gui,manager-gui"/> 
<user username="admin" password="YOURPASSWORDHERE" roles="admin-gui,manager-gui"/>
Now you need to allow access to the management web pages from the internet. If you know what you're doing, you could just allow access from your own IP address, but that is not covered in these written instructions:
vim webapps/manager/META-INF/context.xml
Change the following line:
allow="127.d+.d+.d+|::1|0:0:0:0:0:0:0:1" />
It should read:
allow="127.d+.d+.d+|::1|0:0:0:0:0:0:0:1 |.*" />
Now restart Tomcat:
systemctl restart tomcat
Now go to your Tomcat web console and use the user you created to log in. You now have a working Tomcat installation. Thank you.

Installing on Windows 2019 Server

00:04:10

Lesson Description:

In this lesson we will discuss and show how to install Tomcat 9 onto Windows 2019 Server. If you follow along on your own server then these links may be of use and are mentioned in the lesson. Apache Tomcat install notes: https://tomcat.apache.org/tomcat-9.0-doc/setup.html#Windows Apache Tomcat download page: https://tomcat.apache.org/download-90.cgi If you need to download Java, then once you have registered with Oracle you can download the software for Windows from this location: https://www.oracle.com/java/technologies/javase-jdk11-downloads.html Note: The URLs shown here are valid at the time of course creation, but may change over time. A search of the internet should show you updated links if this occurs.

The Configuration Files

00:05:17

Lesson Description:

In this lesson we will discuss these files located in the ./conf folder: catalina.policy catalina.properties context.xml jaspic-providers.xml logging-properties We also talk about Catalina, and why you see so many references to it. Note: There are other lessons for the server.xml, web.xml, and tomcat-users.xml files, so we don't go into detail about them here.

Adding Users to Tomcat

00:09:57

Lesson Description:

In this lesson we talk about adding users to a Tomcat instance. We discuss the default of plain text. Then we'll look at roles, seeing how to do some tasks using curl, and passing the correct parameters to the server. We also discuss and see how to use digest authentication, creating a SHA-512 key to look at how that is used. Finally we discuss some of the other methods that can be used to authenticate your Tomcat Server. A good resource can be found on the Tomcat Documentation page. This URL discusses the text manager and how to use it:https://tomcat.apache.org/tomcat-9.0-doc/host-manager-howto.html This URL has more information about realms and using tools such as LDAP: https://tomcat.apache.org/tomcat-9.0-doc/realm-howto.html

The server.xml file

00:08:36

Lesson Description:

In this lesson we discuss the server.xml file and its elements. Changing this file can help you to fine tune your Tomcat Server. We'll look at:Top level elements Containers Connectors Nested components Cluster Elements

The web.xml file

00:07:26

Lesson Description:

In this lesson we discuss the ./conf/web.xml file. We briefly touch on the application's web.xml also and discuss when to use one or the other. We show examples of the files and some of the default entries in them.

Remote Access to the Tomcat Manager GUI

00:06:28

Lesson Description:

In this lesson we discuss remote access to your Tomcat server. We show which configuration file to edit and where to make your changes. We also see the different Valve configurations that can be used to control access to Tomcat.

Changing the Port for Tomcat

00:06:51

Lesson Description:

There are many situations when you can't use the default port of 8080 for Tomcat. In this lesson, we look at how we can change which port Tomcat uses. We also see what happens when you use a port that is already in use.

Apache as a Proxy to Tomcat

00:12:21

Lesson Description:

In this lesson we discuss using a proxy as a front end to Tomcat. We talk about several options available and why you might use them. We discuss how to set up and use Apache web server as a proxy or front end to Tomcat. To set up Apache as a proxy, we edit the following file:

/etc/httpd/conf.d/tomcat_manager.conf
And we place this inside it:
<VirtualHost *:80>
    ServerAdmin root@localhost
    ServerName kevinpjames5c.mylabserver.com
    DefaultType text/html
    ProxyRequests off
    ProxyPreserveHost On
    ProxyPass / http://localhost:8080/
    ProxyPassReverse / http://localhost:8080/
</VirtualHost>
We also modify the following file:
/usr/local/tomcat9/conf/server.xml 
This text will be changed:
 <Connector port="8080" protocol="HTTP/1.1"
               connectionTimeout="20000"
               redirectPort="8443" />
It looks like the following when we're done:
 <Connector port="8080" proxyName="myserver.mycompany.com" proxyPort="80" protocol="HTTP/1.1"
               connectionTimeout="20000"
               redirectPort="8443" />
If you have SELinux running on the server, it needs to be set to allow this proxy to take place. We make the following changes to allow this:
setsebool -P httpd_can_network_connect 1
setsebool -P httpd_can_network_relay 1
setsebool -P httpd_graceful_shutdown 1
setsebool -P nis_enabled 1 
Then we restart the Apache web server and test to see if it works by going to our server on port 80.

Load Balancing

00:10:56

Lesson Description:

In this lesson we discuss load balancing, and why you might need it. We'll look at using the Apache web server as a load balancer front end to two Tomcat instances. For those who wish to follow along, this lesson involves three servers in the Cloud Playground, one running the Apache web server, and two running Tomcat. The latter two have been configured according to how the lessons on setting up Tomcat specified. Note that all of the following tasks are performed as the root user. Install Apache On what will be the load balancer, we need to install the Apache web server.

[root@apache-server ]# dnf -y install httpd vim

[root@apache-server ]# systemctl enable httpd
[root@apache-server ]# systemctl start httpd
[root@apache-server ]# systemctl status httpd
You should then test to ensure you can see the default Apache web page on that server. Then we need to configure the Apache web server as a load balancer, so we have to add some modules and set up the balancer. Edit the /etc/httpd/conf/httpd.conf file, then go to the bottom of it and add the following before the line that says IncludeOptional conf.d/*.conf
LoadModule proxy_module modules/mod_proxy.so
LoadModule proxy_balancer_module modules/mod_proxy_balancer.so
LoadModule proxy_http_module modules/mod_proxy_http.so

<IfModule proxy_module>
ProxyRequests on
ProxyPass /examples balancer://mycluster stickysession=JSESSIONID
ProxyPassReverse /examples balancer://mycluster stickysession=JSESSIONID

<Proxy balancer://mycluster>
BalancerMember http://YOUR_OWN_IP_1:8080/examples route=tomcat1
BalancerMember http://YOUR_OWN_IP_2:8080/examples route=tomcat2
</Proxy>

</IfModule>
Don't forget to set the IP address to your own server's internal IP address. Configuring the Tomcat Servers Go to your first Tomcat server and either perform the tasks as the root user, or preface them with the sudo command:
[root@tomcat1 ]# cd /usr/local/tomcat6
Edit conf/server.xml. Change this line of text:
<Engine name="Catalina" defaultHost="localhost" >
It should read:
<Engine name="Catalina" defaultHost="localhost" jvmRoute="tomcat1">
Save the file, and restart the Tomcat server:
[root@tomcat1 ]# systemctl restart tomcat
Now go to your second Tomcat server and either perform the tasks as the root user, or preface them with the sudo command:
[root@tomcat2 ]# cd /usr/local/tomcat6
Edit conf/server.xml. Change this line of text:
<Engine name="Catalina" defaultHost="localhost" >
It should read:
<Engine name="Catalina" defaultHost="localhost" jvmRoute="tomcat2">
Save the file and restart Tomcat:
[root@tomcat1 ]# systemctl restart tomcat
Go back to the Apache web server. If you have SELinux running on the server, it needs to be set to allow this proxy to take place. We make the following changes to allow this, or disable SELinux:
[root@apache-server ]# setsebool -P httpd_can_network_connect 1
[root@apache-server ]# setsebool -P httpd_can_network_relay 1
[root@apache-server ]# setsebool -P httpd_graceful_shutdown 1
[root@apache-server ]# setsebool -P nis_enabled 1
Then we restart the Apache web server again. Go to the web page for this server, and paste in the following URL. Note that you will need to put your own IP address where it says YOUR_OWN_IP.
http://YOUR_OWN_IP/examples/servlets/servlet/SessionExample
You should be able to see the sample application (provided the example applications have been installed with the default installation).

The Tomcat Manager GUI

Server Status

00:05:11

Lesson Description:

In this lesson we discuss the Tomcat Management GUI, and in particular the Server Status application. This is a default application that comes with Tomcat, and is used to help you manage your Tomcat server and applications.

Manager App

00:05:15

Lesson Description:

In this lesson we discuss the Manager App from the Tomcat Management GUI. This is a default application that comes with Tomcat and is used to help you manage your Tomcat server and applications. You can use this to start, stop, undeploy, or deploy war files to your Tomcat server. You can also perform some diagnostics, and check for leaks.

Host Manager

00:07:03

Lesson Description:

In this lesson we discuss the Host Manager App in the Tomcat Management GUI. This is a default application that comes with Tomcat and is used to help you manage your Tomcat server and applications. You can use this to map a virtual host name to your Tomcat applications, which allows you to connect to them as a server or hostname, instead of via the Tomcat hostname. To make use of persistence (being able to save additions you make via the GUI) you need to add some code to your server.xml file. Go to your server and edit the server.xml file (it is inside the ./conf folder). Find the section of the file that has the Listener classes. Add the following change after the other Listeners:

 <!-- Enable Persistence -->
   <Listener className="org.apache.catalina.storeconfig.StoreConfigLifecycleListener"/>
Save the file and restart Tomcat.

Application Management

Virtual Host Management Non GUI

00:05:34

Lesson Description:

In this lesson we discuss adding a virtual host without using the Tomcat Management GUI. You can use virtual host's to map a host name to your Tomcat Applications. This allows you to connect to them as a server or hostname, instead of via the Tomcat hostname. This is the code that is used in this lesson:

     <Host name="test.acloud.guru"  appBase="test"
            unpackWARs="true" autoDeploy="true">

        <Valve className="org.apache.catalina.valves.AccessLogValve" directory="logs"
               prefix="test_access_log" suffix=".txt"
               pattern="%h %l %u %t &quot;%r&quot; %s %b" />

      </Host>
To understand how to use this code, please follow along in the lesson.

WAR Files

00:05:51

Lesson Description:

In this lesson we discuss WAR files, which are web application resource files. There are other names they are known by, such as web application archives. We discuss their uses and contents, and that they are compressed. We also discuss what some of the files are called, what they are used for, and whether some of them are needed. We show you can uncompress them so changes can be made, then how to recompress them and make them ready for use on your Tomcat server.

Deploy via the Web GUI

00:08:02

Lesson Description:

In this lesson we discuss using the Tomcat Management GUI to upload applications. There are several methods for getting an application deployed using the GUI. In this lesson we show how to deploy an application uploaded via the browser. We also show how to deploy an application that's located on the Tomcat server. In this lesson we show you how to use parallel deployment via versioning your Tomcat application. We show how this is stored on the Tomcat server.

Deploy via the CLI

00:05:28

Lesson Description:

In this lesson we cover deploying your application from the Command Line Interface (CLI). Using standard Linux commands, you can deploy or undeploy your applications quickly and easily. In the lesson we show that an application that has been deployed can be easily replaced by a newer application, and the new application will automatically be deployed.

Static vs Dynamic Deployment

00:06:03

Lesson Description:

In this lesson we cover what static versus dynamic deployment means, and how you perform both types. One of the items we discuss is the sequence of application deployment when you start your Tomcat server. We show you how to deploy an application that has been exploded, and what happens when you add or remove your application and start Tomcat. We also discuss other methods to deploy your applications on Tomcat.

Backups

00:10:23

Lesson Description:

In this lesson we cover what sorts of things you need to back up on your Tomcat server. We discuss my you might not need to make backups. We show how easy it is to copy back an application that has been undeployed when your code is in source control. In this lesson we also do something to break the Tomcat manager, and then restore from a backup.

Hands-on Labs are real live environments that put you in a real scenario to practice what you have learned without any other extra charge or account to manage.

00:30:00

Troubleshooting and Tuning

Diagnostics

00:06:08

Lesson Description:

In this lesson we will look at diagnostics and troubleshooting processes for your Tomcat installation. We will discuss methods to focus on which will help determine what your problem might be. We also discuss logs as they apply to troubleshooting, and mention some other lessons in the section of the course that can help you in your efforts to resolve issues.

Logging

00:08:24

Lesson Description:

In this lesson we discuss Logging in Tomcat and JULI. We talk about the default log files for Tomcat, where they are, and what they show. We will look at how to add a log for a virtual application, and what the options are. We'll examine the patterns used for this log, then we'll connect to a server and show examples. Information about the patterns you can use for logs in Tomcat can be found here: https://tomcat.apache.org/tomcat-9.0-doc/api/index.html Search for AccessLogValve.

Garbage Collection

00:09:09

Lesson Description:

In this lesson we discuss what garbage collection is and how it's needed by Java. We will look at how to enable verbose logging, and how to enable parallel garbage collection. We will look at the entries required in the bin/setenv.sh file. We also show it in action by enabling verbose logging, and then starting some applications concurrently that use resources and force the garbage collection to occur. We'll watch this happen in our log.

JVM Tuning

00:11:41

Lesson Description:

In this lesson we discuss adjusting the heap size to increase performance. We will look at heap sizing, and then PermGen space (what it is and how you set it). In this lesson we also show examples of making changes to your server, and how you can recognize the changes have taken place.

ULimits and Fixed Heap Size

00:09:56

Lesson Description:

In this lesson we discuss setting ulimits for your users, and also what the fixed heap size is. We discuss why you would want to use a fixed heap size for your production Tomcat environments. In the server portion of this lesson we show you how to set ulimits for your Tomcat user, and we show you how to set a fixed heap size of 2gb for the Tomcat server. We also show the changes to memory in the Tomcat Manager GUI.

Using JConsole

00:07:16

Lesson Description:

In this lesson we discuss using a tool called JConsole to examine what is happening with our JVM and its resources. JConsole is free with the Java JDK, and it requires a graphical interface to be used. It allows you to monitor the resource usage for all your Java applications, including Tomcat and your web applications. We'll look at this tool, and see an example of it being used on a Tomcat server.

Create and Analyze Java Heap Dumps

00:10:23

Lesson Description:

In this lesson we discuss using a tool called jmap to create a heap dump on our Tomcat Server. It is free with the Java JDK, and doesn't require a graphical interface to use. It only requires the Java JDK to be installed. Once we have our heap dump, we'll transfer it to a local computer. Eclipse has a memory analyzer tool that you can download. It reads your dumped file and helps you analyze it. You can get this from Eclipse here: https://www.eclipse.org/mat/downloads.php We'll use this tool to open a heap dump file and look at the contents.

Conclusion

Next Steps

00:03:45

Lesson Description:

Thank you for working through this course. You may be wondering what's next. Now that you have finished and this lesson, we will answer some of your questions.

Take this course and learn a new skill today.

Transform your learning with our all access plan.

Start 7-Day Free Trial