Working with Tomcat 10

Tomcat Logo

This blog has been inspired since we're upgrading our existing Tomcat 8 servers to Tomcat 10.

First off, what's Tomcat anyway?

The following is the definition you'd find on the Tomcat site [1]:

The Apache Tomcat® software is an open source implementation of the Jakarta Servlet, Jakarta Pages, Jakarta Expression Language, Jakarta WebSocket, Jakarta Annotations and Jakarta Authentication specifications.
My face after reading the above definition

The problem with the above definition is that I don't understand what it actually is. Like most people I used to think that it's just a 'web server' BUT it's not quite a full-fledged web server like Apache HTTP Server (httpd) or Nginx.

It is primarily a 'servlet container' that executes Java Servlets and JavaServer Pages (JSP) with some web capabilities. It does NOT support features like reverse proxying, caching, or load balancing.

A Java Servlet is a Java class that handles HTTP requests and generates responses dynamically. It runs inside a Servlet container (e.g., Apache Tomcat) and is part of the Jakarta Servlet API (formerly Java Servlet API).

JSP (JavaServer Pages) is a template-based technology that allows embedding Java code inside HTML to generate dynamic content. It’s easier for UI development compared to Servlets.

Servlets handle requests, process data, and forward results to JSP. JSP is used for rendering dynamic HTML with processed data.

JSP is still used in legacy Java web applications, but newer projects often prefer Spring Boot + Thymeleaf/React/Angular.

Spring Boot applications by default use Apache Tomcat as their embedded web server. This means we don't need to install or configure Tomcat separately to run a Spring Boot web application.

By default, Spring Boot creates a fat JAR that contains embedded Tomcat, but we can package it as a .war file for deployment on an external Tomcat server.


Installing Tomcat

I'm using a RHEL 9 virtual machine with Java 21 installed on it.

$ sudo yum install -y java-21-openjdk

$ sudo groupadd tomcat

$ sudo useradd -g tomcat -d /opt/tomcat -s /bin/nologin tomcat

Get the latest version link for the command below from [2]

$ wget https://dlcdn.apache.org/tomcat/tomcat-10/v10.1.35/bin/apache-tomcat-10.1.35.tar.gz

$ mkdir /opt/tomcat

$ sudo tar xvf ./apache-tomcat-10.1.35.tar.gz -C /opt/tomcat --strip-components=1

Set permissions. If the commands below don't work - try to 'sudo su -' into root user and then running the commands.

$ cd /opt/tomcat

$ sudo chgrp -R tomcat /opt/tomcat

$ sudo chmod -R g+r conf

$ sudo chmod g+x conf

$ sudo chown -R tomcat webapps/ work/ temp/ logs/


Configure it as a systemd service

$ sudo vi /etc/systemd/system/tomcat.service

[Unit]
Description=Apache Tomcat 10 Web Application Container
After=network.target

[Service]
Type=forking

Environment=JAVA_HOME=/usr/lib/jvm/jre-21-openjdk
Environment=CATALINA_PID=/opt/tomcat/temp/tomcat.pid
Environment=CATALINA_HOME=/opt/tomcat
Environment=CATALINA_BASE=/opt/tomcat

ExecStart=/opt/tomcat/bin/startup.sh
ExecStop=/opt/tomcat/bin/shutdown.sh

User=tomcat
Group=tomcat
UMask=0007
RestartSec=10
Restart=always

[Install]
WantedBy=multi-user.target

Then, reload systemd daemons & start tomcat server:

$ sudo systemctl daemon-reload

$ sudo systemctl start tomcat

$ sudo systemctl enable tomcat

Allow Tomcat webserver default port through firewall:

$ sudo firewall-cmd --permanent --add-port=8080/tcp

$ sudo firewall-cmd --reload

At this point you should have a Tomcat webserver running. You can run 'curl localhost:8080' or try the IP:8080 in a web browser.

Running a sample application

Add the following roles and user within the <tomcat-users> tags:

$ sudo vi /opt/tomcat/conf/tomcat-users.xml
    <role rolename="manager-gui"/>
    <role rolename="admin-gui"/>
    <user username="tomcatadmin" password="password123#" roles="manager-gui,admin-gui"/>

$ sudo systemctl restart tomcat

If you get an error with the step below, you might need to comment out the following section in 
/opt/tomcat/webapps/manager/META-INF/context.xml:

<!--Valve className="org.apache.catalina.valves.RemoteAddrValve"
         allow="127\.\d+\.\d+\.\d+|::1|0:0:0:0:0:0:0:1" /-->

Then you can access the manager at the following URL in a webbrowser: <IP>:8080/manager/html

Creating a simple "Hello World" WAR

You can download a sample .war file from [3].

Tomcat manager


Once the war is uploaded and deployed, you can see it in the list of running apps and can click on the the /sample endpoint to view the application.



That's it for this brief introduction. Thank you for reading. Cheers! :)


---

References:

[1] https://tomcat.apache.org/

[2] https://tomcat.apache.org/download-10.cgi

[3] https://chatgpt.com/c/67acd2dc-aafc-8012-a885-efd305ac190c

Comments

Post a Comment

Popular posts from this blog

SNMPv3

The InfoSec team at our organization has been pushing for the use of SNMPv3 over the older variants. This brought me an opportunity to learn more about this topic and here I share some of my learnings. First, thing -> SNMP = Simple Network Management Protocol.  There are three famous version -> SNMPv1, SNMPv2c (these 2 have little to no security), & SNMPv3 which is very secure. So, why SNMP?  Say, we're starting a new company, this company requires 50 servers, 20 switches, & 10 routers to keep its internet services up & running. To find the health about individual devices would involves logging into the console of each device which in this case is about 80 devices which would take a few days. Wouldn't it be nicer if we could have each device send health metrics to a centralized server location? A h-ha! That's where SNMP comes in to our rescue. SNMP is an Application level protocol that uses UDP port 161 to send device diagnostics information to a server, t...
Read more

Plan for July 1st long weekend.

 AH, finally a good long weekend coming up to focus on some learning. Plan for the three days: The first and most important is that I want to get back to working with Kubernetes and AWS so will be working on finishing up the EKS workshop (www.eksworkshop.com). I will summarize each of the sections and post a review here. The next thing that I really want to get done over this weekend is to watch 3 of the CS50 lectures, the Algorithms, the Memory, & the Data Structures ones. Again, I will post a summary of each of the lectures here. July 1st: Algorithms lecture All of the EKS Beginner modules July 2nd: Memory lecture All of the EKS Intermediate modules July 3rd: Data structures lecture All of the EKS Advanced modules
Read more

Experience Interviewing for an Infrastructure Engineer - Continuous Delivery position

Been a while since I got to write to this blog. Recently, I had the pleasure of interviewing for an Infrastructure Engineer - Continuous Delivery position for a company based in Dallas, Texas. I wanted to pen down my experience while the memory is fresh and possibly help others in the same pursuits. The first round was the typical HR round where the interviewer requested to know more about my experience in the DevOps / Infrastructure engineering field and gauge my interest in the position / learn about my background. It included a lot of open-ended questions such as can you please explain your role in your current position. The next round was considerably more interesting and included more pointed questions about my experience in particular tools and working platforms. The interviewer also took the time to explain the role and the need for this position.  After passing this round, I received a take-home exam, the exam question is as follows: Hi Srikar, We're excited to continue our...
Read more