Setup files
su myUser # Java cd /app/java tar -xzf /app/files/OpenJDK8U-jre_x64_linux_hotspot_8u265b01.tar.gz tar -xzf /app/files/OpenJDK11U-jre_x64_linux_hotspot_11.0.8_10.tar.gz tar -xzf /app/files/OpenJDK15U-jre_x64_linux_hotspot_15_36.tar.gz # myApp Tomcat cd /app/myApp tar -xzf /app/files/apache-tomcat-8.5.59.tar.gz tar -xzf /app/files/apache-tomcat-9.0.39.tar.gz # Certificate cp /app/files/corporate_truststore.jks /app/certs/ # SAP JCO cp /app/files/_sapjco3-64/3.0.19/linuxx86/libsapjco3.so /app/library/ cp /app/files/_sapjco3-64/3.0.19/linuxx86/sapjco3.jar /app/library/
Setup Tomcat
su myUser # Symlink to actual Tomcat version ln -s /app/ccp/apache-tomcat-8.5.59 /app/myApp/tomcat # remove sample application # but keep the Tomcat Manager app for deployment rm -rf /app/myApp/tomcat/webapps/docs rm -rf /app/myApp/tomcat/webapps/examples rm -rf /app/myApp/tomcat/webapps/ROOT # configure Tomcat vim /app/myApp/tomcat/bin/setenv.sh mv /app/myApp/tomcat/conf/server.xml /app/myApp/tomcat/conf/server.xml_original vim /app/myApp/tomcat/conf/server.xml # expand Classpath vim /app/myApp/tomcat/conf/catalina.properties
# tomcat/bin/setenv.sh
CATALINA_HOME=/app/myApp/tomcat
CATALINA_BASE=/app/myApp/tomcat
CATALINA_PID=/app/myApp/tomcat/tomcat.pid
JAVA_HOME=/app/java/jdk8u265-b01-jre
CATALINA_OPTS="$CATALINA_OPTS -Djava.library.path=/app/library"
LD_LIBRARY_PATH=$LD_LIBRARY_PATH:/app/library
export LD_LIBRARY_PATH
JAVA_OPTS="${JAVA_OPTS} -Djavax.net.ssl.trustStore=/app/certs/corporate_truststore.jks -Djavax.net.ssl.trustStorePassword=notchangeit -Xms512M -Xmx2048M -XX:+HeapDumpOnOutOfMemoryError -XX:HeapDumpPath=/app/myApp/dump"
# tomcat/conf/catalina.properties common.loader= [...] ,"/app/library/sapjco3.jar"
# server.xml
<Server port="7010" shutdown="SHUTDOWN">
<Service name="Catalina">
<Connector port="7011" />
<!-- Define an AJP 1.3 Connector on port 7012 -->
<Connector port="7012" protocol="AJP/1.3" secretRequired="false" />
<Engine name="Catalina" defaultHost="localhost" jvmRoute="myApp-dev">
<Host name="localhost" appBase="webapps" />
</Engine>
</Service>
</Server>
Tomcat as a Service
# As root vim /etc/systemd/system/tomcat.service # enable script: systemctl enable tomcat.service
# tomcat.service # Systemd unit file for myApp tomcat # # To create clones of this service: # Systemd unit file for tomcat [Unit] Description=myApp Tomcat Web Application Container After=syslog.target network.target [Service] Type=forking ExecStart=/app/myApp/tomcat/bin/startup.sh ExecStop=/app/myApp/tomcat/bin/shutdown.sh User=myUser Group=myUser [Install] WantedBy=multi-user.target
Service control
Enable user myUser to control Tomcat services:
visudo -f /etc/sudoers ################################################## ## Allow user myUser to control (apache & tomcat) services %%myUser ALL=(root) NOPASSWD: /bin/systemctl %%myUser ALL=(root) NOPASSWD: /usr/sbin/service
Test Tomcat
For Tomcat testing I use my ShowHeaders app (GitHub).
ShowHeaders is a minimalistic webapp that is not much more than a "Hello World", but it shows the HTTP headers, what is quite useful when testing reverse proxy integration.
# copy ShowHeaders App for Testing (also for Reverse Proxy Configuration Testing) [myUser@DEV ~]$ cp /app/files/ShowHeaders/ROOT.war /app/myApp/tomcat/webapps/ # start tomcat: [myUser@DEV ~]$ sudo systemctl start tomcat # curl localhost:7011
Test connection from outside the server itself: http://myAppServer:7011/