Aws Tomcat

Posted onby admin
  1. Aws Tomcat 9
  2. Aws Tomcat Container
  3. Aws Install Tomcat
  4. Aws Tomcat Logs
  5. Aws Tomcat Not Accessible
  6. Aws Elastic Beanstalk Tomcat

Amazon AWS EC2 - Configuring Tomcat Server 10.0.4 on EC2 Linux Ubuntu 20.04.Tomcat Users & Roles file:- Apache Tomcat is an open source software implementation of the Java Servlet, JavaServer Pages, Java Expression Language and Java WebSocket technologies. The respective trademarks mentioned in the offering are owned by the respective companies. Due to SysPrep of this image, it may take up to 20 minutes to launch. Microsoft Windows Server 2016 Base.

In this article, I will demonstrate how to spin up an EC2 instance on the AWS cloud and install the Tomcat server. I hope you already have an AWS cloud account.

Launch an EC2 instance

Login to your AWS account and search for EC2 under the AWS services search bar.

Click EC2 to proceed. On the next window click on “Launch Instance” to provision a new instance.

On the next page, we have to select an Amazon Machine Image(AMI). AMI is a template which used to launch a VM. The template may contain only the Operating system or we can create a custom template. Here I have chosen “Amazon Linux AMI 2018.03.0 (HVM), SSD Volume Type” to install the Tomcat server.

On the next page, we have to select the Instance type ( How much CPU and memory required). I have selected “t2.micro” because it is a free tier eligible. You can select a higher configuration based on your requirements. t2.micro only has 1vCPU and 1G memory.

The next page is for “Configure Instance”. Here we can add the number of instances, VPC, and IP address. I have chosen all are default values (Default VPC and IP address).

Click “Next:add storage” button to set a volume size (Disk size) for the VM. I have used 10G, you can increase the value based on your requirement.

Click the “Add tag” button to add a tag for the instance. I created a name tag and set name as Tomcat-Server.

Next is to configure a security group or firewall for the instance. Add a name and description for your security group. Refer to the below screenshot for more details. By default port, 22 rule will be present for ssh service and additionally, I have added port 8080 for tomcat service.

Click the “Review and Launch” button to review all the details that you have given. If you want to modify any values you can come back and do the changes. If no changes required, click on the “Launch” button to provision the instance. On a pop-up window, it will ask you to set up a private key to log in to the server. Select create a new key pair and set a name for it. Click the download button to save it in your local machine.

Click the Launch button to start provision the instance. On the bottom right corner, you can see a button to view the instance, click on it to view the instance.

It may take a few minutes to complete the instance initialization. In the same dashboard, you can see all the information about your servers like public and private IP addresses, and DNS names, Root device names, etc.

Now we have provisioned a VM to install the Tomcat server.

Tomcat server installation

Log in to the server with the help of the key pair generated at the time of launching. Execute below command from the terminal to log in.

The first command is to set read-only permission for private key and second command is to log in. Replace the key name and public IP address accordingly.

Now, download the tomcat server package from the below link

Here, we are installing Tomcat 8.5.49 version. Right-click on the tar.gz link and copy the link address.

The hostname command is to set a hostname for the server. I have downloaded the package on “/opt” directory.

untar the downloaded package and rename it.

To start the tomcat service enter the bin folder and execute the below commands.

From the above output, we can confirm the Tomcat has started successfully. To access the service open a browser and enter http://<ip address>:8080 [ use your server IP address ]

You are not able to access the “Manager app” because by default Tomcat allows accessing only from the localhost. If you try to access you may get below error.

Tomcat server configuration

As mentioned in the error to resolve this issue we have to make changes on context.xml file. Go back to the Tomcat installation directory and search for context.xml file.

We have to make changes only on context.xml file which is present in the webapps directory.

Aws Tomcat 9

Open the following files and comment out the following lines.


Aws Tomcat Container


Here you can see the configuration allows only localhost ( to access the “Manager app” and we have commented it. If we make any change on configuration files we must restart the service to pick new values. To restart the service execute below command from “bin” directory.

Go the browser again and try to open the “Manager app”

This time it will not show the Access denied error but a popup window will open to enter user credentials.

AwsAws TomcatAws Tomcat

We haven’t configured any user so go to the terminal and create users. Open the tomcat-users.xml file and add the below codes to create the users.

The code should be added just above the “</tomcat-users>”.

We added 3 users one is admin which access to all roles like manager-gui (Manager app login). and manager-script, etc. The second user is “dev” which has a role “manager-script” this role helps to copy code from other from server or source. The Third is a “tomcat” user which used to login to the “Manager app” from the GUI.

Restart the service to pick up new configuration changes. Execute below command from the bin directory.

Go to the browser and log in with the user credentials that we created. I used “tomcat” user and you can see a screen like the below screenshot.

yes, we have completed the installation and configuration Tomcat server.

So, you’re ready to enter the world of AWS then. Or, maybe you’re already used to working with AWS and just want to spin up a quick environment to prove a point. Either way, let’s take a look at how to spin up an Apache Tomcat environment on AWS in around 15 minutes so you can get the ball rolling. This clearly isn’t going to be a full production-ready setup, but it will get you going on the right lines.

Step 1 – Spin Up an EC2 Instance

Aws tomcat configuration

I’m not going to talk through how to do that here. Google it. Click around. It’s a fairly simple setup. For the purposes of this blog post I’m going to assume you’re re-using an SSH Key so we don’t need to talk through how to get one of those setup and configured so you can SSH into your server.

NOTE: Important note on the different versions of the Operating Systems when installing;

  • Amazon Linux 2 only supports older versions of Apache Tomcat when using yum, i.e. version 7 and lower (oddly)
  • Amazon Linux (aka. version 1) support the later versions of Apache Tomcat when using yum, i.e. versions 8 and higher

Step 2 – Configure the Firewall aka. the AWS Security Group

As part of the setup in Step 1 you will have setup a Security Group, likely a brand new one. So you need to configure this to ensure that you can access your application. Thankfully there are a few simple ports you need to open on the Inbound Interface;

  • Port 80 for HTTP traffic
  • Port 443 for HTTPS traffic
  • Port 8080 or 8084 for Apache Tomcat, depending on the version or configuration you’re using

Once you’ve configured the ports on the firewall you can continue to get everything setup as required.

Step 3 – SSH Into the Server to Configure Things

As part of your setup in Step 1 once your EC2 instance is up and running, it will have a publicly accessible hostname and IP address. One thing to note with EC2 instance is that every time you reboot them the hostname and IP address changes. This doesn’t particularly matter for the purpose of this blog post, but it is something you should be aware of if you’re looking for something more permanent. You can setup Static IP address (which are confusingly known as Elastic IPs in AWS terminology) so that you can configure everything you need from there.

As mentioned earlier, I’m going to assume you can SSH into the server successfully. If not, there is a Console option within the AWS Console interface which allows you to SSH into your new box which is quite handy.

The public hostname will look something along the lines of, http://ec2-{public-ip-address}.{aws-zone}

Step 4 – Install Apache Tomcat and Goodies

Once you’re SSH’d into your server, basically just run the following command which will install Apache Tomcat and all handy tools including the Tomcat Manager which allows you to upload your .war file via a handy interface so you don’t have to worry about copying the files over.

sudo yum install tomcat8 tomcat8-webapps tomcat8-admin-webapps tomcat8-docs-webapp

Aws Install Tomcat

Step 5 – Configure Apache Tomcat Users

Now you’ve got Apache Tomcat installed, you need to make sure you can actually access the Tomcat Manager interface, so let’s get you an account created. Simply run the command below which will open the configuration file;

sudo nano /etc/tomcat8/tomcat-users.xml

Then un-comment the line in the file which gives you a default admin/adminadmin username/password. Clearly you should make this more secure, but as mentioned, this isn’t a production ready system, we’re trying to do this in 15 minutes. Save the file and exit.

Step 6 – Configure Apache Tomcat to Whitelist a Valid Administration IP Addresses

Next you need to configure Apache Tomcat to ensure you can access the Tomcat Manager easily to upload your .war files to the system. To do this, first you need to find out the IP address of your system. If you’re not on a static IP address from your device (i.e. home dynamic IP address, tethered from a mobile phone or in a coffee shop), then this step is only going to work for a very short period of time for you. Best bet – get yourself a Static IP address if you don’t have one already so you don’t have to keep messing with the configuration files every time you need to deploy your code.

First, edit the Hosts Manager Context.xml file by running the following command;

sudo nano /usr/share/tomcat8/webapps/host-manager/META-INF/context.xml

Then include your IP address within that file.

Second, edit the Manager Context.xml file by running the following command;

sudo nano /usr/share/tomcat8/webapps/ manager/META-INF/context.xml

Then include your IP address within that file.

Note that your current static IP address will need to be in the format of And if you want to whitelist multiple IP addresses, then you can separate them with the Pipe character .

Save and exit each file in turn.

Step 7 – Access the Apache Tomcat Manager

Accessing the URL that you have in your AWS EC2 instance on the correct port should allow you to connect to the application manager;

Note, you’ll need to login with the username/password which you configured previously. Which as a default will be admin/adminadmin. Then from here you can simple manage the deployment of your application with ease.

Step 8 – Productionise the Above Setup

So we’ve flown through how to get an Apache Tomcat environment up and running for Java on AWS using EC2 and if you’ve followed the above steps, you should have had this done within 15 minutes. Some points you’re going to need to consider to get this into a production ready state include;

  • Server size
  • Server schedule for being turned on/off
  • Joining up Apache with Apache Tomcat to ensure you can run the application on port 80/443 instead of 8080/8084
  • Setting up SSL certificates using Let’s Encrypt
  • Locking down your firewall (aka. AWS Security Group) to ensure only whitelisted IP addresses can access the ports that you have opened
  • Setting up server monitoring software either as standalone applications or within AWS CloudWatch
  • Configuring any local or remote databases for your application to run on
  • Securing the Tomcat Manager and Host Manager applications using SSL Certificates

Hope the above guide has helped to get you up and running.

The following two tabs change content below.

Michael Cropper

Aws Tomcat Logs

Founder & Managing Director at Contrado Digital Ltd

Aws Tomcat Not Accessible

Michael founded Contrado Digital in 2013. He has experience working with national and multi-national brands in a wide range of industries, helping them achieve awesome results. Michael regularly speaks at local universities and industry events while keeping up with the latest trends in the digital industry.

Aws Elastic Beanstalk Tomcat

  • How to Setup Let’s Encrypt on AWS EC2 Using Amazon Linux 2 - May 2, 2021
  • How to Backup Your AWS Infrastructure Resources Such as EC2 and RDS Etc. - April 29, 2021
  • How to Import Zone Files into AWS Route53 DNS - April 27, 2021