Tomcat via Containers
Last modified: October 17, 2022
Overview
This document explains how to set up Apache Tomcat® in an EasyApache 4 container. This document only applies to the EasyApache 4-provided Tomcat package.
We provide Tomcat version 10.0 for use with containers. You can only install container-based packages on systems that use EasyApache 4’s containers and run AlmaLinux OS 8, Rocky Linux™ 8, or Ubuntu®. For information about our Tomcat package that runs on other operating systems and not in a container, read our Introduction to Tomcat documentation.
container-name
represents the name of your Tomcat container. You can find the names of your containers with either the registered
or running
options of the /usr/local/cpanel/scripts/ea-podman
script.
su -
or sudo -E
commands to run this script.
Install Tomcat via containers
To install Tomcat in a container on a system that runs EasyApache 4, you must first set up EasyApache 4 containers on your system.
After you set up containers on your system, install the ea-tomcat100
package to add Tomcat to your system.
Set up Tomcat inside containers
To set up Tomcat to run inside a container, perform the following steps:
-
Log in to the cPanel user account via SSH. You can do this by either logging in to the account via SSH from the command line, or using SSH in either WHM’s Terminal interface (WHM » Home » Server Configuration » Terminal) or cPanel’s Terminal interface (cPanel » Home » Advanced » Terminal).
-
Run the following command:
/usr/local/cpanel/scripts/ea-podman install ea-tomcat100
-
Run the following command to retrieve the container’s name. You will need this name to perform any further actions.
/usr/local/cpanel/scripts/ea-podman containers
For more information, read our /usr/local/cpanel/scripts/ea-podman
script documentation.
Configure Tomcat in a container
When you install Tomcat in a container, it creates a directory in the ~/ea-podman.d/container-name
directory in the user’s home
directory. The system creates several directories when you set up Tomcat in containers.
Default configuration
EasyApache 4 makes the following configuration changes from the default Tomcat 8.5 behavior to the ~/ea-podman.d/container-name/conf/server.xml
file:
- Disables the shutdown port by default.
- Sets the
xpoweredBy
attribute of all connectors to afalse
value. - Removes the
redirectPort
attribute. - Adds the
ErrorReportValue
class to all hosts with theshowServerInfo
value set to afalse
value. - Sets the following host attributes to a
false
value:autoDeploy
deployOnStartup
deployXML
unpackWARs
Configure applications
To use the Tomcat instance, configure the desired applications in the ~/ea-podman.d/container-name/webapps
directory. For more information, read the Load jsp pages in Tomcat section below.
Configure SSL
If you want to use SSL in Tomcat, you must configure it manually.
To configure SSL, perform the following steps:
- Request a port for SSL from the system administrator. The system administrator can assign these ports with the cpuser_port_authority script.
Note:We strongly recommend that you use the
--service=container_name
flag when you assign a port for the Tomcat container. This will ensure that the system releases the port if you remove the container. - Configure the port to use SSL in the
~/ea-podman.d/container-name/conf/server.xml
file.- Add the
redirectPort
attribute. - Add the appropriate SSL connector. For example, if you want to configure SSL with HTTP, your entry might resemble the following example, where
10002
represents your assigned HTTP port, and10004
represents the SSL port:1 2
<Connector port="10002" protocol="HTTP/1.1" connectionTimeout="20000" redirectPort="10003" /> <Connector port="10004" protocol="org.apache.coyote.http11.Http11Protocol" SSLEnabled="true" scheme="https" secure="true" sslProtocol="TLS" keystoreFile="/path/to/kestorefile" keystorePass="my_keystore_password"/>
Important:We strongly recommend that you do not store plain text passwords in files. However, if you do, you must not loosen the.conf
file permissions.
- Add the
When you’re done changing your configuration, restart your Tomcat container with the following command, where container-name
represents the name of the container:
/usr/local/cpanel/scripts/ea-podman restart container-name
Interact with your Tomcat container
When you install Tomcat into a container, it creates a directory in the ~/ea-podman.d/container-name
directory in the user’s home
directory. The system creates several directories when you set up Tomcat in containers.
You can use this directory to manage the information, files, and other data for the container.
Place any .war
or .jsp
files in the container’s webapps
directory.
Load jsp pages in Tomcat
To load .jsp
pages in Tomcat, perform the following steps:
-
Place your
.jsp
files in thewebapps
directory of your Tomcat container. You must place these files in this directory for them to load. -
Edit the
Context
element in theHost
section of your~/ea-podman.d/container-name/conf/server.xml
file. Your entry might resemble the following example, wherecontainer-name
represents the container’s name:1 2
<Context path="/" docBase="~/ea-podman.d/container-name/webapps/ROOT/"> </Context>
-
Find your container’s port numbers with the following command:
usr/local/cpanel/scripts/ea-podman list
Your results might resemble the following example:
In this example, the first port number listed,1 2 3 4 5 6 7 8
"ea-tomcat100.cptest1.02" : { "image" : "docker.io/library/tomcat:10.0.20\n", "ports" : [ "10002", "10003" ] } }
10002
, is the port used by HTTP. The second port listed,10003
, is the one used by AJP. -
Next, configure your application for AJP. To do this, you must create a virtual host include file.
Your include file might resemble the following example, where
/app
represents the Tomcat application and10003
represents the user’s AJP port number:1 2 3
<IfModule proxy_ajp_module> ProxyPass "/app" "ajp://127.0.0.1:10003/docs" </IfModule>
-
Add your include file to the appropriate location in the
/etc/apache2/
directory. For more information about Apache include files and their locations, read our Modify Apache Virtual Hosts with Include Files documentation. -
Test that your pages serve correctly by navigating to the following URLs:
- http://example.com:10002/test.jsp — This URL tests that your HTTP requests serve correctly.
- http://example.com/app — This URL tests that your AJP connections proxy your content correctly. In this example, the server proxies the response to your
app
Tomcat application.