Vgo Software

Entries in aws (1)


Deploying Tomcat on Amazon's EC2 Cloud Service

Now that Oracle's released it's JaaS offering, it's time I started posting about different cloud options available to you Java developers out there.  Seeing as Amazon's services have been around as long as anybody's and are very robust at this point, it seems like a good starting point.

This article will be a quick guide to deploying Tomcat on Amazon's cloud.  It's fairly quick and it's also very cheap, even free to follow along and try this on your own if you are interested.  Simply sign up for an account here and don't go over the hours limit, considering you get 750 free hours a month, you should be able to complete this tutorial in plenty of time to avoid hitting the limit.  If you do use an Ubuntu Server image as shown in this tutorial it will cost you something.  It cost me about 26 cents to run through this, take my screenshots, and everything else for this post.  Just make sure you stop your instance after you are done with it.

The first thing you need to do after activating your account is to create an AWS instance.  For the purposes of this tutorial we are going to create a VM of an Ubuntu Server, but any Linux environment will probably follow the same procedure very closely.  The Amazon Linux instances should be available for free.

Amazon Elastic Cloud (EC2) instances can be created inside a Virtual Private Cloud or without a Virtual Private Cloud.  For a production instance you would want to use a VPC for security, for this exercise we are not going to use one.

1. Create Security Group

Once you log in to the AWS management console, the first thing we will want to do is create a Security Group.  From the AWS Management Console, click on the EC2 link which will take you to the EC2 Dashboard.  From there, click on Security Groups from the left navigation pane and then click on the Create Security Group button.

In the dialog that pops up, provide a Name, a Description, and choose No VPC.  Then click on "Yes, Create".

The security group will be created without any rules.  To create the rules you want to add to it, select it from the table of groups you are provided with.  The dialog to add rules will appear in the bottom half of the page.

 In our case we are only going to open port 80.  To do that, choose HTTP under the Create a new rule in the Inbound tab, then provide (to allow port 80 access from any IP address) as the source and click on "Add Rule".

Then click "Apply Rule Changes".


2.  Create an Instance

Now that we have a security group, we can create our instance.  To do that click on the Instances link in the left navigation panel of the EC2 Dashboard.  This will bring up a dialog to enable the Quickstart Wizard which is what we will use for this exercise.

We will need a Key Pair in order to connect to the instance we create.  If you do not see a Key Pair listed under "Select Existing", choose "Create New", create one, and download it.  Click the Click Launch Wizard radio button, and then choose "Ubuntu Server 13.04" and provide a name.  Then click the "Continue" button.

On the next page of the dialog, click the "Edit Details" button, then on the Security Settings radio button.  This will open a multi-select box where we can pick the security groups, including the one we just created.  Highlight "quicklaunch-1" (for ssh) and "web-security-group" (assuming that's what you named it, for http) and then click "Save details".

After saving the details, click "Launch" to create the instance.  It will take a few minutes to initalize.  In the table of instances we should see our newly created instance.  When its state changes from pending to running, we should be able to move on to the next step.

3.  Installing Tomcat

Now that we have a running instance, let's log into it and deploy tomcat.  Check the box to the left of the row in the table of instances that contains the instance we created.  The click on "Actions" and then "Connect" from the dropdown.

You will need to provide the private key file in order to connect, it should have been downloaded when you created the Key Pair.  Make sure you don't lose this file.  In the dialog that pops up, fill in the path to the private key and then click "Launch SSH Client".

After connecting, we need to install Tomcat.  To do that, issue the following command from the ssh terminal.

sudo apt-get install tomcat7

If you are using the Amazon instance use yum. (sudo yum install tomcat7)  If you use yum to install, you will have to add the webapps package to see anything. (sudo yum install tomcat7-webapps)

Tomcat should install fairly quickly, just take all the defaults for any inputs it requires.

Next, start Tomcat.

sudo /etc/init.d/tomcat7 start

Since Tomcat runs on port 8080 and we would need to run Tomcat as root in order to bind it to port 80, we will redirect port 80 to port 8080 instead by issuing the following command.

sudo iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to-port 8080

We should now be able to access Tomcat using the public dns address for our instance.  This is the same server you ssh'd into and you can also find the public dns name under the details of your instance on the EC2 Dashboard page at the bottom of the details pane.

4. Installing the Tomcat Management Webapp

If you want to install the Tomcat Management Webapp issue the following command.

sudo apt-get install tomcat7-admin

In Amazon Linux use yum again (sudo yum install tomcat7-admin-webapps).

You will also have to modify the tomcat-users.xml file in the conf directory.

cd /usr/share/tomcat7/conf

sudo vi tomcat-users.xml

Add a role for the manager-gui and a user that has the role assigned.  Please note that all roles and users are commented out in the orignal file.  A different user name that "tomcat" would probably be safer, but for me, this instance is going away as soon as I am done with the tutorial.


After you have saved those changes, restart Tomcat.

sudo /etc/init.d/tomcat7 restart

And that's it, you've successfully deployed Tomcat in the cloud!

Now don't forget to stop that instance from running when you are done with it.