In this blog post we’ll take you through a step-by-step installation of Apache Tomcat 9 on Amazon Linux 2. Apache Tomcat is a free to use JAVA HTTP web server developed by the Apache Software Foundation. Tomcat is an implementation of the Java Servlet, JavaServer Pages, Java Expression Language and WebSocket technologies.

In a nutshell Apache Tomcat runs a HTTP web server environment in which special Java programs known as “Java Servlet” and “Java Server Pages (JSP)” can be executed. Due to its open-source nature Tomcat has been widely adopted by Enterprise customers. It Powers Payment platforms, E-Commerce platforms, Cloud environments among many other use cases.

Install Apache Tomcat 9 on Amazon Linux 2

The type of installation of Tomcat that we’ll do is manual. Which means we’ll start from source download, extract and copying files to relevant directories to performing user creation and permissions.

Below steps have been organized for easy following to help new users install Apache Tomcat 9 on Amazon Linux 2. Just follow the steps and change the values as instructed where required to have a working Tomcat 9 installation on Amazon Linux 2 instance.

The installation can be done in an on-prem virtualization environment or instance running in AWS EC2 environment.

Step 1: Install Java on Amazon Linux 2

Ensure Java is installed and working perfectly in the server.

Update and reboot the server:

sudo yum -y update
sudo reboot

Install Java 11 from Amazon Linux Extras repository:

sudo amazon-linux-extras install java-openjdk11

Hit y key to begin installation:

Total download size: 46 M
Installed size: 183 M
Is this ok [y/d/N]: y

Confirm installation:

$ java -version
openjdk version "11.0.7" 2020-04-14 LTS
OpenJDK Runtime Environment 18.9 (build 11.0.7+10-LTS)
OpenJDK 64-Bit Server VM 18.9 (build 11.0.7+10-LTS, mixed mode, sharing)

Step 2: Create tomcat user and group

We’ll be creating a dedicated system tomcat user and group.

sudo groupadd --system tomcat
sudo useradd -d /usr/share/tomcat -r -s /bin/false -g tomcat tomcat

Confirm creation:

$ getent passwd tomcat

$ getent group tomcat

Step 3: Install Tomcat 9 on Amazon Linux 2

Latest releases of Apache Tomcat software can be checked from the  Software releases page.

Run the following commands to download the latest version of Apache Tomcat 9 as of this article update.

sudo yum -y install wget
export VER="9.0.39"

Use tar command line tool to extract downloaded archive.

sudo tar xvf apache-tomcat-${VER}.tar.gz -C /usr/share/

Create Symlink to the folder /usr/share/tomcat. This is for easy updates.

sudo ln -s /usr/share/apache-tomcat-$VER/ /usr/share/tomcat

Update folder permissions:

sudo chown -R tomcat:tomcat /usr/share/tomcat
sudo chown -R tomcat:tomcat /usr/share/apache-tomcat-$VER/ 

The /usr/share/tomcat directory has the following sub-directories:

  • bin: contains the binaries and scripts (e.g and for Unixes and Mac OS X).
  • conf: contains the system-wide configuration files, such as server.xmlweb.xml, and context.xml.
  • webapps: contains the webapps to be deployed. You can also place the WAR (Webapp Archive) file for deployment here.
  • lib: contains the Tomcat’s system-wide library JAR files, accessible by all webapps. You could also place external JAR file (such as MySQL JDBC Driver) here.
  • logs: contains Tomcat’s log files. You may need to check for error messages here.
  • work: Tomcat’s working directory used by JSP, for JSP-to-Servlet conversion.

Create Tomcat Systemd service:

sudo tee /etc/systemd/system/tomcat.service<<EOF
Description=Tomcat Server


Environment='CATALINA_OPTS=-Xms512M -Xmx1024M'
ExecStart=/usr/share/tomcat/bin/ start
ExecStop=/usr/share/tomcat/bin/ stop


You can update CATALINA_OPTS values with your memory limits for Tomcat service.

Enable and start tomcat service:

sudo systemctl daemon-reload
sudo systemctl start tomcat
sudo systemctl enable tomcat

Service should be in the running state:

$ systemctl status tomcat
● tomcat.service - Tomcat Server
   Loaded: loaded (/etc/systemd/system/tomcat.service; enabled; vendor preset: disabled)
   Active: active (running) since Sat 2020-10-10 11:18:40 UTC; 49s ago
 Main PID: 30574 (java)
   CGroup: /system.slice/tomcat.service
           └─30574 /usr/lib/jvm/jre/bin/java -Djava.util.logging.config.file=/usr/share/tomcat/conf/ -Djava.util.logging.manager=org.apache.j...

Oct 10 11:18:40 systemd[1]: Starting Tomcat Server...
Oct 10 11:18:40 systemd[1]: Started Tomcat Server.

Allow Tomcat TCP port 8080 if you have firewalld service enabled.

sudo firewall-cmd --permanent --add-port=8080/tcp
sudo firewall-cmd --reload

Step 4: Configure Tomcat Authentication

We have to edit Tomcat configuration file to enable Admin and Manager UI roles.

sudo vim /usr/share/tomcat/conf/tomcat-users.xml

Add below lines before closing with </tomcat-users>

<role rolename="admin-gui"/>
<role rolename="manager-gui"/>
<user username="admin" password="[email protected]" fullName="Administrator" roles="admin-gui,manager-gui"/>


Configure Apache web server as a proxy for Tomcat server. First install httpd package.

sudo yum -y install httpd 

Create VirtualHost file for Tomcat Admin web interface:

$ sudo vim /etc/httpd/conf.d/tomcat_manager.conf
<VirtualHost *:80>
    ServerAdmin [email protected]
    DefaultType text/html
    ProxyRequests off
    ProxyPreserveHost On
    ProxyPass / http://localhost:8080/
    ProxyPassReverse / http://localhost:8080/


  • is the DNS name of your tomcat server.

For AJP connector, it will be configuration like this:

<VirtualHost *:80>

  ProxyRequests Off
  ProxyPass / ajp://localhost:8009/
  ProxyPassReverse / ajp://localhost:8009/

If SELinux is enabled run the following commands:

sudo setsebool -P httpd_can_network_connect 1
sudo setsebool -P httpd_can_network_relay 1
sudo setsebool -P httpd_graceful_shutdown 1
sudo setsebool -P nis_enabled 1

Restart httpd service:

sudo systemctl restart httpd
sudo systemctl enable httpd

If access is required from a network external to AWS, you may need to allow port 80 on Security group.

Step 5: Access Tomcat Web interface

Open your web browser and type the DNS name configured in Apache for Apache Tomcat.

You need to authenticate to view server status and manage Tomcat Applications.

You’ll then be able to check server status.

Deploy and manage Web applications.

Tomcat Virtual Host Management.

This is the end of our guide on installation of Tomcat 9 on Amazon Linux 2 server. The next article will capture securing Tomcat Server with an SSL Certificate.

Other articles on Amazon Linux:

Install GitLab CE on Amazon Linux 2 with Let’s Encrypt SSL

How To Install InfluxDB on Amazon Linux 2

How To Install Grafana on Amazon Linux 2


Please enter your comment!
Please enter your name here

19 − 13 =