Apache Tomcat is a popular open source web server and servlet container used to run Java web applications. In this comprehensive 2600+ word guide, we will cover the key aspects of starting, stopping and managing Tomcat instances on Linux systems from an expert developer perspective.

Overview of Apache Tomcat

Apache Tomcat is developed and maintained by the Apache Software Foundation as an open source implementation of Java Servlet and JavaServer Pages technologies. Some key points about Tomcat:

  • Implements specifications for Java-based web apps including Servlets and JSPs
  • Used to serve dynamic web content, server side processing and connect to databases
  • Integrates with other Java technologies and frameworks like Spring Boot
  • Available as a zip/tar.gz binary distribution or Linux packages
  • Recent production version is Tomcat 10 while version 9 is still widely used

Now let‘s discuss the methods for running Tomcat instances on a Linux server.

Starting and Stopping Tomcat Using Startup Scripts

If you have downloaded and unpacked a Tomcat binary distribution, the easiest way to run it is using the provided startup scripts.

To do so, first navigate to the bin directory inside your Tomcat installation:

cd apache-tomcat/bin

This directory contains various scripts for controlling Tomcat:

Tomcat Scripts Directory

As you can see, the main scripts for starting and stopping Tomcat are startup.sh and shutdown.sh.

To start Tomcat in the background simply run:

./startup.sh

If successful, you will see output like this indicating the process ID:

Tomcat started.

The process ID of the running Tomcat will also be written to the tomcat.pid file.

To verify that Tomcat started successfully, use the lsof command to check process listening on port 8080:

sudo lsof -i -P | grep 8080

Stopping Tomcat can be done via the shutdown script:

./shutdown.sh

This will terminate the running Java processes gracefully and clear the PID file.

Tomcat Configuration Best Practices

There are several important configuration best practices to follow when setting up and running Apache Tomcat instances:

Optimize JVM Memory Settings

The amount of memory allocated to Java and Tomcat has a major influence on performance. As a rule of thumb for efficient memory usage:

  • Set minimum heap size -Xms equal to maximum size -Xmx. Example based on 8GB system:
-Xms4096m -Xmx4096m

  • Max heap size between 1/2 to 3/4 of total system memory

  • Use incremental sizing (512MB, 1GB etc) for easier troubleshooting

These JVM options can be configured via Tomcat‘s setenv.sh script or custom /etc/sysconfig/tomcat file on Linux systems.

Run Tomcat With Dedicated User

For security and process isolation, always run Tomcat using a dedicated tomcat user account rather than root.

Follow this process to set this up:

  1. Create tomcat group: sudo groupadd tomcat
  2. Create tomcat user: sudo useradd -r -g tomcat -d /opt/tomcat tomcat
  3. Change ownership of Tomcat folder: sudo chown -RH tomcat:tomcat /opt/tomcat

The first two steps only need to be done once per server, while ownership may need to be changed per Tomcat installation.

Point JAVA_HOME to Full JDK

For Tomcat‘s Java processes, always set JAVA_HOME to reference a full JDK installation rather than just the JRE runtime. This gives access to key tools that can help debug issues with Java apps running on Tomcat.

Here is an example setting for a Tomcat unit file pointing to Amazon Corretto JDK:

Environment="JAVA_HOME=/usr/lib/jvm/java-11-amazon-corretto"

Secure Tomcat With Best Practices

Since Apache Tomcat powers business critical web applications, it is crucial to properly secure instances against attacks and unauthorized access. Some key areas to address are:

Remove Unused Apps

Delete any unused webapps from Tomcat‘s webapps folder such as manager, docs and examples. It is security best practice not to keep these installed if not needed.

Identify currently installed webapps:

ls webapps/

Then delete individual ones like:

rm -rf webapps/manager

Lock Down Admin Consoles

Edit tomcat-users.xml and configure roles/passwords for admin apps:

<user username="admin" password="Str0ngPassw0rd" roles="manager-gui,admin-gui"/>

Enable HTTPS

Generate a Java keystore containing the SSL certificate for the server and configure SSL connector in server.xml:

<Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true" scheme="https" 
           keystoreFile="/path/to/keystore" keystorePass="changeit"
           clientAuth="false" sslProtocol="TLS"/>

Tomcat Performance Tuning and Best Practices

Here are some additional optimizations to improve Tomcat performance and scalability from a development perspective:

Tune Thread Pools

Configure optimal values for various thread pools that handle incoming requests:

<Executor name="tomcatThreadPool" namePrefix="tomcat-exec-"  
    maxThreads="300" minSpareThreads="50"/>

<Connector executor="tomcatThreadPool" acceptCount="100"  
    maxConnections="1000"  
    maxThreads="300" minSpareThreads="50"/>

<Host name="localhost" appBase="webapps" unpackWARs="true"  
    autoDeploy="true">

    <Valve className="org.apache.catalina.valves.AccessLogValve" 
        directory="logs"  suffix=".txt" pattern="common"/>

    <Executor name="tomcatThreadPool" namePrefix="tomcat-exec-" 
        maxThreads="300" minSpareThreads="50"/>

    </Host>

Profile Bottlenecks

Use VisualVM or JConsole to monitor CPU/memory usage and isolate slow performing requests:

[code]

Add additional debug logging to problematic application code flows to speed up troubleshooting of bottlenecks.

Consider Other JVM parameters

Set parameters like -Djava.net.preferIPv4Stack=true and -XX:+UseParallelGC for faster concurrent garbage collection.

Tomcat High Availability and Scaling Strategies

For production environments, we need to plan for high availability to avoid downtime as well as scalability to handle increasing traffic.

Clustering for High Availability

With clustering, we configure a backup node so that if the primary Tomcat fails, the second one can automatically take over. Common strategies utilize a shared database or file system to replicate sessions data between nodes. Some considerations for clusters:

  • Use sticky sessions ensure user session data is directed consistently
  • Replicate webapps with a shared drive or CI/CD pipeline
  • Example server.xml fragment:
<Cluster className="org.apache.catalina.ha.tcp.SimpleTcpCluster"
         channelSendOptions="8">

    <Manager className="org.apache.catalina.ha.session.DeltaManager"
         expireSessionsOnShutdown="false"
         notifyListenersOnReplication="true"/>

    <Channel className="org.apache.catalina.tribes.group.GroupChannel">
        <Membership className="org.apache.catalina.tribes.membership.McastService"
                    address="228.0.0.4"
                    port="45564" 
                    frequency="500"
                    dropTime="3000"/>
        <Receiver className="org.apache.catalina.tribes.transport.nio.NioReceiver"
                  address="auto"
                  port="4000"
                  autoBind="100"
                  selectorTimeout="5000"
                  maxThreads="6"/>

        <Sender className="org.apache.catalina.tribes.transport.ReplicationTransmitter">
            <Transport className="org.apache.catalina.tribes.transport.nio.PooledParallelSender"/>
        </Sender>
        <Interceptor className="org.apache.catalina.tribes.group.interceptors.TcpFailureDetector"/>
        <Interceptor className="org.apache.catalina.tribes.group.interceptors.MessageDispatchInterceptor"/>
    </Channel>
    <Valve className="org.apache.catalina.ha.tcp.ReplicationValve" filter=""/>
    <Valve className="org.apache.catalina.ha.session.JvmRouteBinderValve"/>
    <ClusterListener className="org.apache.catalina.ha.session.ClusterSessionListener"/>
</Cluster>

For better scale, also consider options like adding more powerful hardware, using Nginx for load balancing rather than Tomcat clustering etc.

Upgrading Tomcat Versions

When planning to upgrade the Apache Tomcat version running your Java applications, keep these best practices in mind:

Always Take Backups

Before upgrading any production system, take complete backups of the Tomcat installation and webapps to enable rollback in case of issues. Shut down Tomcat fully before taking filesystem backups.

Follow Upgrade Process Steps

  1. Review release notes for possible breaking changes
  2. Install upgraded Tomcat version side-by-side
  3. Shut down old Tomcat process
  4. Migrate custom config files like server.xml
  5. Deploy/redeploy webapps
  6. Start new Tomcat process

Test In Lower Environments

Conduct a complete upgrade test in dev/stage servers before attempting to upgrade production systems. Monitor app functionality closely post upgrade looking for impacts.

Conclusion

Running Java applications on Apache Tomcat brings powerful capabilities but also important configuration, optimization and scaling considerations for reliable delivery. Hopefully this guide has provided expert insight into managing Tomcat instances securely and efficiently. Let me know if you have any other questions!

Related posts:

  1. A Complete Guide to Tomcat Logging in Linux
  2. Jetty vs Tomcat: An In-Depth Comparison for Java Devs
  3. Expert Guide: Managing High-Volume Tomcat Logs on Windows
  4. Setting Up Load Balancing for Apache Tomcat: A Comprehensive Guide
  5. Apache Tomcat Tutorial for Beginners
  6. All-Encompassing Guide: Setting up an Apache Tomcat Reverse Proxy
  7. How to Enable or Disable Hardware Acceleration in Discord
  8. The Comprehensive Guide to Lists in Go

Similar Posts