Introduction
Please note, cPanel & WHM does not support Tomcat on servers that run CentOS 8.
Please note, it is not possible to proxy requests to Tomcat via LiteSpeed. If you use LiteSpeed instead of Apache your Tomcat application will only be available through the Tomcat assigned port.
The following guide shows how to set up a test application with Tomcat 8 and EasyApache. This is an excellent way to get an understanding of the basic concepts for setting up a Tomcat application and verify that Tomcat works on your cPanel server.
The entire procedure is done via SSH as the root user.
These commands can be copied and pasted directly as they are presented if you are simply creating a test account to verify that Tomcat is working on the server. You may also replace the example username and domain with your own to set up a new account with a working test application to start off with.
Procedure
- Ensure that the required packages are installed:
yum install ea-tomcat85 rng-tools -y
- Create a test account that you can use temporarily to verify that Tomcat is working:
whmapi1 createacct username=tcattest domain=tcat.tld password=$(openssl rand -base64 12)
- Add Tomcat to the user:
/scripts/ea-tomcat85 add tcattest
- Add access to the ubic utility for the user's shell:
echo "export PATH=$(dirname $(readlink /usr/local/cpanel/3rdparty/bin/perl)):$PATH" >> /home/tcattest/.bashrc
- If the server is using Cloudlinux, run the following commands to add Java to the CageFS mount:
cagefsctl --addrpm tzdata-java
cagefsctl --force-update - Add the required context within the <Host ... > element of the server.xml configuration in
/home/tcattest/ea-tomcat85/conf/server.xml:<Context path="" docBase="/home/tcattest/ea-tomcat85/webapps/ROOT/">
</Context>The result should appear like the following in the server.xml file:
<Host name="localhost" appBase="webapps" unpackWARs="true" autoDeploy="false" deployOnStartup="false" deployXML="false">
An empty path value defines means this application will be the default application loaded for this Tomcat instance, if you need to the application to load at another path such as /tomcat you would need to update the path.
<Context path="" docBase="/home/tcattest/ea-tomcat85/webapps/ROOT/">
</Context> - Copy the test application into place:
sudo -u tcattest cp -avp /opt/cpanel/ea-tomcat85/test.jsp /home/tcattest/ea-tomcat85/webapps/ROOT/
- Restart the Tomcat private instance:
su - tcattest -s /bin/bash -c 'ubic restart ea-tomcat85'
- Locate the connector port:
egrep 'Connector port.*HTTP' /home/tcattest/ea-tomcat85/conf/server.xml
- Ensure that the connector port number is allowed in your server's firewall and reload the firewall rules.
- Use the connector port along with your server's public IP to verify that the test application is working properly:
lynx --dump http://x.x.x.x:CONNECTORPORTHERE/test.jsp
- After confirming the application is working you can close the port externally, the port only needs to be accessible from within the server for the proxy configuration to work.
- Locate the AJP port:
egrep 'Connector port.*AJP' /home/tcattest/ea-tomcat85/conf/server.xml
- Set up a ProxyPass configuration so that Apache can serve the application.
For example, in the
/etc/apache2/conf.d/userdata/std/2_4/cpuser/example.com/custom.conffile, you would include this content:<IfModule proxy_ajp_module>
A more detailed guide can be found here that includes an example for port 443 (https): How to Proxy Tomcat to Apache.
ProxyPass "/cptest" "ajp://127.0.0.1:AJPPORTHERE/"
</IfModule> - Rebuild the Apache configuration and restart Apache:
/scripts/rebuildhttpdconf && /scripts/restartsrv_httpd
- Update your local hosts file with your fake/test domain if needed, as outlined here, so that the final test works: How to Modify Your Hosts File.
- Test with the domain to verify that the ProxyPass configuration works:
lynx --dump http://tcat.tld/test.jsp