Tomcat startup
Jump to navigation
Jump to search
What is the perfect way to start a tomcat server on i.e. CentOS which uses port 80?
The current (8.5) tomcat brings a jsvc service binary which - after compiling it yourself - can be used for privilege separation.
Compile the jsvc program:
cd $CATALINA_HOME/bin
tar xvfz commons-daemon-native.tar.gz
cd commons-daemon-1.0.x-native-src/unix
./configure
make
cp jsvc ../..
cd ../..
Generate a tomcat user and group for your server:
groupadd tomcat
useradd -M -s /bin/nologin -g tomcat -d /opt/tomcat tomcat
So using systemd startup script:
# Systemd unit file for tomcat
[Unit]
Description=Apache Tomcat Web Application Container
After=syslog.target network.target
[Service]
Type=forking
Environment=JAVA_HOME=/usr/lib/jvm/jre
Environment=CATALINA_PID=/opt/tomcat/temp/tomcat.pid
Environment=CATALINA_HOME=/opt/tomcat
Environment=CATALINA_BASE=/opt/tomcat
Environment='CATALINA_OPTS=-Xms512M -Xmx1024M -server -XX:+UseParallelGC'
Environment='JAVA_OPTS=-Djava.awt.headless=true -Djava.security.egd=file:/dev/./urandom'
ExecStart=/opt/tomcat/bin/daemon.sh --tomcat-user tomcat start
ExecStop=/opt/tomcat/bin/daemon.sh stop
[Install]
WantedBy=multi-user.target