Day 14 of 90 Days of DevOps Challenge: Mastering Apache Tomcat Web App Deployment

Yesterday, on day 13, I gained hands-on experience deploying a simple Java web application on an EC2 instance using Apache Tomcat. I created a Maven project, packaged it into a WAR file, deployed it to Tomcat’s webapps directory, and accessed it through the EC2 public IP. This helped me understand the basics of deployment and server access. Today, I aim to deepen my knowledge by enabling the Tomcat Admin Console, configuring user roles, changing the default port, and updating AWS Security Group settings.

Step-by-Step: Web App Deployment Process

1. Create a Maven Web Application

Create a new Maven web app in your EC2 user’s home directory:

mvn archetype:generate -DgroupId=dev.zerotoroot -DartifactId=my-web-app \
-DarchetypeArtifactId=maven-archetype-webapp \
-DarchetypeVersion=1.4 -DinteractiveMode=false

This command automates the creation of a basic Java web application structure using Maven, without any manual input.

mvn archetype:generate

This is a Maven goal used to create a new project from a project template (called an archetype).
It launches an interactive or automated process to generate the project structure.

-DgroupsI=dev.zerotoroot

• groupId is like a unique identifier for your organization or project.

• Follows Java package naming convention: dev.zerotoroot would translate to dev/zerotoroot in the directory structure.

• Often represents your domain name in reverse (e.g., com.company.project).

-DartifactId=my-web-app

• artifactId is the name of your project.

• It becomes the name of the folder created and is also used in the resulting .war file (e.g., my-web-app.war).

-DarchetypeArtifactId=maven-archetype-webapp

• Specifies which Maven archetype (template) to use.

• maven-archetype-webapp is the standard archetype for creating Java web applications (with web.xml, WEB-INF, etc.).

-DarchetypeVersion=1.4

• Specifies the version of the archetype to use.

• In this case, version 1.4 of the maven-archetype-webapp.

-DinteractiveMode=false

• Tells Maven to skip the interactive prompts (like asking for values).

• Uses the values you’ve passed directly via -D flags.

It creates a folder structure like:

codemy-web-app/
├── pom.xml
└── src/
    └── main/
        └── webapp/
            └── WEB-INF/
                └── web.xml

2. Build the WAR File

Package your Maven project:

cd my-web-app
mvn clean package

This will create a .war file inside the target folder.

3. Deploy WAR to Tomcat

Copy the .war file to the Tomcat webapps folder:

cp my-web-app/target/my-web-app.war  apache-tomcat-10.1.41/webapps/

4. Start Tomcat Server

Navigate to the Tomcat bin directory and start the server:

cd apache-tomcat-10.1.41/bin
sh startup.sh

NOTE: Enable port 8080 in your EC2 instance's Security Group (Inbound Rule).

5. Access the Web App

http://<EC2-public-IP>:8080/my-web-app

Successfully built and deployed sample java web application

Enabling Tomcat Admin Console Access

By default, Tomcat Manager GUI access is restricted to localhost. To make it accessible remotely:

1. Modify context.xml

Edit this file:

apache-tomcat-10.1.41/webapps/manager/META-INF/context.xml
vi context.xml

Replace the <Valve> section as shown:

<Context antiResourceLocking="false" privileged="true">
  <Valve className="org.apache.catalina.valves.RemoteAddrValve" allow=".*" />
</Context>

2. Add Tomcat Users

Edit the tomcat-users.xml file:

apache-tomcat-10.1.41/conf/tomcat-users.xml

Add the following roles and users:

<role rolename="manager-gui"/>
<role rolename="manager-script"/>
<role rolename="admin-gui"/>

<user username="tomcat" password="tomcat" roles="manager-gui"/>
<user username="admin" password="admin" roles="manager-gui,admin-gui,manager-script"/>

Restart Tomcat after making these changes.

cd ~                           # go to home dir
cd apache-tomcat-10.1.41/bin   
sh startup.sh

Access Admin Console

http://<EC2-public-IP>:8080/

Our website console should look something like this

• Click on Manager App

• Login using the credentials from tomcat-users.xml

• From here, you can deploy, undeploy, and manage web apps via GUI.

Changing Tomcat Server Port

Tomcat listens on port 8080 by default. To change it:

1. Edit server.xml

apache-tomcat-10.1.41/conf/server.xml

Find this line:

<Connector port="8080" protocol="HTTP/1.1"

Change it to your desired port, e.g., 9090.

2. Restart Tomcat

sh shoudown.sh         # stop server
sh startup.sh          # start server

3. Enable the New Port in EC2 Security Group

Allow the newly configured port in your instance's inbound rules.

New URL:

http://<EC2-public-IP>:9090/

Final thoughts

Working with Tomcat today gave me a much deeper understanding of how web applications are managed beyond basic deployment. From setting up admin access and user roles to tweaking port configurations and updating AWS security settings. it all felt like piecing together a live production environment. It was great to see the .war file running in the browser and manage it through the Tomcat interface. Overall, today’s progress made the entire deployment process feel more complete and real, marking a meaningful step forward in my DevOps journey.