Day 14 of 90 Days of DevOps Challenge: Mastering Apache Tomcat Web App Deployment


Yesterday, on day 13, I gained hands-on experience deploying a simple Java web application on an EC2 instance using Apache Tomcat. I created a Maven project, packaged it into a WAR file, deployed it to Tomcat’s webapps
directory, and accessed it through the EC2 public IP. This helped me understand the basics of deployment and server access. Today, I aim to deepen my knowledge by enabling the Tomcat Admin Console, configuring user roles, changing the default port, and updating AWS Security Group settings.
Step-by-Step: Web App Deployment Process
1. Create a Maven Web Application
Create a new Maven web app in your EC2 user’s home directory:
mvn archetype:generate -DgroupId=dev.zerotoroot -DartifactId=my-web-app \
-DarchetypeArtifactId=maven-archetype-webapp \
-DarchetypeVersion=1.4 -DinteractiveMode=false
This command automates the creation of a basic Java web application structure using Maven, without any manual input.
mvn archetype:generate
This is a Maven goal used to create a new project from a project template (called an archetype).
It launches an interactive or automated process to generate the project structure.
-DgroupsI=dev.zerotoroot
groupId
is like a unique identifier for your organization or project.Follows Java package naming convention: dev.zerotoroot would translate to dev/zerotoroot in the directory structure.
Often represents your domain name in reverse (e.g.,
com.company
.project
).
-DartifactId=my-web-app
artifactId
is the name of your project.It becomes the name of the folder created and is also used in the resulting
.war
file (e.g.,my-web-app.war
).
-DarchetypeArtifactId=maven-archetype-webapp
Specifies which Maven archetype (template) to use.
maven-archetype-webapp
is the standard archetype for creating Java web applications (withweb.xml
,WEB-INF
, etc.).
-DarchetypeVersion=1.4
Specifies the version of the archetype to use.
In this case, version
1.4
of themaven-archetype-webapp
.
-DinteractiveMode=false
Tells Maven to skip the interactive prompts (like asking for values).
Uses the values you’ve passed directly via
-D
flags.
It creates a folder structure like:
codemy-web-app/
├── pom.xml
└── src/
└── main/
└── webapp/
└── WEB-INF/
└── web.xml
2. Build the WAR File
Package your Maven project:
cd my-web-app
mvn clean package
This will create a .war
file inside the target
folder.
3. Deploy WAR to Tomcat
Copy the .war
file to the Tomcat webapps
folder:
cp my-web-app/target/my-web-app.war apache-tomcat-10.1.41/webapps/
4. Start Tomcat Server
Navigate to the Tomcat bin
directory and start the server:
cd apache-tomcat-10.1.41/bin
sh startup.sh
NOTE: Enable port 8080 in your EC2 instance's Security Group (Inbound Rule).
5. Access the Web App
http://<EC2-public-IP>:8080/my-web-app
Successfully built and deployed sample java web application
Enabling Tomcat Admin Console Access
By default, Tomcat Manager GUI access is restricted to localhost. To make it accessible remotely:
1. Modify context.xml
Edit this file:
apache-tomcat-10.1.41/webapps/manager/META-INF/context.xml
vi context.xml
Replace the <Valve>
section as shown:
<Context antiResourceLocking="false" privileged="true">
<Valve className="org.apache.catalina.valves.RemoteAddrValve" allow=".*" />
</Context>
2. Add Tomcat Users
Edit the tomcat-users.xml
file:
apache-tomcat-10.1.41/conf/tomcat-users.xml
Add the following roles and users:
<role rolename="manager-gui"/>
<role rolename="manager-script"/>
<role rolename="admin-gui"/>
<user username="tomcat" password="tomcat" roles="manager-gui"/>
<user username="admin" password="admin" roles="manager-gui,admin-gui,manager-script"/>
Restart Tomcat after making these changes.
cd ~ # go to home dir
cd apache-tomcat-10.1.41/bin
sh startup.sh
Access Admin Console
http://<EC2-public-IP>:8080/
Our website console should look something like this
Click on Manager App
Login using the credentials from
tomcat-users.xml
From here, you can deploy, undeploy, and manage web apps via GUI.
Changing Tomcat Server Port
Tomcat listens on port 8080
by default. To change it:
1. Edit server.xml
apache-tomcat-10.1.41/conf/server.xml
Find this line:
<Connector port="8080" protocol="HTTP/1.1"
Change it to your desired port, e.g., 9090
.
2. Restart Tomcat
sh shoudown.sh # stop server
sh startup.sh # start server
3. Enable the New Port in EC2 Security Group
Allow the newly configured port in your instance's inbound rules.
New URL:
http://<EC2-public-IP>:9090/
Final thoughts
Working with Tomcat today gave me a much deeper understanding of how web applications are managed beyond basic deployment. From setting up admin access and user roles to tweaking port configurations and updating AWS security settings. it all felt like piecing together a live production environment. It was great to see the .war file running in the browser and manage it through the Tomcat interface. Overall, today’s progress made the entire deployment process feel more complete and real, marking a meaningful step forward in my DevOps journey.
Subscribe to my newsletter
Read articles from Vaishnavi D directly inside your inbox. Subscribe to the newsletter, and don't miss out.
Written by
