pescobar.apache_tomcat

This is an Ansible role for installing and configuring Apache Tomcat on CentOS/RHEL systems.

Requirements

Make sure to have the following:

• Supported Tomcat versions:
  • 7.0
  • 8.0
  • 8.5
  • 9.0 (9.0.1 or later)
• Operating system: CentOS/RHEL 7
• SELinux must be disabled.

Installation

To install this role, run:

$ ansible-galaxy install pescobar.apache_tomcat

Example Playbooks

Playbook to Install Java from CentOS RPMs

- hosts: servers

  vars:
    tomcat_users:
      - username: "tomcat"
        password: "t3mpp@ssw0rd"
        roles: "tomcat,admin,manager,manager-gui"
      - username: "exampleuser"
        password: "us3rp@ssw0rd"
        roles: "tomcat"

  roles:
    - role: pescobar.apache_tomcat

Playbook to Install Java Using External Role

- hosts: servers

  vars:
    tomcat_install_java: false   # We install Java using role pescobar.java_openjdk
    tomcat_java_home: /opt/java  # Location of Java

    tomcat_users:
      - username: "tomcat"
        password: "t3mpp@ssw0rd"
        roles: "tomcat,admin,manager,manager-gui"
      - username: "exampleuser"
        password: "us3rp@ssw0rd"
        roles: "tomcat"        

  roles:
    - role: pescobar.java_openjdk
    - role: pescobar.apache_tomcat

Key Variables

• tomcat_version: Define the Tomcat version to install.

Reviewable Variables:

• tomcat_install_java: Set to True to install OpenJDK; set it to False if you don’t want Java to be installed.
• tomcat_java_version: Default is 1.8. Latest version is 11.
• tomcat_install_path: Default installation location is /opt.
• JVM Memory Management:
  • tomcat_jvm_memory_percentage_xms: Minimum JVM heap size as a percentage of total memory (default 15%).
  • tomcat_jvm_memory_percentage_xmx: Maximum JVM heap size as a percentage of total memory (default 55%).
• Access Restrictions:
  • tomcat_allow_manager_access_only_from_localhost: Set to True for local access only.
  • tomcat_allow_host_manager_access_only_from_localhost: Set to True for local access only.
• tomcat_users: List of users to create (refer to example for format).
• tomcat_debug_mode: Set to True for remote debugging; default port is tcp/8000.

File Permissions:

• For production (tomcat_permissions_production set to True), files are owned by root; otherwise, they are owned by Tomcat.
• Automatic Deployment: tomcat_webapps_auto_deployment should ideally be set to False for security.

Tomcat Ports:

• Connector Port: tomcat_port_connector: 8080
• Shutdown Port: tomcat_port_shutdown: 8005
• Redirect Port: tomcat_port_redirect: 8443
• AJP Port: tomcat_port_ajp: 8009
• Debug Port: tomcat_port_debug: 8000

Defaults:

• tomcat_service_name: tomcat
• tomcat_service_enabled_on_startup: True

Uninstallation

• To uninstall Tomcat, set tomcat_state to absent.
• Backups are created by default before uninstallation.
• To remove Java, set tomcat_uninstall_remove_java to True.
• To keep the Tomcat user and group, set tomcat_uninstall_remove_user and tomcat_uninstall_remove_group to False.
• To remove everything, set tomcat_uninstall_remove_all to True.