Nethence NEWDOC OLDDOC Lab Webmail Your IP BBDock  

Setting up a Tomcat Container

Note. tomcat8 spits on 8080 by default, but you should also expose 8443 just in case you enable SSL on the Tomcat side (doing it on the reverse proxy might be enough).

Running the ubuntucustom container

Launch a contained based on the custom/ubuntu image,

docker ps -a | grep $app
docker run -d --name $app -h $app \
        -p 80XX:8080 -p 84XX:8443 \
        -v $volume:/$app \
        --cap-add=SYS_PTRACE \
docker ps -a | grep $app
docker logs $app
docker exec -ti $app bash
#docker exec -ti $app service tomcat8 start
#docker exec -ti $app ps aux

Note. change port 80XX & 84XX depending on what’s available (docker ps -a) e.g. 8001 & 8401 Note. --cap-add=SYS_PTRACE to make the [init script work] (

I am assuming those variables are already set, just like it’s done on the custom/ubuntu image in /etc/bash.bashrc,

    export DEBIAN_FRONTEND=noninteractive
export TERM=xterm

Installing Tomcat 8 on the custom/ubuntu container

apt -y install tomcat8 tomcat8-admin
dpkg -l | grep tomcat
dpkg -l | grep jdk

    cd ~/
    ln -s /var/lib/tomcat8/conf
    ln -s /var/lib/tomcat8/logs
    ln -s /var/lib/tomcat8/webapps

    cp -pi /var/lib/tomcat8/conf/tomcat-users.xml /var/lib/tomcat8/conf/tomcat-users.xml.dist
    vi /var/lib/tomcat8/conf/tomcat-users.xml

      <role rolename="manager-gui"/>
      <user username="tomcat" password="PASSWORD" roles="manager-gui"/>

echo "manager-gui: tomcat / PASSWORD" >> ~/README

    cd /var/lib/tomcat8/conf/
    #cp -pi server.xml server.xml.dist
    grep autoDeploy server.xml
    grep unpackWARs server.xml

Note. change PASSWORD accordingly.

Prevent the stupid WARNINGs about non existent folders,

    cd ~/conf/
    mv -p
    chown root:tomcat8

(Optional) Use Oracle Java instead of OpenJDK

    apt -y install software-properties-common apt-transport-https
    echo debconf shared/accepted-oracle-license-v1-1 select true | debconf-set-selections
    echo debconf shared/accepted-oracle-license-v1-1 seen true | debconf-set-selections
    echo '' | add-apt-repository ppa:webupd8team/java >/dev/null
    apt -y update
    apt -y install oracle-java8-installer

cd /etc/default/
cp -pi tomcat8 tomcat8.dist

vi tomcat8
#JAVA_OPTS="-Djava.awt.headless=true -Xmx128m -XX:+UseConcMarkSweepGC"
JAVA_OPTS="-Djava.awt.headless=true -Xms1g -Xmx3g -XX:+UseConcMarkSweepGC"

update-java-alternatives -s java-8-oracle
    #update-alternatives --config java
    ll /usr/bin/java
    ll /etc/alternatives/java

echo "JAVA_HOME=/usr/lib/jvm/java-8-oracle" >> /etc/bash.bashrc
source /etc/bash.bashrc

Note. webupd8team/java provides Ubuntu only pkgs, no more Jessie repo available :-/

Ready to go

Start the daemon (assuming the container was started with --cap-add=SYS_PTRACE),

service tomcat8 start

make sure it’s running the Java version you want (e.g. of you installed Oracle Java),

ps aux | grep java

Check that the service responds with a web browser,


Everything’s fine? Clean-up /var/log/tomcat8/ and possibly uneeded apps from webapps and backup the container as an image then,

    docker commit -p tomcatprod tomcatprod.`date +%s`.ready

Setup tomcat-SSL

TODO (as long as it is catched by local reverse proxy that provides ssl to the world, it’s not so mandatory to switch to https)

Reverse Proxy

You can now setup the reverse proxy to link to 80XX or 84XX (sslproxyengine) if you’ve already setup tomcat-SSL. See Setting up a Reverse Proxy with Apache


Operating a Tomcat Container