Enterprise Java

Amazon Free Usage Tier: Installing Tomcat 7 on an EC2 Linux instance

Amazon Web Services offers a free usage tier for 12 months that allows developers to run anything they want in the cloud. The free tier comprises of 14 services of which the EC2 service is of most immediate interest to web developers. EC2 is a service that provides resizeable virtual computing by stopping and starting virtual instances of Windows and/or Linux. The Elastic Load Balancing service distributes incoming traffic across instances and will install new instances if failures occur.

Under the free tier offer a micro instance of Linux or Windows can be installed by selecting a pre-configured Amazon Machine Image. The image installs in your EC2 space where it can be configured, stopped and started as required. Security groups can be configured to allow SSH traffic to the instance thereby giving you root access and the power to configure it as if it were installed on a local machine.

In this tutorial I am going to show how to set up an EC2 instance, install and configure Java 7 and Tomcat 7 via SSH using Putty.

To complete this tutorial I will follow these steps:

  • Create an account with Amazon Web Services
  • Select an instance
  • Download and install Putty
  • Configure security groups
  • Connect via SSH using Putty
  • Download and install Java 7
  • Download, install and configure Tomcat 7
  • Use Tomcat’s manager to launch a WAR file

So lets get started:

Create an account with Amazon Web Services

To sign up for the 12 month free tier offer you will need to give address details, credit or debit card details and your telephone number. The sign up form is located here: http://aws.amazon.com/free/ and it takes just a few minutes to complete the process. As a security measure you will receive an automated telephone call and will be asked to enter a four digit number that appears on the screen into you phone.

Select an instance

With your newly created account you are ready to select an instance. Log into you account and from the list of Amazon Web Service select EC2.

Select the EC2 Web Service
Select the EC2 Web Service

You will enter the control panel of you EC2 instances. As yet you don’t have an instance installed. To install and instance click the button Launch Instance.

Launch an instance
Launch an instance

You will be presented with a pop-up menu from which you can select the type of instance to install.

Create a new instance
Create a new instance

The instance that you choose depends on your requirements and budget. As we are using the free usage tier I suggest that you select the Quick Launch Wizard option and the Amazon Linux AMI 2013.03.01 64 bit instance.

During the set up process an PEM file will be created, This is used by Putty yo access your instance. See below for further details.

Tip: If you return to the console and cannot see your instance it is likely that you don’t have the correct region selected. In the top right hand corner of the screen you can change the region.

Ensure that you enter a name for your instance and create a new key pair. Click continue to install the instance. It may take a few minutes to install and launch the instance. In the meantime we will download and install Putty.

Download and install Putty

Putty is an SSH client that allows remote access to the root of our Linux instance and can be downloaded from the www.putty.org website. Select the appropriate version for you operating system. While you are there you must also download PuttyGen. This application converts the PEM (Privacy Enhanced Mail Security Certificate) file generated when creating a Key Pair to a PPK file for use in Putty. This file provides authentication when connecting to your instance from Putty.

Once these two application are installed you can must convert the PEM file to a PPK file. Open up PuttyGen and load the PEM file then save it with a PPK extension.

Putty Key Generator
Putty Key Generator

Configure security groups

Security groups give access permission to traffic on specified ports. The SSH protocol uses port 22 and HTTP protocol uses ports 80 and 8080 so we must allow access to traffic on these ports.

The security group configuration is under the Network & Security menu. A default security group will have been set up for you and you now need to enter the inbound ports. Select the security group and click on the Inbound tab.

Configure Security Groups
Configure Security Groups

For each of the three ports select Custom TCP rule and enter the port number. Click add rule to add it. If there is an ALL group you should delete it. To save the changes click Apply Rule Changes.

Access has no been given to SSH traffic and HTTP traffic.

Connect via SSH using Putty

We are now ready to connect to our instance via Putty.

To configure Putty we need the following information:

  • The public DNS of your instance;
  • the PPK file we converted from PEM ealier and
  • the auto-login name.

The DNS of your instance can be found on the EC2Dashboard and will be in the form: ec2-XX-XXX-XX-XX.us-west-2.compute.amazonaws.com and will vary depending on the region that the instances is installed in.

Public DNS
Public DNS

The auto-login name should be: ec2-user

Launch Putty and on the Session screen enter the Public DNS in the Host Name input box and a name in the Saved Sessions box.

Putty Configuration
Putty Configuration

Switch to the Data screen which is under the Connection menu option and enter the user name in the login details box. Now switch to the Auth screen which is under SSH and Browse to the location where the PPK file is located.

Return to the Session screen and save the configuration. Click Open to connect.

Logged into Linux instance via SSH
Logged into Linux instance via SSH

Now you are logged into your instance of Linux on EC2.

Download and install Java 7

Now that we are logged in we will download Java 7. We will need root access so type sudo -i and navigate to the top directory. We are going to download and install Java into a new directory under usr. Create a new directory by doing: mkdir /usr/java and navigate to the java directory.

At the time of writing the latest version of Java 7 was Java SE Development Kit 7u40. So we will download this version. To avoid problems with cookies and the Oracle licence we do the following work-around:

wget --no-cookies --header "Cookie: gpw_e24=http%3A%2F%2Fwww.oracle.com" 

This should download in less than a minute.

Once downloaded we need to unpack it using tar: tar  zxpvf  jdk-7u40-linux-x64.tar.gz. This creates the directory jdk1.7.0_40 in which Java is installed.

Now we set the Java Home and will put Java into the path of our users using the following commands:

export  JAVA_HOME
export PATH

You can verify that Java is installed by doing: java -version this should print out java version “1.7.0_40″.

Download, install and configure Tomcat 7

We are going to download and install Tomcat 7 in the /usr/share directory by running the following two commands:

wget http://ftp.cixug.es/apache/tomcat/tomcat-7/v7.0.42/bin/apache-tomcat-7.0.42.tar.gz
tar zxpvf apache-tomcat-7.0.42.tar.gz

Tomcat will be unpacked and installed in the apache-tomcat-7.0.42 directory. We will now finish by configuring the Tomcat users and setting tomcat to launch automatically whenever the server restarted.

To configure Tomcat to launch automatically create a file called tomcat in the directory /etc/rc.d/init.d/ with the following contents:

# Tomcat init script for Linux.
# chkconfig: 2345 96 14
# description: The Apache Tomcat servlet/JSP container.
exec $CATALINA_HOME/bin/catalina.sh $*

I like to use nano to create and edit files but pico works just as well. Next, execute the following commands to set the proper permissions for your init script and enable Tomcat for auto-launch:

chmod 755 /etc/rc.d/init.d/tomcat
chkconfig --level 2345 tomcat on

Tomcat should now be automatically launched whenever your server restarts.

Now we need to set up the Tomcat users. This will allows access to the Manger Console in the Tomcat interface. The users are configured in a file called tomcat-user.xml which is stored in the apache-tomcat-7.0.42/config directory. Open this file using nano and edit the user permissions as below, changing the password as appropriate:

<role rolename="manager-gui"/>
<role rolename="manager-script"/>
<role rolename="manager-jmx"/>
<role rolename="manager-status"/>
<role rolename="admin-gui"/>

<user username="tomcat" password="winter04" roles="manager-gui,manager-status,admin-gui"/>
<user username="tomcattools" password="winter04" roles="manager-jmx,manager-script"/>

We have now configure all that needs to be configured. Go back to the EC2 console and reboot the instance by right clicking on the instance and selecting reboot. This should not take more that a few minutes.

Use Tomcat’s manager to launch a WAR file

Once the instance has rebooted, go to your browser and enter the public DNS of your instance followed by the port 8080. It should look something like this: ec2-XX-XXX-XX-XX.us-west-2.compute.amazonaws.com:8080. You will see the Tomcat Server Home Page. To access the manager application click on the Manager App button on the right-hand side. Enter the user name and password that you configured in the tomcat-users.xml file. You will see the web application manager console from which you can upload a WAR file. Scroll down to the Deploy section, from here you can select a WAR file and deploy it into Tomcat.

The URL of your web application will look something like this: ec2-XX-XXX-XX-XX.us-west-2.compute.amazonaws.com:8080/MyWebAppName


I have shown how to set up an EC2 micro.t1 Linux instance, install and configure Java 7 and Tomcat 7 and to deploy a WAR file. The 12 month free tier offer from Amazon Web Services includes much more that the EC2 instances. It worth taking a look at the Elastic Beanstalk service and how this can be used with Cloud based IDEs. See my article about Cloud based deployment pipeline.

Alex Theedom

Alex Theedom is a Senior Java Developer and has recently played a pivotal role in the architectural design and development of a microservice based, custom built lottery and instant win game platform. Alex has experience of Java web application development in a diverse range of fields including finance, e-learning, lottery and software development. He is the co-author of Professional Java EE Design Patterns and many articles.
Notify of

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Newest Most Voted
Inline Feedbacks
View all comments
10 years ago

Thank You!

10 years ago

Thanks a lot for a wonderful explanation! Just went through the whole process and it works like a charm!!!!

You rock buddy!

Alex Theedom
10 years ago
Reply to  Roman

You’re welcome. I am glad that it proved useful.

10 years ago


I followed the steps, but face a problem. Tomcat did not start automatically.

I see chckconfig status as below

tomcat 0:off 1:off 2:on 3:on 4:on 5:on 6:off

but no java process are running, tomcat log folder is empty. Can you help me to debug.


$ ls -ltr /etc/rc.d/init.d/tomcat
-rwxr-xr-x 1 root root 250 Feb 26 23:10 /etc/rc.d/init.d/tomcat

M Chisty
M Chisty
9 years ago

I have two questions,

Q1. If I pay for this (after the free trial period), can I have my own domain name e.g.
instead of XXXXX.amazonaws.com:8080/MyWebAppName,
can I have http://www.myname.com ?

Q2. If I develop a website and host it in Amazon, can I use it for commercial purpose? (E.G. I want to sell computers, develop a JEE based e-commerce website for this, host it, customers pay for items, generate revenue etc etc)

.. Chisty

Back to top button