In my previous blog, titled Monthly Linux Tip: Getting Started with an ESRI AWS AMI, we discussed tips and tricks on working with Esri AMIs. Today, we will expand upon that and investigate one of the AMIs built-in features; Tomcat! If you have not already done so, please review that blog before continuing with this blog.
One of the benefits to using an Esri AMI is that Tomcat comes bundled in the image. However, it can be a bit challenging to configure. This blog aims to break down the process of setting up Tomcat in a simple manner. Please find the table of contents below:
- Where is Tomcat Located?
- Enabling Tomcat User
- Securing Tomcat (Optional)
- Registering Web Adaptor to Tomcat
Please be aware that in this blog, I will be using the following Esri AMI:
1. Where is Tomcat Located?
After we have created our Esri AMI and we have properly SSH’ed into it, we ask ourselves, “where is Tomcat”? Great question! That is found over in the /opt directory as shown below:
Notice how we have directory tomcat_arcgis and directory tomcat_arcgis_8.5.45. The tomcat_arcgis is simply a symbolic link to the tomcat_arcgis_8.5.45 (i.e. a shortcut to that directory). Navigating into that folder, you may notice that tomcat_arcgis is the UID and GID for each folder:
Furthermore, trying to navigate into any of these folders gives us bash error Permission denied. So what do we do? We have a few ways around this, but simplest way is to enable this tomcat_arcgis user.
2. Enabling Tomcat User
“What do you mean enable the tomcat_arcgis user? Shouldn’t it be enabled by default”? The short answer is no; the tomcat_arcgis is not enabled by default. Attempting to switch to that account proves this to be true as shown below:
Notice how the shell prompt shows our user still as the ubuntu default user. To enable the tomcat_arcgis user, all that is needed is to run the following command: usermod -s /bin/bash/ tomcat_arcgis. The reason why the tomcat_arcgis user is disabled is because upon AMI creation, it doesn’t not have an existing shell associated with the account. This will modify the tomcat_arcgis user’s shell to use Bash, same as our ubuntu and arcgis users.
Now we are successfully logged in as the tomcat_arcgis user and we can begin configuring Tomcat to our desired specifications.
3. Securing Tomcat (Optional)
Now that you have access to the tomcat_arcgis user, you can proceed forward with registering the ArcGIS Web Adaptor. However, doing so would mean that we have not secured our Tomcat web server to use secure communication. Additionally, you may wish to configure Tomcat in specific ways to meet your specific needs.
We won’t look at different ways to handle configuration of the web server as it can vastly differ. Rather, it is important to note that should you go into production with this AMI, it is highly recommended that you secure your web server.
4. Registering Web Adaptor to Tomcat
Now as our final test, we are ready to attempt registering our Web Adaptor! In this blog, I have a standalone ArcGIS Server that is licensed and configured already. First, I need to switch over to the arcgis user and navigate to /arcgis/webadaptor10.8/java/tools. Please see below:
Once here, we will run the configurewebadaptor.sh script. If you’re not too familiar with how to run the tool, the usage help will assist you. Simply run command ./configurewebadaptor.sh -h to bring up the usage help. Let’s run the tool and see if we can successfully register the Web Adaptor:
Success! To validate we are good to go, attempt accessing your ArcGIS Server in a browser via the Web Adaptor:
As shown in the above screen capture, yes, we are successful! Again, it is important to note that this is simply a demonstration environment. Environments in production will utilize certificates to ensure proper encryption and secure communication is met.
In this blog, we went over tips and tricks on how to setup the bundled Tomcat web server in an Esri AWS AMI. Please let me know in the comments if this was helpful to you and what content you would like to see for next month. Thank you for reading this Monthly Linux Tip!