Unable to reach tomcat server 9.x running on EC2 Red hat linux 9
I installed Tomcat 9.x on EC2(Linux server) and started the service. I'm able to hit the URL on port 8080 if I run the curl command on the linux server. I'm not able to reach the tomcat server from a browser running on my laptop though.
Please see the commands that I ran.
[ec2-user@ip-172-31-93-84 ~]$ curl -I ec2-3-93-63-56.compute-1.amazonaws.com:8080
HTTP/1.1 200
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Date: Sat, 21 Oct 2023 16:57:35 GMT
netstat -lnp | grep 8080
(Not all processes could be identified, non-owned process info
will not be shown, you would have to be root to see it all.)
tcp6 0 0 :::8080 :::* LISTEN 3036/java
ps -ef | grep tomcat
tomcat 3036 1 0 17:21 pts/1 00:00:09 /u01/java/latest/bin/java -Djava.util.logging.config.file=/u01/config/instance1/conf/logging.properties -Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager -Djdk.tls.ephemeralDHKeySize=2048 -Djava.protocol.handler.pkgs=org.apache.catalina.webresources -Dorg.apache.catalina.security.SecurityListener.UMASK=0027 -Dignore.endorsed.dirs= -classpath /u01/tomcat/latest/bin/bootstrap.jar:/u01/tomcat/latest/bin/tomcat-juli.jar -Dcatalina.base=/u01/config/instance1 -Dcatalina.home=/u01/tomcat/latest -Djava.io.tmpdir=/u01/config/instance1/temp org.apache.catalina.startup.Bootstrap start
If I run the above curl command on my laptop, it does not work. I tried hitting this URL -> ec2-3-93-63-56.compute-1.amazonaws.com:8080 from a web browser on my laptop, but that also did not work.
So I'm not able to hit the tomcat web server remotely. From what little I know, port 8080 needs to be open on the linux server and it is open as shown in the image shared below. If you know what is that I'm missing, please let me know. Thanks for your help in advance.
Note: I followed the instructions in the below article to install Tomcat on Red hat Linux. https://oracle-base.com/articles/linux/apache-tomcat-9-installation-on-linux#:~:text=Create%20a%20user%20called%20%22tomcat,the%20new%20%22tomcat%22%20user.&text=Install%20the%20JDK%20from%20the,%2Fu01%2Fjava%22%20directory.
I found the link below when trouble shooting. Step 4 mentions that I need to specify the allowed IP range in the tomcat context.xml files. This was not mentioned in the first article. I tried this also, but it did not help.
- Newest
- Most votes
- Most comments
From the screenshot of your security group rules, you need to add an inbound rule whose source is your laptop IP (or widen this to 0.0.0.0/0 for troubleshooting until you get it working), IPv4, protocol TCP, port 8080.
Relevant content
- asked a year ago
- Accepted Answerasked 7 months ago
- asked 6 months ago
- asked 2 years ago
AWS OFFICIALUpdated 3 months ago- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated 23 days ago
- AWS OFFICIALUpdated 9 months ago
Thanks, Steve. My screenshot does not show the IP range. I do have the 0.0.0.0/0 IP for HTTP protocol, port 80. I have attached the detailed view of the security groups this time.
FYI only, I installed the Apache HTTP server on the Linux server today and shutdown Tomcat. I was able to hit the Apache HTTP server from the browser on my laptop. When I type the DNS of the Linux server on my browser, the Red hat linux test page shows up. So it appears that port 8080 is open.
If I disable Apache HTTP and start Tomcat, I'm not able to hit Tomcat from the browser on my laptop. But I'm able to run the curl command using localhost or the DNS successfully on the Linux server. I shared the commands that I ran in my first post. So it appears that it has something to do with Tomcat and port 8080.
If you refer to Step 4 in the link below, this is what it says. I updated the context.xml and added my IP. I shutdown tomcat and restarted it, but it did not help. So I'm at a loss as to what is happening. I checked the tomcat logs, but I don't see any error in the log files.
https://tecadmin.net/install-tomcat-9-on-centos-8/
Step 4 – Enable Host/Manager for Remote IP By default Tomcat manager and host-manager, pages are enabled to access from localhost only. To access these pages from the remote system, you have to allow your IP or IP range in the application-specific context.xml file.
Apache listens on port 80, and there is a security group rule allowing access on this port - the second one on your screenshot.
Tomcat (when it's running) listens on port 8080, and the security group needs to have a separate rule for that port.
Thanks a lot, Steve. Really appreciate the help. It's my mistake. I thought port 80 and 8080 were the same.