Skip to content

esri‐tomcat Cookbook Recipes

Jump to bottom Edit New page
Cameron Kroeker edited this page Dec 3, 2021 · 5 revisions

esri-tomcat cookbook installs and configures Apache Tomcat for using with ArcGIS Web Adaptor.

Brief descriptions of esri-tomccat cookbook recipes along with cookbook attributes are available at README.md. This page provides more detailed descriptions of the recipes and specifies attributes used by each recipe.

configure_ssl

Configures HTTPS listener in Apache Tomcat application server.

{
  "tomcat": {
    "version" : "8.5.63",
    "instance_name" : "arcgis",
    "user": "tomcat_arcgis",
    "group": "tomcat_arcgis",
    "install_path" : "/opt/tomcat_arcgis_8.5.63",
    "keystore_type" : "PKCS12",
    "keystore_file" : "/tomcat_arcgis/conf/resources/sslcerts/sslcert.pfx",
    "keystore_password": "change.it",
    "domain_name": "domain.com",
    "ssl_enabled_protocols" : "TLSv1.2,TLSv1.1,TLSv1"
  },
  "run_list" : [
    "recipe[esri-tomcat::configure_ssl]"
  ]
}

Note: If the specified keystore file does not exists, the recipe generates a self-signed SSL certificate for the specified domain.

default

Installs Apache Tomcat, and configures HTTPS listener. If node['tomcat']['forward_ports'] attribute is true (default value), the recipe also configures port forwarding (80 to 8080 and 443 to 8443) using iptables or firewalld recipes.

{
  "tomcat": {
    "version" : "8.5.63",
    "instance_name" : "arcgis",
    "user": "tomcat_arcgis",
    "group": "tomcat_arcgis",
    "install_path" : "/opt/tomcat_arcgis_8.5.63",
    "keystore_type" : "PKCS12",
    "keystore_file" : "/tomcat_arcgis/conf/resources/sslcerts/sslcert.pfx",
    "keystore_password": "change.it",
    "domain_name": "domain.com",
    "ssl_enabled_protocols" : "TLSv1.2,TLSv1.1,TLSv1",
    "tarball_path": "/opt/software/archives/apache-tomcat-8.5.63.tar.gz",
    "forward_ports": true
  },
  "run_list" : [
    "recipe[esri-tomcat]"
  ]
}

Note: If the specified keystore file does not exists, the recipe generates a self-signed SSL certificate for the specified domain.

firewalld

Configures port forwarding (80 to 8080 and 443 to 8443) using FirewallD.

Note: If firewalld service was started by the recipe, the recipe executes a script specified by node['tomcat']['firewalld']['init_cmd'] which by default opens all the TCP ports on the machine.

{
  "tomcat": {
    "firewalld": {
      "init_cmd": "firewall-cmd --zone=public --permanent --add-port=0-65535/tcp"
    }
  },
  "run_list" : [
    "recipe[esri-tomcat::firewalld]"
  ]
}

install

Installs Apache Tomcat application server.

{
  "tomcat": {
    "version" : "8.5.63",
    "instance_name" : "arcgis",
    "user": "tomcat_arcgis",
    "group": "tomcat_arcgis",
    "install_path" : "/opt/tomcat_arcgis_8.5.63",
    "tarball_path": "/opt/software/archives/apache-tomcat-8.5.63.tar.gz"
  },
  "run_list" : [
    "recipe[esri-tomcat::install]"
  ]
}

iptables

Configures port forwarding (80 to 8080 and 443 to 8443) using iptables.

{
  "run_list" : [
    "recipe[esri-tomcat::iptables]"
  ]
}

openjdk

Installs OpenJDK for Apache Tomcat from a local or remote tarball.

{
  "java": {
    "version": "11",
    "tarball_path": "/opt/software/archives/openjdk-11_linux-x64_bin.tar.gz"
  },
  "run_list": [
    "recipe[esri-tomcat::openjdk]"
  ]
}
Add a custom footer
Add a custom sidebar
Clone this wiki locally