Desired Outcome:
Get phpMyAdmin functioning on Centos7 Server, which would include things like Apache Tomcat and PHP
Modified Desired Outcome — now I’m finding that Apache Tomcat is more in line with Java development vs PHP. Strategically, people use HTTPD (Apache) port 80 for web and php stuff and have HTTPD forward Java/JSP stuff over to Tomcat (port 8080). This means that, for now, the Apache Tomcat and Java Project is concluded. I need to resolve how I’m going to get Apache HTTPD running – on same server as Tomcat? I’d like to be running PHP apps like SugarCRM — XREF to http://wiki.apache.org/tomcat/UsingPhp
General overview of project, from perspective of phpMyAdmin, is:
phpMyAdmin is a free software tool written in PHP, intended to handle the administration of MySQL over the Web. phpMyAdmin supports a wide range of operations on MySQL and MariaDB. Frequently used operations (managing databases, tables, columns, relations, indexes, users, permissions, etc) can be performed via the user interface, while you still have the ability to directly execute any SQL statement.
Note: This document is getting too long — covering Java, Apache, Firewalld. Will break up the rest (php, phpMyAdmin) on another post.
Q: Where is the mail web-site for go-to information (manuals, FAQ, etc)?
A: https://www.phpmyadmin.net/
A: For documentation — http://docs.phpmyadmin.net/en/latest/
A: For Apache Tomcat installers — http://tomcat.apache.org/download-80.cgi
Q: What are the main components needed for installation?
A: http://docs.phpmyadmin.net/en/latest/require.html – List of requirements with details
Note: Summary of various components to install is:
OK -Java Installation
Note: Tomcat requires that Java is installed on the server, so any Java web application code can be executed. Let’s satisfy that requirement by installing OpenJDK 7 with yum.
OK -Web Server — I’m going to use Apache Tomcat because it’s closest to LongJump Infrastructure and uses Java
Note: Apache Tomcat is a web server and servlet container that is used to serve Java applications. Tomcat is an open source implementation of the Java Servlet and JavaServer Pages technologies, released by the Apache Software Foundation.
Note: Details about Apache Tomcat 8 – http://tomcat.apache.org/tomcat-8.0-doc/index.html
Note: https://www.digitalocean.com/community/tutorials/how-to-install-apache-tomcat-8-on-centos-7
-php 5.5 or newer
-MariaDB 5.5 or newer (Note: I already have this installed)
-phpMyAdmin — Which is installed into Web-Server
-Web Browser (eg FireFox) to interact with phpMyAdmin on Web-Server, with cookies and JavaScript enabled
Q: Are there any pre-requisite things to do on server before proceeding (ie server updates, etc)?
A: Didn’t have to, but I’m sure I need to be doing updates at some point.
Installation Notes:
Java installation
Q: How do I know I don’t already have Java installed? – Summary: I don’t.
A: java -version
Note: -bash: java: command not found – not installed
A: javac
Notes: -bash: javac: command not found
A: locate jdk or locate java – to see if you have the java binary. Don’t forget to run updatedb if you are using locate for the first time.
Note: Additional info on locate and updatedb – http://www.liquidweb.com/kb/how-to-install-mlocate-locate-and-updatedb-commands-on-centos-7/
Note: Initially blank for both “locate jdk” and “locate java”
Note: When I ran “updatedb or sudo updatedb” there was no command
NOTE: For now, I’m moving on from locate, but I’ll circle back after and review the document link
A: which java
Note: /usr/bin/which: no java in (/usr/local/bin:/usr/bin:/usr/local/sbin:/usr/sbin:/home/paul/.local/bin:/home/paul/bin) — this is the most conclusive response so far re: is Java installed or not
A: sudo aptitude search
A: sudo aptitude search jdk
Note: The key is to look for the symbol “small letter i” to the left — means that it’s installed
EG: rpm -qa Maria*
Returns this:
[paul@localhost ~]$ rpm -qa Maria*
MariaDB-shared-10.1.8-1.el7.centos.x86_64
MariaDB-common-10.1.8-1.el7.centos.x86_64
MariaDB-client-10.1.8-1.el7.centos.x86_64
MariaDB-server-10.1.8-1.el7.centos.x86_64
A: yum list jdk
Note: Returns if installed or available – not installed
Q: How do I know I’m getting the correct and latest version of Java?
Note: I was advised to do “sudo yum install java-1.7.0-openjdk-devel” – OpenJDK 7 JDK
Note: Info on various version of JDK – http://openjdk.java.net/install/
Note: For building Tomcat 8, JDK 7 is fine – https://tomcat.apache.org/tomcat-8.0-doc/building.html
Q: Where do I get the software from?
A: sudo yum install java-1.7.0-openjdk-devel
Note: I went to the JDK site and it gives me more info on options – http://openjdk.java.net/install/index.html
JDK7 – Fedora, Oracle Linux, Red Hat Enterprise Linux, etc.
On the command line, type:
$ su -c “yum install java-1.7.0-openjdk”
The java-1.7.0-openjdk package contains just the Java Runtime Environment. If you want to develop Java programs then install the java-1.7.0-openjdk-devel package.
Q: Before installing Java, is this folder existing — /usr/lib/jvm/jre
A: No
Q: What steps to install and configure for Java?
A: sudo yum install java-1.7.0-openjdk-devel
Q: Quick aside — how to verify available disk space?
A: df -h (the -h means human readable) — I’m OK
Q: How to verify Java installed?
A: java -version
java version “1.7.0_91”
OpenJDK Runtime Environment (rhel-2.6.2.1.el7_1-x86_64 u91-b00)
OpenJDK 64-Bit Server VM (build 24.91-b01, mixed mode)
A: which java
/usr/bin/java
A: rpm -qa java*
java-1.7.0-openjdk-devel-1.7.0.91-2.6.2.1.el7_1.x86_64
javapackages-tools-3.4.1-6.el7_0.noarch
java-1.7.0-openjdk-headless-1.7.0.91-2.6.2.1.el7_1.x86_64
java-1.7.0-openjdk-1.7.0.91-2.6.2.1.el7_1.x86_64
A: yum list java*
Installed Packages
java-1.7.0-openjdk.x86_64 1:1.7.0.91-2.6.2.1.el7_1 @updates
java-1.7.0-openjdk-devel.x86_64 1:1.7.0.91-2.6.2.1.el7_1 @updates
java-1.7.0-openjdk-headless.x86_64 1:1.7.0.91-2.6.2.1.el7_1 @updates
javapackages-tools.noarch 3.4.1-6.el7_0 @base
Create a user for Tomcat
Note: For security purposes, Tomcat should be run as an unprivileged user (i.e. not root). We will create a new user and group that will run the Tomcat service.
Q: How to create a group and a user for Tomcat?
A: sudo groupadd tomcat
Q: How to list all groups, including one I just created?
A: cut -d: -f1 /etc/group
Q: How do you create a new user and add to a group?
Note: We’ll make this user a member of the tomcat group, with a home directory of /opt/tomcat (where we will install Tomcat), and with a shell of /bin/false (so nobody can log into the account):
A: sudo useradd -M -s /bin/nologin -g tomcat -d /opt/tomcat tomcat
Install Tomcat webserver
Q: How to find the latest version of Tomcat?
A: http://tomcat.apache.org/download-80.cgi
Note: Answer is: 8.0.28
Q: How to find the file?
A: Under the Binary Distributions section, then under the Core list, copy the link to the “tar.gz”.
Note: http://www.us.apache.org/dist/tomcat/tomcat-8/v8.0.28/bin/apache-tomcat-8.0.28.tar.gz
Q: How to download the latest binary distribution to our home directory.
A: Go to Home by entering: cd~
Note: I entered pwd (Print Working Directory) and got: \home\paul
Q: How to download the file to the server?
A: wget http://www.us.apache.org/dist/tomcat/tomcat-8/v8.0.28/bin/apache-tomcat-8.0.28.tar.gz
ISSUE: I don’t think wget is installed yet as that command didn’t work
Q: How to check to see if wget is installed?
A: rpm -q wget
package wget is not installed
Q: How to install wget?
A: sudo yum install wget
Installed:
wget.x86_64 0:1.14-10.el7_0.1
Q: How to check is wget is installed (triple-checking)”
A: rpm -q wget
wget-1.14-10.el7_0.1.x86_64
Q: How to download the file to the server? Now that I have wget installed.
A: wget http://www.us.apache.org/dist/tomcat/tomcat-8/v8.0.28/bin/apache-tomcat-8.0.28.tar.gz
Wow… that was fast to download – only 8.7MB
How to create the directory for tomcat and install the software?
Q: How to create the directory that I’ll install tomcat into?
Note: We’re going to install Tomcat to the /opt/tomcat directory. Create the directory, then extract the archive to it with these commands:
A: sudo mkdir /opt/tomcat
Q: How to install tomcat?
A: sudo tar xvf apache-tomcat-8*tar.gz -C /opt/tomcat –strip-components=1
Q: How to setup permissions?
Note: The tomcat user that we set up needs to have the proper access to the Tomcat installation. We’ll set that up now.
A: Change to the Tomcat installation directory with: cd /opt/tomcat
Note: We will give the tomcat user write access to the conf directory, and read access to the files in that directory.
A: sudo chgrp -R tomcat conf
A: sudo chmod g+rwx conf
A: sudo chmod g+r conf/*
Q: How to give tomcat user have access to various directories — tomcat user the owner of the webapps, work, temp, and logs directories
A: sudo chown -R tomcat webapps/ work/ temp/ logs/
How to create a systemd unit file — nearly there
Note: Because we want to be able to run Tomcat as a service, we will set up a Tomcat Systemd unit file.
Q: How to create and open the new unit file?
A: sudo vi /etc/systemd/system/tomcat.service
Note: Will paste in this content and there is a note about: You may also want to modify the memory allocation settings that are specified in CATALINA_OPTS. Will come back to that.
Note: Here’s what I pasted in:
# Systemd unit file for tomcat
[Unit]
Description=Apache Tomcat Web Application Container
After=syslog.target network.target
[Service]
Type=forking
Environment=JAVA_HOME=/usr/lib/jvm/jre
Environment=CATALINA_PID=/opt/tomcat/temp/tomcat.pid
Environment=CATALINA_HOME=/opt/tomcat
Environment=CATALINA_BASE=/opt/tomcat
Environment=’CATALINA_OPTS=-Xms512M -Xmx1024M -server -XX:+UseParallelGC’
Environment=’JAVA_OPTS=-Djava.awt.headless=true -Djava.security.egd=file:/dev/./urandom’
ExecStart=/opt/tomcat/bin/startup.sh
ExecStop=/bin/kill -15 $MAINPID
User=tomcat
Group=tomcat
[Install]
WantedBy=multi-user.target
NOTE: I had made some mistakes when creating the file initially, after pasting — somehow removed the first lines “#” character. To save initially, I went out of Insert Mode with the Escape Key and did: wq!
Because it ends up being a read only file, I had to edit and save as root
su –
vi xxxx — directory and file name
Insert
Make the correction
Escape
:wq!
Note: The script above tells the server to run the Tomcat service as the tomcat user, with the settings specified.
Reloading and starting the webserver
Q: How do I reload Systemd to load the Tomcat unit file?
A: sudo systemctl daemon-reload
Q: How do I check to see what services are running right now, before loading a new service?
A: service –status-all (dash dash status dash all)
NOTE: When I did that there was a reference to an error with MySQL — maybe this will be fixed soon…
ERROR! MySQL is running but PID file could not be found
netconsole module not loaded
Configured devices:
lo enp0s25
Currently active devices:
lo enp0s25
Q: How to I start the Tomcat service with this systemctl command?
A: sudo systemctl start tomcat
Q: How to load automatically on server boot?
A: sudo systemctl enable tomcat
Q: How to access the webserver as an interim step?
A: From a web-browser: http://10.0.0.50:8080
Note: Not working – timing out
Q: How to check which version of Tomcat installed.
Note: You have to be in the install directory (/opt/tomcat directory first)
[paul@localhost tomcat]$ java -cp lib/catalina.jar org.apache.catalina.util.ServerInfo
Server version: Apache Tomcat/8.0.28
Server built: Oct 7 2015 18:25:21 UTC
Server number: 8.0.28.0
OS Name: Linux
OS Version: 3.10.0-123.9.3.el7.x86_64
Architecture: amd64
JVM Version: 1.7.0_91-mockbuild_2015_10_21_20_22-b00
JVM Vendor: Oracle Corporation
NOTE: Looks like the “netstat” command in Centos7 has been deprecated. Now need to use “ss”
ss -tpln (Note that it finds port 8080 in listen mode)
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 100 127.0.0.1:25 *:*
LISTEN 0 128 *:22 *:*
LISTEN 0 100 ::1:25 :::*
LISTEN 0 1 ::ffff:127.0.0.1:8005 :::*
LISTEN 0 100 :::8009 :::*
LISTEN 0 80 :::3306 :::*
LISTEN 0 100 :::8080 :::*
LISTEN 0 128 :::22 :::*
NOTE: I think the issue is that the JAVA_HOME path within the tomcat.service file is not actually pointing to where Java is installed.
Q: Where do I think Java is installed?
A: /usr/lib/jvm/jre-1.7.0-openjdk-1.7.0.91-2.6.2.1.el7_1.x86_64
Q: What change made to tomcat.service file?
A: sudo vi /etc/systemd/system/tomcat.service
Was: Environment=JAVA_HOME=/usr/lib/jvm/jre
Now: Environment=JAVA_HOME=/usr/lib/jvm/jre-1.7.0-openjdk-1.7.0.91-2.6.2.1.el7_1.x86_64
Restart Daemon with: sudo systemctl daemon-reload
Restart tomcat with: sudo systemctl start tomcat
Changed tomcat.service file again
Was: Environment=JAVA_HOME=/usr/lib/jvm/jre-1.7.0-openjdk-1.7.0.91-2.6.2.1.el7_1.x86_64
Now: Environment=JAVA_HOME=/usr/lib/jvm/jre-1.7.0-openjdk
NOTE: I think this Java setting is correct as Apache Tomcat worked when I turned off the firewall
No change.
While Port 8080 is listening, I’m wondering if a firewall port still has to be addressed.
Note: Formerly iptables and in Centos7 it’s firewalld
XREF to: https://fedoraproject.org/wiki/FirewallD
Q: Is Firewalld running?
Note: Key info on firewalld — https://oracle-base.com/articles/linux/linux-firewall-firewalld
A: systemctl status firewalld
Yes
WOW!!! This install is insane, but forcing me to learn a ton…
Firewall Configuration:
Note: I had a hunch that everything was working, but the CentOS Server firewall was blocking port 8080
Note: Did this command, which temporarily stops the firewall — systemctl stop firewalld
From a browser: http://10.0.0.50:8080 — it works and shows the Tomcat splash screen
If you’re seeing this, you’ve successfully installed Tomcat. Congratulations!
Note: Obviously, it’s not good to have the firewall shutdown, but at least I know that Java and Tomcat are functioning. This post at the end alluded to stopping the firewall, which gave me the idea — https://www.centos.org/forums/viewtopic.php?t=2532
Q: How do I change firewall port via CLI — Note: I need to come back to firewalld and learn more about this
A: firewall-cmd –zone=public –add-port=8080/tcp –permanent
Note: Maybe not good to have done this
Note: Firewalld service can be stopped, but issues starting, for some reason
Q: What is command to review log?
A: journalctl -xn
Note: this is not really pointing to anything
— Logs begin at Mon 2015-11-23 22:14:45 PST, end at Tue 2015-11-24 10:25:06 PST
Nov 24 10:25:06 localhost.localdomain NetworkManager[744]:
Nov 24 10:25:06 localhost.localdomain NetworkManager[744]:
Nov 24 10:25:06 localhost.localdomain NetworkManager[744]:
Nov 24 10:25:06 localhost.localdomain NetworkManager[744]:
Nov 24 10:25:06 localhost.localdomain dbus[630]: [system] Activating via systemd
Nov 24 10:25:06 localhost.localdomain dbus-daemon[630]: dbus[630]: [system] Acti
Nov 24 10:25:06 localhost.localdomain systemd[1]: Starting Network Manager Scrip
— Subject: Unit NetworkManager-dispatcher.service has begun with start-up
— Defined-By: systemd
— Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
—
— Unit NetworkManager-dispatcher.service has begun starting up.
Nov 24 10:25:06 localhost.localdomain dbus-daemon[630]: dbus[630]: [system] Succ
Nov 24 10:25:06 localhost.localdomain dbus[630]: [system] Successfully activated
Nov 24 10:25:06 localhost.localdomain systemd[1]: Started Network Manager Script
— Subject: Unit NetworkManager-dispatcher.service has finished start-up
— Defined-By: systemd
— Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
—
— Unit NetworkManager-dispatcher.service has finished starting up.
—
— The start-up result is done.
lines 1-23/23 (END)
Maybe it wasn’t a good idea to have entered this — firewall-cmd –zone=public –add-port=8080/tcp –permanent
I think I had issues after that where the firewalld will not start up again
Note: This is a dump from firewalld after attempting to start:
[root@localhost ~]# systemctl stop firewalld.service
[root@localhost ~]# systemctl start firewalld.service
Job for firewalld.service failed. See ‘systemctl status firewalld.service’ and ‘journalctl -xn’ for details.
[root@localhost ~]# journalctl -xn
— Logs begin at Mon 2015-11-23 22:14:45 PST, end at Tue 2015-11-24 10:25:06 PST
Nov 24 10:25:06 localhost.localdomain NetworkManager[744]:
Nov 24 10:25:06 localhost.localdomain NetworkManager[744]:
Nov 24 10:25:06 localhost.localdomain NetworkManager[744]:
Nov 24 10:25:06 localhost.localdomain NetworkManager[744]:
Nov 24 10:25:06 localhost.localdomain dbus[630]: [system] Activating via systemd
Nov 24 10:25:06 localhost.localdomain dbus-daemon[630]: dbus[630]: [system] Acti
Nov 24 10:25:06 localhost.localdomain systemd[1]: Starting Network Manager Scrip
— Subject: Unit NetworkManager-dispatcher.service has begun with start-up
— Defined-By: systemd
— Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
—
— Unit NetworkManager-dispatcher.service has begun starting up.
Nov 24 10:25:06 localhost.localdomain dbus-daemon[630]: dbus[630]: [system] Succ
Nov 24 10:25:06 localhost.localdomain dbus[630]: [system] Successfully activated
Nov 24 10:25:06 localhost.localdomain systemd[1]: Started Network Manager Script
— Subject: Unit NetworkManager-dispatcher.service has finished start-up
— Defined-By: systemd
— Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
—
— Unit NetworkManager-dispatcher.service has finished starting up.
—
— The start-up result is done.
[root@localhost ~]# firewall-cmd –zone=public –add-port=8080/tcp –permanent
success
[root@localhost ~]# systemctl status firewalld
firewalld.service – firewalld – dynamic firewall daemon
Loaded: loaded (/usr/lib/systemd/system/firewalld.service; enabled)
Active: failed (Result: timeout) since Tue 2015-11-24 10:24:54 PST; 13min ago
Main PID: 7724
CGroup: /system.slice/firewalld.service
Nov 24 10:24:53 localhost.localdomain systemd[1]: firewalld.service operation…
Nov 24 10:24:54 localhost.localdomain systemd[1]: Failed to start firewalld -…
Nov 24 10:24:54 localhost.localdomain systemd[1]: Unit firewalld.service ente…
Hint: Some lines were ellipsized, use -l to show in full.
[root@localhost ~]# systemctl stop firewalld.service
[root@localhost ~]# systemctl status firewalld
firewalld.service – firewalld – dynamic firewall daemon
Loaded: loaded (/usr/lib/systemd/system/firewalld.service; enabled)
Active: failed (Result: timeout) since Tue 2015-11-24 10:24:54 PST; 14min ago
Main PID: 7724
CGroup: /system.slice/firewalld.service
Nov 24 10:24:53 localhost.localdomain systemd[1]: firewalld.service operation…
Nov 24 10:24:54 localhost.localdomain systemd[1]: Failed to start firewalld -…
Nov 24 10:24:54 localhost.localdomain systemd[1]: Unit firewalld.service ente…
Nov 24 10:38:52 localhost.localdomain systemd[1]: Stopped firewalld – dynamic…
Hint: Some lines were ellipsized, use -l to show in full.
[root@localhost ~]# systemctl start firewalld.service
Job for firewalld.service failed. See ‘systemctl status firewalld.service’ and ‘journalctl -xn’ for details.
[root@localhost ~]# firewall-cmd –zone=public –add-port=8080/tcp –permanent^C
[root@localhost ~]#
systemctl status firewalld (Checking status of firewalld)
firewalld.service – firewalld – dynamic firewall daemon
Loaded: loaded (/usr/lib/systemd/system/firewalld.service; enabled)
Active: failed (Result: timeout) since Tue 2015-11-24 10:40:35 PST; 4h 28min ago
Main PID: 8987
CGroup: /system.slice/firewalld.service
Nov 24 10:40:34 localhost.localdomain systemd[1]: firewalld.service operation timed out…g.
Nov 24 10:40:35 localhost.localdomain systemd[1]: Failed to start firewalld – dynamic f…n.
Nov 24 10:40:35 localhost.localdomain systemd[1]: Unit firewalld.service entered failed…e.
Hint: Some lines were ellipsized, use -l to show in full.
Dissecting this firewall command
firewall-cmd –zone=public –add-port=8080/tcp –permanent
firewall-cmd –list-all
Shows the 8080 rule within Public (That makes sense)
–add-port=
–remove-port=
–query-port=
firewall-cmd –query-port=8080/tcp
Returns with: yes
firewall-cmd –remove-port=8080/tcp
Success – 8080 not there anymore
Note: This means I’ve now reversed what I had CLI’d into the firewall
Having now manually removed what I did manually (the 8080 rule), stopping and starting firewalld still gives error.
Shutdown (restarted) server
A: shutdown -r now
Note: Didn’t quite get to root of it, but firewalld is running now without error:
systemctl status firewalld
firewalld.service – firewalld – dynamic firewall daemon
Loaded: loaded (/usr/lib/systemd/system/firewalld.service; enabled)
Active: active (running) since Tue 2015-11-24 15:33:41 PST; 1min 28s ago
Main PID: 618 (firewalld)
CGroup: /system.slice/firewalld.service
ΓΆΓΆ618 /usr/bin/python -Es /usr/sbin/firewalld –nofork –nopid
And, of course, I tried //http://10.0.0.50:8080/ and it loaded fine.
Finishing up the Tomcat installation
Note: I noticed that while I have a web-page with Tomcat showing, I need a user account to log-in with
Q: How do I create an account so I can use the manager webapp that comes with Tomcat. Need to add a login to the Tomcat server.
A: sudo vi /opt/tomcat/conf/tomcat-users.xml (Edit this file)
Note: Need to add a user who can access the manager-gui and admin-gui (webapps that come with Tomcat). You can do so by defining a user similar to the example below. Be sure to change the username and password to something secure:
A: Kept the various comments in for reference and added this entry:
Note:
Save and quit — :wq (used root)
Restart the Tomcat service — sudo systemctl restart tomcat
How to I access/reaccess browser — in my case I just refreshed my web-page via Firefox
http://10.0.0.50:8080/
Note: Didn’t work when clicking on button “manager app”
Note: Instruction were to go to: 10.0.0.50:8080/manager/html
Instructions within the .xml file shows making changes for both user and role — I only had done for user
Now its:
Issue: Prompt for username and password not working for what I configured within .xml file
Restarted server with — shutdown -r now
What’s throwing me off are the comments, so with the .xml file — at the top — I have:
Note: XREF to — http://examples.javacodegeeks.com/enterprise-java/tomcat/tomcat-users-xml-configuration-example/
Resolved re: Manager App
Note: This .xml file is nightmare with the comments
A: Made a cp (copy) of the file with extension .bak (for a backup)
A: Created a new .xml file and entered this:
Restarted tomcat
Worked!