eiConsole v.24R1
Documentation
eiPlatform
Installation Guide – Linux
Step 1: Installing OpenJDK Java 17
Install the JDK by first updating the package manager cache by running the following commands:
sudo apt update
sudo apt upgrade
sudo apt install openjdk-17-jdk
java -versionYou should see the following output:
Step 2: Download and Install Apache Tomcat 10
For security purposes, Tomcat should run under a separate, unprivileged user. Run the following command to create a user called tomcat:
sudo useradd -m -d /opt/tomcat -U -s /bin/false tomcatBy supplying /bin/false as the user’s default shell, you ensure that it’s not possible to log in as tomcat.
To install Tomcat, you’ll need the latest Core Linux build for Tomcat 10, which you can get from the downloads page.
Select the latest Core Linux build, ending in .tar.gz
Copy the downloaded file to the /tmp directory.
Navigate to the /tmp directory:
cd /tmpThen, extract the archive you downloaded by running:
sudo tar xzvf apache-tomcat-10*tar.gz -C /opt/tomcat --strip-components=1Since you have already created a user, you can now grant Tomcat ownership over the extracted installation by running:
sudo chown -R tomcat:tomcat /opt/tomcat/
sudo chmod -R u+x /opt/tomcat/binConfiguring Admin Users
To gain access to the Manager and Host Manager pages, you’ll define privileged users in Tomcat’s configuration. You will need to remove the IP address restrictions, which disallows all external IP addresses from accessing those pages.
Tomcat users are defined in /opt/tomcat/conf/tomcat-users.xml. Open the following file for editing…
/opt/tomcat/conf/tomcat-users.xml… and add the following lines before the ending tag:
<role rolename="manager-gui" />
<user username="manager" password="manager_password" roles="manager-gui" />
<role rolename="admin-gui" />
<user username="admin" password="admin_password" roles="manager-gui,admin-gui" />Replace the manager_password and admin_password passwords with your own. When you’re done, save and close the file.
Here you define two user roles, manager-gui and admin-gui, which allow access to Manager and Host Manager pages, respectively. You also define two users, manager and admin, with relevant roles.
By default, Tomcat is configured to restrict access to the admin pages, unless the connection comes from the server itself. To access those pages with the users you just defined, you will need to edit config files for those pages. It is not recommended to do this as it may provide a security risk.
To remove the restriction for the Manager page, open the following two config files for editing:
/opt/tomcat/webapps/manager/META-INF/context.xml
/opt/tomcat/webapps/host-manager/META-INF/context.xmlComment out the following in each file:
<!-- <Valve className="org.apache.catalina.valves.RemoteAddrValve"
allow="127\.\d+\.\d+\.\d+|::1|0:0:0:0:0:0:0:1" /> -->Creating a System Service
The systemd service that you will now create will keep Tomcat quietly running in the background. The systemd service will also restart Tomcat automatically in case of an error or failure.
Tomcat, being a Java application itself, requires the Java runtime to be present, which you installed with the JDK in step 1. Before you create the service, you need to know where Java is located. You can look that up by running the following command:
sudo update-java-alternatives -lThe output will be similar to this:
/usr/lib/jvm/java-1.17.0-openjdk-arm64Note the path where Java resides, listed in the last column. You’ll need the path momentarily to define the service.
You’ll store the tomcat service in a file named tomcat.service, under /etc/systemd/system. Create the file for editing using the following commands
touch /etc/systemd/system/tomcat.service
sudo gedit /etc/systemd/system/tomcat.servicePaste the following contents into the file:
[Unit]
Description=Tomcat
After=network.target
[Service]
Type=forking
User=tomcat
Group=tomcat
UMask=0222
Environment="JAVA_HOME=/usr/lib/jvm/java-1.17.0-openjdk-arm64"
Environment="JAVA_OPTS=-Djava.security.egd=file:///dev/urandom"
Environment="CATALINA_BASE=/opt/tomcat"
Environment="CATALINA_HOME=/opt/tomcat"
Environment="CATALINA_PID=/opt/tomcat/temp/tomcat.pid"
Environment="CATALINA_OPTS=-Xms512M -Xmx1024M -server -XX:+UseParallelGC"
ExecStart=/opt/tomcat/bin/startup.sh
ExecStop=/opt/tomcat/bin/shutdown.sh
RestartSec=10
Restart=always
[Install]
WantedBy=multi-user.targetWhen you’re done, save and close the file.
Reload the systemd daemon so that it becomes aware of the new service:
sudo systemctl daemon-reloadYou can then start the Tomcat service by typing:
systemctl start tomcatThen, look at its status to confirm that it started successfully:
systemctl status tomcatYou should see something like this:
To enable Tomcat to start up with the system, run the following command:
sudo systemctl enable tomcatNow that the Tomcat service is running, you can configure the firewall to allow connections to Tomcat. Then, you will be able to access its web Interface.
Tomcat uses port 8080 to accept HTTP requests.
Determine the IP of the server and access the Tomcat Console with:
http://<serverIP>:8080/Step 3: Deployment of the eiPlatform WAR into Tomcat
- Download the eip.war from the PilotFish Customer Portal
You can login to the customer portal with your eiConsole license credentials. If you don’t have credentials or do not see the needed eip.war file, reach out to support@pilotfishtechnology.com for assistance. - It will be named something like eip.war.hs.23R1.127. Rename it to eip.war.
- Navigate to the Tomcat installation directory and select the webapps subdirectory. The eip.war file should be copied into that directory.
/opt/tomcat/webapps - Copy your pflicense file into the webapps\eip folder.
You can login to the customer portal with your eiConsole license credentials and download it. If you don’t have credentials or do not see the pflicense, reach out to support@pilotfishtechnology.com for assistance - Restart Tomcat using the instructions below.
How to start and stop the Tomcat service:sudo systemctl start tomcat
sudo systemctl stop tomcat - Go to the logs /opt/tomcat/webapps/eip/logs where the eip.log file is at and then review and confirm there are no startup errors.
