π Deploy a Java Web App to Remote Tomcat Using Jenkins + Maven | AWS EC2 Setup
π§° Overview
In a real-world CI/CD setup, Jenkins and Tomcat often run on different servers. This guide shows how to:
β
Set up Jenkins on one EC2 instance
β
Install and configure Tomcat on a separate EC2 instance
β
Deploy a Java WAR file using Maven and Jenkins
β
Automatically trigger builds using Poll SCM every minute
ποΈ Architecture Diagram
[Jenkins EC2 Instance] ββdeploys WARβββΆ [Tomcat EC2 Instance]
Β Β Β Β Β Β Β Β Β Β Β Β βΒ Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β β
Β Β Β Β Β Β Β Β Β Β Β Β ββββ Polls Git Repo every minuteΒ ββββ
β Prerequisites
Two EC2 instances on AWS (Amazon Linux or Ubuntu)
Jenkins installed on one EC2 instance
Tomcat installed on another EC2 instance
Maven installed on Jenkins EC2
A sample Java project using Maven (
pom.xml)Git repository (GitHub, GitLab, Bitbucket, etc.)
Properly configured Security Groups:
Port
8080open on Tomcat instancePort
22open for SSH (optional)
π¦ Installing Jenkins on Amazon Linux
β Prerequisites
π Before you begin, ensure you have:
Basic Linux knowledge
AWS EC2 instance (Amazon Linux 2)
Internet access
SSH access to the instance
π Step 1: Update Your System
sudo yum update -y
β Step 2: Install Java (Required for Jenkins)
sudo yum install java-17-amazon-corretto -y
β Verify Java version:
java -version
π¦ Step 3: Add Jenkins Repository
sudo wget -O /etc/yum.repos.d/jenkins.repo \
https://pkg.jenkins.io/redhat-stable/jenkins.repo
sudo rpm –import https://pkg.jenkins.io/redhat-stable/jenkins.io-2023.key
sudo yum upgrade
π§° Step 4: Install Jenkins
sudo yum install jenkins -y
π Step 5: Start and Enable Jenkins
sudo systemctl start jenkins
sudo systemctl enable jenkins
sudo systemctl status jenkins
π Step 6: Allow Port 8080 in Security Group
π Steps to allow traffic on port 8080:
- Go to EC2 Dashboard
- Select your Instance
- Click on the linked Security Group
- Click Edit Inbound Rules
- Click Add Rule:
- Type:
Custom TCP - Port Range:
8080 - Source:
Anywhere(or your IP)
- Type:
- Click Save Rules
β Now your Jenkins server is publicly accessible via port 8080.
π Step 7: Access Jenkins UI
Open browser:
http://<your-ec2-public-ip>:8080
Get the initial password:
sudo cat /var/lib/jenkins/secrets/initialAdminPassword
Paste it into Jenkins and complete the setup wizard.
π Optional: Install Plugins
Choose βInstall Suggested Pluginsβ when prompted during setup. These plugins will help you get started faster.
𧱠Part 1: Tomcat Setup on Separate EC2 Instance
πΉ Step 1: SSH into the Tomcat EC2 Instance
ssh ec2-user@<tomcat-public-ip>
πΉ Step 2: Install Java
sudo su
yum update -y
yum install java-17-amazon-corretto
πΉ Step 3: Install Apache Tomcat
cd /opt/
wget https://dlcdn.apache.org/tomcat/tomcat-9/v9.0.106/bin/apache-tomcat-9.0.106.tar.gz
mv apache-tomcat-9.0.106.tar.gz tomcat.tar.gz
tar -xvf tomcat.tar.gz
πΉ Step 4: Configure Tomcat for Remote Deployment
Edit tomcat-users.xml
sudo nano /opt/tomcat/conf/tomcat-users.xml
Add
<role rolename=”manager-script”/>
<user username=”jenkins” password=”jenkins123″ roles=”manager-script”/>
Do not add manager-gui role together with manager-script.
Allow Remote Access in context.xml
sudo nano /opt/tomcat/webapps/manager/META-INF/context.xml
Change the line:
<Valve className=”org.apache.catalina.valves.RemoteAddrValve”
allow=”127\.\d+\.\d+\.\d+|::1″/>
To:
<Valve className=”org.apache.catalina.valves.RemoteAddrValve”
allow=”.*”/>
β οΈ For production, replace .* with Jenkins private IP.
Start Tomcat
sudo chmod +x /opt/tomcat/bin/*.sh
sudo /opt/tomcat/bin/startup.sh
Verify Tomcat is running:
curl http://localhost:8080
π§ Part 2: Jenkins Setup and Job Configuration
πΉ Step 1: Install Required Jenkins Plugins
Go to Manage Jenkins β Manage Plugins β Available tab, and install:
β
Maven Integration Plugin
β
Deploy to container Plugin
β
Credentials Plugin
πΉ Step 2: Create a Freestyle Project in Jenkins
Open Jenkins dashboard
Click New Item
Choose Freestyle project
Name it devopsProject
πΉ Step 3: Configure Git Source
Under Source Code Management:
Choose Git
Enter the repository URL
Add credentials if required
π¦ Sample Repo
Use this sample Java Maven project:
π https://github.com/srtechops/SampleJavaWebApp
πΉ Step 4: Set Build Triggers β Poll SCM Every Minute
π Enable Poll SCM in Jenkins Job
π Step-by-Step
Go to your Jenkins job: Dashboard β Your Job β Configure
Scroll to Build Triggers section
β Check the option: βοΈ Poll SCM
In the Schedule textbox, enter:
* * * * *π Explanation of Cron Format
* * * * *
β β β β β
β β β β ββ Day of week (0 - 7) [0 or 7 = Sunday]
β β β ββββ Month (1 - 12)
β β ββββββ Day of month (1 - 31)
β ββββββββ Hour (0 - 23)
ββββββββββ Minute (0 - 59)β
* * * * * β Every minute
π This does not run the build every minute β it checks Git for changes every minute, and triggers the build only if there are changes.
πΉ Step 5: Configure Maven Build Step
Under Build β Invoke top-level Maven targets
Goals:
clean packageThis will build your WAR file in
target/
πΉ Step 6: Deploy WAR to Remote Tomcat
Under Post-build Actions β Add post-build action β Deploy war/ear to a container
Fill in the following:
Field Value WAR/EAR files **/target/*.warContext Path /myappContainer Tomcat 9.x Remote Tomcat URL http://<tomcat-private-ip>:8080Credentials Add jenkins/jenkins123if not already added
π§ͺ Test Deployment
Click Build Now in Jenkins.
Console output should show:
[DeployPublisher][INFO] Deploying ... to container Tomcat 9.x Remote
Finished: SUCCESSVisit:
http://<tomcat-public-ip>:8080/myapp/β Your Java app should now be live!
π Common Issues & Fixes
| Error | Reason | Fix |
| 401 Unauthorized | Wrong credentials | Verify tomcat-users.xml |
| 403 Access Denied | IP not allowed in context.xml | Update allow=".*" or specific IP |
| WAR not found | Wrong WAR path | Ensure correct build & target path |
| Jenkins canβt reach Tomcat | Network issues | Check security group & private IP |
π Security Tips
Use private IPs for Jenkins β Tomcat communication
Restrict Tomcat’s port 8080 to Jenkins instance only
Use a reverse proxy (e.g., Nginx) + HTTPS in production
Use strong passwords in
tomcat-users.xml
β Summary
| β Task | Status |
| Jenkins and Tomcat on separate EC2 instances | β |
| WAR deployment using Jenkins | β |
| Poll SCM every minute for Git changes | β |
| Secure remote Tomcat access configured | β |
Devops Multi cloud Training
Choose the training style that fits your schedule β Self-Paced or Live Interactive Sessions. Both include hands-on projects, expert support, and lifetime access.
| Feature | Self-Paced Training | Live Training |
|---|---|---|
| π― Mode | π₯Pre-Recorded Session | π§βπ«Live Class + Recordings |
| πΌ Projects | π Weekend Real-Time Projects | π Weekdays + Weekend Real-Time Projects |
| β Doubt Clearing | π Weekend Live Support Session | π§ Anytime Doubt Clearing Session |
| π₯ Career Support & Mentorship | β No | β Yes |
| π Global Certification Training | β No | β Yes |
| π Access | βΎοΈ Lifetime Access | βΎοΈ Lifetime Access |
| π° Fees | βΉ4,999 (2 x βΉ2,500) | βΉ7,999 (2 x βΉ4,000) |
| βΉοΈ For More Info | Explore Self-Paced Training | Explore Live Training |