🚀 Deploy a Java Web App to Remote Tomcat Using Jenkins + Maven | AWS EC2 Setup
🧰 Overview
In a real-world CI/CD setup, Jenkins and Tomcat often run on different servers. This guide shows how to:
✅ Set up Jenkins on one EC2 instance
✅ Install and configure Tomcat on a separate EC2 instance
✅ Deploy a Java WAR file using Maven and Jenkins
✅ Automatically trigger builds using Poll SCM every minute
🏗️ Architecture Diagram
[Jenkins EC2 Instance] ──deploys WAR──▶ [Tomcat EC2 Instance]
│ │
└─── Polls Git Repo every minute ───┘
✅ Prerequisites
Two EC2 instances on AWS (Amazon Linux or Ubuntu)
Jenkins installed on one EC2 instance
Tomcat installed on another EC2 instance
Maven installed on Jenkins EC2
A sample Java project using Maven (
pom.xml)Git repository (GitHub, GitLab, Bitbucket, etc.)
Properly configured Security Groups:
Port
8080open on Tomcat instancePort
22open for SSH (optional)
📦 Installing Jenkins on Amazon Linux
✅ Prerequisites
👉 Before you begin, ensure you have:
Basic Linux knowledge
AWS EC2 instance (Amazon Linux 2)
Internet access
SSH access to the instance
🛠 Step 1: Update Your System
sudo yum update -y
☕ Step 2: Install Java (Required for Jenkins)
sudo yum install java-17-amazon-corretto -y
✅ Verify Java version:
java -version
📦 Step 3: Add Jenkins Repository
sudo wget -O /etc/yum.repos.d/jenkins.repo \
https://pkg.jenkins.io/redhat-stable/jenkins.repo
sudo rpm –import https://pkg.jenkins.io/redhat-stable/jenkins.io-2023.key
sudo yum upgrade
🧰 Step 4: Install Jenkins
sudo yum install jenkins -y
🔄 Step 5: Start and Enable Jenkins
sudo systemctl start jenkins
sudo systemctl enable jenkins
sudo systemctl status jenkins
🌐 Step 6: Allow Port 8080 in Security Group
🔐 Steps to allow traffic on port 8080:
- Go to EC2 Dashboard
- Select your Instance
- Click on the linked Security Group
- Click Edit Inbound Rules
- Click Add Rule:
- Type:
Custom TCP - Port Range:
8080 - Source:
Anywhere(or your IP)
- Type:
- Click Save Rules
✅ Now your Jenkins server is publicly accessible via port 8080.
🔐 Step 7: Access Jenkins UI
Open browser:
http://<your-ec2-public-ip>:8080
Get the initial password:
sudo cat /var/lib/jenkins/secrets/initialAdminPassword
Paste it into Jenkins and complete the setup wizard.
🔌 Optional: Install Plugins
Choose “Install Suggested Plugins” when prompted during setup. These plugins will help you get started faster.
🧱 Part 1: Tomcat Setup on Separate EC2 Instance
🔹 Step 1: SSH into the Tomcat EC2 Instance
ssh ec2-user@<tomcat-public-ip>
🔹 Step 2: Install Java
sudo su
yum update -y
yum install java-17-amazon-corretto
🔹 Step 3: Install Apache Tomcat
cd /opt/
wget https://dlcdn.apache.org/tomcat/tomcat-9/v9.0.106/bin/apache-tomcat-9.0.106.tar.gz
mv apache-tomcat-9.0.106.tar.gz tomcat.tar.gz
tar -xvf tomcat.tar.gz
🔹 Step 4: Configure Tomcat for Remote Deployment
Edit tomcat-users.xml
sudo nano /opt/tomcat/conf/tomcat-users.xml
Add
<role rolename=”manager-script”/>
<user username=”jenkins” password=”jenkins123″ roles=”manager-script”/>
Do not add manager-gui role together with manager-script.
Allow Remote Access in context.xml
sudo nano /opt/tomcat/webapps/manager/META-INF/context.xml
Change the line:
<Valve className=”org.apache.catalina.valves.RemoteAddrValve”
allow=”127\.\d+\.\d+\.\d+|::1″/>
To:
<Valve className=”org.apache.catalina.valves.RemoteAddrValve”
allow=”.*”/>
⚠️ For production, replace .* with Jenkins private IP.
Start Tomcat
sudo chmod +x /opt/tomcat/bin/*.sh
sudo /opt/tomcat/bin/startup.sh
Verify Tomcat is running:
curl http://localhost:8080
🔧 Part 2: Jenkins Setup and Job Configuration
🔹 Step 1: Install Required Jenkins Plugins
Go to Manage Jenkins → Manage Plugins → Available tab, and install:
✅ Maven Integration Plugin
✅ Deploy to container Plugin
✅ Credentials Plugin
🔹 Step 2: Create a Freestyle Project in Jenkins
Open Jenkins dashboard
Click New Item
Choose Freestyle project
Name it devopsProject
🔹 Step 3: Configure Git Source
Under Source Code Management:
Choose Git
Enter the repository URL
Add credentials if required
📦 Sample Repo
Use this sample Java Maven project:
👉 https://github.com/srtechops/SampleJavaWebApp
🔹 Step 4: Set Build Triggers – Poll SCM Every Minute
🔄 Enable Poll SCM in Jenkins Job
📌 Step-by-Step
Go to your Jenkins job: Dashboard → Your Job → Configure
Scroll to Build Triggers section
✅ Check the option: ☑️ Poll SCM
In the Schedule textbox, enter:
* * * * *🕒 Explanation of Cron Format
* * * * *
│ │ │ │ │
│ │ │ │ └─ Day of week (0 - 7) [0 or 7 = Sunday]
│ │ │ └─── Month (1 - 12)
│ │ └───── Day of month (1 - 31)
│ └─────── Hour (0 - 23)
└───────── Minute (0 - 59)✅ * * * * * → Every minute
🛑 This does not run the build every minute — it checks Git for changes every minute, and triggers the build only if there are changes.
🔹 Step 5: Configure Maven Build Step
Under Build → Invoke top-level Maven targets
Goals:
clean packageThis will build your WAR file in
target/
🔹 Step 6: Deploy WAR to Remote Tomcat
Under Post-build Actions → Add post-build action → Deploy war/ear to a container
Fill in the following:
Field Value WAR/EAR files **/target/*.warContext Path /myappContainer Tomcat 9.x Remote Tomcat URL http://<tomcat-private-ip>:8080Credentials Add jenkins/jenkins123if not already added
🧪 Test Deployment
Click Build Now in Jenkins.
Console output should show:
[DeployPublisher][INFO] Deploying ... to container Tomcat 9.x Remote
Finished: SUCCESSVisit:
http://<tomcat-public-ip>:8080/myapp/✅ Your Java app should now be live!
🐞 Common Issues & Fixes
| Error | Reason | Fix |
| 401 Unauthorized | Wrong credentials | Verify tomcat-users.xml |
| 403 Access Denied | IP not allowed in context.xml | Update allow=".*" or specific IP |
| WAR not found | Wrong WAR path | Ensure correct build & target path |
| Jenkins can’t reach Tomcat | Network issues | Check security group & private IP |
🔐 Security Tips
Use private IPs for Jenkins ⇄ Tomcat communication
Restrict Tomcat’s port 8080 to Jenkins instance only
Use a reverse proxy (e.g., Nginx) + HTTPS in production
Use strong passwords in
tomcat-users.xml
✅ Summary
| ✅ Task | Status |
| Jenkins and Tomcat on separate EC2 instances | ✅ |
| WAR deployment using Jenkins | ✅ |
| Poll SCM every minute for Git changes | ✅ |
| Secure remote Tomcat access configured | ✅ |
Devops Multi cloud Training
Choose the training style that fits your schedule — Self-Paced or Live Interactive Sessions. Both include hands-on projects, expert support, and lifetime access.
| Feature | Self-Paced Training | Live Training |
|---|---|---|
| 🎯 Mode | 🎥Pre-Recorded Session | 🧑🏫Live Class + Recordings |
| 💼 Projects | 🕒 Weekend Real-Time Projects | 📅 Weekdays + Weekend Real-Time Projects |
| ❓ Doubt Clearing | 📞 Weekend Live Support Session | 🧠 Anytime Doubt Clearing Session |
| 👥 Career Support & Mentorship | ❌ No | ✅ Yes |
| 🎓 Global Certification Training | ❌ No | ✅ Yes |
| 🔑 Access | ♾️ Lifetime Access | ♾️ Lifetime Access |
| 💰 Fees | ₹4,999 (2 x ₹2,500) | ₹7,999 (2 x ₹4,000) |
| ℹ️ For More Info | Explore Self-Paced Training | Explore Live Training |