Deploying Apache Tomcat Applications With Puppet

posted by mpdehaan on April 29, 2010 11:34 AM

I've heard on many occasions that Java applications are deployed 'differently' than other applications, that they are difficult, and they need Java specific management tools. Ultimately when you're managing a datacenter, you need to be able to manage applications regardless of the source language. Using administration tools that only manage one type of application or code base means an admin needs a sledgehammer in his arsenal, as well as a ball peen hammer. One tool should be sufficient and can make everyone's life easier.

The ultimate open source sledgehammer (chainsaw?) in today's datacenter automation world is Puppet. Built to be cross-platform, it works on most Linux and Unix based operating systems (including OS X), and will be taking on Windows support in the near future. It is a model driven solution that requires no coding knowledge to use. The Java community has long known the power of cross-platform tools, and systems administration tools should work the same way. If I want to create a user, do I need to know the differences between user creation on OS X and Linux? Not really, I'd just like to specify the attributes and share the same deployment instructions. Puppet helps you do this.

Puppet allows for centralized management of distributed datacenters, with many options present to account for variance in configurations and roles (queue buzzwords like "heterogenous", "geographic affinity", "cloud", and "facebook"). It allows for the definition of classes of machines ("" is a "database-server"), and mapping what machines belong in what classes. There are mechanisms for assigning variables and using them as conditionals and as templates. There is also a pluggable framework for customizing Puppet to interact with new systems of all kinds (such as LVM). Most importantly, Puppet is written around the concept of "modules", which are units of work that are easily shareable between developers and administrators—both inside an organization and across the internet. It is for this reason that Puppet has spawned one of the richest communities of any open source management framework—it allows admins to work together and share knowledge between workplaces, rather than inventing their own deployment tools when they take up residence in a new place. It also allows for concentrating on strategic business projects because the infrastructure automation code is already written.

In a little while, I'll show how to tell Puppet to manage the configuration of a simple Java deployment. It's been said that deploying Java apps is hard for Linux packages, but Puppet makes it very easy. This is only the tip of the iceberg—you can use the same tool to deploy mailservers and databases as well as appservers. It fits in well whether you have 20 machines or thousands. It's agnostic to cloud vs physical hardware, and plays nicely in all places. The example that follows below is designed to be executed locally, though in a typical deployment, you'll host it on a central server, called a puppetmaster, and then roll your configuration out to the nodes using puppet. Let's get started with an example.

Getting Ready

Our example will assume Ubuntu 9.10 Server. If you're running a different Linux, changes may be required, so you may want to follow along after installing this version in a Virtual Machine such as VMware, Parallels, Xen or KVM. From a base install, we'll install both puppet and the git version control system (since I'm hosting my demo on github), and check out the source in a pre-set location. (For now, don't change the paths or things won't work without modification).

apt-get install puppet git
mkdir /srv
cd /srv
git clone
cd puppet-tomcat-demo

Running the Demo

Ubuntu 9.10 comes with a slightly older version of Puppet, but this is ok for our uses. At the time of writing this article the current version is 0.25.X. If you already have Tomcat installed on your machine, we're going to be reconfiguring it, so again, you may want to use a virtualized instance.

Run the following command as root to evaluate the Puppet code and install Tomcat, as well as one WAR inside Tomcat.

puppet --modulepath /srv/puppet-tomcat-demo/modules -v /srv/puppet-tomcat-demo/site.pp

You should see (approximately) the following output:

info: Autoloaded module tomcat
notice: Scope(Class[tomcat]): Establishing http://bojangles:735/
notice: Scope(Tomcat::Deployment[SimpleServlet]): Establishing http://bojangles:735/SimpleServlet/
info: mount[localhost]: Mounted /
info: mount[modules]: Mounted 
info: mount[plugins]: Mounted 
notice: //Node[default]/Tomcat::Deployment[SimpleServlet]/File[/var/lib/tomcat6/webapps/SimpleServlet.war]/ensure: created
notice: //Node[default]/Tomcat::Deployment[SimpleServlet]/tomcat/Package[tomcat6]/ensure: created
info: Filebucket[/var/lib/puppet/clientbucket]: Adding /etc/tomcat6/tomcat-users.xml(08bebb9e6afab7920c9ceb6135095d02)
notice: //Node[default]/Tomcat::Deployment[SimpleServlet]/tomcat/File[/etc/tomcat6/tomcat-users.xml]: Filebucketed to  with sum 08bebb9e6afab7920c9ceb6135095d02
notice: //Node[default]/Tomcat::Deployment[SimpleServlet]/tomcat/File[/etc/tomcat6/tomcat-users.xml]/content: content changed '{md5}08bebb9e6afab7920c9ceb6135095d02' to '{md5}e6feb938bbcf04b37d13e53f14d0611d'
info: //Node[default]/Tomcat::Deployment[SimpleServlet]/tomcat/File[/etc/tomcat6/tomcat-users.xml]: Scheduling refresh of Service[tomcat6]
info: Filebucket[/var/lib/puppet/clientbucket]: Adding /etc/tomcat6/server.xml(7d1044d5e1d96437196d127bf2d4cdb0)
notice: //Node[default]/Tomcat::Deployment[SimpleServlet]/tomcat/File[/etc/tomcat6/server.xml]: Filebucketed to  with sum 7d1044d5e1d96437196d127bf2d4cdb0
notice: //Node[default]/Tomcat::Deployment[SimpleServlet]/tomcat/File[/etc/tomcat6/server.xml]/content: content changed '{md5}7d1044d5e1d96437196d127bf2d4cdb0' to '{md5}2613eb765743c5bae041a9c10237e264'
info: //Node[default]/Tomcat::Deployment[SimpleServlet]/tomcat/File[/etc/tomcat6/server.xml]: Scheduling refresh of Service[tomcat6]
notice: //Node[default]/Tomcat::Deployment[SimpleServlet]/tomcat/Service[tomcat6]: Triggering 'refresh' from 2 dependencies
notice: //Node[default]/Tomcat::Deployment[SimpleServlet]/tomcat/Package[tomcat6-admin]/ensure: created

That's clearly a lot of output, but we were running it verbosely on purpose (-v) so it was easy to see what you happened. This time, we're just running Puppet locally, though if you were running it centrally, this log information would be collected on the central server. Normally you'd only care about failures.

Visit the two http:// URLs mentioned above and verify that they work. If you click through the first one to the admin page, you'll see we've set the username/password to 'admin/badwolf'—this was done from a Puppet template. The admin console and the SimpleServlet page should both be fully functional. This example just deployed one Servlet, but it would be easy to deploy many more from the same configuration.

Analyzing Our Code

Explore the code tree you've checked out from github. The most important file here is the Puppet module manifest that describes the Tomcat installation rules. This is 'modules/tomcat/manifests/ init.pp'. If you are familiar with Ruby, you will notice the syntax is similar, but this is not Ruby—it is an intentionally simple domain specific language, not a programming language. Not using a programming language is important—we want to construct a predictable model of our data center using basic building blocks—we don't want to simply execute code against that data center. In a centrally managed server context, this manifest is generated into a 'catalog' centrally, and the catalog is distributed out to the managed Puppet nodes, rather than simply sending out the code. This allows for greater security, auditability, and manageability. The configuration language is also not XML, which means your admins won't try to kill you in your sleep for suggesting this to them!

class tomcat {
  $tomcat_port = 735
  $tomcat_password = 'badwolf'
  notice("Establishing http://$hostname:$tomcat_port/")
  Package { # defaults
    ensure => installed,
  package { 'tomcat6':
  package { 'tomcat6-user':
    require => Package['tomcat6'],
  package { 'tomcat6-admin':
    require => Package['tomcat6'],
  file { "/etc/tomcat6/tomcat-users.xml":
    owner => 'root',
    require => Package['tomcat6'],
    notify => Service['tomcat6'],
    content => template('tomcat/tomcat-users.xml.erb')
  file { '/etc/tomcat6/server.xml':
     owner => 'root',
     require => Package['tomcat6'],
     notify => Service['tomcat6'],
     content => template('tomcat/server.xml.erb'),
  service { 'tomcat6':
    ensure => running,
    require => Package['tomcat6'],

As you can see above, the first part of the manifest file establishes the relationships between the services, packages, and files involved in deploying base tomcat. Both tomcat-users.xml and server.xml are templated out from Puppet, allowing substitution of variables '$tomcat_port' and 'tomcat_password'. Templating is an incredibly useful feature of Puppet, though it can also be used to deploy simple files, as we will use to deploy the WAR files. In your environment, you might choose to copy the WAR files from an NFS share, or they may arrive on the managed machines via other means. For extra bonus points, you could include them in OS packages (like debs) but this is not required. Puppet Labs has also developed a type that allows checking out code directly from version control, if you wanted to go that route. (see github).

There are some clever tricks above. If the template file is ever changed in Puppet for either file, the service will restart automatically. If the user changes the file outside of Puppet, a later Puppet run will fix the file back. Commands are run as needed—Puppet will never try to restart the service until the package is installed. If we were to change the package 'ensure' line from 'installed' to 'latest', we'd also make sure that the Tomcat application we have installed is always the latest version available in the package repository. This is very useful for security updates. Another fact that isn't quite obvious from the above example is that Puppet's concept of resources are at a higher level than operating system resources, in similar ways that the JVM abstracts away details of the OS. While we didn't demo Puppet's "User" class, using "User" in Puppet can manipulate multiple files and directories. These constructs do not correspond merely 1:1 with the OS constructs, but allow for higher level abstraction. In fact, the class above is an example of this abstraction—we use the language of Puppet to model what it means to be a Tomcat server, and can then talk about Tomcat servers instead of the files, packages, and services that make up Tomcat.

Astute readers may question "what happens if this recipe is run more than once?". Puppet in this case performs only the steps that need to change. Unneccessary commands in Puppet are never executed, as it constructs a declarative model of your datacenter configuration. Just as "drive north five hours" is a valid instruction for making it Chicago if you live 5 hours South of Chicago, it's a very useless thing to do if you are already in Chicago, or live in Tokyo (you might drown). Other automation frameworks frequently fail to get this correct so you have to write a lot of if-constructs. Not in Puppet.

define tomcat::deployment($path) {
  include tomcat
  notice("Establishing http://$hostname:${tomcat::tomcat_port}/$name/")
  file { "/var/lib/tomcat6/webapps/${name}.war":
    owner => 'root',
    source => $path,

The remainder of the definition sets up a 'defined type'. While a class can only appear once on a given system (they are Singletons), a defined type can appear more than once. In this case, the defined type is simple automation around deploying a WAR file into the 'webapp' directory of Tomcat.

Giving Orders From site.pp

The aforementioned manifest and template files do not by themselves indicate orders to the system. In a server deployment, Puppet would use site.pp (or a web tool such as Puppet Dashboard) to apply clases and definitions to nodes. Similarly, for this example, we're using a very simplistic site.pp that applies the same configuration to all nodes, regardless of hostname.

node default {
   tomcat::deployment { "SimpleServlet":
      path => '/srv/puppet-tomcat-demo/java_src/SimpleServlet.war'
   # repeat as desired for different servlets ...

The orders for the node are actually very simple in this case. The managed Puppet node is merely told that it is to be running a given Servlet, and the implementation is abstracted away through the use of the common module. In this way, it should be evident that Puppet is a powerful abstraction layer that allows seperating out the 'how' something is deployed than the 'what' something is to be.


I hope this article has shown how easy deploying on Tomcat with Puppet can be, and how Puppet can abstract away low level details to allow administrators and developers to save time and manage complexity in their deployments. Puppet works very well for this task as it can accomodate the needs of multiple applications, regardless of language, and is built on a very powerful cross platform resource abstraction layer. More importantly, it's built on a community of contributors, so if you are deploying a new application (whether an app on Tomcat, a new message bus, etc), chances are someone has already written a Puppet module you can use.

The next time someone tells you Java apps are deployed differently and are a challenge to automate with the rest of the operating system, show them Puppet.

About Puppet Labs

Puppet Labs provides next-gen IT automation, enabling IT organizations to manage infrastructure as code so they can provide higher service levels with less staff. Puppet Labs releases Puppet as an open source (GPL) application and also offers training, consulting, and support to Puppet users.

Michael DeHaan has developed management applications for IBM, Motorola, and Red Hat's Emerging Technologies Group.   During his tenure at Red Hat, Michael created the Cobbler (  project and co-authored Func(, which are both frequently used in conjunction with Puppet.  He now serves as the Product Manager for Puppet Labs (, the creators of Puppet.



Several questions on this example.

I am a very new user of Puppet and am trying to understand your example. What is the purpose of having the tomcat6-user, and tomcat6-admin packages defined? They don't appear to do anything except require the tomcat package itself (which itself doesn't do anything).

In the middle example I notice you are using the $name variable, but I don't find a value being provided for this. What am I missing?

nice post

Greater price competition, in fact, is not desirable, healthy development of serious disruption of the power LED on the one hand, on the other hand bring severe damage to their brand. stadium lighting

Great. Printer Drums

Great. Printer Drums

Yes I like Thats

Yes I like Thats

I like to Games online android get more tricks free GTA 5 money cheats | 8 ball hack tool

Brilliant! débarras maison

Brilliant! débarras maison

thanks for j sharing with

thanks for j sharing with that awesome articles thanks u a lot
rasoio elettrico | regolabarba | ferro da stiro con caldaia | Friggitrice ad Aria | scopa a vapore | ripetitore wifi | ripetitore wifi amplificatore wifi piastra a vapore | miglior aspirapolvere | skateboard elettrico | passeggino leggero | miglior smartphone | tablet per bambini yu_jèjh

This is really a nice and

This is really a nice and informative, containing all information and also has a great impact on the new technology. Thanks for sharing it

clash of lords hack jewels

I like Game Online  game android mod hack world at arms hack online

I just like the helpful

I just like the helpful information you provide on your articles.
I’ll bookmark your weblog and check once more here frequently.
I’m moderately sure I will learn many new stuff right here!
Best of luck for the following!

coc cheats online

I like Game Online  game android mod hack world at arms hack online

sok lah jadikeun ini yang

sok lah jadikeun ini yang terbaik jual besi baja online harga besi wf surabaya 2014 besi baja h beam besi cnp harga harga besi unp 50 harga besi beton per kg jual plat ss 310 harga besi siku 25 harga besi pipa segi empat

Thank you guys

thank you guys reviews

clash royale glitch


top eleven hack 2014 I personally use them exclusively high-quality elements : you will notice these folks during: hack clash of clan

cmx videomxf

Software avchd converter convert avchd video files to avi, mp4, wmv, mov mod converter free download to convert HD camcorder files. mts to avi mp4 mov mkv iMovie, FCP/FCE with mts converter, so to convert mts files for your PC and mobiles.

Aw, this was an extremely

Aw, this was an extremely nice post. Finding the time and actual effort to make a really good article… but what can I say… I put things off a whole lot and never manage to get nearly anything done.
Mortgage Broker Calgary

I Like Games Online

Great articles and great layout. Your blog post deserves all of the positive feedback it’s been getting free coins pokemon go


This site is helping many people, by sharing tips and posts that can help them trouble shoot the Apache server issues. This post about deploying tomcat applications puppet proved to be a really good one. Thank you power sprayers

These are alleged andbag

These are alleged andbag knockoffs?because they are brash to accessory cheap replica Handbags and feel just like the absolute thing. So, Best is castigation go for cher designers handbags or reasonable replica handbags. But, if you’re just a hair’s animation abroad from a pay cut or from accident your job, the bulk agency can play calamity with your fantasies. Approximately 75 years ago, the acclaimed Gucci name was alien into the apple of high-end fashion. Abounding online food through their websites are alms top aloft and assorted designs and colors of Fendi replica handbags at discounted prices. Bargain Hermes birkin ostrich haversack aflush That Gucci Babouska Average Top Handle Bag. So adjudge which haversack you would applause to haversack on your acquire or in your hand, and go out there and buy it. But the botheration with these artist accoutrements is that they are too big-ticket and in today world, a lot of of the women cannot allow to buy one. All the accomplishment Gucci Replica Bags action is aforementioned as ancient artist handbags and that is a way to advance top quality, top accepted with accurate artist handbags. Stick to the basics and you should be fine.

Thanks to share it

Great coding for developing that is very easy and common for putting any time without any problems lots of institute gives its services for making a site and if you get this code at video making websites here is a number of solutions available for site, and technologies.

Grace Glass Bongs

On account of ones new threads, When i have the most beneficial essay or dissertation services in the get to. Previous to I recently found essay-on-time, I received a tough time looking for a beneficial essay or dissertation services. When i just one When i seemed to be eventually left frustrated. At this point, My business is good to go! read on

Concentrate Rigs UK

At first chance I just been aware of was basically throughout undoubtedly one of your website items. Since that time, Looking some good affiliate. Our site maintain a pool of preferred consultants May very well realized but still which are which means absolutely reliable. I'm sure residential in this case like they cover virtually all your dissertation preferences.
bongs uk


I know your expertise on this. I must say we should have an online discussion on this. Writing only comments will close the discussion straight away! And will restrict the benefits from this information.

coc cheats online
clash royale glitch
gta v money cheat

Glass Bongs for Sale

It's always wonderful to make a member blogger so, who gives advice for that reason passionately. Document look at a fabulous ideas that particular one on your customers positioned. The good news is websites that they may benefit from just for Foreign essays. is mostly a good websites that one can urge for.
more bongs

Hårtransplantation Tyrkiet

It is very good, but look at the information at this address.
Hårtransplantation tyrkiet

viviess wix

This is very significant, and yet necessary towards just click this unique backlink:

TrueLikes - Get FREE Likes, Subscribers, Followers and View

The most interesting text on this interesting topic that can be found on the net ...
follower exchange


That i don’t fully understand once you discover any severity for assistance that personal blogs supply. In my opinion, I do know that this it all weren’t in your personal blogs We'd don't have uncovered that will help utilizing my best essays. The provider generates in each a identity together with I’m a sucker for necessary to resist they brandish. Thank you so much!

Jugar Juegos Gratis

Game Network was a European online game and television network company. It was initially owned by Digital Bros. group, but was later sold to Cellcast Group. Game Network was, during its broadcast, the only television channel in Europe dedicated to covering multimedia entertainment, and generally focused on video games.
The provider generates in each a identity together with I’m a sucker for necessary to resist they brandish. Thank you so much!
Play GTA Vice City Online
Play GTA San Andreas Online
Jugar Vice City
Jugar San Andreas
pes 2007 download
pes 2010 pc
Telecharger Minecraft Gratuit
Telecharger Subway Surfers Gratuit
Telecharger FIFA 12 PC
Telecharger IDM Gratuit

Silverleaf Homes for Sale - What You Need to Know

The following you will see it is important, that offers you a web link to a intriguing website:
Minh Law


Game Network was a European online game and television network company. It was initially owned by Digital Bros. group, but was later sold to Cellcast Group. Game Network was, during its broadcast, the only television channel in Europe dedicated to covering multimedia entertainment, and generally focused on video games.
The provider generates in each a identity together with I’m a sucker for necessary to resist they brandish. Thank you so much!

GTA 5 Free Download |
Rayman Adventures Hack |
Mobile Strike Hack

Medallion App

Profit primarily prime quality items -- you can understand them all within:
Medallion App

Valentines gift ideas our

Valentines gift ideas our full guide what to choose.

agence seo

agence référencement This is very useful, although it will be important to help simply click that web page link: agence référencement | agence référencement


référencement naturel On this page, you'll see my profile, please read this information. agence seo | freelance seo

Medallion App

This is exciting, nevertheless it is vital for you to visit this specific url:
Medallion App

Medallion App

At this point you'll find out what is important, it all gives a url to the appealing page:
Medallion App

Creative Agency

On this page, you'll see my profile, please read this information.
creative agency

Gold Digger

This is very useful, although it will be important to help simply click that web page link:
Gold Digger Software


Game Network was a European online Pixel Gun 3D Cheats and television network company. It was initially owned by Digital Bros. group, but was later sold to Cellcast Group. Game Network Agario Hack was, during its broadcast, the only television channel in Europe dedicated to covering multimedia entertainment, and generally focused on video games.
The provider generates in each a identity Roblox Hack together with I’m a sucker for necessary to resist they brandish. Thank you so much!

If I want to create a user,

If I want to create a user, do I need to know the differences between user creation on OS X and Linux? Not really, I'd just like to specify the attributes and share the same deployment instructions.cccam server


Very useful post. This is my first time i visit here. I found so many interesting stuff in your blog especially its discussion. Really its great article. Keep it up...key west tour from miami


what an amazing page.

what an amazing page.
العاب المزرعة السعيدة

David John

Awesome blog. I enjoyed reading your articles. This is truly a great read for me. I have bookmarked it and I am looking forward to reading new articles. 55 Printer

I'm more than happy to find

I'm more than happy to find this website. I want to to thank you for ones time due to this wonderful read!! I definitely savored every bit of it and i also have you saved as a favorite to see new information in your site.
Edmonton Mortgage Broker
Life Insurance Vancouver
Life Insurance Calgary

Great Blog Really Helped Me a Lot

Well i am a good post watcher you can say and i don't give a single reason to criticize or to give a good review to a post. i have been reading blogs from last 5 years and this blog is really good this writer has the capabilities to make things going i would love to see new post by you Thanks

Snapchat hack | Csr racing 2 hack | Clash of clans hack | Clash Royale Hack | Gods of rome hack | Mobile Strike Hack | Star Wars galaxy of heroes hack | Kill shot Bravo hack |

trade alerts

This is certainly as well a really good posting we seriously experienced looking through. It is far from on a daily basis we have risk to check out a little something. trade alerts

Awesome article once again,

Awesome article once again, you are doing great job....
racing rivals hack

Watch Latest Pakistani Talk Shows and Dramas Online HD at ViiTV

In this case you will begin it is important, it again produces a web site a strong significant internet site:


If you want to learn about shed building using free shed plans then check us out. I been building sheds for the past 20 years and give everything I know out for free telefoane mobile .


There are many places where you can use to collect valuable information about horticulture. You could spend an entire day searching for gardening information that is specific to your garden’s issues.
171 |

172 |

173 |

174 |

175 |

176 |

177 |

178 |

179 |

180 |

181 |

182 |

183 |

184 |

185 |

186 |

187 |

188 |

189 |

190 |

191 |

192 |

193 |

194 |

195 |

196 |

197 |

198 |

199 |

200 |

201 |

202 |

203 |

204 |

205 |

206 |

207 |

208 |

209 |

210 |

211 |

212 |

213 |

214 |

215 |

216 |

217 |

218 |

219 |

220 |

221 |

222 |

223 |

224 |

225 |

226 |

227 |

228 |

229 |

230 |

231 |

232 |

233 |

234 |

235 |

236 |

237 |

238 |

239 |

240 |

241 |

242 |

243 |

244 |

245 |

246 |

247 |

248 |

249 |

250 |

251 |

252 |

253 |

254 |

255 |

256 |

257 |

258 |

259 |

260 |

261 |

262 |

263 |

264 |

265 |

266 |

267 |

268 |

269 |

270 |

Debbie Standley

This particular appears to be more interesting in comparison with I have already been looking at right here, beneficial and get more by Snapchat Hack Online

Tv specialist. Internet geek. Hardcore gamer. Thinker. Award-winning web buff. Typical student. Snapchat Online hack

Post new comment

This question is for testing whether you are a human visitor and to prevent automated spam submissions.