Adoptable Cookbooks List

Looking for a cookbook to adopt? You can now see a list of cookbooks available for adoption!
List of Adoptable Cookbooks

Supermarket Belongs to the Community

Supermarket belongs to the community. While Chef has the responsibility to keep it running and be stewards of its functionality, what it does and how it works is driven by the community. The chef/supermarket repository will continue to be where development of the Supermarket application takes place. Come be part of shaping the direction of Supermarket by opening issues and pull requests or by joining us on the supermarket mailing list.

Select Badges

Select Supported Platforms


tomcat (47) Versions 2.3.2

Installs Apache Tomcat and manages the service

cookbook 'tomcat', '~> 2.3.2'
cookbook 'tomcat', '~> 2.3.2', :supermarket
knife cookbook site install tomcat
knife cookbook site download tomcat

tomcat Cookbook

Build Status Cookbook Version

Provides resources for installing Tomcat and managing the Tomcat service for use in wrapper cookbooks. Installs Tomcat from tarballs on the website and installs the appropriate configuration for your platform's init system.



  • Debian / Ubuntu derivatives
  • RHEL and derivatives
  • Fedora
  • openSUSE / SUSE Linux Enterprises


  • Chef 12.1+


  • compat_resource


Due to the complexity of Tomcat cookbooks it's not possible to create an attribute driven cookbook that solves everyone's problems. Instead this cookbook provides resources for installing Tomcat and managing the Tomcat service, which are best used in your own wrapper cookbook. The best way to understand how this could be used is to look at the helloworld test recipe located at test/cookbooks/test/recipes/helloworld_example.rb

Resources (providers)


tomcat_install installs an instance of the tomcat binary direct from Apache's mirror site. As distro packages are not used we can easily deploy per-instance installations and any version available on the Apache archive site can be installed.


  • version: The version to install. Default: 8.0.36
  • install_path: Full path to the install directory. Default: /opt/tomcat_INSTANCENAME_VERSION
  • tarball_base_path: The base path to the apache mirror containing the tarballs. Default: ''
  • checksum_base_path: The base path to the apache mirror containing the md5 file. Default: ''
  • tarball_uri: The complete path to the tarball. If specified would override (tarball_base_path and checksum_base_path). checksum will be loaded from "#{tarball_uri}.md5". This attribute is useful, if you are hosting tomcat tarballs from artifact repositories such as nexus.
  • exclude_docs: Exclude ./webapps/docs from installation. Default true.
  • exclude_examples: Exclude ./webapps/examples from installation. Default true.
  • exclude_manager: Exclude ./webapps/manager from installation. Default: false.
  • exclude_hostmanager: Exclude ./webapps/host-manager from installation. Default: false.


Install an Tomcat 8.0.36 instance named 'helloworld' to /opt/tomcat_helloworld_8_0_36/ with a symlink at /opt/tomcat_helloworld/

tomcat_install 'helloworld' do
  version '8.0.36'


tomcat_service sets up the installed tomcat instance to run using the appropriate init system (sys-v, upstart, or systemd)


  • install_path: Full path to the install directory. Default: /opt/tomcat_INSTANCENAME
  • env_vars: An array of hashes containing the environmental variables for Tomcat's script. Note: If CATALINA_BASE is not passed it will automatically be added as the first item in the array. Default: [ {'CATALINA_BASE' => '/opt/INSTANCE_NAME/'}, {'CATALINA_PID' => '$CATALINA_BASE/bin/'} ]
  • sensitive: Excludes diffs that may expose ENV values from the chef-client logs. Default: false


  • start
  • stop
  • enable
  • disable
  • restart


tomcat_service 'helloworld' do
  action :start
  env_vars [{ 'CATALINA_PID' => '/my/special/path/' }]

License & Authors

Copyright:: 2010-2016, Chef Software, Inc

Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at

Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
See the License for the specific language governing permissions and
limitations under the License.

Dependent cookbooks

compat_resource >= 12.10

Contingent cookbooks

alfresco Applicable Versions
application Applicable Versions
application_java Applicable Versions
asgard Applicable Versions
bigdata Applicable Versions
bonita Applicable Versions
cassandra-priam Applicable Versions
chef-solr Applicable Versions
eulipion-cleanspeak Applicable Versions
ice Applicable Versions
jahia Applicable Versions
jetbrains_license_server Applicable Versions
liferay Applicable Versions
mrpapp Applicable Versions
ohmage Applicable Versions
opengrok Applicable Versions
railo Applicable Versions
rest2ldap Applicable Versions
seyren Applicable Versions
solr_app Applicable Versions
typo3_solr Applicable Versions
webgoat Applicable Versions

tomcat Cookbook CHANGELOG

This file is used to list changes made in each version of the tomcat cookbook.

2.3.2 (2016-08-24)

  • Use /bin/false as the shell for the service user
  • Don't remove existing users from groups
  • Wait 2 seconds before trying to restart the service again with systemd
  • Install perl-Getopt-Long-Descriptive on suse systems using the sys-v provider
  • Version is not a required attribute in tomcat_install since we have a default
  • Lazily eval the install_path vs. helper method to reduce some code complexity in the custom resources
  • Use improved Rakefile with better failing + supermarket task. Switch Travis to test via Rake as well
  • Use the new built in formatter in inspec instead of the docs formatter
  • Update the Kitchen config to test on updated platforms and to use the current chef release vs. stable so we pull in Chef 12.14 which fixes user/group issues on opensuse 13.X
  • Clarify that we require Chef 12.1 not 12.0
  • Fix bad platform setting in the Chefspecs
  • Reduce noisy warnings during Chefspec runs
  • Fix inspec tests to pass

v2.3.1 (2016-07-05)

  • Fix specifying user/group on init based installs
  • Fix upstart to properly reload the config when restarting
  • Avoid exit status 4 errors when restarting on init based systems
  • Support pulling the tomcat tarball from https based mirrors

v2.3.0 (2016-06-27)

  • Allow specifying the tomcat user/group in the tomcat_install and tomcat_service resources instead of using the automatically generated values

v2.2.3 (2016-06-25)

  • Fixed the sys-v init scripts to have a unique "provides" line, which was causing problems on Debian 7
  • Fixed specifying the specific tomat_service resource in order to use non system default init systems (ex: sys-v on a systemd system)
  • Fixed restart actions to properly pass restart instead of stop and then start
  • The Tomcat services are now restarted when the ENV values are updated
  • Use tomcat_service_sysvinit now works on fedora
  • Passing the SHUTDOWN_WAIT ENV value now works correctly

v2.2.2 (2016-06-23)

  • Allow excluding ENV values from logs by setting sensitive property on the tomcat_service resource

v2.2.1 (2016-06-22)

  • Fix restarts on init systems
  • Allow setting SHUTDOWN_WAIT time in the ENV file
  • Add Chef 12 requirement to the metadata

v2.2.0 (2016-06-19)

  • Add a new tarball_uri property to the install resource to allow specifying an absolute URI for the download tar.gz file.
  • Add new resource name aliases to the individual service resources. This allows calling tomcat_service_systemd, tomcat_service_upstart, or tomcat_service_sysvinit to force the init type you desire
  • Update the default Tomcat version to install to 8.0.36
  • Increase the compat_resource cookbook dependency from 12.9 to 12.10 to resolve odd failures in 12.9
  • Added additional suse platforms to the metadata
  • Removed Chef 11 compatibility code from the metadata file
  • Update test deps to the latest
  • Switched to cookstyle for simplified Ruby linting

v2.1.3 (2016-05-10)

  • Fix regression in the service resource on suse

v2.1.2 (2016-05-06)

  • Restore Amazon Linux compatibility

v2.1.1 (2016-05-05)

  • Create the tomcat user as a system user
  • Use platform_family instead of platform when defining the resources so we can easily support opensuse leap.

v2.1.0 (2016-04-18)

  • Added proper systemd support for opensuse 13+
  • Fixed all systemd platforms to use /etc/systemd vs. /lib/systemd for storing unit files
  • Create the init files on the enable action so that you can enable, but not start the service

v2.0.5 (2016-04-15)

  • Fixed the install resource to properly remove the ROOT app that ships in the tarball when exclude_examples property is set
  • Add IBM zLinux as a supported platform in the metadata

v2.0.4 (2016-04-13)

  • Fixed a copy / paste mistake in the chefspec matchers

v2.0.3 (2016-04-01)

  • Fix Tomcat 7 installations on systemd not starting by changing the action from start to run
  • Fix bug where Tomcat 7 and Tomcat 8 instances could not be installed on the same host
  • Switch from sha1 to md5 checksums as older Tomcat releases didn't include SHA1 checksums
  • rename sha1_base_path property to checksum_base_path since we're using MD5s now. The existing property name will continue to work for backwards compatibility
  • Add start/stop runlevel header to the init script
  • Reload the systemd unit file if it changes
  • Don't give the tomcat user a valid shell

v2.0.2 (2016-03-16)

  • Avoid namespace conflicts with other cookbooks that were causing failures. Thanks @alappe and @EdSingleton for providing the information to track this down.
  • Fix a typo that prevented passing environmental directives with systemd. - @nickptrvc
  • Depend on the latest compat_resource to avoid warnings

v2.0.1 (2016-03-07)

  • Fix HTTP download of the Tomcat artifact to use a proxy server if ENV variables are defined @petracvv
  • Fix a custom resource property typo in the readme @fallwith

v2.0.0 (2016-03-02)

COMPATIBILIY WARNING!!!! This version removes the existing recipes, attributes, and instance provider in favor of the new tomcat_install and tomcat_service resources. Why not just leave them in place? Well unfortunately they were utterly broken for anything other than the most trivial usage. Rather than continue the user pain we've opted to remove them and point users to a more modern installation method. If you need the legacy installation methods simply pin to the 1.3.0 release.

  • Add usage documentation for the new resources
  • Add chefspec matchers for the new resources
  • Add kitchen-inspec to the Gemfile for testing

v1.3.0 (2016-02-25)

  • Resolve missing directory warnings on Debian based systems that use systemd (Debian 8+ and Ubuntu 15.10+)
  • Add testing and support for openSUSE 13.X
  • Expand the platforms tested in the kitchen.yml file
  • Remove the zypper_refresh cookbook. The zypper cookbook on the supermarket should be used instead
  • Resolved foodcritic warnings in the instance provider

v1.2.1 (2016-02-25)

  • Added restart and enable actions to tomcat_service resource
  • Fixed init scripts trying to use /var/log/tomcat_INSTANCE dir that is no longer created
  • If a custom path is provided the trailing / will be stripped to prevent // in scripts
  • Start action in tomcat_service now starts the service instead of starting / enabling the service
  • Stop and disable actions no longer create the init script first. Instead they only perform their actions if the init script exists

v1.2.0 (2016-02-25)

  • Added systemd and upstart support to tomcat_service custom resource
  • tomcat_install no longer creates a logs dir in /var/logs/ as logging is up to the users
  • custom paths no longer throw an error in tomcat_install
  • path property in tomcat_install is now renamed install_path to match the tomcat_service resource
  • the test cookbook now installs two different instances and includes the java setup the same way a wrapper cookbook would
  • ubuntu 15.10 has been removed from the Test Kitchen config since there is no published box for this version yet
  • debian 8 is now properly identified as a systemd based system
  • inspec tests for the test cookbook updated to pass
  • nil default properties have been removed to resolve Chef deprecation warnings

v1.1.0 (2016-02-23)

  • Included new experimental tomcat_install and tomcat_service custom resource for pulling down any specified tomcat release from the Apache Org site and managing the service. This allows for running any Tomcat release on any distro (no more packages) and will eventually replace the existing attribute and provider config methods
  • Added compat_resource as a cookbook dependency for the new custom resources
  • Depend on java cookbook >= 1.36 to allow for OpenJDK 1.8 installs along with many bugfixes
  • Test Kitchen now tests the new providers in Travis CI using kitchen-dokken (docker)
  • Existing test suites have been removed as that functionality will be deprecated in the near future
  • UseConcMarkSweepGC is no longer hard coded in the Tomcat 6 config. Instead this is part of the JAVAOPTS attribute so it can be overwritten
  • Added uriencoding to the instance provider. See the readme for details
  • Added new attribute for the ajp listen IP. See the readme for details

v1.0.1 (2015-12-01)

  • Resolved a missing method error in the instance provider

v1.0.0 (2015-11-30)

  • BREAKING: This cookbook now requires Chef 12.1+ due to the use of multipackage installs
  • Added support for OpenSUSE
  • Added a new attribute ['tomcat']['client_auth'] to enable client auth
  • Added new attribute ['tomcat']['ajp_redirect_port'] for specifying a redirect port in server.xml
  • Added new attributes: ['tomcat']['proxy_name'], ['tomcat']['secure'], and ['tomcat']['scheme'] to support proxying
  • Added new attribute ['tomcat']['ciphers'] to add SSL ciphers to the server.xml
  • Added a new attribute ['tomcat']['ssl_enabled_protocols'] to add SSL protocols to the server.xml
  • Added new attribute ['tomcat']['uriencoding'] to add uriencoding to server.xml with a default of 'UTF-8'
  • Added new attribute ['tomcat']['environment'] to add environmental variables to the sysconfig on RHEL platforms
  • Fixed EPEL tomcat when an empty string is provided as the Tomcat version
  • Fixed generation of keystore file in the instance provider
  • Fixed initialization of a constant twice
  • Added back the automatic service restarts on the tomcat.conf changes
  • Don't include the JasperListener if less than Tomcat 8
  • Removed a hardcoded service name in the users recipe
  • Improved requirements section of the readme and added travis / supermarket badges
  • Added serverspec tests for Test Kitchen
  • Added new source_url and issues_url metadata for supermarket
  • Updated the Gemfile with the latest deps
  • Updated Berskfile to the 3.X+ format
  • Updated contributing, testing, and maintainers docs
  • Added the chef standard rubocop config and resolve all warnings
  • Updated the Kitchen CI config to work with the latest platforms
  • Updated .gitignore and added a chefignore to limit files uploaded to the server
  • Added a .foodcritic file to exclude rules

v0.17.3 (2015-02-22)

  • Fix package names and directories for Tomcat 7 on RHEL

v0.17.2 (2015-02-18)

  • reverting OpenSSL module namespace change

v0.17.1 (2015-02-17)

  • updating to use the latest openssl

v0.17.0 (2014-12-11)

  • Removed installation of Java

v0.16.2 (2014-08-06)

  • 80 - Fix broken server.xml when not using ssl

v0.16.0 (2014-06-11)

  • 70 - [COOK-4332] Support running multiple instance
  • 73 - Be pedantic on where the data bag secret should be placed.

v0.15.12 (2014-04-23)

  • [COOK-3745] - Scientific Linux support for Tomcat
  • [COOK-4573] - Oracle Linux support for Tomcat
  • [COOK-4574] - genkeypair is not a valid parameter to keytool
  • [COOK-4575] - update test harness for Ubuntu 14.04'

v0.15.10 (2014-03-27)

  • [COOK-4487] - Use tomcat group in /etc/default template

v0.15.8 (2014-03-19)

  • [COOK-4209] - Remove "Host element/XML Validation" in tomcat 7 and above

v0.15.6 (2014-03-12)

  • [COOK-4301] - Duplicate truststore settings added to java_options every chef-client run

v0.15.4 (2014-02-18)


  • COOK-4258 - tomcat: support for Apache mod_jk load balancing with jvmRoute
  • COOK-3370 - Don't install the tomcat manager apps package if we're not going to use it


  • COOK-4257 - tomcat: broken on SmartOS SmartMachine images 13.3.0+
  • COOK-4097 - default["tomcat"]["keytool"] is set to non-existent file on Debian/Ubuntu


New Feature

  • [COOK-3622] - Add support for Amazon platform to the tomcat cookbook.


  • [COOK-3379] - Only regenerate keystore and restart tomcat when source files change
  • [COOK-1599] - Add retry and delay to tomcat service definition



  • COOK-3565 - Make server.xml connectors maxThreads params configurable via attributes

New Feature



  • COOK-3378 - Use keystore in the port 8443 connector
  • COOK-3204 - Fix hard-coded path to tomcat-users.xml
  • COOK-3203 - Support "reload" on Ubuntu 12.04


  • COOK-3195 - Fix error for creating endorsed dir
  • COOK-3083 - Add an attribute to lib directory



  • [COOK-3165]: Typo in tomcat attributes/default.rb file for webapp_dir attribute on Debian/Ubuntu



  • [COOK-1808]: Add Support for Tomcat 7 (ubuntu 12.04+, debian 7+)



  • [COOK-2999]: Attributes are "set" and not "default"


  • [COOK-2421]: Correct name of cookbook in attributes/default.rb
  • [COOK-2838]: Fix foodcritic warnings in tomcat cookbook

New Feature

  • [COOK-2422]: Support disabling Tomcat auth
  • [COOK-2425]: Add SSL connector support
  • [COOK-2533]: Ability to set loglevel
  • [COOK-2736]: Add CATALINA_OPTS for Tomcat start/run options


  • [COOK-1736] - Add AUTHBIND attribute


  • [COOK-1499] - manage tomcat users


  • [COOK-1110] - remove deprecated (by upstream) jpackage recipe

Foodcritic Metric

2.3.2 failed this metric

FC016: LWRP does not declare a default action: /tmp/6bf5b8aae0c635b9928f83ad/tomcat/resources/install.rb:1
FC016: LWRP does not declare a default action: /tmp/6bf5b8aae0c635b9928f83ad/tomcat/resources/service_systemd.rb:1
FC016: LWRP does not declare a default action: /tmp/6bf5b8aae0c635b9928f83ad/tomcat/resources/service_sysv_init.rb:1
FC016: LWRP does not declare a default action: /tmp/6bf5b8aae0c635b9928f83ad/tomcat/resources/service_upstart.rb:1

Collaborator Number Metric

2.3.2 passed this metric