Search code examples
dockertomcat

Tomcat in docker container

I am trying to run a Tomcat instance inside a docker container. I have a security reason for not using Tomcat docker image. Rather I am trying to use Amazon JDK ad copying Tomcat directory to /usr/local path. The image is building fine. However, it is just running the Tomcat instance. When you start the container, it just says Tomcat started. and then nothing.

when you start the container, below is what I see and then the container stops.

sudo docker run  tomcat:0.1
Tomcat started.

When I tried the same setup in Kubernetes, it says pod completed and keep restarting. Also when I go to the container in interactive mode, I can start Tomcat and everything is running fine as shown below:

sudo docker run --rm -it --entrypoint bash tomcat:0.1
bash-4.2# cd /usr/local/tomcat/bin/
bash-4.2# ./startup.sh 
Using CATALINA_BASE:   /usr/local/tomcat
Using CATALINA_HOME:   /usr/local/tomcat
Using CATALINA_TMPDIR: /usr/local/tomcat/temp
Using JRE_HOME:        /usr/lib/jvm/java-21-amazon-corretto
Using CLASSPATH:       /usr/local/tomcat/bin/bootstrap.jar:/usr/local/tomcat/bin/tomcat-juli.jar
Using CATALINA_OPTS:   
Tomcat started.

My docker file below:

FROM amazoncorretto:21.0.4-al2
#CMD ["/bin/bash"]
USER root
COPY  tomcat /usr/local/tomcat
ENV CATALINA_HOME=/usr/local/tomcat
ENV PATH=/usr/local/tomcat/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
EXPOSE 8080
WORKDIR /usr/local/tomcat/bin
CMD ["/usr/local/tomcat/bin/startup.sh", "run"]
#ENTRYPOINT ["/bin/sh", "-c", "/usr/local/tomcat/bin/startup.sh"]
#CMD ["/usr/local/tomcat/bin/catalina.sh" "run"]

P.S. - There is no permission issue as I have made the entire tomcat dir 777

Solution

  • I have a security reason for not using Tomcat docker image.

    It seems unlikely that building your own image is going to be any more secure, but in any case you should inspect the official tomcat image to see how to properly start tomcat in a container environment.

    Your problem is that you are using the startup.sh, which starts tomcat in the background. This causes Docker to believe that your container has finished running.

    If you look at the Dockerfile for the official image, you will see that they start tomcat via:

    CMD ["catalina.sh", "run"]

    Started this way, tomcat runs in the foreground (with output to stdout/stderr). A working version of your Dockerfile would be:

    FROM amazoncorretto:21.0.4-al2

COPY  tomcat /usr/local/tomcat
ENV CATALINA_HOME=/usr/local/tomcat
ENV PATH=/usr/local/tomcat/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
EXPOSE 8080
WORKDIR /usr/local/tomcat
CMD ["catalina.sh", "run"]