Configuring GeoServer on Ubuntu 12.04 in Amazon AWS
Here is a step by step-by-step guide to setting up an instance of GeoServer on Ubuntu 12.04 in the Amazon Web Services environment.
First thing you want to do is configure a new ubuntu 12.04 machine. In the EC2 control panel select Launch Instance > Classic Wizard > select the ami for Ubuntu Server 12.04.1 LTS 64 bit > Choose the size, number of servers, and availability zone you want to work in (I usually choose East 1b) > I usually leave the advanced options as-is > For storage configuration, I am going to increase the storage size to around 200 gigabytes to store the cached tiles (make sure to save) > In the tags section give this machine a name you can remember so you can easily get to it from your EC2 Dashboard > Create or use any key pair (I have a key pair that I usually use so I used one i had previously created) > Create a new security group and make sure you allow access on the SSH port (22), as well as the tomcat http port (8080), and the default http port (80) > Launch Instance
When the server says it is running and passes both status checks in the EC2 dashboard – either SSH to the machine through whatever client you are using, or go through the browser with amazons built in SSH client (my preferred method). If you go through the browser a java applet will open up. Also – if you want to apply an elastic IP to this machine, you can do that now through the EC2 dashboard.
When I first SSH to the machine I am told that there are some updates that need to go in. You will also need to install the unzip module, lynx, tomcat, and apache. To update and do the installs:
sudo apt-get update sudo apt-get install unzip lynx tomcat7 tomcat7-admin apache2
After all of it installs, you need to make sure you are running the Java Run Time Environment 7 (jre7). To do this, enter this command into the ssh shell:
By default, this version of ubuntu ships with OpenJDK which will screw things up down the line. Check to see what you have installed by changing directories to the java directory, and looking at the available package folders:
cd /usr/lib/jvm ls
This, for me, printed: java-6-openjdk, java-6-openjdk-amd64, java-6-openjdk-common, default-java, java-1.6.0-openjdk, java-1.6.0-openjdk-amd64, To get Oracle Java 7 JRE Follow these instructions by someone named Sanifool. Basically do this:
sudo add-apt-repository ppa:webupd8team/java sudo apt-get update && sudo apt-get install oracle-jdk7-installer
Now check to make sure it installed by typing in “java -version”, and if you see (When I pulled down build 1.7.0_10 but you might pull something even newer):
java version “1.7.0_##″
Java(TM) SE Runtime Environment (build 1.7.0_##)
Java HotSpot(TM) Server VM (build 23.3-b01, mixed mode)
Use vim to edit the environments file here: ”/etc/environment” and append:
Now you need to edit one of the tomcat config files. It is pretty easy to use vim, which is a built in editor/is just like vi:
sudo vim /etc/default/tomcat7
Use your arrow keys to navigate down to JAVA_OPTS= and TOMCAT7_SECURITY=. When you get to the first line you want to edit, hit i on your keyboard. Now that you are in insert mode, make the values:
uncomment "JAVA_HOME=/usr/lib/jvm/openjdk-6-jdk" and change the it to "JAVA_HOME=/usr/lib/jvm/java-7-oracle" and uncomment TOMCAT7_Security=no
Now you need to add a user so you can log in to tomcat and configure. Use the same basic guidance on and edit the tomcat-users.xml file:
sudo vim /var/lib/tomcat7/conf/tomcat-users.xml
And add these lines between <tomcat-users> and </tomcat-users> (swap out “username” and “password” for whatever you want your credentials to be:
<role rolename="admin" /> <role rolename="manager-gui" /> <role rolename="tomcat" /> <user username="Replace_With_Username" password="Replace_With_Password" roles="admin,manager-gui,tomcat" />
By default, tomcat7 only allows uploads a little over 50 megabytes, which is slightly too small to deploy the geoserver 2.2.2 war file. Use vi to edit the web.xml file found at “/usr/share/tomcat7-admin/manager/WEB-INF/web.xml” and increase the “max-file-size” and “max-request-size” keys to be able to handle the geoserver war file.
Now you need to restart tomcat:
sudo /etc/init.d/tomcat7 restart
service tomcat7 restart
When tomcat has restarted, in another tab or browser copy and paste your DNS name (either your elastic IP or the DNS name you find in the EC2 Management Console) and add “:8080/manager/html”. This will bring you to the tomcat admin page.
Now, on your local machine, download the latest geoserver .war file from here, and then unpack and locate the geoserver.war file within the zip file. From the tomcat manager page scroll down to Deploy, in the WAR file to deploy section. Browse to the .war file you just extracted from the GeoServer zip file, and select deploy.
It will take a few moments to load, but when it has finished you can navigate to your geoserver instance by going to your <AWS Public DNS Name or Elastic IP>:8080\geoserver\web. Now is a good opportunity to grab another coffee.
Because this is a headless server, some of the required fonts are missing. Through SSH you will need to tell the ubuntu server to install the missing fonts and then re-start tomcat. More info here.
sudo apt-get install ttf-dejavu sudo /etc/init.d/tomcat7 restart
Now, tomcat has some limitations so you should install apache web server, and use a web adaptor to redirect geoserver requests to be handled by tomcat. You installed apache earlier, now you need to verify that it is working. Type your elastic IP or DNS name into the browser and verify that the default apache page shows up.
Next, enable the proxy and proxy_http modules. Enter this into terminal/ssh:
a2enmod proxy a2enmod proxy_http
Now navigate to the httpd.conf file and add a proxy pass and proxy pass reverse statement:
Place the following into httpd.conf:
ProxyPass / http://localhost:8080/ ProxyPassReverse / http://localhost:8080/
Note - you can also use your elastic IP here, but i would not recommend using the dynamic aws name because if you are like me (you want to save money) you will be turning your machine on and off)
Save this, and then edit your tomcat server configuration file:
Look for lines that look like this:
<Connector port="8080" protocol="HTTP/1.1" connectionTimeout="20000" URIEncoding="UTF-8" redirectPort="8443" />
And change it to this:
<Connector port="8080" protocol="HTTP/1.1" connectionTimeout="20000" URIEncoding="UTF-8" redirectPort="8443" proxyName="<ElasticIP or Localhost>" proxyPort="80" />
Save this and exit that document. Note that if you stop the machine and do not have an elastic IP assigned, you will need to change this to match your new machine name.
Now you need to install setsebool:
sudo apt-get install setsebool setsebool httpd_can_network_connect=1
Then restart apache and tomcat:
sudo /etc/init.d/apache2 restart sudo /etc/init.d/tomcat7 restart
After a few minutes, this will redirect your elastic IP or DNS name directly to the geoserver welcome screen.
You can update your AWS security group to either disable access to port 8080, or only allow specific IP addresses to access that port unless you need to specifically access tomcat.
Now – if you changed your root size follow these instructions to expand your drive to the new root size instead of the default AMI size (since I only have the one drive you can skip most of the steps in ChenW@AWS’s response):
type “df -h” to get the size of the root volume, then type “ sudo resize2fs /dev/<disk – mine was sda1>”, then after a few minutes and the operation is completed type “df-h” again to verify your root volume has increased.
To optimize geoserver performance, I would suggest looking at OpenGeo’s post on GeoServer in Production.