VPS with Jelastic: CentOS, Ubuntu and Windows

By | CentOS, Jelastic, Virtual Hosting, Virtual Private Server Hosting | No Comments

Jelastic VPSMost people choose VPS (Virtual Private Server) hosting because it doesn’t have the limitations of shared hosting and it allows for reinforced security, flexibility and complete control over your environment.

Today we will review how to set up VPS using Jelastic and 3 pre-configured certified stack templates on top of 3 operating systems – CentOS, Ubuntu and Windows.

Virtual Private Servers

CentOS (Community ENTerprise Operating System) is a free community-driven project, with open source code delivered from RHEL Linux distribution.

CentOS offers enterprise-level stability strengthened by robust performance and represents a reliable, low-maintenance, secure option for running virtual private servers.

Ubuntu is one of the most popular operating systems for running virtual private servers inside the Cloud. Built over the Debian Linux distribution, Ubuntu shares its commitment to principles of open-source software and offers continually developing solutions with agile, secure and versatile performance capabilities.

Windows Server OS (2012 and optionally 2008 R2 versions are provided) allows you to run any Windows-based software on your virtual machine with support of popular tools and technologies: ASP.NET, PHP, SQL, Visual Studio, Active Directory, etc.

Due to the fact that Windows OS is a proprietary software and can’t be distributed freely (i.e. requires the license to be applied to the platform), you can be charged for using such containers (regardless of whether it’s running or stopped). Read More

How to get Tomcat running on CentOS 7.2 using privileged ports <1024

By | CentOS, Java, Tomcat | No Comments

Tomcat running on Centos using privileged portsIf you haven’t already got Java and Tomcat 7 running on CentOS 7.2, it’s pretty simple using yum. Just follow the instructions in this post.

This sets up Java to run with 8080 and/or 8443, but I want it to be my primary webserver.

Post install

I’ve been trying to get Tomcat to run under user tomcat but on privileged port 443 ( <1024 ). There is not a lot of current info on getting this working post yum installs of Java and Tomcat 7 on CentOS 7.2 , so perhaps adding it here would be good.

There is allot of misinformation out there and some of it doesn’t apply to the versions spoken about, configs in different places or not existing in the paths referenced.

A few pre-cursors

  1. I do not want to run Tomcat as root to be able to use a port <1024
  2. “setcap cap_net_bind_service+ep /path/to/bin/java” does not work. I tried everything I could.
  3. I do not want to run Apache, haproxy or NGINX running on a port <1024 as a frontend to Tomcat even though there are some advantages in doing this. Wasted overhead and another service to manage and keep updated.
  4. Using iptables or firewalld to redirect ports is not optimal IMO as restarting or changing the firewall config would stop users from reach Tomcat if the firewall stopped or had an issue which is a point of failure.

The best solution I found was:

  1. Install authbind pre-rolled as an RPM from here or use the referenced GIT project to build an rpm yourself. This installed without issue and without any dependencies.
  2. Once authbind is installed run the following depending on what ports you want to have Tomcat listening on:

sudo touch /etc/authbind/byport/80
sudo chmod 500 /etc/authbind/byport/80
sudo chown tomcat /etc/authbind/byport/80
sudo touch /etc/authbind/byport/443
sudo chmod 500 /etc/authbind/byport/443
sudo chown tomcat /etc/authbind/byport/443

  1. Default user and group when Tomcat is installed by yum is “tomcat”
  2. Modify your tomcat “/etc/tomcat/server.xml” config and change to the ports you want to use. In my case it’s 443.
  3. The tricky part was getting authbind to work with systemd. After getting Tomcat set to start when the servers starts up I have the following 2 startup files:


  1. In all the other posts I read and how to’s they all reference in this file, but this script doesn’t exist if you used the before mentioned instructions to install Java/Tomcat using yum. I opened up the 2 files above and commented out the original “ExecStart” command, duplicated the line and added authbind as follows:

#ExecStart=/usr/libexec/tomcat/server start
ExecStart=/usr/bin/authbind –deep “/usr/libexec/tomcat/server” start

  1. After that I ran:

sudo systemctl daemon-reload
sudo systemctl restart tomcat.service

Tomcat fired up listening on port 443.

Aug 19 13:29:42 1556-109 authbind: INFO: Initializing ProtocolHandler [“http-bio-443”]
Aug 19 13:29:43 1556-109 authbind: Aug 19, 2016 1:29:43 PM org.apache.coyote.AbstractProtocol init

Problem solved! This was a lot easier to get working that some of the other solutions which involved multiple services running etc. If you have a better method or questions, please post a comment.