You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by "James H. H. Lampert" <ja...@touchtonecorp.com> on 2020/05/18 22:47:54 UTC
Strange occurrence with Tomcat running on an AWS EC2 instance
I'm hoping to get the one web server we still have on a cert we have to
pay for switched over to Let's Encrypt, and so I cloned the server in
question to a spot instance.
The server in question is an EC2 instance running Amazon Linux (not
Amazon Linux 2), with a Bitnami Trac/SVN stack on it, and Tomcat 8
installed independently of the Bitnami stack.
To clone it, I created an AMI from the most recent backup snapshot, and
then launched a spot instance from that AMI.
Once the test instance spun up, when I was finally able to connect to
the Tomcat server on it, I found that (1) it had been updated, (2) the
ROOT context had been partially overwritten with the default ROOT
context, and (3) the manager context had been returned to the "factory"
disabled state.
To coin a phrase, "What just happened?"
Can anybody shed any light on this?
--
JHHL
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: Strange occurrence with Tomcat running on an AWS EC2 instance
Posted by Christopher Schultz <ch...@christopherschultz.net>.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
James,
On 5/18/20 18:47, James H. H. Lampert wrote:
> I'm hoping to get the one web server we still have on a cert we
> have to pay for switched over to Let's Encrypt, and so I cloned the
> server in question to a spot instance.
>
> The server in question is an EC2 instance running Amazon Linux
> (not Amazon Linux 2), with a Bitnami Trac/SVN stack on it, and
> Tomcat 8 installed independently of the Bitnami stack.
>
> To clone it, I created an AMI from the most recent backup snapshot,
> and then launched a spot instance from that AMI.
Presumably, this latest snapshot was working at the time of the snapshot
?
> Once the test instance spun up, when I was finally able to connect
> to the Tomcat server on it, I found that (1) it had been updated
Updated to what?
> (2) the ROOT context had been partially overwritten with the
> default ROOT context, and (3) the manager context had been returned
> to the "factory" disabled state.
>
> To coin a phrase, "What just happened?"
Hmm. Any idea if that AMI tries to bootstrap itself in some way --
like for example trying to update software, deploy applications, etc.?
If Tomcat was updated (probably with something heavy-handed, such as
un-tarring the latest over time of /opt/tomcat or whatever), perhaps
it overwrote the ROOT context?
I don't think this is anything that Tomcat would ever do to itself,
but we can maybe help you discover how your own AMI works and prevent
it from doing that kind of thing again
One initial recommendation I would have for you is to always have a
"split installation" where Tomcat is installed one place, and your
"deployment" (conf/, work/, logs/ and webapps/ directories) are all in
a separate place.
This way, if Tomcat is (unexpectedly) upgraded, you will not have to
worry so much about your applications and/or configurations from being
clobbered.
- -chris
-----BEGIN PGP SIGNATURE-----
Comment: Using GnuPG with Thunderbird - https://www.enigmail.net/
iQIzBAEBCAAdFiEEMmKgYcQvxMe7tcJcHPApP6U8pFgFAl7ETEcACgkQHPApP6U8
pFixww/5AeUSvUOWLgqL2Jv9WQ7LYxIV/rCoZrNqFSu99/DXxq6/oBFALJtYz5Ze
6RhDyyMocmkOT+bngR+c4IUctwvmjyxAuHh6qdisL2Ftdzrra6wS5jscJgn7wHi/
NqToyDrgVzWknX0BYWflpO7KRVJBR4Y1yDMR8DD/LmFsTBbXBJKDjPycKcDnTtcJ
HU+y2gXb+j7IMREJMRl95lznBKXqaBx0wV3zTPKrAOaIvbnpYiwX8YJXnx1oRpvB
X4gtyPLWoYZU9WbKsZZj2djB8cbdUZQXmaE+FUg2Lx3TF/AzBHsXaplBP85KzbNY
poUAf+Jld71ZSD1TW251Fnr8l04sF3ozb5R9EPTMpsu4Yj2SooTsU5wc2vb+3MvG
GhiSTOZ+f+o5RBzkN83rADHIdXcPHKgrsCmrPHyqWRfmUuoU0CNObsC9llDHBDY2
vEqu/AyHRIbhzVMCO9fQ+2WY69uJ8yBr1UTLwmCKMcr05AeMWB5DTmNFubXcuaxw
T2AeEe6WbX209U9TG/xYMxRTDtPD6bBj/Doa2/kKY/jaFNkx6xMkZ949PGR+32z1
ODxhaRrKfe+i/E78qvtRjpNRBIxjKp7YG8z6bpTFTO9n7N7pSfUhWfFxQZL+Wf8t
sa3mZMiKloAX4IHtvmo8fGdM2s3ggmSaCWOMpEgexguxf2CNgg4=
=flMV
-----END PGP SIGNATURE-----
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org