Public | Automated Build

Last pushed: 22 days ago
Short Description
Tomcat and Oracle JRE in docker
Full Description

Tomcat and Oracle JRE in docker

Use this repo to build a small footprint docker image containing the following based on alpine linux:

  • Tomcat (versions tested compatible with Geoserver)
  • Oracle JDK 8
  • gosu

The Dockerfile is adapted from the following primarily because Oracle JDK 7 is no longer available

gosu has been included so that tomcat would run as non-root user for better security. The gosu stanza in the Dockerfile is based on docker-alpine-gosu. The docker image uses / to run tomcat as non-root user. The numeric UID of this user in the container defaults to 1000 but it may be overridden with the environment variable TOMCAT_UID.

dockerize may be used to wait for any dependent container (service) to be ready before starting Tomcat. To use it, define the environment variable DOCKERIZE_CMD with the full command, e.g. dockerize -wait=tcp://my_postgresql_host_ip:5432 -timeout=30m.

My personal use-case is for running Boundless GeoServer and GeoFence.

Even though GeoServer has only been officially tested with JRE7, it seems to work fine with JRE8.


Tomcat webapps directory in the container is /usr/tomcat/webapps/

To enable strong cryptography in Oracle JRE, extract local_policy.jar and US_export_policy.jar from

- local_policy.jar:/usr/lib/jvm/default-jvm/jre/lib/security/local_policy.jar
- US_export_policy.jar:/usr/lib/jvm/default-jvm/jre/lib/security/US_export_policy.jar

Override any JRE JAVA default values using environment in docker-compose.yml file. GeoServer requires MINMEM greater or equal to 64 MB.

  MAXMEM: 1024m
  MINMEM: 64m

To persist GeoServer data, set its data directory to a separate directory in the container and mount it using volumes in docker-compose.yml


A complete sample docker-compose.yml may look like this:

  image: cheewai/tomcat
  - TOMCAT_UID=1001
  - MAXMEM=2048m
  - GEOSERVER_DATA_DIR=/var/geoserver
  - ./downloads/local_policy.jar:/usr/lib/jvm/default-jvm/jre/lib/security/local_policy.jar
  - ./downloads/US_export_policy.jar:/usr/lib/jvm/default-jvm/jre/lib/security/US_export_policy.jar
  - ./webapps:/usr/tomcat/webapps
  - ./gsdata:/var/geoserver
  - ./
  - "8080:8080"

Download script

GeoSolution provides well-tested snapshots of stable release on a daily basis that includes the latest bug fixes.

With a little customization, this download script can be used fetch the Geoserver and any additional plugin that you require.

#! /bin/bash

set -eux
pushd $DLDIR || {
  echo "Set download directory DLDIR to an existing directory" >&2
  exit 1
wget --timestamping "${BASE_URL}/geoserver-${VER}"
for p in cas feature-pregeneralized imagemosaic-jdbc monitor mysql pyramid wps ; do
  wget --timestamping "${BASE_URL}/ext-latest/${GSVER}-SNAPSHOT-${p}"

Initial setup script

This script is to unpack a specific version of Geoserver and any plugin already present in the download directory DLDIR into the Tomcat webapps directory.

#! /bin/sh

[ $# -eq 1 ] || {
  echo "usage: $0 {geoserver_webapps_dir}" >&2
  exit 1
APPDIR=$(readlink -f "$1")
set -eux

unzip -d $APPDIR "$DLDIR/geoserver-${VER}" geoserver.war
[ -d "$APPDIR/geoserver" ] && rm -f "$APPDIR/geoserver"

# Unarchive geoserver.war
docker run -it --rm -e TOMCAT_UID=1001 --entrypoint=/bin/sh -v $APPDIR:/usr/tomcat/webapps cheewai/tomcat -c "mkdir /usr/tomcat/webapps/geoserver; cd /usr/tomcat/webapps/geoserver && /usr/lib/jvm/default-jvm/bin/jar -xvf ../geoserver.war"
docker run -it --rm -e TOMCAT_UID=1001 --entrypoint=/bin/sh -v $APPDIR:/usr/tomcat/webapps cheewai/tomcat -c "chmod -R ugo+rw /usr/tomcat/webapps/geoserver"

# Unzip extensions
for f in ${DLDIR}/${GSVER}-* ; do
  unzip -o -d $APPDIR/geoserver/WEB-INF/lib "$f"

docker run -it --rm -e TOMCAT_UID=1001 -v $APPDIR:/usr/tomcat/webapps cheewai/tomcat
Docker Pull Command
Source Repository