Migrate Tomcat applications to containers on Azure Kubernetes Service

Migration

We advise that you carry out the procedures listed below one at a time for each program (WAR file) you desire to migrate, except for the first step.

Provision container registry and AKS

Make an Azure Kubernetes cluster whose Service Principal has the Reader role on the registry and a container registry. Make careful you select the right network model for the networking needs of your cluster.

#1
az group create -g $resourceGroup -l eastus
#2
az acr create -g $resourceGroup -n $name --sku Standard
#3
az aks create -g $resourceGroup -n $name --attach-acr $acrName --network-plugin azure

Prepare the deployment artifacts

Clone the GitHub source for the Tomcat On Containers Quickstart. There are several suggested optimizations in the Tomcat and Dockerfile configuration files. Before creating the container image and deploying it to AKS, you'll probably need to make the changes we've outlined in the steps below to these files.

Open ports for clustering, if needed

Make sure the required port ranges are available in the Dockerfile if Tomcat Clustering on AKS is something you want to employ. Use variable initialized to the pod's IP address upon container startup when specifying the server IP address in server.xml.

Alternatively, the session state might be saved in a different place and made accessible to replicas.

If your application employs clustering, check the server.xml file for the <Cluster> element inside the <Host> or <Engine> components.

Add JNDI resources

To include the resources you prepared during the pre-migration processes, such as Data Sources, edit server.xml.

For example:

<GlobalNamingResources>
    <!-- Editable user database -->
    <Resource name="UserDatabase" auth="Container"
              factory="org.apache.catalina.users.MemoryUserDatabaseFactory"
              type="org.apache.catalina.UserDatabase"
              pathname="conf/tomcat-users.xml"
              description="User database"
              />

    <!-- Migrated datasources here: -->
    <Resource
        name="jdbc/dbconnection"
        type="javax.sql.DataSource"
        url="${postgresdb.connectionString}"
        driverClassName="org.postgresql.Driver"
        username="${postgresdb.username}"
        password="${postgresdb.password}"
    />
    <!-- End of migrated datasources -->
</GlobalNamingResources>

Build and push the image

The az acr build command is the simplest approach to create and upload the image to Azure Container Registry (ACR) for usage by AKS. Docker does not need to be set up on your machine to run this command. For instance, assuming the application package petclinic.war and the Dockerfile mentioned above are both present in the current directory, building the container image in ACR only requires the following step:

az acr build -t "${acrName}.azurecr.io/petclinic:{{.Run.ID}}" -r $acrName --build-arg APP_FILE=petclinic.war --build-arg=prod.server.xml

As an alternative, you might create the image locally using Docker CLI. This method can make testing and improving the image easier before the first ACR deployment. However, it needs the Docker daemon to be running, and the Docker CLI installed.

sudo docker build . --build-arg APP_FILE=petclinic.war -t "${acrName}.azurecr.io/petclinic:1"
sudo docker run -d -p 8080:8080 "${acrName}.azurecr.io/petclinic:1"
sudo az acr login -n $acrName
sudo docker push "${acrName}.azurecr.io/petclinic:1"

Provision of a public IP address

A public static IP address is necessary if your application can be accessed from outside your physical or virtual network(s). This IP address must be provisioned within the cluster's node resource group.

#Line1
nrg=$(az aks show -g $resourceGroup -n $aksName --query 'nodeResourceGroup' -o tsv)
#Line2
publicIp=$(az network public-ip create -g $nrg -n applicationIp --sku Standard --allocation-method Static --query 'publicIp.ipAddress' -o tsv)
#Line3
echo "Your public IP address is ${publicIp}."

Deploy to AKS

Make a YAML file for Kubernetes and apply it. Ensure that the IP address provisioned in the previous step is used as the LoadBalancerIP whenever you create an external load balancer (whether for your application or an ingress controller).

As environment variables, add externalized parameters. Leave out the secrets (such as passwords, API keys, and JDBC connection strings). The Configure KeyVault FlexVolume section contains information on secrets.

Configure persistent storage

Configure one or more Persistent Volumes if your application needs non-volatile storage.

You might want to construct a persistent volume using Azure Files mounted to the Tomcat logs directory to store logs centrally.

Configure KeyVault FlexVolume

Make an Azure KeyVault, then fill it with all the required secrets. Then set up a KeyVault FlexVolume so that pods can access those secrets.

You must change the startup script to import the certificates into the local key store on the container.

Post-migration

You should check to see if your application still functions as expected after moving it to AKS. We have some suggestions for you that can help your application become more Cloud-native after you've done that.

1. Think about giving the IP address assigned to your ingress controller or application load balancer a DNS name.
    
2. For your application, you might want to include HELM charts. You can parameterize your application deployment so that a wider range of users can utilize and customize it.
    
3. Create and put into action a DevOps plan. Consider automating testing and deployments with Azure Pipelines to preserve dependability while accelerating your development pace.
    
4. For the cluster, enable Azure Monitoring to enable the collecting of container logs and the tracking of utilization, among other things.
    
5. Think about using Prometheus to expose application-specific metrics. A widely used open-source metrics framework in the Kubernetes community is Prometheus. Instead of maintaining your own Prometheus server, you may configure Prometheus Metrics scraping in Azure Monitor to enable metrics aggregation from your apps and automated response to or escalation of abnormal events.
    
6. Create and put into action a business continuity and catastrophe recovery plan. Consider a multi-region deployment architecture for mission-critical applications.
    
7. Review the policy on Kubernetes Version Support. Make sure your AKS cluster constantly runs a supported version by performing regular updates.
    
8. Review the relevant AKS best practices with all team members in charge of cluster administration and application development.
    
9. Look at the logging.properties file's contents. To enhance performance, think about removing or lowering part of the logging output.
    
10. To further enhance performance, consider keeping an eye on the code cache size and adding the -XX:InitialCodeCacheSize and -XX:ReservedCodeCacheSize arguments to the JAVA_OPTS variable in the Dockerfile.

Must Read, kubernetes interview questions

Frequently Asked Questions

What do you mean by Tomcat on Azure?

The Apache Software Foundation (ASF) created the Java Servlet Container, Tomcat, which is open-source. An extremely well-liked open-source relational database management system is MySQL.

Can I utilize the Azure App service with Tomcat clustering?

The Azure App Service does not allow Tomcat clustering. Instead of requiring Tomcat-specific capabilities, you can configure and manage scalability and load balancing with Azure App Service. To make the session state accessible across replicas, you can store it in a different place.

How does the Tomcat server work?

A web container called Tomcat manages your servlets and their mappings. Tomcat checks the URL mappings after any request for a servlet is made to apache, and the result is generated in a way browsers can understand.

Can Apache and Tomcat run together?

Running Apache and Tomcat on the same computer is no problem. It's pretty common to run Tomcat on port 8080, run Apache on port 80/443, and use mod_proxy to allow Apache to serve apps hosted by Tomcat.

How is Apache Tomcat put to use?

One of Tomcat's connectors receives a request from a client. Tomcat routes this request to the proper Engine for processing. The range of Tomcat's search for the right Engine is constrained because these Engines are included within other elements like hosts and servers.

Conclusion

In this article, we have learned why we need to transfer our existing tomcat application to run on Azure Kubernetes Service(AKS). To continue learning more about Azure, check out our other blogs on the AWS vs azure vs google cloud, Microsoft Azure, Azure Service Fabric, and Microsoft Azure certification.

Refer to our guided paths on Coding Ninjas Studio to learn about Data Structure and Algorithms, Competitive Programming, JavaScript, etc. Enroll in our courses and refer to our mock test available. Have a look at the interview experiences and interview bundle for placement preparations.

Happy Coding!