zoukankan      html  css  js  c++  java
  • Linux下Nginx+Tomcat负载均衡和动静分离配置要点

    本文使用的Linux发行版:CentOS6.7 下载地址:https://wiki.centos.org/Download

    一、安装Nginx

    下载源:wget http://nginx.org/packages/centos/6/noarch/RPMS/nginx-release-centos-6-0.el6.ngx.noarch.rpm

    安装源:yum install nginx-release-centos-6-0.el6.ngx.noarch.rpm -y(注意-y参数)

    安装Nginx:yum install nginx

    启动Nginx服务:service nginx start

    停止Nginx服务:service nginx stop

    查看Nginx运行状态:service nginx status

    检查Nginx配置文件:nginx -t

    服务运行中重新加载配置:nginx -s reload

    添加Nginx服务自启动:chkconfig nginx on

    二、修改防火墙规则

    修改Nginx所在主机的防火墙配置:vi /etc/sysconfig/iptables,将nginx使用的端口添加到允许列表中。

    例如:-A INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT (表示允许80端口通过)

    修改Tomcat所在主机的防火墙配置:vi /etc/sysconfig/iptables,将tomcat使用的端口添加到允许列表中。

    例如:-A INPUT -m state --state NEW -m tcp -p tcp --dport 8080 -j ACCEPT (表示允许8080端口通过)

    如果主机上有多个tomcat的话,则按此规则添加多条,修改对应的端口号即可。

    保存后重启防火墙:service iptables restart

    三、Tomcat负载均衡配置

    Nginx启动时默认加载配置文件/etc/nginx/nginx.conf,而nginx.conf里会引用/etc/nginx/conf.d目录里的所有.conf文件。

    因此可以将自己定制的一些配置写到单独.conf文件里,只要文件放在/etc/nginx/conf.d这个目录里即可,方便维护。

    创建tomcats.conf:vi /etc/nginx/conf.d/tomcats.conf,内容如下:

    upstream tomcats {
         ip_hash;
        server 192.168.0.251:8080;
         server 192.168.0.251:8081;
         server 192.168.0.251:8082;
     }

    修改default.conf:vi /etc/nginx/conf.d/default.conf,修改如下:

    #注释原有的配置
    #location / {
    #    root   /usr/share/nginx/html;
    #    index  index.html index.htm;
    #}
    

    #新增配置默认将请求转发到tomcats.conf配置的upstream进行处理
    location
    / {
    proxy_set_header
    Host $host;
    proxy_set_header X
    -Real-IP $remote_addr;
    proxy_set_header REMOTE
    -HOST $remote_addr;
    proxy_set_header X
    -Forwarded-For $proxy_add_x_forwarded_for;
    proxy_pass http
    ://tomcats; #与tomcats.conf里配置的upstream同名
    }

    保存后重新加载配置:nginx -s reload

    四、静态资源分离配置

    修改default.conf:vi /etc/nginx/conf.d/default.conf,添加如下配置:

    #所有js,css相关的静态资源文件的请求由Nginx处理
    location ~.*.(js|css)$ {
        root    /opt/static-resources; #指定文件路径
        expires     12h; #过期时间为12小时
    }
    #所有图片等多媒体相关静态资源文件的请求由Nginx处理
    location ~.*.(html|jpg|jpeg|png|bmp|gif|ico|mp3|mid|wma|mp4|swf|flv|rar|zip|txt|doc|ppt|xls|pdf)$ {
        root    /opt/static-resources; #指定文件路径
        expires     7d; #过期时间为7天
    }

    五、修改SELinux安全规则

    如果访问Nginx时出现502 Bad Gateway错误,则可能是Nginx主机上的SELinux限制了其使用http访问权限引起的,输入命令setsebool -P httpd_can_network_connect 1 开启权限即可。

    文件/etc/nginx/nginx.conf完整配置如下:

    user  nginx;
    worker_processes  auto;
    

    error_log /var/log/nginx/error.log warn;
    pid
    /var/run/nginx.pid;
    worker_rlimit_nofile
    100000;

    events {
    use epoll;
    multi_accept on
    ;
    worker_connections
    1024;
    }

    http {
    include
    /etc/nginx/mime.types;
    default_type application
    /octet-stream;

    </span><span class="com">#log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '</span><span class="pln">
    </span><span class="com">#                  '$status $body_bytes_sent "$http_referer" '</span><span class="pln">
    </span><span class="com">#                  '"$http_user_agent" "$http_x_forwarded_for"';</span><span class="pln">
    
    </span><span class="com">#access_log  /var/log/nginx/access.log  main;</span><span class="pln">
    
    sendfile        on</span><span class="pun">;</span><span class="pln">
    server_tokens off</span><span class="pun">;</span><span class="pln">
    </span><span class="com">#tcp_nopush     on;</span><span class="pln">
    
    keepalive_timeout  </span><span class="lit">65</span><span class="pun">;</span><span class="pln">
    
    gzip on</span><span class="pun">;</span><span class="pln">
    gzip_disable </span><span class="str">"msie6"</span><span class="pun">;</span><span class="pln">
    gzip_static on</span><span class="pun">;</span><span class="pln">
    gzip_proxied any</span><span class="pun">;</span><span class="pln">
    gzip_min_length </span><span class="lit">1000</span><span class="pun">;</span><span class="pln">
    gzip_comp_level </span><span class="lit">4</span><span class="pun">;</span><span class="pln">
    gzip_types text</span><span class="pun">/</span><span class="pln">plain text</span><span class="pun">/</span><span class="pln">css application</span><span class="pun">/</span><span class="pln">json application</span><span class="pun">/</span><span class="pln">x</span><span class="pun">-</span><span class="pln">javascript text</span><span class="pun">/</span><span class="pln">xml application</span><span class="pun">/</span><span class="pln">xml application</span><span class="pun">/</span><span class="pln">xml</span><span class="pun">+</span><span class="pln">rss text</span><span class="pun">/</span><span class="pln">javascript</span><span class="pun">;</span><span class="pln">
    
    include </span><span class="pun">/</span><span class="pln">etc</span><span class="pun">/</span><span class="pln">nginx</span><span class="pun">/</span><span class="pln">conf</span><span class="pun">.</span><span class="pln">d</span><span class="com">/*.conf;
    

    }

    文件/etc/nginx/conf.d/default.conf完整配置如下:

    server {
        listen       80;
        server_name  localhost;
    
    </span><span class="com">#charset koi8-r;</span><span class="pln">
    </span><span class="com">#access_log  /var/log/nginx/log/host.access.log  main;</span><span class="pln">
    
    </span><span class="com">#location / {</span><span class="pln">
    </span><span class="com">#    root   /usr/share/nginx/html;</span><span class="pln">
    </span><span class="com">#    index  index.html index.htm;</span><span class="pln">
    </span><span class="com">#}</span><span class="pln">
    
    location </span><span class="pun">/</span><span class="pln"> </span><span class="pun">{</span><span class="pln">
        proxy_set_header </span><span class="typ">Host</span><span class="pln"> $host</span><span class="pun">;</span><span class="pln">
        proxy_set_header X</span><span class="pun">-</span><span class="typ">Real</span><span class="pun">-</span><span class="pln">IP $remote_addr</span><span class="pun">;</span><span class="pln">
        proxy_set_header REMOTE</span><span class="pun">-</span><span class="pln">HOST $remote_addr</span><span class="pun">;</span><span class="pln">
        proxy_set_header X</span><span class="pun">-</span><span class="typ">Forwarded</span><span class="pun">-</span><span class="typ">For</span><span class="pln"> $proxy_add_x_forwarded_for</span><span class="pun">;</span><span class="pln">
        proxy_pass http</span><span class="pun">:</span><span class="com">//web_servers;</span><span class="pln">
    </span><span class="pun">}</span><span class="pln">
    
    location </span><span class="pun">~.*</span><span class="pln">.</span><span class="pun">(</span><span class="pln">js</span><span class="pun">|</span><span class="pln">css</span><span class="pun">)</span><span class="pln">$ </span><span class="pun">{</span><span class="pln">
        root    </span><span class="pun">/</span><span class="pln">opt</span><span class="pun">/</span><span class="kwd">static</span><span class="pun">-</span><span class="pln">resources</span><span class="pun">;</span><span class="pln">
        expires     </span><span class="lit">12h</span><span class="pun">;</span><span class="pln">
    </span><span class="pun">}</span><span class="pln">
    
    location </span><span class="pun">~.*</span><span class="pln">.</span><span class="pun">(</span><span class="pln">html</span><span class="pun">|</span><span class="pln">jpg</span><span class="pun">|</span><span class="pln">jpeg</span><span class="pun">|</span><span class="pln">png</span><span class="pun">|</span><span class="pln">bmp</span><span class="pun">|</span><span class="pln">gif</span><span class="pun">|</span><span class="pln">ico</span><span class="pun">|</span><span class="pln">mp3</span><span class="pun">|</span><span class="pln">mid</span><span class="pun">|</span><span class="pln">wma</span><span class="pun">|</span><span class="pln">mp4</span><span class="pun">|</span><span class="pln">swf</span><span class="pun">|</span><span class="pln">flv</span><span class="pun">|</span><span class="pln">rar</span><span class="pun">|</span><span class="pln">zip</span><span class="pun">|</span><span class="pln">txt</span><span class="pun">|</span><span class="pln">doc</span><span class="pun">|</span><span class="pln">ppt</span><span class="pun">|</span><span class="pln">xls</span><span class="pun">|</span><span class="pln">pdf</span><span class="pun">)</span><span class="pln">$ </span><span class="pun">{</span><span class="pln">
        root    </span><span class="pun">/</span><span class="pln">opt</span><span class="pun">/</span><span class="kwd">static</span><span class="pun">-</span><span class="pln">resources</span><span class="pun">;</span><span class="pln">
        expires     </span><span class="lit">7d</span><span class="pun">;</span><span class="pln">
    </span><span class="pun">}</span><span class="pln">
    
    </span><span class="com">#error_page  404              /404.html;</span><span class="pln">
    
    </span><span class="com"># redirect server error pages to the static page /50x.html</span><span class="pln">
    </span><span class="com">#</span><span class="pln">
    error_page   </span><span class="lit">500</span><span class="pln"> </span><span class="lit">502</span><span class="pln"> </span><span class="lit">503</span><span class="pln"> </span><span class="lit">504</span><span class="pln">  </span><span class="pun">/</span><span class="lit">50x</span><span class="pun">.</span><span class="pln">html</span><span class="pun">;</span><span class="pln">
    location </span><span class="pun">=</span><span class="pln"> </span><span class="pun">/</span><span class="lit">50x</span><span class="pun">.</span><span class="pln">html </span><span class="pun">{</span><span class="pln">
        root   </span><span class="pun">/</span><span class="pln">usr</span><span class="pun">/</span><span class="pln">share</span><span class="pun">/</span><span class="pln">nginx</span><span class="pun">/</span><span class="pln">html</span><span class="pun">;</span><span class="pln">
    </span><span class="pun">}</span><span class="pln">
    
    </span><span class="com"># proxy the PHP scripts to Apache listening on 127.0.0.1:80</span><span class="pln">
    </span><span class="com">#</span><span class="pln">
    </span><span class="com">#location ~ .php$ {</span><span class="pln">
    </span><span class="com">#    proxy_pass   http://127.0.0.1;</span><span class="pln">
    </span><span class="com">#}</span><span class="pln">
    
    </span><span class="com"># pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000</span><span class="pln">
    </span><span class="com">#</span><span class="pln">
    </span><span class="com">#location ~ .php$ {</span><span class="pln">
    </span><span class="com">#    root           html;</span><span class="pln">
    </span><span class="com">#    fastcgi_pass   127.0.0.1:9000;</span><span class="pln">
    </span><span class="com">#    fastcgi_index  index.php;</span><span class="pln">
    </span><span class="com">#    fastcgi_param  SCRIPT_FILENAME  /scripts$fastcgi_script_name;</span><span class="pln">
    </span><span class="com">#    include        fastcgi_params;</span><span class="pln">
    </span><span class="com">#}</span><span class="pln">
    
    </span><span class="com"># deny access to .htaccess files, if Apache's document root</span><span class="pln">
    </span><span class="com"># concurs with nginx's one</span><span class="pln">
    </span><span class="com">#</span><span class="pln">
    </span><span class="com">#location ~ /.ht {</span><span class="pln">
    </span><span class="com">#    deny  all;</span><span class="pln">
    </span><span class="com">#}</span><span class="pln">
    

    }

    注意:如果执行命令时没有root权限,请在命令前面加上 sudo 执行。

  • 相关阅读:
    [ Algorithm ] N次方算法 N Square 动态规划解决
    [ Algorithm ] LCS 算法 动态规划解决
    sql server全文索引使用中的小坑
    关于join时显示no join predicate的那点事
    使用scvmm 2012的动态优化管理群集资源
    附加数据库后无法创建发布,error 2812 解决
    浅谈Virtual Machine Manager(SCVMM 2012) cluster 过载状态检测算法
    windows 2012 r2下安装sharepoint 2013错误解决
    sql server 2012 数据引擎任务调度算法解析(下)
    sql server 2012 数据引擎任务调度算法解析(上)
  • 原文地址:https://www.cnblogs.com/jpfss/p/10090309.html
Copyright © 2011-2022 走看看