nginx + tomcat + memcached 做负载均衡及session同步

1、nginx配置

# For more information on configuration, see:
#   * Official English Documentation: http://nginx.org/en/docs/
#   * Official Russian Documentation: http://nginx.org/ru/docs/

user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log;
pid /run/nginx.pid;

# Load dynamic modules. See /usr/share/nginx/README.dynamic.
include /usr/share/nginx/modules/*.conf;

events {
    worker_connections 1024;
}

http {
    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for"';

    access_log  /var/log/nginx/access.log  main;

    sendfile            on;
    tcp_nopush          on;
    tcp_nodelay         on;
    keepalive_timeout   65;
    types_hash_max_size 2048;

    include             /etc/nginx/mime.types;
    default_type        application/octet-stream;

    # Load modular configuration files from the /etc/nginx/conf.d directory.
    # See http://nginx.org/en/docs/ngx_core_module.html#include
    # for more information.
    include /etc/nginx/conf.d/*.conf;
 
    upstream api.xuetz.com {
        server IP1:83 weight=1;
        server IP2:83 weight=2;
    }

    server {
        listen       80 default_server;
        listen       [::]:80 default_server;
        server_name  api.xuetz.com;
        root         /usr/share/nginx/html;

        # Load configuration files for the default server block.
        include /etc/nginx/default.d/*.conf;

        location / {
           rewrite ^(.*) https://XXX.com/$1 permanent;
#           proxy_pass http://XXX.com;
#           proxy_connect_timeout 1;
#          proxy_send_timeout 1;
#          proxy_read_timeout 1;
#          proxy_set_header Host $http_host;
#          proxy_set_header X-Real-IP $remote_addr;
#          proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        }

        error_page 404 /404.html;
            location = /40x.html {
        }

        error_page 500 502 503 504 /50x.html;
            location = /50x.html {
        }
    }

# Settings for a TLS enabled server.

    server {
#        listen       449 ssl http2 default_server;
#        listen       [::]:449 ssl http2 default_server;
        listen       443 ssl;
        server_name  api.xuetz.com;
#        ssl on;
        root         /usr/share/nginx/html;

        ssl_certificate "/etc/nginx/cert/***.com.pem";
        ssl_certificate_key "/etc/nginx/cert/***.com.key";
        ssl_session_cache shared:SSL:1m;
        ssl_session_timeout  10m;
        ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
        ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
        ssl_prefer_server_ciphers on;

        # Load configuration files for the default server block.
        include /etc/nginx/default.d/*.conf;

        location / {
           proxy_pass http://XXX.com;
           proxy_connect_timeout 1;
           proxy_send_timeout 30;
           proxy_read_timeout 30;
           proxy_set_header Host $http_host;
           proxy_set_header X-Real-IP $remote_addr;
           proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        }

        error_page 404 /404.html;
            location = /40x.html {
        }

        error_page 500 502 503 504 /50x.html;
            location = /50x.html {
        }
    }

}

2、tomcat  context.xml配置 

<?xml version="1.0" encoding="UTF-8"?>
<!--
  Licensed to the Apache Software Foundation (ASF) under one or more
  contributor license agreements.  See the NOTICE file distributed with
  this work for additional information regarding copyright ownership.
  The ASF licenses this file to You under the Apache License, Version 2.0
  (the "License"); you may not use this file except in compliance with
  the License.  You may obtain a copy of the License at

      http://www.apache.org/licenses/LICENSE-2.0

  Unless required by applicable law or agreed to in writing, software
  distributed under the License is distributed on an "AS IS" BASIS,
  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  See the License for the specific language governing permissions and
  limitations under the License.
-->
<!-- The contents of this file will be loaded for each web application -->
<Context>

    <!-- Default set of monitored resources. If one of these changes, the    -->
    <!-- web application will be reloaded.                                   -->
    <WatchedResource>WEB-INF/web.xml</WatchedResource>
    <WatchedResource>${catalina.base}/conf/web.xml</WatchedResource>
    
    <Resource
        name="jdbc/xrh_core"
        auth="Container"
        type="javax.sql.DataSource"
        description="MySQL 5.0"
        driverClassName="com.mysql.jdbc.Driver"
        url="jdbc:mysql://***/rds?useSSL=false"
        username="xrh"
        password="123456"
        maxIdle="30"
        maxWait="10000"
        maxActive="100"/>
        
        <Manager className="de.javakaffee.web.msm.MemcachedBackupSessionManager"
            memcachedNodes="n1:127.0.0.1:11211"
            sticky="false"  
            sessionBackupAsync="false"  
            sessionBackupTimeout="1000"
            lockingMode="auto"  
            transcoderFactoryClass="de.javakaffee.web.msm.serializer.kryo.KryoTranscoderFactory"/>
</Context>

 如应用系统有采用ueditor，则Manager 不能配置requestUriIgnorePattern=".*.(png|gif|jpg|css|js)$" ，否则会出现session过期问题。