• Linux下Nginx+Tomcat负载均衡和动静分离配置要点

    本文使用的Linux发行版:CentOS6.7 下载地址:https://wiki.centos.org/Download

    一、安装Nginx

    下载源:wget http://nginx.org/packages/centos/6/noarch/RPMS/nginx-release-centos-6-0.el6.ngx.noarch.rpm

    安装源:yum install nginx-release-centos-6-0.el6.ngx.noarch.rpm -y(注意-y参数)

    安装Nginx:yum install nginx

    启动Nginx服务:service nginx start

    停止Nginx服务:service nginx stop

    查看Nginx运行状态:service nginx status

    检查Nginx配置文件:nginx -t

    服务运行中重新加载配置:nginx -s reload

    添加Nginx服务自启动:chkconfig nginx on

    二、修改防火墙规则

    修改Nginx所在主机的防火墙配置:vi /etc/sysconfig/iptables,将nginx使用的端口添加到允许列表中。

    例如:-A INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT (表示允许80端口通过)

    修改Tomcat所在主机的防火墙配置:vi /etc/sysconfig/iptables,将tomcat使用的端口添加到允许列表中。

    例如:-A INPUT -m state --state NEW -m tcp -p tcp --dport 8080 -j ACCEPT (表示允许8080端口通过)

    如果主机上有多个tomcat的话,则按此规则添加多条,修改对应的端口号即可。

    保存后重启防火墙:service iptables restart

    三、Tomcat负载均衡配置

    Nginx启动时默认加载配置文件/etc/nginx/nginx.conf,而nginx.conf里会引用/etc/nginx/conf.d目录里的所有.conf文件。

    因此可以将自己定制的一些配置写到单独.conf文件里,只要文件放在/etc/nginx/conf.d这个目录里即可,方便维护。

    创建tomcats.conf:vi /etc/nginx/conf.d/tomcats.conf,内容如下:

    upstream tomcats {
     ip_hash;
    server 192.168.0.251:8080;
     server 192.168.0.251:8081;
     server 192.168.0.251:8082;
 }

    修改default.conf:vi /etc/nginx/conf.d/default.conf,修改如下:

    #注释原有的配置
#location / {
#    root   /usr/share/nginx/html;
#    index  index.html index.htm;
#}

    #新增配置默认将请求转发到tomcats.conf配置的upstream进行处理
    
location     / {
    
proxy_set_header     Host $host;
    
proxy_set_header X    -Real-IP $remote_addr;
    
proxy_set_header REMOTE    -HOST $remote_addr;
    
proxy_set_header X    -Forwarded-For $proxy_add_x_forwarded_for;
    
proxy_pass http    ://tomcats; #与tomcats.conf里配置的upstream同名
    
    }

    保存后重新加载配置:nginx -s reload

    四、静态资源分离配置

    修改default.conf:vi /etc/nginx/conf.d/default.conf,添加如下配置:

    #所有js,css相关的静态资源文件的请求由Nginx处理
location ~.*.(js|css)$ {
    root    /opt/static-resources; #指定文件路径
    expires     12h; #过期时间为12小时
}
#所有图片等多媒体相关静态资源文件的请求由Nginx处理
location ~.*.(html|jpg|jpeg|png|bmp|gif|ico|mp3|mid|wma|mp4|swf|flv|rar|zip|txt|doc|ppt|xls|pdf)$ {
    root    /opt/static-resources; #指定文件路径
    expires     7d; #过期时间为7天
}

    五、修改SELinux安全规则

    如果访问Nginx时出现502 Bad Gateway错误,则可能是Nginx主机上的SELinux限制了其使用http访问权限引起的,输入命令setsebool -P httpd_can_network_connect 1 开启权限即可。

    文件/etc/nginx/nginx.conf完整配置如下:

    user  nginx;
worker_processes  auto;

    error_log  /var/log/nginx/error.log warn;
    
pid            /var/run/nginx.pid;
    
worker_rlimit_nofile        100000;
    

    events {
    
    use epoll;
    
multi_accept on    ;
    
worker_connections      1024;
    
    }
    

    http {
    
include           /etc/nginx/mime.types;
    
default_type  application    /octet-stream;
    

    </span><span class="com">#log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '</span><span class="pln">
</span><span class="com">#                  '$status $body_bytes_sent "$http_referer" '</span><span class="pln">
</span><span class="com">#                  '"$http_user_agent" "$http_x_forwarded_for"';</span><span class="pln">

</span><span class="com">#access_log  /var/log/nginx/access.log  main;</span><span class="pln">

sendfile        on</span><span class="pun">;</span><span class="pln">
server_tokens off</span><span class="pun">;</span><span class="pln">
</span><span class="com">#tcp_nopush     on;</span><span class="pln">

keepalive_timeout  </span><span class="lit">65</span><span class="pun">;</span><span class="pln">

gzip on</span><span class="pun">;</span><span class="pln">
gzip_disable </span><span class="str">"msie6"</span><span class="pun">;</span><span class="pln">
gzip_static on</span><span class="pun">;</span><span class="pln">
gzip_proxied any</span><span class="pun">;</span><span class="pln">
gzip_min_length </span><span class="lit">1000</span><span class="pun">;</span><span class="pln">
gzip_comp_level </span><span class="lit">4</span><span class="pun">;</span><span class="pln">
gzip_types text</span><span class="pun">/</span><span class="pln">plain text</span><span class="pun">/</span><span class="pln">css application</span><span class="pun">/</span><span class="pln">json application</span><span class="pun">/</span><span class="pln">x</span><span class="pun">-</span><span class="pln">javascript text</span><span class="pun">/</span><span class="pln">xml application</span><span class="pun">/</span><span class="pln">xml application</span><span class="pun">/</span><span class="pln">xml</span><span class="pun">+</span><span class="pln">rss text</span><span class="pun">/</span><span class="pln">javascript</span><span class="pun">;</span><span class="pln">

include </span><span class="pun">/</span><span class="pln">etc</span><span class="pun">/</span><span class="pln">nginx</span><span class="pun">/</span><span class="pln">conf</span><span class="pun">.</span><span class="pln">d</span><span class="com">/*.conf;

    

    }

    文件/etc/nginx/conf.d/default.conf完整配置如下:

    server {
    listen       80;
    server_name  localhost;

    </span><span class="com">#charset koi8-r;</span><span class="pln">
</span><span class="com">#access_log  /var/log/nginx/log/host.access.log  main;</span><span class="pln">

</span><span class="com">#location / {</span><span class="pln">
</span><span class="com">#    root   /usr/share/nginx/html;</span><span class="pln">
</span><span class="com">#    index  index.html index.htm;</span><span class="pln">
</span><span class="com">#}</span><span class="pln">

location </span><span class="pun">/</span><span class="pln"> </span><span class="pun">{</span><span class="pln">
    proxy_set_header </span><span class="typ">Host</span><span class="pln"> $host</span><span class="pun">;</span><span class="pln">
    proxy_set_header X</span><span class="pun">-</span><span class="typ">Real</span><span class="pun">-</span><span class="pln">IP $remote_addr</span><span class="pun">;</span><span class="pln">
    proxy_set_header REMOTE</span><span class="pun">-</span><span class="pln">HOST $remote_addr</span><span class="pun">;</span><span class="pln">
    proxy_set_header X</span><span class="pun">-</span><span class="typ">Forwarded</span><span class="pun">-</span><span class="typ">For</span><span class="pln"> $proxy_add_x_forwarded_for</span><span class="pun">;</span><span class="pln">
    proxy_pass http</span><span class="pun">:</span><span class="com">//web_servers;</span><span class="pln">
</span><span class="pun">}</span><span class="pln">

location </span><span class="pun">~.*</span><span class="pln">.</span><span class="pun">(</span><span class="pln">js</span><span class="pun">|</span><span class="pln">css</span><span class="pun">)</span><span class="pln">$ </span><span class="pun">{</span><span class="pln">
    root    </span><span class="pun">/</span><span class="pln">opt</span><span class="pun">/</span><span class="kwd">static</span><span class="pun">-</span><span class="pln">resources</span><span class="pun">;</span><span class="pln">
    expires     </span><span class="lit">12h</span><span class="pun">;</span><span class="pln">
</span><span class="pun">}</span><span class="pln">

location </span><span class="pun">~.*</span><span class="pln">.</span><span class="pun">(</span><span class="pln">html</span><span class="pun">|</span><span class="pln">jpg</span><span class="pun">|</span><span class="pln">jpeg</span><span class="pun">|</span><span class="pln">png</span><span class="pun">|</span><span class="pln">bmp</span><span class="pun">|</span><span class="pln">gif</span><span class="pun">|</span><span class="pln">ico</span><span class="pun">|</span><span class="pln">mp3</span><span class="pun">|</span><span class="pln">mid</span><span class="pun">|</span><span class="pln">wma</span><span class="pun">|</span><span class="pln">mp4</span><span class="pun">|</span><span class="pln">swf</span><span class="pun">|</span><span class="pln">flv</span><span class="pun">|</span><span class="pln">rar</span><span class="pun">|</span><span class="pln">zip</span><span class="pun">|</span><span class="pln">txt</span><span class="pun">|</span><span class="pln">doc</span><span class="pun">|</span><span class="pln">ppt</span><span class="pun">|</span><span class="pln">xls</span><span class="pun">|</span><span class="pln">pdf</span><span class="pun">)</span><span class="pln">$ </span><span class="pun">{</span><span class="pln">
    root    </span><span class="pun">/</span><span class="pln">opt</span><span class="pun">/</span><span class="kwd">static</span><span class="pun">-</span><span class="pln">resources</span><span class="pun">;</span><span class="pln">
    expires     </span><span class="lit">7d</span><span class="pun">;</span><span class="pln">
</span><span class="pun">}</span><span class="pln">

</span><span class="com">#error_page  404              /404.html;</span><span class="pln">

</span><span class="com"># redirect server error pages to the static page /50x.html</span><span class="pln">
</span><span class="com">#</span><span class="pln">
error_page   </span><span class="lit">500</span><span class="pln"> </span><span class="lit">502</span><span class="pln"> </span><span class="lit">503</span><span class="pln"> </span><span class="lit">504</span><span class="pln">  </span><span class="pun">/</span><span class="lit">50x</span><span class="pun">.</span><span class="pln">html</span><span class="pun">;</span><span class="pln">
location </span><span class="pun">=</span><span class="pln"> </span><span class="pun">/</span><span class="lit">50x</span><span class="pun">.</span><span class="pln">html </span><span class="pun">{</span><span class="pln">
    root   </span><span class="pun">/</span><span class="pln">usr</span><span class="pun">/</span><span class="pln">share</span><span class="pun">/</span><span class="pln">nginx</span><span class="pun">/</span><span class="pln">html</span><span class="pun">;</span><span class="pln">
</span><span class="pun">}</span><span class="pln">

</span><span class="com"># proxy the PHP scripts to Apache listening on 127.0.0.1:80</span><span class="pln">
</span><span class="com">#</span><span class="pln">
</span><span class="com">#location ~ .php$ {</span><span class="pln">
</span><span class="com">#    proxy_pass   http://127.0.0.1;</span><span class="pln">
</span><span class="com">#}</span><span class="pln">

</span><span class="com"># pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000</span><span class="pln">
</span><span class="com">#</span><span class="pln">
</span><span class="com">#location ~ .php$ {</span><span class="pln">
</span><span class="com">#    root           html;</span><span class="pln">
</span><span class="com">#    fastcgi_pass   127.0.0.1:9000;</span><span class="pln">
</span><span class="com">#    fastcgi_index  index.php;</span><span class="pln">
</span><span class="com">#    fastcgi_param  SCRIPT_FILENAME  /scripts$fastcgi_script_name;</span><span class="pln">
</span><span class="com">#    include        fastcgi_params;</span><span class="pln">
</span><span class="com">#}</span><span class="pln">

</span><span class="com"># deny access to .htaccess files, if Apache's document root</span><span class="pln">
</span><span class="com"># concurs with nginx's one</span><span class="pln">
</span><span class="com">#</span><span class="pln">
</span><span class="com">#location ~ /.ht {</span><span class="pln">
</span><span class="com">#    deny  all;</span><span class="pln">
</span><span class="com">#}</span><span class="pln">

    

    }

    注意:如果执行命令时没有root权限,请在命令前面加上 sudo 执行。
  • 相关阅读:
    Android WIFI 启动流程(TIP^^)
    MVVM模式原则
    CoreData入门
    转:iOS绘制一个UIView
    CGBitmapContextCreate函数参数详解
    RACCommand
    ReactiveCocoa内存管理
    IOS TableView滑动不灵敏问题
    IOS数组的排序和筛选
    IOS取消performSelector警告
  • 原文地址:https://www.cnblogs.com/jpfss/p/10090309.html
Copyright © 2020-2023  润新知