Nginx+Tomcat+Https 服务器负载均衡配置实践方案详解
由于需要,得搭建个nginx+tomcat+https的服务器,搜了搜网上的发现总是有错,现在整理了些有用的,备忘。
环境:Centos6.5、JDK1.8、Tomcat8、Nginx1.10.1
准备材料:
1.JDK1.8安装包jdk-8u102-linux-x64.tar.gz
2.Tomcat8安装包apache-tomcat-8.0.37.tar.gz
3.Nginx1.10安装包nginx-1.10.1.tar.gz
1、JDK安装配置
解压并安装到/usr/local/jdk
[root@localhost~]#tarzxvfjdk-8u102-linux-x64.tar.gz [root@localhost~]#mvjdk1.8.0_102/usr/local/jdk
配置JDK环境变量
[root@localhost~]#vi/etc/profile
在底部加入以下内容
JAVA_HOME=/usr/local/jdk JRE_HOME=$JAVA_HOME/jre CLASSPATH=.:$JAVA_HOME/lib:$JRE_HOME/lib:$CLASSPATH PATH=$JAVA_HOME/bin:$JRE_HOME/bin:$PATH exportJAVA_HOMEJRE_HOMEPATHCLASSPATH
应用环境变量
[root@localhost~]#source/etc/profile
检测是否成功,显示版本说明成功
[root@localhost~]#java-version
2、Tomcat安装配置
解压并安装到/usr/local/tomcat
[root@localhost~]#tarzxvfapache-tomcat-8.0.37.tar.gz [root@localhost~]#mvapache-tomcat-8.0.37/usr/local/tomcat
默认tomcat是root身份运行的,这样不安全,这里设置普通用户运行
[root@localhost~]#groupaddtomcat [root@localhost~]#useradd-gtomcattomcat [root@localhost~]#passwdtomcat [root@localhost~]#chowntomcat.tomcat-R/usr/local/tomcat
运行tomcat
[root@localhost~]#su-tomcat/usr/local/tomcat/bin/startup.sh
设置开机启动
[root@localhost~]#echo"su-tomcat/usr/local/tomcat/bin/startup.sh">>/etc/rc.local
3、Nginx安装配置
配置Nginx用户
[root@localhost~]#groupaddnginx [root@localhost~]#useradd-gnginx-s/sbin/nologinnginx
安装依赖包
[root@localhost~]#yum-yinstallzlibzlib-developensslopenssl-develpcrepcre-develgccgcc-c++
解压并进入文件夹内
[root@localhost~]#tarzxvfnginx-1.10.1.tar.gz [root@localhost~]#cdnginx-1.10.1
配置安装
[root@localhostnginx-1.10.1]#./configure--prefix=/usr/local/nginx--with-http_ssl_module--with-http_gzip_static_module--with-http_stub_status_module [root@localhostnginx-1.10.1]#make&&makeinstall
配置Nginx
[root@localhost~]#vi/usr/local/nginx/conf/nginx.conf
这一步需要手动将ssl证书放入/usr/local/nginx/conf/目录下,分别为cert.crt和cert.key文件
如果证书文件是其他格式,可以自行搜索转换方法
如果无须配置https,更改443端口即可
nginx主配置文件
usernginx; worker_processes1; error_loglogs/error.log; pidlogs/nginx.pid; events{ useepoll; worker_connections1024; } http{ includemime.types; default_typeapplication/octet-stream; log_formatmain'$remote_addr-$remote_user[$time_local]"$request"' '$status$body_bytes_sent"$http_referer"' '"$http_user_agent""$http_x_forwarded_for"'; access_loglogs/access.logmain; proxy_redirectoff; proxy_set_headerHost$host; proxy_set_headerX-Real-IP$remote_addr; proxy_set_headerX-Forwarded-For$proxy_add_x_forwarded_for; client_max_body_size10m; client_body_buffer_size128k; proxy_connect_timeout90; proxy_send_timeout90; proxy_read_timeout90; proxy_buffer_size4k; proxy_buffers632k; proxy_busy_buffers_size64k; proxy_temp_file_write_size64k; sendfileon; keepalive_timeout65; gzipon; gzip_min_length1k; gzip_buffers416k; gzip_http_version1.0; gzip_comp_level2; gzip_typestext/plainapplication/x-javascripttext/cssapplication/xml; gzip_varyon; server{ listen80; server_namewww.domain.com;#修改域名 return301https://$server_name$request_uri;#强制跳转443端口 } server{ listen443ssl; server_namewww.domain.com;#修改域名 ssl_certificatecert.crt;#导入证书 ssl_certificate_keycert.key;#导入证书 ssl_session_cacheshared:SSL:1m; ssl_session_timeout5m; ssl_ciphersHIGH:!aNULL:!MD5; ssl_prefer_server_cipherson; location/{ root/usr/local/tomcat/webapps/ROOT; indexindex.htmlindex.jspindex.htm; } location~.*.jsp${ indexindex.jsp; proxy_passhttp://127.0.0.1:8080; } location/nginxstatus{ stub_statuson; access_logon; auth_basic"nginxstatus"; auth_basic_user_file/usr/local/nagois/etc/htpasswd.users; } error_page404/404.html; error_page500502503504/50x.html; location=/50x.html{ roothtml; } } }
启动服务器
/usr/local/nginx/sbin/nginx
浏览器访问出现小猫即成功。
以上所述是小编给大家介绍的Nginx+Tomcat+Https服务器负载均衡配置实践方案详解,希望对大家有所帮助,如果大家有任何疑问请给我留言,小编会及时回复大家的。在此也非常感谢大家对毛票票网站的支持!