LVS cluster nginx+tomcat
Project topology map:
1. Install nginx +
tomcat
The configurations on the 192.168.1.248 and 192.168.1.249 servers are as follows:
1. JDK installation
Put the downloaded installer in the /soft directory
cd /soft
chmod a+x jdk-6u23-linux-i586.bin
./jdk-6u23-linux-i586.bin
mkdir -p /data/conf
mv jdk1.6.0_23/ /data/conf/jdk
Delete the old version from the system
rm -rf /usr/bin/java
rm -rf /usr/bin/javac
Create a link, set a new version
ln -s /data/conf/jdk/bin/java /usr/bin/java
ln -s /data/conf/jdk/bin/javac /usr/bin/javac
View new version information
java-version
javac-version
Check whether the jdk version is 1.6. At this point, the JDK has been installed
2. Tomcat installation
Unzip the compressed file
cd /soft
tar xzvf apache-tomcat-6.0.32.tar.gz
mv apache-tomcat-6.0.32 /data/conf/tomcat
cd /data/conf/tomcat/bin/
Add user
useradd webuser -s /sbin/nologin
chown -R webuser:webuser /data/
tomcat optimization options
(1) Add tomcat administrator
# vi /usr/local/www/tomcat/conf/tomcat-users.xml
Add in the middle of
Where username=”tomcat” is the username and password=”li147258369″ is the password
(2) Modify the JVM
JAVA_OPTS=”-Xms1024m -Xmx1024m -Xmn256m
-Djava.awt.headless=true”
(3) server.xml parameter modification
<Connector port="8080" protocol="HTTP/1.1"
maxHttpHeaderSize=”8192″ useBodyEncodingForURI=”true”
maxThreads=”600″ Maximum number of connections
redirectPort=”8443″
enableLookups=”false” disable DNS lookups
compression=”on”
compressiOnMinSize=”2048″ compression, compression size
compressableMimeType=”text/html,text/xml,text/Javascript,text/css,text/plain”
cOnconnectionTimeout=”20000″
disableUploadTimeout=”true”
/>
Set the environment directory
vi /etc/profile
TOMCAT_HOME=/data/conf/tomcat
JAVA_HOME=/data/conf/jdk
JRE_HOME=/data/conf/jdk/jre
export JAVA_HOME JRE_HOME TOMCAT_HOME
Backup tomcat configuration file
cd /data/conf/tomcat/conf
mv server.xml server.xml.bak
Set the tomcat configuration file and configure the virtual host
vi server.xml
Add after
start tomcat
/data/conf/tomcat/bin/startup.sh
View startup process
ps -ef |grep tomcat
Visit the tomcat test page, if the cat head page appears, the installation is successful!
links http://localhost:8080
3. Install nginx
Unzip the compressed file
tar zxvf pcre-8.02.tar.gz
cd pcre-8.02/
Compile and install
./configure
make && make install
tar zxvf nginx-0.8.50.tar.gz
cd nginx-0.8.50/
Compile and install
./configure –prefix=/data/conf/nginx
–with-http_stub_status_module
make && make install
Configure nginx configuration file
cd /data/conf/nginx
Backup nginx.conf configuration file
mv nginx.conf nginx.conf.bak
vi nginx.conf
user nobody nobody;
worker_processes 4;
pid /data/conf/nginx/logs/nginx.pid;
worker_rlimit_nofile 51200;
events
{
use epoll;
worker_connections 51200;
}
http{
include mime.types;
default_type application/octet-stream;
server_names_hash_bucket_size 128;
client_header_buffer_size 32k;
large_client_header_buffers 4 32k;
client_max_body_size 8m;
sendfile on;
tcp_nopush on;
keepalive_timeout 60;
tcp_nodelay on;eny all;
}
Set expiration time for favicon.ico and robots.txt;
Here favicon.ico is 99 days, robots.txt is 7 days and does not record 404 error logs
location ~(favicon. ico) {
log_not_found off;
expires 99d;
break;
}
location ~(robots.txt) {
log_not_found off;
expires 7d;
break;
}
Set the expiration time of a file; here it is 600 seconds, no access log is recorded
location ^~ /html/scripts/loadhead_1.js {
access_log off;
root /opt/lampp/htdocs/web;
expires 600;
break;
}
File anti-hotlinking and set expiration time
The return 412 here is a custom http status code, the default is 403, which is convenient for finding the correct hotlink request
“rewrite ^/ http://leech.c1gstudio.com/leech.gif;” displays an anti-leech picture
“access_log off;” does not record access logs, reducing pressure
“expires 3d” browser cache for all files for 3 days
location ~* ^.+/.(jpg|jpeg|gif|png|swf|rar|zip|css|js)$ {
valid_referers none blocked *.c1gstudio.com *.c1gstudio.net
localhost 208.97.167.194;
if ($invalid_referer) {
rewrite ^/
http://leech.c1gstudio.com/leech.gif;
return 412;
break;
}
access_log off;
root /opt/lampp/htdocs/web;
expires 3d;
break;
}
Only allow fixed ip to access the website, and add a password
root /opt/htdocs/www;
allow 208.97.167.194;
allow 222.33.1.2;
allow 231.152.49.4;
deny all;
auth_basic “C1G_ADMIN”;
auth_basic_user_file htpasswd;
Convert the files in the multi-level directory into one file to enhance the seo effect
/job-123-456-789.html points to /job/123/456/789.html
rewrite ^/job-([0-9]+)-([0-9]+)-([0-9]+)/.html$
/job/$1/$2/jobshow_$3.html last;
Point a folder under the root directory to the level 2 directory
For example, /shanghaijob/ points to
/area/shanghai/
If you change last to permanent, the address bar of the browser will display /location/shanghai/
rewrite ^/([0-9a-z]+)job/(.*)$ /area/$1/$2 last;
The problem with the above example is that it will not match when accessing /shanghai
rewrite ^/([0-9a-z]+)job$ /area/$1/ last;
rewrite ^/([0-9a-z]+)job/(.*)$ /area/$1/$2 last;
In this way, /shanghai can also be accessed, but the relative links in the page cannot be used,
For example, the real address of ./list_1.html is /area/shanhia/list_1.html and it will become /list_1.html, making it inaccessible.
Then it won’t work if I add automatic jump
(-d $request_filename) It has a condition that it must be a real directory, but my rewrite is not, so it has no effect
if (-d $request_filename){
rewrite ^/(.*)([^/])$ http://$host/$1$2/ permanent;
}
It’s easy to handle after knowing the reason, let me jump manually
rewrite ^/([0-9a-z]+)job$ /$1job/ permanent;
rewrite ^/([0-9a-z]+)job/(.*)$ /area/$1/$2 last;
Redirect when files and directories do not exist:
if (!-e $request_filename) {
proxy_pass http://127.0.0.1;
}
Domain redirection
server
{
listen
80;
server_name jump.c1gstudio.com;
index index.html
index.htm index.php;
root
/opt/lampp/htdocs/www;
rewrite ^/
http://www.c1gstudio.com/;
` access_log`
off;
}
Multiple Domain Forwarding
server_name www.c1gstudio.com www.c1gstudio.net;
index index.html
index.htm index.php;
root
/opt/lampp/htdocs;
if ($host ~ “c1gstudio/.net”) {
rewrite ^(.*) http://www.c1gstudio.com$1 permanent;
}
Third-level domain name jump
if ($http_host ~* “^(.*)/.i/.c1gstudio/.com$”) {
rewrite ^(.*) http://top.yingjiesheng.com$1;
break;
}
Domain Mirroring
server
{
listen
80;
server_name mirror.c1gstudio.com;
index index.html
index.htm index.php;
root
/opt/lampp/htdocs/www;
rewrite ^/(.*)
http://www.c1gstudio.com/$1 last;
` access_log`
off;
}
A subdirectory as a mirror
location ^~ /zhaopinhui{
rewrite ^.+ http://zph.c1gstudio.com/ last;
break;
}
discuz ucenter home (uchome) rewrite
rewrite ^/(space|network)-(.+)/.html$ /$1.php?rewrite=$2
last;
rewrite ^/(space|network)/.html$ /$1.php last;
rewrite ^/([0-9]+)$ /space.php?uid=$1 last;
discuz 7 rewrite
rewrite ^(.*)/archiver/((fid|tid)-[/w/-]+/.html)$
$1/archiver/index.php?
.com$1 permanent;
}
Third-level domain name jump
if ($http_host ~* “^(.*)/.i/.c1gstudio/.com$”) {
rewrite ^(.*) http://top.yingjiesheng.com$1;
break;
}
Domain Mirroring
server
{
listen
80;
server_name mirror.c1gstudio.com;
index index.html
index.htm index.php;
root
/opt/lampp/htdocs/www;
rewrite ^/(.*)
http://www.c1gstudio.com/$1 last;
` access_log`
off;
}
A subdirectory as a mirror
location ^~ /zhaopinhui{
rewrite ^.+ http://zph.c1gstudio.com/ last;
break;
}
discuz ucenter home (uchome) rewrite
rewrite ^/(space|network)-(.+)/.html$ /$1.php?rewrite=$2
last;
rewrite ^/(space|network)/.html$ /$1.php last;
rewrite ^/([0-9]+)$ /space.php?uid=$1 last;
discuz 7 rewrite
rewrite ^(.*)/archiver/((fid|tid)-[/w/-]+/.html)$
$1/archiver/index.php?
微信扫一扫打赏
支付宝扫一扫打赏
