Nginx+Tomcat+Https 服务器负载均衡配置实践方案详解

[root@localhost ~]# tar zxvf jdk-8u102-linux-x64.tar.gz[root@localhost ~]# mv jdk1.8.0_102 /usr/local/jdk

[root@localhost ~]# vi /etc/profile

JAVA_HOME=/usr/local/jdkJRE_HOME=$JAVA_HOME/jreCLASSPATH=.:$JAVA_HOME/lib:$JRE_HOME/lib:$CLASSPATHPATH=$JAVA_HOME/bin:$JRE_HOME/bin:$PATHexport JAVA_HOME JRE_HOME PATH CLASSPATH

[root@localhost ~]# source /etc/profile

[root@localhost ~]# java -version

[root@localhost ~]# tar zxvf apache-tomcat-8.0.37.tar.gz[root@localhost ~]# mv apache-tomcat-8.0.37 /usr/local/tomcat

[root@localhost ~]# groupadd tomcat[root@localhost ~]# useradd -g tomcat tomcat[root@localhost ~]# passwd tomcat[root@localhost ~]# chown tomcat.tomcat -R /usr/local/tomcat

[root@localhost ~]# su - tomcat /usr/local/tomcat/bin/startup.sh

[root@localhost ~]# echo "su - tomcat /usr/local/tomcat/bin/startup.sh" >> /etc/rc.local

[root@localhost ~]# groupadd nginx[root@localhost ~]# useradd -g nginx -s /sbin/nologin nginx

[root@localhost ~]# yum -y install zlib zlib-devel openssl openssl-devel pcre pcre-devel gcc gcc-c++

[root@localhost ~]# tar zxvf nginx-1.10.1.tar.gz[root@localhost ~]# cd nginx-1.10.1

[root@localhost nginx-1.10.1]# ./configure --prefix=/usr/local/nginx --with-http_ssl_module --with-http_gzip_static_module --with-http_stub_status_module[root@localhost nginx-1.10.1]# make && make install

[root@localhost ~]# vi /usr/local/nginx/conf/nginx.conf

user nginx;worker_processes 1;error_log logs/error.log;pid logs/nginx.pid;events {use epoll;worker_connections 1024;}http {include mime.types;default_type application/octet-stream;log_format main '$remote_addr - $remote_user [$time_local] "$request" ''$status $body_bytes_sent "$http_referer" ''"$http_user_agent" "$http_x_forwarded_for"';access_log logs/access.log main;proxy_redirect off;proxy_set_header Host $host;proxy_set_header X-Real-IP $remote_addr;proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;client_max_body_size 10m;client_body_buffer_size 128k;proxy_connect_timeout 90;proxy_send_timeout 90;proxy_read_timeout 90;proxy_buffer_size 4k;proxy_buffers 6 32k;proxy_busy_buffers_size 64k;proxy_temp_file_write_size 64k;sendfile on;keepalive_timeout 65;gzip on;gzip_min_length 1k;gzip_buffers 4 16k;gzip_http_version 1.0;gzip_comp_level 2;gzip_types text/plain application/x-javascripttext/css application/xml;gzip_vary on;server {listen 80;server_name www.domain.com; #修改域名return 301 https://$server_name$request_uri; #强制跳转443端口}server {listen 443 ssl;server_name www.domain.com; #修改域名ssl_certificate cert.crt; #导入证书ssl_certificate_key cert.key; #导入证书ssl_session_cache shared:SSL:1m;ssl_session_timeout 5m;ssl_ciphers HIGH:!aNULL:!MD5;ssl_prefer_server_ciphers on;location / {root /usr/local/tomcat/webapps/ROOT;index index.html index.jsp index.htm;}location ~ .*.jsp$ {index index.jsp;proxy_pass http://127.0.0.1:8080;}location /nginxstatus {stub_status on;access_log on;auth_basic "nginxstatus";auth_basic_user_file /usr/local/nagois/etc/htpasswd.users;}error_page 404 /404.html;error_page 500 502 503 504 /50x.html;location = /50x.html {root html;}}}

/usr/local/nginx/sbin/nginx