centos Nginx+Tomcat+Session共享+SSL证书+mysql读写分离

其他 2018-05-11 21:07:12 阅读次数: 1

现在阿里云服务器上申请SSL证书。然后绑定服务器ip。

服务器配置:

192.168.0.1(42.42.42.42(公网ip))

192.168.0.2

192.168.0.3

192.168.0.4

192.168.0.5

服务器提供一个对外的弹性ip(公网ip),各服务器之间通过子网ip连接。

192.168.0.1配置redis+nginx

192.168.0.2,192.168.0.3 配置tomcat

192.168.0.4,192.168.0.5 配置mysql

每台服务器上来直接

yum -y install gcc-c++ ncurses-devel cmake make perl gcc autoconf automake zlib libxml libgcrypt libtool bison pcre pcre-devel zlib zlib-devel openssl openssl-devel libaio

关闭防火墙:

我的是华为服务器在安全组配置就行 防火墙如果再开就会访问不了。

chkconfig iptables off  永久关闭防火墙

service iptables stop  这种关闭防火墙下次开机还是会打开

修改配置文件
# vi /etc/selinux/config
将SELINUX=enforcing改为SELINUX=disabled
需要重启机器生效!!一般购买的服务这个都关闭了。

nginx安装:

cd /usr/local/src

官网下载。上传服务器或直接wget

tar -zxvf nginx-1.13.6

cd nginx-1.13.6

mkdir /usr/local/nginx

./configure --prefix=/usr/local/nginx

make && make install

cd /usr/local/nginx

mkdir -p /usr/local/nginx/conf/cert

将证书nginx SSL证书放到 /usr/local/nginx/conf/cert目录下

vim /conf/nginx.conf

user  root;
worker_processes  1;

events {
    worker_connections  1024;
}

http {
    include       mime.types;
    default_type  application/octet-stream;

    sendfile        on;
    keepalive_timeout  65;

    #配置被代理的服务器
    upstream my_servers{
             #ip_hash
         server 192.168.0.6:8080;
         server 192.168.0.4:8080;            
    }
    server {
        listen       81;
        server_name  game.xxxxx.com;

        location / {
            root   html;
            index  index.html index.htm;
	        proxy_pass http://my_servers;
            proxy_http_version 1.1;
	        proxy_set_header Upgrade $http_upgrade;
            proxy_set_header Connection "upgrade";
        }

        error_page   500 502 503 504  /50x.html;
        location = /50x.html {
            root   html;
        }

    # HTTPS server
    server { 
    	listen 443;
       	server_name game.xxxxx.com;
       	ssl on;
       	ssl_certificate   cert/214292271630849.pem;
       	ssl_certificate_key  cert/214292271630849.key;
       	ssl_session_timeout 5m;
       	ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
       	ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
      	ssl_prefer_server_ciphers on;
      	location / {
    		proxy_pass http://my_servers;
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
       	}
    }

}

/usr/local/nginx/sbin/nginx -t

测试如果successful

/usr/local/nginx/sbin/nginx 

启动nginx

/usr/local/nginx/sbin/nginx -s reload 重新加载nginx 相当于重启

Redis安装:

mkdir /usr/local/redis

cd /usr/local/src

上传或直接wget redis。

tar -zxvf redis-4.0.1

cd redis-4.0.1

安装

make PREFIX=/usr/local/redis install

复制配置文件

cp /usr/local/src/redis-4.0.1/redis.conf /usr/local/redis/

复制启动脚本,并重命名

cp /usr/local/src/redis-4.0.1/utils/redis_init_script /etc/rc.d/init.d/redis
 

#!/bin/sh
#chkconfig: 2345 80 90
#
# Simple Redis init.d script conceived to work on Linux systems
# as it does use of the /proc filesystem.
REDISPORT=6379
EXEC=/usr/local/redis/bin/redis-server
CLIEXEC=/usr/local/redis/bin/redis-cli
PIDFILE=/var/run/redis_${REDISPORT}.pid
CONF="/usr/local/redis/conf/${REDISPORT}.conf"
case "$1" in
start)
if [ -f $PIDFILE ]
then
echo "$PIDFILE exists, process is already running or crashed"
else
echo "Starting Redis server..."
$EXEC $CONF &
fi
;;
stop)
if [ ! -f $PIDFILE ]
then
echo "$PIDFILE does not exist, process is not running"
else
PID=$(cat $PIDFILE)
echo "Stopping ..."
$CLIEXEC -p $REDISPORT shutdown
while [ -x /proc/${PID} ]
do
echo "Waiting for Redis to shutdown ..."
sleep 1
done
echo "Redis stopped"
fi
;;
*)
echo "Please use start or stop as first argument"
;;
esac

$EXEC $CONF &   用于后台启动,不要忘记&

#chkconfig: 2345 80 90  这个注释也要加上,如果不添加上面的内容,在注册服务时会提示: service redis does not support chkconfig。

EXEC=/usr/local/bin/redis-server 改为 EXEC=/usr/local/redis/bin/redis-server
CLIEXEC=/usr/local/bin/redis-cli 改为 CLIEXEC=/usr/local/redis/bin/redis-cli

CONF="/etc/redis/${REDISPORT}.conf" 改为 CONF="/usr/local/redis/conf/${REDISPORT}.conf"

mkdir /usr/local/redis/conf
cp /usr/local/src/redis3.0/redis.conf /usr/local/redis/conf/6379.conf
以上配置操作完成后, 便可将 Redis 注册成为服务:
# chkconfig --add redis

修改 redis 配置文件设置:
# vi /usr/local/redis/conf/6379.conf
修改如下配置
daemonize no 改为> daemonize yes
pidfile /var/run/redis.pid 改为> pidfile /var/run/redis_6379.pid

protected-mode yes 如果不设置密码这个要改成no

port 6379 是端口号 如果修改 文件名和上面的启动脚本也要修改一下

requirepass 123456 这里是密码设置
 


启动 Redis 服务
# service redis start
将 Redis 添加到环境变量中:
# vi /etc/profile
在最后添加以下内容:
## Redis env
export PATH=$PATH:/usr/local/redis/bin
使配置生效:
# source /etc/profile
 

启动服务

service redis start
 

Tomcat 安装:192.168.0.2-192.168.0.3

安装前先安装jdk

mkdir /usr/local/java

cd /usr/local/src

tar -zxvf jdk-8u152-linux-x64.tar.gz

mv /usr/local/src/jdk1.8.0_152 /usr/local/java/

添加环境变量

vim /etc/profile

加入如下内容:

JAVA_HOME=/usr/local/java/jdk1.8.0_152/
JRE_HOME=/usr/local/java/jdk1.8.0_152/jre
CLASS_PATH=.:$JAVA_HOME/lib/dt.jar:$JAVA_HOME/lib/tools.jar:$JRE_HOME/lib
PATH=$PATH:$JAVA_HOME/bin:$JRE_HOME/bin
export JAVA_HOME JRE_HOME CLASS_PATH PATH

配置生效

source /etc/profile

测试

java –version

mkdir /usr/local/tomcat

cd /usr/local/src

上传或直接wget安装包

tar -zxvf apache-tomcat-8.5.23

mv apache-tomcat-8.5.23/* /usr/local/tomcat

POM.XML

<!-- Jedis -->
<dependency>
    <groupId>redis.clients</groupId>
    <artifactId>jedis</artifactId>
    <version>2.9.0</version>
</dependency>
<!-- Spring Data Redis -->
<dependency>
    <groupId>org.springframework.data</groupId>
    <artifactId>spring-data-redis</artifactId>
    <version>1.7.3.RELEASE</version>
</dependency>
<!-- Spring Session -->
<dependency>
    <groupId>org.springframework.session</groupId>
    <artifactId>spring-session</artifactId>
    <version>1.2.2.RELEASE</version>
</dependency>
<!-- Apache Commons Pool -->
<dependency>
    <groupId>org.apache.commons</groupId>
    <artifactId>commons-pool2</artifactId>
    <version>2.4.2</version>
</dependency>



WEB.XML

<filter>
    <filter-name>springSessionRepositoryFilter</filter-name>
    <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>
<filter-mapping>
    <filter-name>springSessionRepositoryFilter</filter-name>
    <url-pattern>/*</url-pattern>
        <dispatcher>REQUEST</dispatcher>
        <dispatcher>ERROR</dispatcher>
</filter-mapping>

redis.xml

<bean class="org.springframework.session.data.redis.config.annotation.web.http.RedisHttpSessionConfiguration"/>
<bean class="org.springframework.data.redis.connection.jedis.JedisConnectionFactory">
    <property name="hostName" value="localhost" />
    <property name="password" value="your-password" />
    <property name="port" value="6379" />
    <property name="database" value="10" />
</bean>

时间问题先整理这些。。。  过几天在好好整理整理

猜你喜欢

转载自my.oschina.net/u/2458549/blog/1558103
今日推荐
NetBSD 禁止提交由 AI 生成的代码
Apache Doris 2.0.10 版本正式发布!
开源日报 | 大模型开战;大模型独角兽被曝卖身;周鸿祎建议谷歌开源所有产品;最大开源AI社区提供1000万美元共享GPU
开源日报 | Chrome内置Gemini的意义不在于Gemini;中国AI追随之路的五大误区;ECharts创始人“下海”养鱼;谷歌I/O开发者大会什么都有,只是没有惊喜
微软回应中国区AI团队“打包赴美”传闻
基于大语言模型的开源知识库问答系统 MaxKB GitHub Star 数量突破 5,000 个!
周排行
static方法和非static方法的区别(java)
如何查找计算机专业paper
java.lang.ClassFormatError: Incompatible magic value 0 in class file com/sitecha
跳跃游戏II
stm32_之【建立工程】
TeaWeb v0.0.9 发布,统计底层优化、主机监控功能改进
事件分发 -----控制字体大小
JavaScript DOM练习(动态表格添加) December 25,2019
JSF Scope & CDI
实现从零搭建一个登录注册页面(附源代码)
每日归档
更多
2024-05-19(0)
2024-05-18(4)
2024-05-17(34)
2024-05-16(6)
2024-05-15(24)
2024-05-14(0)
2024-05-13(18)
2024-05-12(0)
2024-05-11(38)
2024-05-10(38)

代码天地 © 2018 codetd.com

境外服务器   最新电视剧2022