实验拓扑图:
实验环境搭建
Centos7-5作为Client(12.0.0.12/24);Centos7-1作为网关服务器(配置两块网卡ens33 192.168.246.7/24,ens36 12.0.0.1/24);Centos7-2作为Web1(192.168.246.8/24 提供web1服务);Centos7-3作为Web2(192.168.246.9/24 提供web2服务);Centos7-4作为Nginx服务器(192.168.246.10/24)
五台机器都关闭防火墙、防护
7-1网关服务器配置
[root@localhost ~]#ifconfig
[root@localhost ~]#cd /etc/sysconfig/network-scripts/
[root@localhost network-scripts]#ls
ifcfg-ens33 ifdown-ipv6 ifdown-TeamPort ifup-ippp ifup-routes network-functions
ifcfg-lo ifdown-isdn ifdown-tunnel ifup-ipv6 ifup-sit network-functions-ipv6
ifdown ifdown-post ifup ifup-isdn ifup-Team
ifdown-bnep ifdown-ppp ifup-aliases ifup-plip ifup-TeamPort
ifdown-eth ifdown-routes ifup-bnep ifup-plusb ifup-tunnel
ifdown-ib ifdown-sit ifup-eth ifup-post ifup-wireless
ifdown-ippp ifdown-Team ifup-ib ifup-ppp init.ipv6-global
[root@localhost network-scripts]#cp ifcfg-ens33 ifcfg-ens36
[root@localhost network-scripts]#vim ifcfg-ens36
7-5客户机配置:最后一题的才需要这个地址
一、在Nginx服务器上搭建LNMP服务,并且能够对外提供Discuz论坛服务,在Web1、Web2服务器上搭建Tomcat 服务
(一)Nginx服务器上搭建LNMP服务
①编译安装nginx
[root@zzzcentos4 ~]#yum -y install pcre-devel zlib-devel gcc gcc-c++ make
[root@zzzcentos4 ~]#cd /opt
[root@zzzcentos4 opt]#ls
rh
[root@zzzcentos4 opt]#rz -E
rz waiting to receive.
[root@zzzcentos4 opt]#rz -E
rz waiting to receive.
[root@zzzcentos4 opt]#rz -E
rz waiting to receive.
[root@zzzcentos4 opt]#rz -E
rz waiting to receive.
[root@zzzcentos4 opt]#ls
Discuz_X3.4_SC_UTF8.zip nginx-1.22.0.tar.gz rh
mysql-boost-5.7.20.tar.gz php-7.1.10.tar.bz2
[root@zzzcentos4 opt]#tar xf nginx-1.22.0.tar.gz
[root@zzzcentos4 opt]#cd nginx-1.22.0/
[root@zzzcentos4 nginx-1.22.0]#useradd -M -s /sbin/nologin nginx
[root@zzzcentos4 nginx-1.22.0]#./configure \
> --prefix=/usr/local/nginx \
> --user=nginx \
> --group=nginx \
> --with-http_stub_status_module
[root@zzzcentos4 nginx-1.22.0]#make -j 2
[root@zzzcentos4 nginx-1.22.0]#make install[root@zzzcentos4 nginx-1.22.0]#echo $PATH
/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/root/bin
[root@zzzcentos4 nginx-1.22.0]#
[root@zzzcentos4 nginx-1.22.0]#ln -s /usr/local/nginx/sbin/nginx /usr/bin
#为了使用nginx命令可以补全 (做到$PATH下面就行)
[root@zzzcentos4 nginx-1.22.0]#tee /lib/systemd/system/nginx.service <<eof
> [Unit]
> Description=nginx
> After=network.target
> [Service]
> Type=forking
> PIDFile=/usr/local/nginx/logs/nginx.pid
> ExecStart=/usr/local/nginx/sbin/nginx
> ExecReload=/bin/kill -1 $MAINPID
> ExecStop=/bin/kill -3 $MAINPID
> PrivateTmp=true
> [Install]
> WantedBy=multi-user.target
> eof
[Unit]
Description=nginx
After=network.target
[Service]
Type=forking
PIDFile=/usr/local/nginx/logs/nginx.pid
ExecStart=/usr/local/nginx/sbin/nginx
ExecReload=/bin/kill -1
ExecStop=/bin/kill -3
PrivateTmp=true
[Install]
WantedBy=multi-user.target
[root@zzzcentos4 nginx-1.22.0]#systemctl daemon-reload
[root@zzzcentos4 nginx-1.22.0]#systemctl enable --now nginx.service
Created symlink from /etc/systemd/system/multi-user.target.wants/nginx.service to /usr/lib/systemd/system/nginx.service.
[root@zzzcentos4 nginx-1.22.0]#systemctl start nginx
[root@zzzcentos4 nginx-1.22.0]#systemctl status nginx
②编译安装mysql
[root@zzzcentos4 nginx-1.22.0]#cd /opt
[root@zzzcentos4 opt]#ls
Discuz_X3.4_SC_UTF8.zip nginx-1.22.0 php-7.1.10.tar.bz2
mysql-boost-5.7.20.tar.gz nginx-1.22.0.tar.gz rh
[root@zzzcentos4 opt]#yum -y install \
> ncurses \
> ncurses-devel \
> bison \
> cmake
[root@zzzcentos4 opt]#yum -y install gcc gcc-c++ cmake bison bison-devel zlib-devel libcurl-devel libarchive-devel boost-devel ncurses-devel gnutls-devel libxml2-devel openssl-devel libevent-devel libaio-devel
[root@zzzcentos4 opt]#useradd -M -s /sbin/nologin mysql
[root@zzzcentos4 opt]#ls
Discuz_X3.4_SC_UTF8.zip nginx-1.22.0 php-7.1.10.tar.bz2
mysql-boost-5.7.20.tar.gz nginx-1.22.0.tar.gz rh
[root@zzzcentos4 opt]#tar xf mysql-boost-5.7.20.tar.gz
[root@zzzcentos4 opt]#ls
Discuz_X3.4_SC_UTF8.zip mysql-boost-5.7.20.tar.gz nginx-1.22.0.tar.gz rh
mysql-5.7.20 nginx-1.22.0 php-7.1.10.tar.bz2
[root@zzzcentos4 opt]#cd mysql-5.7.20/
[root@zzzcentos4 mysql-5.7.20]#
[root@zzzcentos4 mysql-5.7.20]#cmake \
> -DCMAKE_INSTALL_PREFIX=/usr/local/mysql \
> -DMYSQL_UNIX_ADDR=/usr/local/mysql/mysql.sock \
> -DSYSCONFDIR=/etc \
> -DSYSTEMD_PID_DIR=/usr/local/mysql \
> -DDEFAULT_CHARSET=utf8 \
> -DDEFAULT_COLLATION=utf8_general_ci \
> -DWITH_EXTRA_CHARSETS=all \
> -DWITH_INNOBASE_STORAGE_ENGINE=1 \
> -DWITH_ARCHIVE_STORAGE_ENGINE=1 \
> -DWITH_BLACKHOLE_STORAGE_ENGINE=1 \
> -DWITH_PERFSCHEMA_STORAGE_ENGINE=1 \
> -DMYSQL_DATADIR=/usr/local/mysql/data \
> -DWITH_BOOST=boost \
> -DWITH_SYSTEMD=1
[root@zzzcentos4 mysql-5.7.20]#vim /etc/my.cnf
[client]
port = 3306
socket=/usr/local/mysql/mysql.sock
[mysqld]
user = mysql
basedir=/usr/local/mysql
datadir=/usr/local/mysql/data
port = 3306
character-set-server=utf8
pid-file = /usr/local/mysql/mysqld.pid
socket=/usr/local/mysql/mysql.sock
bind-address = 0.0.0.0
skip-name-resolve
max_connections=2048
default-storage-engine=INNODB
max_allowed_packet=16M
server-id = 1
sql_mode=NO_ENGINE_SUBSTITUTION,STRICT_TRANS_TABLES,NO_AUTO_CREATE_USER,NO_AUTO_VALUE_ON_ZERO,
NO_ZERO_IN_DATE,NO_ZERO_DATE,ERROR_FOR_DIVISION_BY_ZERO,PIPES_AS_CONCAT,ANSI_QUOTES
[root@zzzcentos4 mysql-5.7.20]#chown -R mysql:mysql /usr/local/mysql/
[root@zzzcentos4 mysql-5.7.20]#chown mysql:mysql /etc/my.cnf
[root@zzzcentos4 mysql-5.7.20]#
[root@zzzcentos4 mysql-5.7.20]#echo 'export PATH=/usr/local/mysql/bin:/usr/local/mysql/lib:$PATH' >> /etc/profile
[root@zzzcentos4 mysql-5.7.20]#source /etc/profile
[root@zzzcentos4 mysql-5.7.20]#cd /usr/local/mysql/bin/
[root@zzzcentos4 bin]#./mysqld \
> --initialize-insecure \
> --user=mysql \
> --basedir=/usr/local/mysql \
> --datadir=/usr/local/mysql/data
[root@zzzcentos4 bin]#cp /usr/local/mysql/usr/lib/systemd/system/mysqld.service /usr/lib/systemd/system/
[root@zzzcentos4 bin]#systemctl daemon-reload
[root@zzzcentos4 bin]#systemctl start mysqld.service
[root@zzzcentos4 bin]#systemctl status mysqld.service
③ 编译安装php软件
[root@zzzcentos4 bin]#cd /opt
[root@zzzcentos4 opt]#ls
Discuz_X3.4_SC_UTF8.zip mysql-boost-5.7.20.tar.gz nginx-1.22.0.tar.gz rh
mysql-5.7.20 nginx-1.22.0 php-7.1.10.tar.bz2
[root@zzzcentos4 opt]#tar xf php-7.1.10.tar.bz2
[root@zzzcentos4 opt]#cd php-7.1.10/
[root@zzzcentos4 php-7.1.10]#yum -y install gd \
> libjpeg libjpeg-devel \
> libpng libpng-devel \
> freetype freetype-devel \
> libxml2 libxml2-devel \
> zlib zlib-devel \
> curl curl-devel \
> openssl openssl-devel
[root@zzzcentos4 php-7.1.10]#./configure \
> --prefix=/usr/local/php \
> --with-mysql-sock=/usr/local/mysql/mysql.sock \
> --with-mysqli \
> --with-zlib \
> --with-curl \
> --with-gd \
> --with-jpeg-dir \
> --with-png-dir \
> --with-freetype-dir \
> --with-openssl \
> --enable-fpm \
> --enable-mbstring \
> --enable-xml \
> --enable-session \
> --enable-ftp \
> --enable-pdo \
> --enable-tokenizer \
> --enable-zip
[root@zzzcentos4 php-7.1.10]#make -j 2
[root@zzzcentos4 php-7.1.10]#make install
[root@zzzcentos4 etc]#ls
pear.conf php-fpm.conf php-fpm.conf.default php-fpm.d
[root@zzzcentos4 etc]#cd php-fpm.d/
[root@zzzcentos4 php-fpm.d]#ls
www.conf.default
[root@zzzcentos4 php-fpm.d]#cp www.conf.default www.conf
[root@zzzcentos4 php-fpm.d]#ls
www.conf www.conf.default
[root@zzzcentos4 php-fpm.d]#ln -s /usr/local/php/bin/* /usr/local/bin/
[root@zzzcentos4 php-fpm.d]#ln -s /usr/local/php/sbin/* /usr/local/sbin/
[root@zzzcentos4 php-fpm.d]#
[root@zzzcentos4 php-fpm.d]#cd /opt/php-7.1.10/sapi/fpm
[root@zzzcentos4 fpm]#cp php-fpm.service /usr/lib/systemd/system/php-fpm.service
[root@zzzcentos4 fpm]#systemctl daemon-reload
[root@zzzcentos4 fpm]#systemctl start php-fpm.service
[root@zzzcentos4 fpm]#systemctl status php-fpm.service
④配置 Nginx支持PHP解析
[root@zzzcentos4 fpm]#vim /usr/local/nginx/conf/nginx.conf
[root@zzzcentos4 fpm]#nginx -s reload
[root@zzzcentos4 fpm]#systemctl restart nginx.service
[root@zzzcentos4 fpm]#cd /usr/local/nginx/html/
[root@zzzcentos4 html]#vim /usr/local/nginx/html/index.php
[root@zzzcentos4 html]#cat /usr/local/nginx/html/index.php
<?php
phpinfo();
?>
[root@zzzcentos4 html]#验证数据库工作是否正常
[root@zzzcentos4 html]#mysql -uroot -pabc123
mysql: [Warning] Using a password on the command line interface can be insecure.
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 5
Server version: 5.7.20 Source distribution
Copyright (c) 2000, 2017, Oracle and/or its affiliates. All rights reserved.
Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
mysql> CREATE DATABASE bbs;
Query OK, 1 row affected (0.02 sec)
mysql> GRANT all ON bbs.* TO 'bbsuser'@'%' IDENTIFIED BY 'admin123';
Query OK, 0 rows affected, 1 warning (0.03 sec)
mysql> GRANT all ON bbs.* TO 'bbsuser'@'localhost' IDENTIFIED BY 'admin123';
Query OK, 0 rows affected, 2 warnings (0.00 sec)
mysql> flush privileges;
Query OK, 0 rows affected (0.01 sec)
mysql> quit
Bye
[root@zzzcentos4 html]#vim /usr/local/nginx/html/index.php
<?php
$link=mysqli_connect('192.168.246.10','bbsuser','admin123');
if($link) echo "<h1>Success!!</h1>";
else echo "Fail!!";
?>
⑤安装论坛
[root@zzzcentos4 opt]#ls
dir_SC_UTF8 mysql-5.7.20 nginx-1.22.0 php-7.1.10 rh
Discuz_X3.4_SC_UTF8.zip mysql-boost-5.7.20.tar.gz nginx-1.22.0.tar.gz php-7.1.10.tar.bz2 说明.htm
[root@zzzcentos4 opt]#cd dir_SC_UTF8/
[root@zzzcentos4 dir_SC_UTF8]#ls
readme upload utility
[root@zzzcentos4 dir_SC_UTF8]#cp -r upload/ /usr/local/nginx/html/bbs/
[root@zzzcentos4 dir_SC_UTF8]#cd /usr/local/nginx/html/bbs/
[root@zzzcentos4 bbs]#ls
admin.php archiver crossdomain.xml forum.php index.php member.php portal.php source uc_client
api config data group.php install misc.php robots.txt static uc_server
api.php connect.php favicon.ico home.php m plugin.php search.php template
[root@zzzcentos4 bbs]#chown -R nginx.nginx ./config/
[root@zzzcentos4 bbs]#chown -R nginx.nginx ./data/
[root@zzzcentos4 bbs]#chown -R nginx.nginx ./uc_client/
[root@zzzcentos4 bbs]#chown -R nginx.nginx ./uc_server/
[root@zzzcentos4 bbs]#chmod -R 777 ./config/
[root@zzzcentos4 bbs]#chmod -R 777 ./data/
[root@zzzcentos4 bbs]#chmod -R 777 ./uc_client/
[root@zzzcentos4 bbs]#chmod -R 777 ./uc_server/
[root@zzzcentos4 bbs]#
(二)Web1、Web2服务器上搭建Tomcat 服务
①安装Oracle JDK(即部署java环境)
[root@zzzcentos2 ~]#cd /opt/
[root@zzzcentos2 opt]#ls
rh
[root@zzzcentos2 opt]#rz -E
rz waiting to receive.
[root@zzzcentos2 opt]#rz -E
rz waiting to receive.
[root@zzzcentos2 opt]#ls
apache-tomcat-9.0.16.tar.gz jdk-8u291-linux-x64.tar.gz rh
[root@zzzcentos2 opt]#ls
apache-tomcat-9.0.16.tar.gz jdk-8u291-linux-x64.tar.gz rh
[root@zzzcentos2 opt]#systemctl stop firewalld
[root@zzzcentos2 opt]#setenforce 0
setenforce: SELinux is disabled
[root@zzzcentos2 opt]#java -version
openjdk version "1.8.0_131"
OpenJDK Runtime Environment (build 1.8.0_131-b12)
OpenJDK 64-Bit Server VM (build 25.131-b12, mixed mode)
[root@zzzcentos2 opt]#tar xf jdk-8u291-linux-x64.tar.gz -C /usr/local/
[root@zzzcentos2 opt]#cd /usr/local/
[root@zzzcentos2 local]#ls
bin etc games include jdk1.8.0_291 lib lib64 libexec sbin share src
[root@zzzcentos2 local]#ln -s jdk1.8.0_291/ jdk
[root@zzzcentos2 local]#vim /etc/profile.d/jdk.sh
[root@zzzcentos2 local]#cat /etc/profile.d/jdk.sh
export JAVA_HOME=/usr/local/jdk
export PATH=$JAVA_HOME/bin:$PATH
export JRE_HOME=$JAVA_HOME/jre
export CLASSPATH=$JAVA_HOME/lib/:$JRE_HOME/lib/
[root@zzzcentos2 local]#source /etc/pro
profile profile.d/ protocols
[root@zzzcentos2 local]#source /etc/profile.d/jdk.sh
[root@zzzcentos2 local]#java -version
java version "1.8.0_291"
Java(TM) SE Runtime Environment (build 1.8.0_291-b10)
Java HotSpot(TM) 64-Bit Server VM (build 25.291-b10, mixed mode)
[root@zzzcentos2 local]#②安装tomcat
[root@zzzcentos2 local]#cd /opt/
[root@zzzcentos2 opt]#ls
apache-tomcat-9.0.16.tar.gz jdk-8u291-linux-x64.tar.gz rh
[root@zzzcentos2 opt]#tar xf apache-tomcat-9.0.16.tar.gz
[root@zzzcentos2 opt]#ls
apache-tomcat-9.0.16 apache-tomcat-9.0.16.tar.gz jdk-8u291-linux-x64.tar.gz rh
[root@zzzcentos2 opt]#cp -r apache-tomcat-9.0.16 /usr/local/
[root@zzzcentos2 opt]#cd /usr/local/
[root@zzzcentos2 local]#ls
apache-tomcat-9.0.16 bin etc games include jdk jdk1.8.0_291 lib lib64 libexec sbin share src
[root@zzzcentos2 local]#ln -s apache-tomcat-9.0.16/ tomcat
[root@zzzcentos2 local]#useradd -s /sbin/nologin -M tomcat
[root@zzzcentos2 local]#chown -R tomcat:tomcat tomcat/
[root@zzzcentos2 local]#vim /usr/lib/systemd/system/tomcat.service
[root@zzzcentos2 local]#cat /usr/lib/systemd/system/tomcat.service
[Unit]
Description=Tomcat
After=syslog.target network.target
[Service]
Type=forking
ExecStart=/usr/local/tomcat/bin/startup.sh
ExecStop=/usr/local/tomcat/bin/shutdown.sh
RestartSec=3
PrivateTmp=true
User=tomcat
Group=tomcat
[Install]
WantedBy=multi-user.target
[root@zzzcentos2 local]#systemctl daemon-reload
[root@zzzcentos2 local]#systemctl start tomcat
[root@zzzcentos2 local]#systemctl status tomcat
二、为nginx服务配置虚拟主机,新增两个域名 www.kgc.com 和 www.benet.com,使用http://www.kgc.com/index.php可访问上一题的Discuz论坛页面。使用http://www.benet.com则访问/usr/local/nginx/html/index.html目录中的index.html文件的内容,内容自定义
①nginx服务配置虚拟主机
[root@zzzcentos4 ~]#vim /usr/local/nginx/conf/nginx.conf
搭建好论坛之后就生成了
server {
listen 80;
server_name www.benet.com;
root /usr/local/nginx/html;
}
②客户机配置:
③真机配置:
C:\Windows\System32\drivers\etc
④检测:
使用http://www.benet.com则访问/usr/local/nginx/html/index.html目录中的index.html文件的内容
使用http://www.kgc.com/index.php可访问上一题的Discuz论坛页面
三、对基于www.benet.com域名的虚拟机主机的nginx服务调优:隐藏nginx版本号,缓存静态图片网页时间为1天,设置防盗链功能
[root@zzzcentos4 ~]#vim /usr/local/nginx/conf/nginx.confserver {
listen 80;
server_name www.benet.com;
expires 1d;
server_tokens off;
root /usr/local/nginx/html;
location ~* \.(jpg|jepg|gif|bmp)$ {
valid_referers none blocked *.benet.com benet.com;
if ( $invalid_referer ) {
return 403;
}
}
}
客户机检测:
四、网关服务器搭建NFS服务,提供的文件系统使用LVM类型,共享目录名称为/opt/nfs;要求根据日期对Discuz论坛服务的访问日志进行日志分割,要求每天生成一份日志文件,保存到NFS服务共享的目录内。
Centos7-1作为网关服务器
[root@localhost ~]#lsblk
[root@localhost ~]#echo "- - -" > /sys/class/scsi_host/host0/scan;echo "- - -" > /sys/class/scsi_host/host1/scan;echo "- - -" > /sys/class/scsi_host/host2/scan
[root@localhost ~]#lsblk
NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT
sda 8:0 0 60G 0 disk
├─sda1 8:1 0 5G 0 part /boot
└─sda2 8:2 0 54G 0 part
├─centos-root 253:0 0 50G 0 lvm /
└─centos-swap 253:1 0 4G 0 lvm [SWAP]
sdb 8:16 0 20G 0 disk
sdc 8:32 0 20G 0 disk
sr0 11:0 1 4.2G 0 rom
[root@localhost ~]#pvcreate /dev/sdb /dev/sdc
#建物理卷
Physical volume "/dev/sdb" successfully created.
Physical volume "/dev/sdc" successfully created.
[root@localhost ~]#vgcreate vg /dev/sdb /dev/sdc
#建卷组
Volume group "vg" successfully created
[root@localhost ~]#lvcreate -n lvm -L 10G /dev/vg
#建逻辑卷 指定名称lvm 指定大小30G 存放在/dev/vg下
Logical volume "lvm" created.
[root@localhost ~]#mkfs.xfs /dev/vg/lvm
meta-data=/dev/vg/lvm isize=512 agcount=4, agsize=655360 blks
= sectsz=512 attr=2, projid32bit=1
= crc=1 finobt=0, sparse=0
data = bsize=4096 blocks=2621440, imaxpct=25
= sunit=0 swidth=0 blks
naming =version 2 bsize=4096 ascii-ci=0 ftype=1
log =internal log bsize=4096 blocks=2560, version=2
= sectsz=512 sunit=0 blks, lazy-count=1
realtime =none extsz=4096 blocks=0, rtextents=0
[root@localhost ~]#mount /dev/vg/lvm /opt
[root@localhost ~]#mkdir /opt/nfs
[root@localhost ~]#vim /etc/exports
/opt/nfs *
[root@localhost ~]#cat /etc/exports
/opt/nfs *
[root@localhost ~]#exportfs -r
exportfs: No options for /opt/nfs *: suggest *(sync) to avoid warning
[root@localhost ~]#exportfs -v
/opt/nfs <world>(ro,sync,wdelay,hide,no_subtree_check,sec=sys,secure,root_squash,no_all_squash)
[root@localhost ~]#hostname zzzcentos1
[root@localhost ~]#su
[root@zzzcentos1 ~]#
nginx 服务挂载共享目录
[root@zzzcentos4 ~]#systemctl restart nginx
[root@zzzcentos4 ~]#showmount -e 192.168.246.7
Export list for 192.168.246.7:
/opt/nfs *
[root@zzzcentos4 ~]#mount 192.168.246.7:/opt/nfs /opt
[root@zzzcentos4 ~]#
日志文件
#!/bin/bash
day=`date "+%Y-%m-%d"`
log="/usr/local/nginx/logs"
pid=`cat /usr/local/nginx/logs/nginx.pid`
mv /${log}/access.log /opt/${day}
kill -USR1 ${pid}
sed -i '/.*bbs.*/!p' /opt/${day}
五、要求配置location匹配请求地址http://www.kgc.com/test/XXXX,使用户访问该路径下的文件时返回/var/share/nginx/html/目录下的文件内容。
要求使用rewrite将使用域名www.benet.com 请求以 .php 结尾的访问都跳转到域名www.kgc.com上,而且后面的参数保持不变,比如访问http://www.benet.com/bbs/index.php跳转到http://www.kgc.com/bbs/index.php
Nginx服务配置
location ~* \.php$ {
rewrite (.*) http://www.kgc.com/$1;
}
[root@zzzcentos4 ~]#nginx -s reload
[root@zzzcentos4 ~]#mkdir /var/share/nginx/html -p
[root@zzzcentos4 ~]#cd /var/share/nginx/html/
[root@zzzcentos4 html]#echo hello > index.html
[root@zzzcentos4 html]#nginx -s reload去浏览器检测:
六、在Nginx服务器上对基于www.benet.com域名的虚拟机主机设置动静分离由nginx提供静态页面服务,将对 .jsp文件的动态页面请求转发到Tomcat 服务器处理,并实现负载均衡
Nginx服务器配置
location下的根没生效??
配置Tomcat服务器
[root@localhost ~]#cd /usr/local/tomcat/webapps/ROOT/
[root@localhost ROOT]#echo tomcat 7-2 > index.jsp
[root@localhost ROOT]#cat index.jsp
tomcat 7-2
[root@localhost ROOT]#
[root@localhost ~]#systemctl stop firewalld
[root@localhost ~]#setenforce 0
setenforce: SELinux is disabled
[root@localhost ~]#hostname zzzcentos3
[root@localhost ~]#su
[root@zzzcentos3 ~]#cd /usr/local/tomcat/webapps/ROOT/
[root@zzzcentos3 ROOT]#ls
asf-logo-wide.svg bg-middle.png bg-upper.png index.jsp tomcat.css tomcat.png tomcat.svg
bg-button.png bg-nav.png favicon.ico RELEASE-NOTES.txt tomcat.gif tomcat-power.gif WEB-INF
[root@zzzcentos3 ROOT]#echo tomcat 7-3 > index.jsp
[root@zzzcentos3 ROOT]#cat index.jsp
tomcat 7-3
[root@zzzcentos3 ROOT]#检测:
七、在网关服务器上设置SNAT/DNAT,使client使用网关服务器的ens36接口的IP地址访问也可实现上一题的效果。
客户机地址配置
网关服务器配置
[root@zzzcentos1 ~]#sysctl -a |grep "ip_forward"
[root@zzzcentos1 ~]#vim /etc/sysctl.conf
# sysctl settings are defined through files in
# /usr/lib/sysctl.d/, /run/sysctl.d/, and /etc/sysctl.d/.
#
# Vendors settings live in /usr/lib/sysctl.d/.
# To override a whole file, create a new file with the same in
# /etc/sysctl.d/ and put new settings there. To override
# only specific settings, add a file with a lexically later
# name in /etc/sysctl.d/ and put new settings there.
#
# For more information, see sysctl.conf(5) and sysctl.d(5).
net.ipv4.ip_forward = 1
[root@zzzcentos1 ~]#sysctl -p
net.ipv4.ip_forward = 1
[root@zzzcentos1 ~]#做SNAT与DNAT
[root@zzzcentos1 ~]#iptables -t nat -A PREROUTING -i ens36 -d 12.0.0.1 -p tcp --dport 80 -j DNAT --to 192.168.246.7
[root@zzzcentos1 ~]#
[root@zzzcentos1 ~]#iptables -t nat -A POSTROUTING -o ens36 -s 192.168.246.0/24 -j SNAT --to 12.0.0.1
[root@zzzcentos1 ~]#iptables -t nat -vnL
Chain PREROUTING (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
0 0 DNAT tcp -- ens36 * 0.0.0.0/0 12.0.0.1 tcp dpt:80 to:192.168.246.7
Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
Chain POSTROUTING (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
0 0 SNAT all -- * ens36 192.168.246.0/24 0.0.0.0/0 to:12.0.0.1
[root@zzzcentos1 ~]#
[root@zzzcentos1 ~]#iptables -t nat -A PREROUTING -i ens36 -d 12.0.0.1 -p tcp --dport 80 -j DNAT --to 192.168.246.10
此题有点问题,下回接着分析
![[Redis]——Redis持久化的两种方式RDB、AOF](https://img-blog.csdnimg.cn/direct/51366bf13f994f38badaface857e7d6c.png)
