七层反向代理
实验准备:准备三台虚拟机
192.168.146.20 tomcat(两个)
192.168.146.30 tomcat
192.168.146.50 七层反向代理(nginx)
部署虚拟机192.168.146.20(两个tomcat已部署完毕)
1.先安装好jdk
2.安装 tomcat
cd /opt
tar zxvf apache-tomcat-9.0.16.tar.gz
mv apache-tomcat-9.0.16 /usr/local/tomcat
cp -a /usr/local/tomcat /usr/local/tomcat1
3.部署环境变量
vim /etc/profile.d/tomcat.sh
#tomcat1
export CATALINA_HOME1=/usr/local/tomcat
export CATALINA_BASE1=/usr/local/tomcat
export TOMCAT_HOME1=/usr/local/tomcat
#tomcat2
export CATALINA_HOME2=/usr/local/tomcat1
export CATALINA_BASE2=/usr/local/tomcat1
export TOMCAT_HOME2=/usr/local/tomcat1
source /etc/profile.d/tomcat.sh
4.修改 tomcat1 中的 server.xml 文件,要求各 tomcat 实例配置不能有重复的端口号
vim /usr/local/tomcat2/conf/server.xml
<Server port="8006" shutdown="SHUTDOWN"> #22行,修改Server prot,默认为8005 -> 修改为8006
<Connector port="8081" protocol="HTTP/1.1" #69行,修改Connector port,HTTP/1.1 默认为8080 -> 修改为8081
<Connector port="8010" protocol="AJP/1.3" redirectPort="8443" /> #116行,修改Connector port AJP/1.3,默认为8009 -> 修改为8010
5.修改各 tomcat和tomcat1 实例中的 startup.sh 和 shutdown.sh 文件,添加 tomcat 环境变量
vim /usr/local/tomcat/bin/startup.sh
# -----------------------------------------------------------------------------
# Start Script for the CATALINA Server
# -----------------------------------------------------------------------------
##添加以下内容
export CATALINA_BASE=$CATALINA_BASE1
export CATALINA_HOME=$CATALINA_HOME1
export TOMCAT_HOME=$TOMCAT_HOME1
vim /usr/local/tomcat/bin/shutdown.sh
# -----------------------------------------------------------------------------
# Stop script for the CATALINA Server
# -----------------------------------------------------------------------------
export CATALINA_BASE=$CATALINA_BASE1
export CATALINA_HOME=$CATALINA_HOME1
export TOMCAT_HOME=$TOMCAT_HOME1
修改tomcat1
vim /usr/local/tomcat1/bin/startup.sh
# -----------------------------------------------------------------------------
# Start Script for the CATALINA Server
# -----------------------------------------------------------------------------
export CATALINA_BASE=$CATALINA_BASE2
export CATALINA_HOME=$CATALINA_HOME2
export TOMCAT_HOME=$TOMCAT_HOME2
vim /usr/local/tomcat1/bin/shutdown.sh
# -----------------------------------------------------------------------------
# Stop script for the CATALINA Server
# -----------------------------------------------------------------------------
export CATALINA_BASE=$CATALINA_BASE2
export CATALINA_HOME=$CATALINA_HOME2
export TOMCAT_HOME=$TOMCAT_HOME2
6.启动各 tomcat 中的 /bin/startup.sh
/usr/local/tomcat/bin/startup.sh
/usr/local/tomcat1/bin/startup.sh
netstat -antp | grep java
部署虚拟机192.168.146.30(第三个tomcat已开启)
1.关闭防火墙,将安装 Tomcat 所需软件包传到/opt目录下
jdk-8u201-linux-x64.rpm
apache-tomcat-9.0.16.tar.gz
systemctl stop firewalld
systemctl disable firewalld
setenforce 0
2.安装jdk
cd /opt
rpm -qpl jdk-8u201-linux-x64.rpm
rpm -ivh jdk-8u201-linux-x64.rpm
java -version
3.设置JDK环境变量
vim /ect/profile.d/java.sh
export JAVA_HOME=/usr/java/jdk1.8.0_201-amd64
export JRE_HOME=$JAVA_HOME/jre
export CLASSPATH=.:$JAVA_HOME/lib:$JRE_HOME/lib
export PATH=$JAVA_HOME/bin:$JRE_HOME/bin:$PATH
suorce /etc/profile.d/java.sh
java -version
/etc/profile
4.安装启动Tomcat
cd /opt
tar zcvf apache-tomcat-9.0.16.tar.gz
mv apache-tomcat-9.0.16 /usr/local/tomcat
##启动tomcat ##
#后台启动
/usr/lcoal/tomcat/bin/startup.sh
或
/usr/lcoal/tomcat/bin/catalina.sh strat
#前台启动
/usr/local/tomcat/bin/catalina.sh run
netatst -natp | gerp 8080
浏览器访问Tomcat的默认主页 http://192.168.146.30:8080
部署192.168.146.50 七层反向代理(nginx服务已开启)
1.关闭防火墙,将安装nginx所需软件包传到/opt目录下
systemctl stop firewalld
systemctl disable firewalld
setenforce 0
nginx-1.22.0.tar.gz
2.安装依赖包
#nginx的配置及运行需要pcre、zlib等软件包的支持,因此需要安装这些软件的开发包,以便提供相应的库和头文件。
yum -y install pcre-devel.x86_64 zlib-devel.x86_64 openssl-devel.x86_64 gcc gcc-c++ make
3.创建运行用户、组(Nginx 服务程序默认以 nobody 身份运行,建议为其创建专门的用户账号,以便更准确地控制其访问权限)
useradd -M -s /sbin/nologin nginx
4.编译安装Nginx
cd /opt
tar zxvf nginx-1.18.0.tar.gz -C /opt/
cd nginx-1.18.0/
./configure \
--prefix=/usr/local/nginx \ #指定nginx的安装路径
--user=nginx \ #指定用户名
--group=nginx \ #指定组名
--with-http_stub_status_module #启用 http_stub_status_module 模块以支持状态统计
操作
make -j 4 && make install
ln -s /usr/local/nginx/sbin/nginx /usr/local/sbin/
5.启动nginx
/usr/local/nginx/sbin/nginx #启动nginx,使用绝对路径或者绝对路径
可以给他加入到system中去管理
vim /lib/systemd/system/nginx.service
[Unit]
Description=nginx
After=network.target
[Service]
Type=forking
PIDFile=/usr/local/nginx/logs/nginx.pid
ExecStart=/usr/local/nginx/sbin/nginx
ExecrReload=/bin/kill -s HUP $MAINPID
ExecrStop=/bin/kill -s QUIT $MAINPID
PrivateTmp=true
[Install]
WantedBy=multi-user.target
chmod 754 /lib/systemd/system/nginx.service
systemctl start nginx.service
systemctl enable nginx.service
部署192.168.146.30的tomcat server
mkdir /usr/local/tomcat/webapps/test
vim /usr/local/tomcat/webapps/test/index.jsp
<%@ page language="java" import="java.util.*" pageEncoding="UTF-8"%>
<html>
<head>
<title>JSP test1 page</title> #指定为 test1 页面
</head>
<body>
<% out.println("动态页面 1,http://www.test1.com");%>
</body>
</html>
vim /usr/local/tomcat/conf/server.xml
#由于主机名 name 配置都为 localhost,需要删除前面的 HOST 配置
<Host name="localhost" appBase="webapps" unpackWARs="true" autoDeploy="true" xmlValidation="false" xmlNamespaceAware="false">
<Context docBase="/usr/local/tomcat/webapps/test" path="" reloadable="true">
</Context>
</Host>
部署192.168.146.20的两个tomcat server
mkdir /usr/local/tomcat/webapps/test
vim /usr/local/tomcat/webapps/test/index.jsp
<%@ page language="java" import="java.util.*" pageEncoding="UTF-8"%>
<html>
<head>
<title>JSP test2 page</title> #指定为 test2 页面
</head>
<body>
<% out.println("动态页面 2,http://www.test2.com");%>
</body>
</html>
vim /usr/local/tomcat/conf/server.xml
#删除前面的 HOST 配置
<Host name="localhost" appBase="webapps" unpackWARs="true" autoDeploy="true" xmlValidation="false" xmlNamespaceAware="false">
<Context docBase="/usr/local/tomcat/tomcat1/webapps/test" path="" reloadable="true" />
</Host>
/usr/local/tomcat/bin/shutdown.sh
/usr/local/tomcat/bin/startup.sh
mkdir /usr/local/tomcat1/webapps/test
vim /usr/local/tomcat1/webapps/test/index.jsp
<%@ page language="java" import="java.util.*" pageEncoding="UTF-8"%>
<html>
<head>
<title>JSP test3 page</title> #指定为 test3 页面
</head>
<body>
<% out.println("动态页面 3,http://www.test3.com");%>
</body>
</html>
vim /usr/local/tomcat1/conf/server.xml
#删除前面的 HOST 配置
<Host name="localhost" appBase="webapps" unpackWARs="true" autoDeploy="true" xmlValidation="false" xmlNamespaceAware="false">
<Context docBase="/usr/local/tomcat/tomcat2/webapps/test" path="" reloadable="true" />
</Host>
/usr/local/tomcat1/bin/shutdown.sh
/usr/local/tomcat1/bin/startup.sh
部署192.168.146.50 七层反向代理Nginx server
#准备静态页面和静态图片
cd /usr/local/nginx/html
vim game.html
<html>
<body>
<h1>this is nginx test web</h1>
<img src="game.jpg" />
</body>
</html>
vim /usr/local/nginx/conf/nginx.conf
......
http {
......
#gzip on;
#配置负载均衡的服务器列表,weight参数表示权重,权重越高,被分配到的概率越大
upstream tomcat_server {
server 192.168.146.30:8080 weight=1;
server 192.168.146.20:8080 weight=1;
server 192.168.146.20:8081 weight=1;
}
server {
listen 80;
server_name www.kgc.com;
charset utf-8;
#access_log logs/host.access.log main;
#配置Nginx处理动态页面请求,将 .jsp文件请求转发到Tomcat 服务器处理
location ~ .*\.jsp$ {
proxy_pass http://tomcat_server;
#设置后端的Web服务器可以获取远程客户端的真实IP
##设定后端的Web服务器接收到的请求访问的主机名(域名或IP、端口),默认HOST的值为proxy_pass指令设置的主机名。如果反向代理服务器不重写该请求头的话,那么后端真实服务器在处理时会认为所有的请求都来自反向代理服务器,如果后端有防攻击策略的话,那么机器就被封掉了。
proxy_set_header HOST $host;
##把$remote_addr赋值给X-Real-IP,来获取源IP
proxy_set_header X-Real-IP $remote_addr;
##在nginx 作为代理服务器时,设置的IP列表,会把经过的机器ip,代理机器ip都记录下来
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
#配置Nginx处理静态图片请求
location ~ .*\.(gif|jpg|jpeg|png|bmp|swf|css)$ {
root /usr/local/nginx/html/img;
expires 10d;
}
location / {
root html;
index index.html index.htm;
}
......
}
......
}
测试静态页面效果
浏览器访问 http://192.168.146.20/game.html
测试负载均衡效果,不断刷新浏览器测试
浏览器访问 http://192.168.146.50/test/index.jsp
四层反向代理
192.168.146.70 四层反向代理(nginx)
需要重新编译安装
cd nginx-1.22.0/
./configure --prefix=/usr/local/nginx --user=nginx --group=nginx --with-http_stub_status_module --with-stream
make -j4 && make install
cd /usr/local/nginx/conf
vim nginx.conf
#与http同级
stream {
upstream appserver {
server 192.168.146.30:8080;
server 192.168.146.20:8080;
server 192.168.146.20:8081;
}
server {
listen 8080;
proxy_pass appserver;
}
}
systemctl restart nginx
测试负载均衡效果,不断刷新浏览器测试(由于tomcat设置了长连接,需要等待30m)
http:192.168.146.70:8080/test/index.jsp
七层反向代理和四层反向代理结合
实验准备(准备六台虚拟机)
目前所有的都已经安装nginx和tomcat
192.168.146.20 tomcat(两个)
192.168.146.30 tomcat
192.168.146.50 七层反向代理(nginx)
192.168.146.60 七层反向代理(nginx)
192.168.146.70 四层反向代理(nginx)
192.168.146.30 客户机
部署虚拟机192.168.146.20(两个tomcat服务已开启)
1.先安装好jdk
2.安装 tomcat
cd /opt
tar zxvf apache-tomcat-9.0.16.tar.gz
mv apache-tomcat-9.0.16 /usr/local/tomcat
cp -a /usr/local/tomcat /usr/local/tomcat1
3.部署环境变量
vim /etc/profile.d/tomcat.sh
#tomcat1
export CATALINA_HOME1=/usr/local/tomcat
export CATALINA_BASE1=/usr/local/tomcat
export TOMCAT_HOME1=/usr/local/tomcat
#tomcat2
export CATALINA_HOME2=/usr/local/tomcat1
export CATALINA_BASE2=/usr/local/tomcat1
export TOMCAT_HOME2=/usr/local/tomcat1
source /etc/profile.d/tomcat.sh
4.修改 tomcat1 中的 server.xml 文件,要求各 tomcat 实例配置不能有重复的端口号
vim /usr/local/tomcat2/conf/server.xml
<Server port="8006" shutdown="SHUTDOWN"> #22行,修改Server prot,默认为8005 -> 修改为8006
<Connector port="8081" protocol="HTTP/1.1" #69行,修改Connector port,HTTP/1.1 默认为8080 -> 修改为8081
<Connector port="8010" protocol="AJP/1.3" redirectPort="8443" /> #116行,修改Connector port AJP/1.3,默认为8009 -> 修改为8010
5.修改各 tomcat和tomcat1 实例中的 startup.sh 和 shutdown.sh 文件,添加 tomcat 环境变量
vim /usr/local/tomcat/bin/startup.sh
# -----------------------------------------------------------------------------
# Start Script for the CATALINA Server
# -----------------------------------------------------------------------------
##添加以下内容
export CATALINA_BASE=$CATALINA_BASE1
export CATALINA_HOME=$CATALINA_HOME1
export TOMCAT_HOME=$TOMCAT_HOME1
vim /usr/local/tomcat/bin/shutdown.sh
# -----------------------------------------------------------------------------
# Stop script for the CATALINA Server
# -----------------------------------------------------------------------------
export CATALINA_BASE=$CATALINA_BASE1
export CATALINA_HOME=$CATALINA_HOME1
export TOMCAT_HOME=$TOMCAT_HOME1
修改tomcat1
vim /usr/local/tomcat1/bin/startup.sh
# -----------------------------------------------------------------------------
# Start Script for the CATALINA Server
# -----------------------------------------------------------------------------
export CATALINA_BASE=$CATALINA_BASE2
export CATALINA_HOME=$CATALINA_HOME2
export TOMCAT_HOME=$TOMCAT_HOME2
vim /usr/local/tomcat1/bin/shutdown.sh
# -----------------------------------------------------------------------------
# Stop script for the CATALINA Server
# -----------------------------------------------------------------------------
export CATALINA_BASE=$CATALINA_BASE2
export CATALINA_HOME=$CATALINA_HOME2
export TOMCAT_HOME=$TOMCAT_HOME2
6.启动各 tomcat 中的 /bin/startup.sh
/usr/local/tomcat/bin/startup.sh
/usr/local/tomcat1/bin/startup.sh
netstat -antp | grep java
部署192.168.146.30 (1个tomcat服务已开启)
具体流程参考前面的七层反向代理
部署192.168.146.50 七层反向代理Nginx server
具体流程参考前面的七层反向代理
部署192.168.146.60 七层反向代理Nginx server
#准备静态页面和静态图片
cd /usr/local/nginx/html
vim game.html
<html>
<body>
<h1>this is nginx test2 web</h1>
<img src="game.jpg" />
</body>
</html>
vim /usr/local/nginx/conf/nginx.conf
......
http {
......
#gzip on;
#配置负载均衡的服务器列表,weight参数表示权重,权重越高,被分配到的概率越大
upstream tomcat_server {
server 192.168.146.30:8080 weight=1;
server 192.168.146.20:8080 weight=1;
server 192.168.146.20:8081 weight=1;
}
server {
listen 80;
server_name localhost;
charset utf-8;
#access_log logs/host.access.log main;
#配置Nginx处理动态页面请求,将 .jsp文件请求转发到Tomcat 服务器处理
location ~ .*\.jsp$ {
proxy_pass http://tomcat_server;
#设置后端的Web服务器可以获取远程客户端的真实IP
##设定后端的Web服务器接收到的请求访问的主机名(域名或IP、端口),默认HOST的值为proxy_pass指令设置的主机名。如果反向代理服务器不重写该请求头的话,那么后端真实服务器在处理时会认为所有的请求都来自反向代理服务器,如果后端有防攻击策略的话,那么机器就被封掉了。
proxy_set_header HOST $host;
##把$remote_addr赋值给X-Real-IP,来获取源IP
proxy_set_header X-Real-IP $remote_addr;
##在nginx 作为代理服务器时,设置的IP列表,会把经过的机器ip,代理机器ip都记录下来
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
#配置Nginx处理静态图片请求
location ~ .*\.(gif|jpg|jpeg|png|bmp|swf|css)$ {
root /usr/local/nginx/html/img;
expires 10d;
}
location / {
root html;
index index.html index.htm;
}
......
}
......
}
部署192.168.146.70 四层反向代理(nginx)
测试访问
