Linux Advanced op Koriyuki tomcat&&varnish

Source: Internet
Author: User
Tags server port tomcat server varnish

Linux Advanced op koriyuki tomcat, varnish agent

Case 1: Installing the Deployment Tomcat server

Case 2: Deploying a virtual host with Tomcat

Case 3: Accelerating the web with varnish

Java and interpreter:

tomcat:8080  几乎不做静态页面 几乎都是做tomcat+jspjava 生态  类库  jdk  open-jdk推荐使用这个 orcale和google官司 andiaod[java]jdk  java[sun]jre(jdk的阉割版) java 扩展名jspjava是war包  可以自动解war包  自动重读配置文件unpackWARs="true" autoDeploy="true"   Deploy配置

Installing the Deployment Tomcat server

装包:验证是否有open-jdk rpm -qa | grep jdktar zxf apache-tomcat-8.0.30.tar.gz mv apache-tomcat-8.0.30  /usr/local/tomcat  移动到哪里就装到哪里了。ls /usr/local/tomcat    //Tomcat文件目录    bin/                    //主程序目录    lib/                    //库文件目录    logs/                   //日志目录      temp/                   //临时目录    work/                   //自动编译目录jsp代码转换servlet    conf/                   //配置文件目录    webapps/                //页面目录firewall-cmd --set-default-zone=trustedsetenforce 0./startup.sh ss -natulp | grep java  //检查8080;8005;8009端口firefox 192.168.2.222:8080firefox 192.168.2.111:8080/test.jsp重启服务是先关再启:./shutdown.sh./startup.sh

Deploying a virtual host using Tomcat

实现两个基于域名的虚拟主机,域名分别为:www.a.com和 www.b.com使用www.a.com域名访问的页面根路径为/usr/local/tomcat/aa/ROOT使用www.b.com域名访问的页面根路径为/usr/local/tomcat/bb/base访问www.a.com/test时,页面自动跳转到/var/www/html目录下的页面访问页面时支持SSL加密通讯私钥、证书存储路径为/usr/local/tomcat/conf/cert每个虚拟主机都拥有独立的访问日志文件配置tomcat集群环境

Master Profile Structure: Profile is strictly case-sensitive

    <?xml version=‘1.0‘ encoding=‘utf-8‘?>    <Server port="8005" shutdown="SHUTDOWN">      <Service name="Catalina">        <Connector port="8080" protocol="HTTP/1.1"          connectionTimeout="20000" redirectPort="8443" />            <Connector port="8009" protocol="AJP/1.3"             redirectPort="8443" />            <Engine name="Catalina" defaultHost="localhost">                <Host name="localhost"  appBase="webapps"               unpackWARs="true" autoDeploy="true">                </Host>           </Engine>      </Service>    </Server>

Configuration file structure can also be seen

Domain-based virtual hosting:

vim  /usr/local/tomcat/conf/server.xml     <Engine name="Catalina" defaultHost="localhost">        //defaultHost优先级最低 不用域名用ip访问时默认访问这个,nginx 是默认访问第一个server        //host里能内嵌host 平级的 location也不能内置location。    <Host name="www.a.com"  appBase="a"            unpackWARs="true" autoDeploy="true">            //自动解压war文件,自动重读配置文件        </Host>          <Host name="www.b.com"  appBase="b"            unpackWARs="true" autoDeploy="true">        </Host>mkdir -p  /usr/local/tomcat/{a,b}/ROOT        //默认网页文件是放在appbase中的ROOT目录下echo "AAA"   > /usr/local/tomcat/a/ROOT/index.htmlecho "BBB" > /usr/local/tomcat/b/ROOT/index.html重启服务./shutdown.sh./startup.shsetenforce 0 firewall-cmd --set-default-zone=trustedsed -i ‘$a 192.168.2.111   www.a.com  www.b.com ‘ /etc/hosts    //修改客户端的hosts文件方便验证firefox www.a.com:8080firefox www.b.com:8080

Modify the home page directory of the www.b.com site as base

appBase  docBase  path="/test   三个跟页面有关(路径)的参数如果有很多项目 改docbase  每个项目的页面放在不同的目录下docBase参数可以修改默认网站首页路径  docBase基本文件路径docBase="base"  默认打开目录是ROOT  不写就是打开ROOT 写了就打开base

Steps:

vim  /usr/local/tomcat/conf/server.xml      <Host name="www.b.com"  appBase="b"         unpackWARs="true" autoDeploy="true">         <Context path="" docBase="base" reloadable="true"/>            //在host中加了Context把默认网页由ROOT该为了base        </Host>mkdir  /usr/local/tomcat/b/baseecho "BASE" > /usr/local/tomcat/b/base/index.html./shutdown.sh./startup.shfirefox http://www.b.com:8080/        //结果为base目录下的页面内容

When the user accesses Http://www.a.com/test open the page in the/var/www/html directory

<Context path="" docBase="base" reloadable="true"/>    如果没有匹配到路径(空)那么就看docbase去这个路径去找<Context path="/test" docBase="/var/www/html/" />  可以写多个 相当于if    匹配地址栏 打开什么文件  如果地址是test就打开后面的文件

Steps:

vim  /usr/local/tomcat/conf/server.xml     <Host name="www.a.com" appBase="a"         unpackWARS="true" autoDeploy="true">        <Context path="/test" docBase="/var/www/html/" />        </Host>echo "Test" > /var/www/html/index.html./shutdown.sh./startup.shfirefox http://www.aa.com:8080/test        //返回/var/www/html/index.html的内容    //注意,访问的端口为8080

Configuring Tomcat to support SSL encrypted Web sites

tomcat可以同时启两个重复考配多份保证配置没有冲突就行,改改端口号之类的可以。就是个java程序而已,两个程序之间很独立不会相互影响挂了一个不影响其他的。apache nginx 都是一个端口对应一个域名 一个虚拟主机   tomcat 端口和虚拟主机没有绑定,一个端口可以访问所有的虚拟主机!        //进了门可以享受所有的服务-_-。

Steps:

生成证书和私钥keytool -genkeypair -alias tomcat -keyalg RSA -keystore /usr/local/tomcat/keystore    //-genkeypair     生成密钥对    //-alias tomcat     密钥别名    //-keyalg RSA     定义密钥算法为RSA算法    //-keystore         定义密钥文件存储在:/usr/local/tomcat/keystore添加安全端口加入对应加密文件和密码vim  /usr/local/tomcat/conf/server.xml     keystoreFile="/usr/local/tomcat/keystore" keystorePass="123456"  //这段是需要添加的    配置如下默认这段Connector被注释掉了,打开注释,添加密钥信息即可    <Connector port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol"    maxThreads="150" SSLEnabled="true" scheme="https" secure="true"    keystoreFile="/usr/local/tomcat/keystore" keystorePass="123456"         clientAuth="false" sslProtocol="TLS" />./shutdown.sh./startup.sh验证 firefox https:www.a.com:8443

Configuring the Tomcat Log

为每个虚拟主机设置不同的日志文件不同虚拟web的日志:vim  /usr/local/tomcat/conf/server.xml     <Valve className="org.apache.catalina.valves.AccessLogValve" directory="logs"           prefix="a_log" suffix=".txt"   //只需要改日志名(prefix)称谓和格式suffix          pattern="%h %l %u %t &quot;%r&quot; %s %b" /> 重启Tomcat服务器ls /usr/local/tomcat/logs/    catalina.logs  整个tomcat软件的日志

Configuring the Tomcat Cluster

Tomcat默认监听端口8080:访问不方便;解决方法 用nginx做调度器    //和nginx做web高可用 tcp/udp代理原理一样 只是端口为8080

Steps:

配置Nginx调度器    vim  /usr/local/nginx/conf/nginx.conf        http{            upstream toms {            server 192.168.2.100:8080;            server 192.168.2.200:8080;                //注意端口为8080            }            server  {            listen 80;            server_name localhost;            location / {                proxy_pass  http://toms;            }配置Tomcat服务器yum -y install  java-1.8.0-openjdk                //安装JDKyum -y install java-1.8.0-openjdk-headless        //安装JDKtar -xzf  apache-tomcat-8.0.30.tar.gz   mv apache-tomcat-8.0.30  /usr/local/tomcat./startup.shfirefox https:192.168.4.5   //访问nginx调度器

Varnish cache Server

varnish 做的事情是把总部的资源缓存到全国各地去  解决距离远的问题和中国南北通信问题(电信联通相互租用线路)可以这样:成都 backend 长沙backend上海 backend北京(最原始的服务器) 其他都是缓存使用Varnish加速后端Web服务代理服务器可以将远程的Web服务器页面缓存在本地远程Web服务器对客户端用户是透明的利用缓存机制提高网站的响应速度使用varnishadm命令管理缓存页面使用varnishstat命令查看Varnish状态

Steps:

构建Web服务器:随意 有个页面可以访问就可以部署Varnish缓存服务器(192.168.4.5)yum -y install gcc readline-devel  ncurses-devel  pcre-devel  python-docutils-0.11-0.2.20130715svn7687.el7.noarch.rpm         //安装依赖包 useradd -s /sbin/nologin varnish  //建用户tar zxf varnish-5.2.1.tar.gz cd varnish-5.2.1/./configure make && make installcp  etc/example.vcl  /usr/local/etc/default.vcl        //复制启动脚本及配置文件vim  /usr/local/etc/default.vcl    backend default {           backend:后台  后台可以写很多            .host = "192.168.2.100";    //后天web服务器地址            .port = "80";        }    varnishd  -f /usr/local/etc/default.vcl    //varnishd命令的其他选项说明如下:    //varnishd –s malloc,128M        定义varnish使用内存作为缓存,空间为128M,默认是内存    //varnishd –s file,/var/lib/varnish_storage.bin,1G 定义varnish使用文件作为缓存curl 192.168.4.5    192.168.2.111killall httpd   杀死真正web服务器的httpd服务curl 192.168.4.5    192.168.2.111   发现还是能访问页面,因为已经被varnish缓存到4.5上了。

Validation results:

firefox f12  看到via  就是说通过缓存看到了server nginxvia:http/1.1 ctc.ningbo.ha2ts4.83 (ApacheTrafficServer/6.2.1 [cHs f ]),      http/1.1 ctc.chengdu.ha2ts4.24 (ApacheTrafficServer/6.2.1 [cRs f ])curl -I 192.168.4.5   看响应头(包头)信息    HTTP/1.1 200 OK    Date: Thu, 31 May 2018 09:53:34 GMT    Server: Apache/2.4.6 (Red Hat Enterprise Linux) PHP/5.4.16   这里    Last-Modified: Mon, 28 May 2018 01:43:06 GMT    ETag: "e-56d3a3d36393a"    Content-Length: 14    Content-Type: text/html; charset=UTF-8    X-Varnish: 32790    Age: 0    Via: 1.1 varnish (Varnish/5.2)      这里缓存了server    Accept-Ranges: bytes    Connection: keep-alive

View Varnish Logs

varnishlog          很细节的日志 用于排错。varnishncsa         简单日志(风格类似apache,nginx)192.168.4.100 - - [31/May/2018:18:00:29 +0800] "HEAD http://192.168.4.5/ HTTP/1.1" 200 0 "-" "curl/7.29.0"

Update cached data

web服务器后台的数据变化了  varnish几分钟会自动和后台同步新,但非实时更新。不愿意等就varnishadm  varnish> ban req.url ~ .*//清空缓存数据,支持正则表达式

Little thought:

nginx 做调度就是解决服务器压力大的问题所有就只放一个网页(如www.c.com)就行了 要想访问服务器上本身并发不高的基于域名的www.a.com  

Linux Advanced op Koriyuki tomcat&&varnish

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.