JSP Application Server construction implementation document (Nginx + Tomcat)

BKJIA exclusive Article] This article excerpt from an e-commerce website JSP application server environment construction implementation document, the IP address and domain name in the article were modified. JSP application server is integrated by Nginx + Tomcat. Compared with previous versions, the new Tomcat 7.0 has the following new features:

◆ Use random numbers to prevent cross-site scripting attacks;

◆ Changed the security authentication mechanism in the security authentication to prevent Session attacks;

◆ Detects and prevents memory leaks;

◆ Use aliases outside the war file to store static content;

Support Servlet 3.0, JSP 2.2 and JSP-EL 2.2;

◆ It is easier to embed Tomcat into applications, such as JBoss;

◆ Asynchronous log.

Among them, the third point is my most concern. In previous versions, Tomcat has a memory leak, and I hope to improve it in the new version.

The advantages of Nginx and Tomcat integration are as follows:

◆ Static separation accelerates Website access by users.

◆ The workflow for the entire load balancing layer and Web layer is LVS/DR + Keeaplived → Nginx reverse proxy dynamic/static separation) → Tomcat cluster, this ensures that the entire website will not be affected by the failure of an LVS or Nginx + tomcat machine.

◆ Nginx is stable, and the possibility of downtime is almost the same.

The following are the specific steps for project implementation --

Because the server uses minimal installation, install some basic libraries first. The command is as follows:

yum -y install gcc gcc-c++ autoconf libjpeg libjpeg-devel libpng libpng-devel freetype freetype-devel libxml2 libxml2-devel zlib zlib-devel glibc glibc-devel glib2 glib2-devel bzip2 bzip2-devel ncurses ncurses-devel curl curl-devel e2fsprogs e2fsprogs-devel krb5 krb5-devel libidn libidn-devel openssl openssl-devel

1) install Nginx 0.8.56 and Tomcat 7.0 on xxx. xxx.146 and xxx. xxx. xxx.147 respectively, and then integrate them.

Before installing Tomcat 7.0, you must first install JDK, which is

https://cds.sun.com/is-bin/INTERSHOP.enfinity/WFS/CDS-CDS_Developer-Site/en_US/-/USD/ViewFilteredProducts-SingleVariationTypeFilter

Since my servers are all CentOS x86_64, so I chose the jdk-6u18-linux-x64.bin package, remember to put it under the/usr/local/src directory, to facilitate future work planning.

After the download is complete, change the jdk-6u18-linux-x64.bin to executable and run it:

cd /usr/local/srcchmod +x jdk-6u18-linux-x64.bin./jdk-6u18-linux-x64mv jdk1.6.0_18 /usr/local/jdk

Then configure the system's Java Runtime Environment, which is implemented by modifying the/etc/profile file. The modification content is as follows:

JAVA_HOME="/usr/local/jdk"CLASS_PATH="$JAVA_HOME/lib:$JAVA_HOME/jre/lib"PATH=".:$PATH:$JAVA_HOME/bin"CATALINA_HOME="/usr/local/tomcat"export JAVA_HOME CATALINA_HOME

After saving and exiting, run the following command to make the environment take effect immediately:

source /etc/profile 

Then download and install the apache-tomat7.0.12, as shown below.

cd /usr/local/src/wget http://mirror.bjtu.edu.cn/apache/tomcat/tomcat-7/v7.0.12/bin/apache-tomcat-7.0.12.tar.gztar zxvf apache-tomcat-7.0.12.tar.gzmv apache-tomcat-7.0.12 /usr/local/tomcat/cp –rf /usr/local/tomcat/webapps /data/htdocs/wwwvim /usr/local/tomcat/conf/server.xml

Modify the tomcat root path. My website address is/data/htdocs/www/shop. This VM needs to be in/usr/local/tomcat/conf/server. in xml, the modified content is as follows:

<Host name="www.51cto.com"  appBase="webapps"            unpackWARs="true" autoDeploy="true">        <Context path="" docBase="/data/htdocs/www/shop/" />

If you want to add more VM instances, add more content as shown in the preceding format. The Host name is followed by the virtual Host name, And the docBase is followed by the corresponding path of the virtual Host.

After the installation is complete, start tomcat and listen to port 8080 by default. The startup command is as follows:

/usr/local/tomcat/bin/startup.sh

Run lsof-I: 80 for verification, as shown below:

lsof -i:8080COMMAND   PID USER   FD   TYPE  DEVICE SIZE NODE NAMEjava    23731 root   40u  IPv6 3347645       TCP *:webcache (LISTEN)

Finally, install pcre8.1.0 and Nginx0.8.56, and integrate the installation process of Nginx0.8.56 with Tomcat7.0.12 and Nginx0.8.56. Refer to the preceding content. Static HTML pages, images, and CSS are processed by Nginx. jsp and do content are processed by backend Tomcat and nginx. the content of the conf configuration file is as follows. for debugging convenience, we first point the domain name www.51cto.com to xxx. xxx. xxx.146, another Web configuration with xxx. xxx. xxx.146 is the same. Here I use xxx. xxx. for example, xxx.146 points the domain name www.51cto.com to our VIP address after the Web environment in this architecture is successful ):

User www; worker_processes 8; error_log/usr/local/webserver/nginx/logs/nginx_error.log crit; pid/usr/local/webserver/nginx. pid; # Specifies the value for maximum file descriptors that can be opened by this process. worker_rlimit_nofile 65535; # working mode and maximum number of connections events {use epoll; worker_connections 65535;} # Set the http server, using its reverse proxy function, Server Load balancer supports http {# Set the mime type include mime. types; default_type applica Tion/octet-stream; # charset gb2312; # Set Request Buffer limit 128; Limit 32 k; limit 4 32 k; client_max_body_size 300 m; sendfile on; tcp_nopush on; keepalive_timeout 60; tcp_nodelay on; server_tokens off; Listen 512 k; proxy_connect_timeout 5; proxy_send_timeout 60; proxy_read_timeout 5; proxy_buffer_size 16 k; proxy_buffers 4 64 k; Limit 128 k; Limit 128 k; # fastcgi_connect_timeout 300; # fastcgi_send_timeout 300; # fastcgi_read_timeout 300; # fastcgi_buffer_size 64 k; # fastcgi_buffers 4 64 k; # limit 128 k; # fastcgi_temp_file_write_size 128 k; gzip on; gzip_min_length 1 k; gzip_buffers 4 16 k; gzip_http_version 1.1; gzip_comp_level 2; gzip_types text/plain application/x -Javascript text/css application/xml; gzip_vary on; # limit_zone crawler $ binary_remote_addr 10 m; ### prohibit access to Site server {server_name _; return 404 ;} server {listen 80; server_name www.51cto.com; index index.html index.htm index. jsp index. do; # Set the default homepage address for access root/data/htdocs/www/shop; # Set the website resource storage path # limit_conn crawler 20; if (-d $ request_filename) {rewrite ^ /(. *) ([^/]) $ http: // $ host/$1 $2/permanent ;} # Tomcat handles all jsp pages. location ~ \. (Jsp | jspx | do )? $ {Proxy_set_header Host $ host; proxy_set_header X-Real-IP $ remote_addr; proxy_pass http: // 127.0.0.1: 8080; # Switch to tomcat processing} location ~. *\. (Htm | html | gif | jpg | jpeg | png | bmp | swf | ioc | rar | zip | txt | flv | mid | doc | ppt | pdf | xls | mp3 | wma) $ # Set direct access to static files without passing through tomcat {expires 30d;} location ~. * \. (Js | css )? $ {Expires 1 h ;} # define the write format of access logs: log_format wwwlog' $ remote_addr-$ remote_user [$ time_local] "$ request" ''$ status $ body_bytes_sent" $ http_referer "'' "$ http_user_agent" $ http_x_forwarded_for '; access_log/data/logs/www_nginx.log wwwlog; # set the path for storing access logs }}

After the configuration is complete, run the following command to start the Nginx process and let it listen to port 80:

/usr/local/webserver/nginx/sbin/nginx 

Then we write a piece of Java code under/data/htdocs/www/shop/to verify whether the above configuration is successful, after writing, we can use the cat command to view/data/htdocs/www/shop/mem. jsp file. The file content is as follows:

<%Runtime lRuntime = Runtime.getRuntime();out.println("*** BEGIN MEMORY STATISTICS ***<br/>");out.println("Free Memory: "+lRuntime.freeMemory()+"<br/>");out.println("Max   Memory: "+lRuntime.maxMemory()+"<br/>");out.println("Total Memory: "+lRuntime.totalMemory()+"<br/>");out.println("Available Processors : "+lRuntime.availableProcessors()+"<br/>");out.println("*** END MEMORY STATISTICS ***");%>

You can enter http://www.51cto.com/mem.jspto verify that nginx?at=at.