Nginx+tomcat+https Server Load Balancing configuration practice Solution _nginx

Because of the need, have to build a Nginx+tomcat+https server, search the discovery of the internet is always wrong, now sorted out some useful, memo.

Environment: Centos6.5, JDK1.8, Tomcat8, Nginx1.10.1

Preparation Material:

1.jdk1.8 installation Package jdk-8u102-linux-x64.tar.gz

2.TOMCAT8 installation Package apache-tomcat-8.0.37.tar.gz

3.NGINX1.10 installation Package nginx-1.10.1.tar.gz

1, JDK installation configuration

Unzip and install to/USR/LOCAL/JDK

[Root@localhost ~]# tar zxvf jdk-8u102-linux-x64.tar.gz
[root@localhost ~]# MV JDK1.8.0_102/USR/LOCAL/JDK

Configuring JDK Environment variables

[Root@localhost ~]# Vi/etc/profile

Add the following at the bottom

JAVA_HOME=/USR/LOCAL/JDK
jre_home= $JAVA _home/jre
classpath=.: $JAVA _home/lib: $JRE _home/lib: $CLASSPATH
path= $JAVA _home/bin: $JRE _home/bin: $PATH
export java_home jre_home PATH CLASSPATH

Apply Environment variables

[Root@localhost ~]# Source/etc/profile

Detection success, display version description successful

[Root@localhost ~]# Java-version

2. Tomcat installation Configuration

Unzip and install to/usr/local/tomcat

[Root@localhost ~]# tar zxvf apache-tomcat-8.0.37.tar.gz
[root@localhost ~]# MV apache-tomcat-8.0.37/usr/local/ Tomcat

The default tomcat is run as root, which is not secure, and this setting allows ordinary users to run

[Root@localhost ~]# groupadd Tomcat
[root@localhost ~]# useradd-g Tomcat Tomcat
[root@localhost ~]# passwd TOMCA T
[root@localhost ~]# chown tomcat.tomcat-r/usr/local/tomcat

Run Tomcat

[Root@localhost ~]# su-tomcat/usr/local/tomcat/bin/startup.sh

Setting up Boot

[Root@localhost ~]# echo "su-tomcat/usr/local/tomcat/bin/startup.sh" >>/etc/rc.local

3, Nginx installation configuration

Configure Nginx Users

[Root@localhost ~]# groupadd nginx
[root@localhost ~]# useradd-g nginx-s/sbin/nologin-Nginx

Install Dependency Pack

[root@localhost ~]# yum-y install zlib zlib-devel OpenSSL openssl-devel pcre pcre-devel gcc gcc-c++

Unzip and enter the folder

[Root@localhost ~]# tar zxvf nginx-1.10.1.tar.gz
[root@localhost ~]# CD nginx-1.10.1

Configure installation

[Root@localhost nginx-1.10.1]#./configure--prefix=/usr/local/nginx--with-http_ssl_module--with-http_gzip_static _module--with-http_stub_status_module
[root@localhost nginx-1.10.1]# make && make install

Configure Nginx

[Root@localhost ~]# vi/usr/local/nginx/conf/nginx.conf

This step requires that you manually place SSL certificates into the/usr/local/nginx/conf/directory, CERT.CRT and Cert.key files, respectively

If the certificate file is in another format, you can search for the conversion method yourself

If you do not need to configure HTTPS, change port 443

nginx The primary configuration file

User Nginx;
Worker_processes 1;
Error_log Logs/error.log;
PID Logs/nginx.pid; events {use Epoll; worker_connections 1024} http {include mime.types; Default_type Application/octet-stream; Log_forma T main ' $remote _addr-$remote _user [$time _local] "$request" "$status $body _bytes_sent" $http _referer "" "$http _user_ag
Ent "" $http _x_forwarded_for "";
Access_log Logs/access.log Main;
Proxy_redirect off;
Proxy_set_header Host $host;
Proxy_set_header X-real-ip $remote _addr;
Proxy_set_header x-forwarded-for $proxy _add_x_forwarded_for;
Client_max_body_size 10m;
Client_body_buffer_size 128k;
Proxy_connect_timeout 90;
Proxy_send_timeout 90;
Proxy_read_timeout 90;
Proxy_buffer_size 4k;
Proxy_buffers 6 32k;
Proxy_busy_buffers_size 64k;
Proxy_temp_file_write_size 64k;
Sendfile on;
Keepalive_timeout 65;
gzip on;
Gzip_min_length 1k;
Gzip_buffers 4 16k;
Gzip_http_version 1.0;
Gzip_comp_level 2;
Gzip_types Text/plain application/x-javascripttext/css Application/xml;
Gzip_vary on; server {Listen 80; server_name www.domain.com; #修改域名 return https://$server _name$request_uri; #强制跳转443端口} server {listen 443 SSL; server_name www.domain.com; #修改域名 ssl_certificate cert.crt; #导入证书 Ssl_certificate_ke Y Cert.key;
#导入证书 Ssl_session_cache shared:ssl:1m;
Ssl_session_timeout 5m; Ssl_ciphers high:!anull:!
MD5;
Ssl_prefer_server_ciphers on; Location/{root/usr/local/tomcat/webapps/root; index index.html index.jsp index.htm} location ~ *.jsp$ {Index Index
. jsp;
Proxy_pass http://127.0.0.1:8080; } location/nginxstatus {stub_status on; Access_log on; Auth_basic "Nginxstatus"; Auth_basic_user_file/usr/local/nagois
/etc/htpasswd.users;
} error_page 404/404.html;
Error_page 502 503 504/50x.html;
Location =/50x.html {root html;}} }

Start the server

/usr/local/nginx/sbin/nginx

The kitten is successful when the browser is visited.

The above is a small set to introduce the NGINX+TOMCAT+HTTPS server load balanced configuration practice solution, I hope to help you, if you have any questions please give me a message, small series will promptly reply to everyone. Here also thank you very much for the cloud Habitat Community website support!