highlight: a11y-dark
theme: orange
@TOC
常见部署方式
- standalone模式,Tomcat单独运行,直接接受用户的请求,不推荐。
- 反向代理,单机运行,提供了一个Nginx作为反向代理,可以做到静态有nginx提供响应,动态jsp代理给Tomcat
- LNMT:Linux + Nginx +MySQL + Tomcat
- LAMT:Linux + Apache(Httpd) +MySQL + Tomcat
- 前置一台Nginx,给多台Tomcat实例做反向代理和负载均衡调度,Tomcat上部署的纯动态页面更合适
- LNMT:Linux + Nginx +MySQL + Tomcat
- 多级代理
- LNNMT:Linux + Nginx + Nginx +MySQL + Tomcat
Nginx和Tomcat实践
nginx安装
从epel源安装nginx ``` ~]# wget -O /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-7.repo
~]# yum install nginx -y ```
全部反向代理测试
``` ~]# vim /etc/nginx/nginx.conf ...
全部反向代理测试
location / {
proxy_pass http://127.0.0.1:8080; #不管说明请求,都会访问后面的localhost虚拟主机
}
...
检查语法
~]# nginx -t
启动nginx服务
~]# systemctl start nginx ~]# systemctl enable nginx ```
``` ~]# vim /etc/nginx/nginx.conf ···
全部反向代理测试
location / {
# proxy_pass http://127.0.0.1:8080; <--注释此行
proxy_pass http://node1.123.com:8080; <--添加此行。此方法需要在'/etc/hosts下添加域名解析'
}
···
检查语法、发现报错
~]# nginx -t nginx: [emerg] host not found in upstream "node1.123.com" in /etc/nginx/nginx.conf:49 nginx: configuration file /etc/nginx/nginx.conf test failed
修改服务器的/etc/hosts
~]# vim /etc/hosts 127.0.0.1 node1.123.com <--添加
重新加载
~]# systemctl reload nginx ```
http://node1.123.com/或者http://192.168.37.13/全部代理给了自定义的虚拟主机
注意:
node1.123.com需要配置解析,可以通过nginx -t测试。
动静分离代理
``` ~]# vim /etc/nginx/nginx.conf ... location / { # proxypass http://127.0.0.1:8080; root /data/webapps/ROOT; <-- index index.html; <-- } <-- location ~* .jsp$ { <--'~*'不区分大小写、加'\'以后结尾就必须是'.jsp'、如果不加"\"前面随便结尾以jsp结尾 proxypass http://node1.123.com:8080; <-- } ...
~]# nginx -t ~]# systemctl reload nginx
创建测试页面
~]# echo "My app index.html" > /data/webapps/ROOT/index.html ```
http://192.168.37.13/和http://192.168.37.13/index.jsp测一下。
但是实际上Tomcat不太适合做动静分离,它的管理程序的图片不好做动静分离部署。
应用管理
``` ~]# vim /etc/nginx/nginx.conf ... location / { proxypass http://127.0.0.1:8080; # root /data/webapps/ROOT; # index index.html;
#} #location ~* .jsp$ { # proxypass http://node1.123.com:8080; } ...
~]# nginx -t ~]# systemctl reload nginx ``` 点击Tomcat首页的右上角的"Manager App"按钮,弹出登录对话框。
界面管理
Applications应用程序管理,可以启动、停止、重加载、反部署(危险)
、清理过期session
示例1:停止后及页面信息
访问页面(404未找到页面)
示例2:启动后及页面信息
访问页面(正常)
示例3:反部署(危险)
``` tomcat]# pwd /usr/local/tomcat
查看是否有'myapp'目录
tomcat]# ll webapps/ total 8 drwxr-x--- 14 java java 4096 Aug 22 04:33 docs drwxr-x--- 6 java java 83 Aug 22 04:33 examples drwxr-x--- 5 java java 87 Aug 22 04:33 host-manager drwxr-x--- 5 java java 103 Aug 22 04:33 manager drwxr-xr-x 4 root root 54 Aug 22 13:25 myapp drwxr-x--- 3 java java 4096 Aug 22 12:45 ROOT ```
myapp目录被删除了
tomcat]# ll webapps/ total 8 drwxr-x--- 14 java java 4096 Aug 22 04:33 docs drwxr-x--- 6 java java 83 Aug 22 04:33 examples drwxr-x--- 5 java java 87 Aug 22 04:33 host-manager drwxr-x--- 5 java java 103 Aug 22 04:33 manager drwxr-x--- 3 java java 4096 Aug 22 12:45 ROOT
Deploy可以热部署,也可以部署war文件。
Host Manager虚拟主机管理
配置如下 tomcat]# pwd /usr/local/tomcat tomcat]# vim conf/tomcat-users.xml
``` tomcat]# pwd /usr/local/tomcat
tomcat]# vim webapps/host-manager/META-INF/context.xml ```
重启Tomcat tomcat]# bin/shutdown.sh tomcat]# bin/startup.sh
点击"Host Manager"按钮
可以新增虚拟主机
、
httpd和Tomcat实践
```
安装httpd服务
~]# yum install -y httpd ```
```
模块
~]# httpd -M|grep proxy AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using fe80::20c:29ff:fe02:ea3d. Set the 'ServerName' directive globally to suppress this message proxymodule (shared) #代理主模块 proxyajpmodule (shared) #ajp模块 proxybalancermodule (shared) #负载均衡模块 proxyconnectmodule (shared) proxyexpressmodule (shared) proxyfcgimodule (shared) proxyfdpassmodule (shared) proxyftpmodule (shared) proxyhttpmodule (shared) #http代理模块 proxyscgimodule (shared) proxywstunnel_module (shared) ```
httpd配置
proxyhttpmodule模块代理配置
```
解释
ServerName node1.123.com ProxyRequests Off <--正向代理 ProxyVia On <--代理的请求响应时通过一个response的via首部 ProxyPreserveHost On <--让代理保留原请求的Host首部 ProxyPass / http://127.0.0.1:8080/ <--反向代理指令 ProxyPassReverse / http://127.0.0.1:8080/ <--保留代理的Reverse头不重写(个别例外) ```
``` ~]# vim /etc/httpd/conf.d/httpd-tomcat.conf ServerName node1.123.com ProxyRequests Off ProxyVia On ProxyPreserveHost On ProxyPass / http://127.0.0.1:8080/ ProxyPassReverse / http://127.0.0.1:8080/
检查语法
~]# httpd -t
启动服务
~]# systemctl start httpd
~]# ss -ntlp|grep httpd LISTEN 0 128 :::80 :::* users:(("httpd",pid=15933,fd=4),("httpd",pid=15932,fd=4),("httpd",pid=15931,fd=4),("httpd",pid=15930,fd=4),("httpd",pid=15929,fd=4),("httpd",pid=15925,fd=4)) ```
http://node1.123.com
http://node1.123.com/index.jsp
http://192.168.37.13/
以上3个URL看到了不同的页面,说明ProxyPreserveHost
起了作用。
设置ProxyPreserveHost
再看效果,说明什么? ``` ~]# vim /etc/httpd/conf.d/httpd-tomcat.conf
ServerName node1.123.com ProxyRequests Off ProxyVia On ProxyPreserveHost Off <-- ProxyPass / http://127.0.0.1:8080/ ProxyPassReverse / http://127.0.0.1:8080/
重新加载httpd服务
~]# systemctl reload httpd ``` 此时访问以下网站时页面信息一致
http://node1.123.com http://node1.123.com/index.jsp http://192.168.37.13/
proxyajpmodule模块代理配置 ``` ~]# vim /etc/httpd/conf.d/httpd-tomcat.conf ServerName node1.123.com ProxyRequests Off ProxyVia On ProxyPreserveHost On <-- ProxyPass / ajp://127.0.0.1:8009/ <-- ProxyPassReverse / ajp://127.0.0.1:8009/ <--
~]# systemctl reload httpd ``` http://192.168.37.13/
相对来说,AJP协议基于二进制比使用HTTP协议的连接器效率高些。
网站架构不是一天建成的,都是演化来的。不是最新时髦的架构,而是最合适的,能驾驭的了、成本可控的架构。