Tomcat 单机代理部署 小节2

---

highlight: a11y-dark

theme: orange

@TOC

常见部署方式

• standalone模式，Tomcat单独运行，直接接受用户的请求，不推荐。
• 反向代理，单机运行，提供了一个Nginx作为反向代理，可以做到静态有nginx提供响应，动态jsp代理给Tomcat
  • LNMT：Linux + Nginx +MySQL + Tomcat
  • LAMT：Linux + Apache(Httpd) +MySQL + Tomcat
• 前置一台Nginx,给多台Tomcat实例做反向代理和负载均衡调度，Tomcat上部署的纯动态页面更合适
  • LNMT：Linux + Nginx +MySQL + Tomcat
• 多级代理
  • LNNMT：Linux + Nginx + Nginx +MySQL + Tomcat

Nginx和Tomcat实践

nginx安装

从epel源安装nginx ``` ~]# wget -O /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-7.repo

~]# yum install nginx -y ```

全部反向代理测试

``` ~]# vim /etc/nginx/nginx.conf ...

全部反向代理测试

location / {
        proxy_pass http://127.0.0.1:8080;    #不管说明请求,都会访问后面的localhost虚拟主机
    }

...

检查语法

~]# nginx -t

启动nginx服务

~]# systemctl start nginx ~]# systemctl enable nginx ```

``` ~]# vim /etc/nginx/nginx.conf ···

全部反向代理测试

location / {
         # proxy_pass http://127.0.0.1:8080;     <--注释此行
         proxy_pass http://node1.123.com:8080;   <--添加此行。此方法需要在'/etc/hosts下添加域名解析'
    }

···

检查语法、发现报错

~]# nginx -t nginx: [emerg] host not found in upstream "node1.123.com" in /etc/nginx/nginx.conf:49 nginx: configuration file /etc/nginx/nginx.conf test failed

修改服务器的/etc/hosts

~]# vim /etc/hosts 127.0.0.1 node1.123.com <--添加

重新加载

~]# systemctl reload nginx ```

http://node1.123.com/或者http://192.168.37.13/全部代理给了自定义的虚拟主机

注意:node1.123.com需要配置解析，可以通过nginx -t测试。

动静分离代理

``` ~]# vim /etc/nginx/nginx.conf ... location / { # proxypass http://127.0.0.1:8080; root /data/webapps/ROOT; <-- index index.html; <-- } <-- location ~* .jsp$ { <--'~*'不区分大小写、加'\'以后结尾就必须是'.jsp'、如果不加"\"前面随便结尾以jsp结尾 proxypass http://node1.123.com:8080; <-- } ...

~]# nginx -t ~]# systemctl reload nginx

创建测试页面

~]# echo "My app index.html" > /data/webapps/ROOT/index.html ```

http://192.168.37.13/和http://192.168.37.13/index.jsp测一下。

但是实际上Tomcat不太适合做动静分离，它的管理程序的图片不好做动静分离部署。

应用管理

``` ~]# vim /etc/nginx/nginx.conf ... location / { proxypass http://127.0.0.1:8080; # root /data/webapps/ROOT; # index index.html;
#} #location ~* .jsp$ { # proxypass http://node1.123.com:8080; } ...

~]# nginx -t ~]# systemctl reload nginx ``` 点击Tomcat首页的右上角的"Manager App"按钮，弹出登录对话框。

界面管理

Applications应用程序管理，可以启动、停止、重加载、反部署(危险)、清理过期session

示例1：停止后及页面信息

访问页面(404未找到页面)

示例2：启动后及页面信息

访问页面(正常)

示例3：反部署(危险) ``` tomcat]# pwd /usr/local/tomcat

查看是否有'myapp'目录

tomcat]# ll webapps/ total 8 drwxr-x--- 14 java java 4096 Aug 22 04:33 docs drwxr-x--- 6 java java 83 Aug 22 04:33 examples drwxr-x--- 5 java java 87 Aug 22 04:33 host-manager drwxr-x--- 5 java java 103 Aug 22 04:33 manager drwxr-xr-x 4 root root 54 Aug 22 13:25 myapp drwxr-x--- 3 java java 4096 Aug 22 12:45 ROOT ```

myapp目录被删除了 tomcat]# ll webapps/ total 8 drwxr-x--- 14 java java 4096 Aug 22 04:33 docs drwxr-x--- 6 java java 83 Aug 22 04:33 examples drwxr-x--- 5 java java 87 Aug 22 04:33 host-manager drwxr-x--- 5 java java 103 Aug 22 04:33 manager drwxr-x--- 3 java java 4096 Aug 22 12:45 ROOT Deploy可以热部署，也可以部署war文件。

Host Manager虚拟主机管理

配置如下 tomcat]# pwd /usr/local/tomcat tomcat]# vim conf/tomcat-users.xml

``` tomcat]# pwd /usr/local/tomcat

tomcat]# vim webapps/host-manager/META-INF/context.xml ```

重启Tomcat tomcat]# bin/shutdown.sh tomcat]# bin/startup.sh 点击"Host Manager"按钮

可以新增虚拟主机

、

httpd和Tomcat实践

```

安装httpd服务

~]# yum install -y httpd ```

```

模块

~]# httpd -M|grep proxy AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using fe80::20c:29ff:fe02:ea3d. Set the 'ServerName' directive globally to suppress this message proxymodule (shared) #代理主模块 proxyajpmodule (shared) #ajp模块 proxybalancermodule (shared) #负载均衡模块 proxyconnectmodule (shared) proxyexpressmodule (shared) proxyfcgimodule (shared) proxyfdpassmodule (shared) proxyftpmodule (shared) proxyhttpmodule (shared) #http代理模块 proxyscgimodule (shared) proxywstunnel_module (shared) ```

httpd配置

proxyhttpmodule模块代理配置

```

解释

ServerName node1.123.com ProxyRequests Off <--正向代理 ProxyVia On <--代理的请求响应时通过一个response的via首部 ProxyPreserveHost On <--让代理保留原请求的Host首部 ProxyPass / http://127.0.0.1:8080/ <--反向代理指令 ProxyPassReverse / http://127.0.0.1:8080/ <--保留代理的Reverse头不重写(个别例外) ```

``` ~]# vim /etc/httpd/conf.d/httpd-tomcat.conf ServerName node1.123.com ProxyRequests Off ProxyVia On ProxyPreserveHost On ProxyPass / http://127.0.0.1:8080/ ProxyPassReverse / http://127.0.0.1:8080/

检查语法

~]# httpd -t

启动服务

~]# systemctl start httpd

~]# ss -ntlp|grep httpd LISTEN 0 128 :::80 :::* users:(("httpd",pid=15933,fd=4),("httpd",pid=15932,fd=4),("httpd",pid=15931,fd=4),("httpd",pid=15930,fd=4),("httpd",pid=15929,fd=4),("httpd",pid=15925,fd=4)) ```

http://node1.123.com

http://node1.123.com/index.jsp

http://192.168.37.13/

以上3个URL看到了不同的页面，说明ProxyPreserveHost起了作用。

设置ProxyPreserveHost再看效果，说明什么？ ``` ~]# vim /etc/httpd/conf.d/httpd-tomcat.conf

ServerName node1.123.com ProxyRequests Off ProxyVia On ProxyPreserveHost Off <-- ProxyPass / http://127.0.0.1:8080/ ProxyPassReverse / http://127.0.0.1:8080/

重新加载httpd服务

~]# systemctl reload httpd ``` 此时访问以下网站时页面信息一致

http://node1.123.com http://node1.123.com/index.jsp http://192.168.37.13/

proxyajpmodule模块代理配置 ``` ~]# vim /etc/httpd/conf.d/httpd-tomcat.conf ServerName node1.123.com ProxyRequests Off ProxyVia On ProxyPreserveHost On <-- ProxyPass / ajp://127.0.0.1:8009/ <-- ProxyPassReverse / ajp://127.0.0.1:8009/ <--

~]# systemctl reload httpd ``` http://192.168.37.13/

相对来说，AJP协议基于二进制比使用HTTP协议的连接器效率高些。

网站架构不是一天建成的，都是演化来的。不是最新时髦的架构，而是最合适的，能驾驭的了、成本可控的架构。