nginx通过https方式反向代理多实例tomcat

最新推荐文章于 2024-09-01 19:59:27 发布
最新推荐文章于 2024-09-01 19:59:27 发布
阅读量392 收藏 3
点赞数
文章标签: 运维 java 后端

 

案例说明:
前面一层nginx+Keepalived部署的LB,后端两台web服务器部署了多实例的tomcat,通过https方式部署nginx反向代理tomcat请求。配置一如下:

1)LB层的nginx配置

访问http强制转到https
[root@external-lb01 ~]# cat /data/nginx/conf/vhosts/80-www.kevin.com.conf 
server {
        listen       80;
        server_name  kevin.com www.kevin.com;

        access_log  /data/nginx/logs/www.kevin.com-access.log main;
        error_log  /data/nginx/logs/www.kevin.com-error.log;

        error_page   500 502 503 504  /50x.html;
        location = /50x.html {
            root   html;
        }

        return      301 https://$server_name$request_uri; 
}


https反向代理的配置
[root@external-lb01 ~]# cat /data/nginx/conf/vhosts/443-www.kevin.com.conf
upstream scf_cluster {
    ip_hash;
    server 192.168.10.20:9020;
    server 192.168.10.21:9020;
    }
upstream portal_cluster {
    ip_hash;
    server 192.168.10.20:9040;
    server 192.168.10.21:9040;
    }
upstream file_cluster{
    ip_hash;
    server 192.168.10.20:9020;
    }
upstream workflow_cluster{
    ip_hash;
    server 192.168.10.20:9020;
    server 192.168.10.21:9020;
    }
upstream batch_cluster{
    server 192.168.10.20:9020;
    server 192.168.10.21:9020;
    }

server {
        listen       443;
        server_name  www.kevin.com;

        ssl on;
        ssl_certificate /data/nginx/conf/ssl/kevin.cer;
        ssl_certificate_key /data/nginx/conf/ssl/kevin.key;
        ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
        ssl_session_cache    shared:SSL:1m;
        ssl_session_timeout  5m;
        ssl_ciphers  ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4:!DH:!DHE;
        ssl_prefer_server_ciphers  on;

        access_log  /data/nginx/logs/www.kevin.com-access.log main;
        error_log  /data/nginx/logs/www.kevin.com-error.log;

        error_page   500 502 503 504  /50x.html;
        location = /50x.html {
            root   html;
        }

       rewrite /portal-pc https://www.kevin.com break;

       location / {
            proxy_pass http://portal_cluster/portal-pc/;
            proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504 http_404;
            proxy_set_header Host $host; 
            proxy_set_header X-Real-IP $remote_addr; 
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; 
            proxy_set_header X-Forwarded-Proto http; 
            proxy_redirect off; 

        }

            location /scf {
            proxy_pass http://scf_cluster/scf;
            proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504 http_404;
            proxy_set_header Host $host; 
            proxy_set_header X-Real-IP $remote_addr; 
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; 
            proxy_set_header X-Forwarded-Proto http; 
            proxy_redirect off; 

        }

        location /msdp-file {
            proxy_pass http://file_cluster/msdp-file;
            proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504 http_404;
            proxy_set_header Host $host; 
            proxy_set_header X-Real-IP $remote_addr; 
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; 
            proxy_set_header X-Forwarded-Proto http; 
            proxy_redirect off; 

        }
        
    location /upload {
            proxy_pass http://file_cluster/upload;
            proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504 http_404;
            proxy_set_header Host $host; 
            proxy_set_header X-Real-IP $remote_addr; 
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; 
            proxy_set_header X-Forwarded-Proto http; 
            proxy_redirect off; 

        }
        
        location /activiti-workflow-console {
            proxy_pass http://workflow_cluster/activiti-workflow-console;
            proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504 http_404;
            proxy_set_header Host $host; 
            proxy_set_header X-Real-IP $remote_addr; 
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; 
            proxy_set_header X-Forwarded-Proto http; 
            proxy_redirect off; 

        }

    location /batch-framework-web {
            proxy_pass http://batch_cluster/batch-framework-web;
            proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504 http_404;
            proxy_set_header Host $host; 
            proxy_set_header X-Real-IP $remote_addr; 
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; 
            proxy_set_header X-Forwarded-Proto http; 
            proxy_redirect off; 
        }  
}


以上配置中,需要注意:
访问https://www.kevin.com 要求和访问http://192.168.10.20:9040/portal-pc/ 结果一致
访问https://www.kevin.com/portal-pc 要求和访问https://www.kevin.com 结果一致


2)后端两台机器192.168.10.20和192.168.10.21的tomcat配置。两台配置一致,这里以192.168.10.20配置为例:
[root@bl2-app01 ~]# cat /data/release/projects/tomcat_app_9020/conf/server.xml
......
    <Connector port="9020" protocol="HTTP/1.1" 
               connectionTimeout="20000" 
               redirectPort="8443" URIEncoding="UTF-8"/>
......
    <Connector port="9029" protocol="AJP/1.3" redirectPort="8443" />


[root@bl2-app01 ~]# cat /data/release/projects/tomcat_portal_9040/conf/server.xml
......
<Connector port="9040" protocol="HTTP/1.1" 
               connectionTimeout="20000" 
               redirectPort="4443" URIEncoding="UTF-8"/>
......
    <Connector port="9049" protocol="AJP/1.3" redirectPort="4443" />
.....

===============================================================================
配置二:也可以采用如下proxy_redirect配置(指定修改被代理服务器返回的响应头中的location头域跟refresh头域数值)(注意下面proxy_redirect里由http -> https的代理返回设置

[root@external-lb01 ~]# cat /data/nginx/conf/vhosts/443-www.kevin.com.conf
upstream scf_cluster {
    ip_hash;
    server 192.168.10.20:9020;
    server 192.168.10.21:9020;
    }
upstream portal_cluster {
    ip_hash;
    server 192.168.10.20:9040;
    server 192.168.10.21:9040;
    }
upstream file_cluster{
    ip_hash;
    server 192.168.10.20:9020;
    }
upstream workflow_cluster{
    ip_hash;
    server 192.168.10.20:9020;
    server 192.168.10.21:9020;
    }
upstream batch_cluster{
    server 192.168.10.20:9020;
    server 192.168.10.21:9020;
    }
  
server {
        listen       443;
        server_name  www.kevin.com;
  
        ssl on;
        ssl_certificate /data/nginx/conf/ssl/bigtree.cer;
        ssl_certificate_key /data/nginx/conf/ssl/bigtree.key;
        ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
        ssl_session_cache    shared:SSL:1m;
        ssl_session_timeout  5m;
        ssl_ciphers  ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4:!DH:!DHE;
        ssl_prefer_server_ciphers  on;
  
        access_log  /data/nginx/logs/www.kevin.com-access.log main;
        error_log  /data/nginx/logs/www.kevin.com-error.log;
  
        error_page   500 502 503 504  /50x.html;
        location = /50x.html {
            root   html;
        }
  
        location /scf {
            proxy_pass http://scf_cluster/scf;
            proxy_redirect  http://scf_cluster/scf https://www.kevin.com/scf;
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_connect_timeout 300;
            proxy_send_timeout 300;
            proxy_read_timeout 600;
            proxy_buffer_size 256k;
            proxy_buffers 4 256k;
            proxy_busy_buffers_size 256k;
            proxy_temp_file_write_size 256k;
            proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504 http_404;
            proxy_max_temp_file_size 128m;
        }
  
        location / {
            proxy_pass http://portal_cluster/portal-pc/;
            proxy_redirect  http://portal_cluster/portal-pc/ https://www.kevin.com/;
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_connect_timeout 300;
            proxy_send_timeout 300;
            proxy_read_timeout 600;
            proxy_buffer_size 256k;
            proxy_buffers 4 256k;
            proxy_busy_buffers_size 256k;
            proxy_temp_file_write_size 256k;
            proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504 http_404;
            proxy_max_temp_file_size 128m;
        }
  
        location /msdp-file {
            proxy_pass http://file_cluster/msdp-file;
            proxy_redirect  http://file_cluster/msdp-file https://www.kevin.com/msdp-file;
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_connect_timeout 300;
            proxy_send_timeout 300;
            proxy_read_timeout 600;
            proxy_buffer_size 256k;
            proxy_buffers 4 256k;
            proxy_busy_buffers_size 256k;
            proxy_temp_file_write_size 256k;
            proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504 http_404;
            proxy_max_temp_file_size 128m;
        }
          
        location /upload {
            proxy_pass http://file_cluster/upload;
            proxy_redirect  http://file_cluster/upload https://www.kevin.com/upload;
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_connect_timeout 300;
            proxy_send_timeout 300;
            proxy_read_timeout 600;
            proxy_buffer_size 256k;
            proxy_buffers 4 256k;
            proxy_busy_buffers_size 256k;
            proxy_temp_file_write_size 256k;
            proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504 http_404;
            proxy_max_temp_file_size 128m;
        }
          
        location /activiti-workflow-console {
            proxy_pass http://workflow_cluster/activiti-workflow-console;
            proxy_redirect  http://workflow_cluster/activiti-workflow-console https://www.kevin.com/activiti-workflow-console;
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_connect_timeout 300;
            proxy_send_timeout 300;
            proxy_read_timeout 600;
            proxy_buffer_size 256k;
            proxy_buffers 4 256k;
            proxy_busy_buffers_size 256k;
            proxy_temp_file_write_size 256k;
            proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504 http_404;
            proxy_max_temp_file_size 128m;
        }
  
        location /batch-framework-web {
            proxy_pass http://batch_cluster/batch-framework-web;
            proxy_redirect  http://batch_cluster/batch-framework-web https://www.kevin.com/batch-framework-web;
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_connect_timeout 300;
            proxy_send_timeout 300;
            proxy_read_timeout 600;
            proxy_buffer_size 256k;
            proxy_buffers 4 256k;
            proxy_busy_buffers_size 256k;
            proxy_temp_file_write_size 256k;
            proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504 http_404;
            proxy_max_temp_file_size 128m;
        }
}

======================温馨提示========================
上面启用了proxy_redirect配置(http->https),配置中就不需要"proxy_set_header Host $host;",即不需要"添加发往后端服务器的请求头"的配置了

================================================================================
如上,配置了80端口的http访问强制跳转为443端口的https访问方式:
1)如果域名配置为https的访问方式,则上面配置一和配置二都可以。
2)如果域名配置为http的访问方式,则如上配置一后,访问的结果都只会跳转到https的首页,故这种情况下需如上配置二。

如下,访问http://bpm.kevin.com的结果只会在强制跳转为https://www.kevin.com
[root@external-lb01 ~]# cat /data/nginx/conf/vhosts/bpm.kevin.com.conf
upstream os-8080 {
      #ip_hash;
      server 192.168.10.20:8080 max_fails=3 fail_timeout=15s;
      server 192.168.10.21:8080 max_fails=3 fail_timeout=15s;
}
            
server {
      listen      80;
      server_name bpm.kevin.com;
      
      access_log  /data/nginx/logs/bpm.kevin.com-access.log main;
      error_log  /data/nginx/logs/bpm.kevin.com-error.log;
      
location / {
      proxy_pass http://os-8080;
      proxy_redirect off ;
      proxy_set_header Host $host;
      proxy_set_header X-Real-IP $remote_addr;
      proxy_set_header REMOTE-HOST $remote_addr;
      proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
      proxy_connect_timeout 300;
      proxy_send_timeout 300;
      proxy_read_timeout 600;
      proxy_buffer_size 256k;
      proxy_buffers 4 256k;
      proxy_busy_buffers_size 256k;
      proxy_temp_file_write_size 256k;
      proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504 http_404;
      proxy_max_temp_file_size 128m;
      #proxy_cache mycache;                              
      #proxy_cache_valid 200 302 1h;
      #proxy_cache_valid 301 1d;
      #proxy_cache_valid any 1m;
    }
      
    error_page   500 502 503 504  /50x.html;
    location = /50x.html {
        root   html;
    }
}
  
  
如果想要访问http://bpm.kevin.com的结果不强制跳转为https://www.kevin.com,则需要启用proxy_redirect的配置:
[root@external-lb01 ~]# cat /data/nginx/conf/vhosts/bpm.kevin.com.conf
upstream os-8080 {
      #ip_hash;
      server 192.168.10.20:8080 max_fails=3 fail_timeout=15s;
      server 192.168.10.21:8080 max_fails=3 fail_timeout=15s;
}
            
  server {
      listen      80;
      server_name bpm.kevin.com;
      
      access_log  /data/nginx/logs/bpm.kevin.com-access.log main;
      error_log  /data/nginx/logs/bpm.kevin.com-error.log;
      
 location / {
      proxy_pass http://os-8080;
      proxy_set_header Host $host;    //注意这个是http请求,没有http->https转发需求,必须要加上这个proxy_set_header设置,否则代理转发返回的头信息会有误!
      proxy_redirect  http://os-8080/ http://bpm.kevin.com/;
      proxy_set_header X-Real-IP $remote_addr;
      proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
      proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504 http_404;
    }
  
    error_page   500 502 503 504  /50x.html;
    location = /50x.html {
    root   html;
    }
}

===============================================================================
nginx做前端代理分发,tomcat处理请求。nginx反代tomcat实现https有二个方法

一、nginx配置https,tomcat也配置https
1)nginx配置https
upstream https_tomcat_web {  
        server 127.0.0.1:8443;  
}  
  
server {  
        listen       443;  
        server_name  www.test.com;  
        index index.html;  
        root   /var/www/html/test;  
  
        ssl on;  
        ssl_certificate /etc/nginx/go.pem;  
        ssl_certificate_key /etc/nginx/go.key;  
        ssl_session_timeout 5m;  
        ssl_protocols SSLv2 SSLv3 TLSv1.2;  
#        ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP;  
        ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;  
        ssl_prefer_server_ciphers on;  
  
        location ~ ^/admin {  
            proxy_pass https://https_tomcat_web;  //是https的  
            proxy_redirect                      off;  
            proxy_set_header   Host             $host;  
            proxy_set_header   X-Real-IP        $remote_addr;  
            proxy_set_header   X-Forwarded-For  $proxy_add_x_forwarded_for;  
            client_max_body_size       100m;  
            client_body_buffer_size    256k;  
            proxy_connect_timeout      60;  
            proxy_send_timeout         30;  
            proxy_read_timeout         30;  
            proxy_buffer_size          8k;  
            proxy_buffers              8 64k;  
            proxy_busy_buffers_size    64k;  
            proxy_temp_file_write_size 64k;  
        }  
  
        error_page 404 /404.html;  
        location = /40x.html {  
        }  
  
        error_page 500 502 503 504 /50x.html;  
  
        location = /50x.html {  
        }  
  
}  


2)tomcat的https配置,配置文件server.xml
<Service name="Catalina">  
 <Connector port="8001" protocol="HTTP/1.1"  
 connectionTimeout="20000"  
 redirectPort="8443" />  
  
 <Connector port="8091"  
 protocol="AJP/1.3"  
 redirectPort="8443" />  
  
//添加以下内容  
 <Connector port="8443"  
 protocol="HTTP/1.1"  
 SSLEnabled="true"  
 scheme="https"  
 secure="false"  
 keystoreFile="cert/gotom.pfx"  
 keystoreType="PKCS12"  
 keystorePass="214261272770418"  
 clientAuth="false"  
 SSLProtocol="TLSv1+TLSv1.1+TLSv1.2"  
 ciphers="TLS_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_256_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,TLS_RSA_WITH_AES_128_CBC_SHA256,TLS_RSA_WITH_AES_256_CBC_SHA256" />  
  
 ..................省略....................  
 </Service>  


 配置好后重新启动nginx,tomcat,就可以https访问了,这也是现在比较常见采用的配置方式 。



二、nginx采用https,tomcat采用http
1)nginx配置https
upstream https_tomcat_web {  
        server 127.0.0.1:8001;  
}  
  
server {  
        listen       443;  
        server_name  www.test.com;  
        index index.html;  
        root   /var/www/html/test;  
  
        ssl on;  
        ssl_certificate /etc/nginx/go.pem;  
        ssl_certificate_key /etc/nginx/go.key;  
        ssl_session_timeout 5m;  
        ssl_protocols SSLv2 SSLv3 TLSv1.2;  
#        ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP;  
        ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;  
        ssl_prefer_server_ciphers on;  
  
        location ~ ^/admin {  
            proxy_pass http://https_tomcat_web;  //是http的  
            proxy_redirect                      off;  
            proxy_set_header   Host             $host;  
            proxy_set_header   X-Real-IP        $remote_addr;  
            proxy_set_header   X-Forwarded-For  $proxy_add_x_forwarded_for;  
            client_max_body_size       100m;  
            client_body_buffer_size    256k;  
            proxy_connect_timeout      60;  
            proxy_send_timeout         30;  
            proxy_read_timeout         30;  
            proxy_buffer_size          8k;  
            proxy_buffers              8 64k;  
            proxy_busy_buffers_size    64k;  
            proxy_temp_file_write_size 64k;  
        }  
  
        error_page 404 /404.html;  
        location = /40x.html {  
        }  
  
        error_page 500 502 503 504 /50x.html;  
  
        location = /50x.html {  
        }  
  
}  

2)tomcat的http配置,配置文件server.xml
<Service name="Catalina">  
 <Connector port="8001" protocol="HTTP/1.1"  
 connectionTimeout="20000"  
 redirectPort="443" />    //在这里重新定向到了443端口  
  
 <Connector port="8091"  
 protocol="AJP/1.3"  
 redirectPort="443" />  
  
 ..................省略....................  
 </Service>  
重启nginx,tomcat,https就配置好了。

=====================Nginx非80端口代理转发配置=======================
注意:nginx使用非80端口转发时,proxy_set_header配置中的$host后面一定要跟端口!如下篇配置(proxy_set_header Host $host:8080; )。否则访问会有问题!(当https访问时,已配置了http强转https,则$host后面不需加443端口)。

[root@ng-lb01 vhosts]# cat fax.kevin.com.conf 
upstream fax {
      server 192.168.10.34:8080;
}
          
  server {
      listen      8080;
      server_name fax.kevin.com;
    
      access_log  /data/nginx/logs/fax.kevin.com-access.log main;
      error_log  /data/nginx/logs/fax.kevin.com-error.log;

    location / {
            proxy_pass http://fax;
            proxy_set_header Host $host:8080; 
            proxy_set_header X-Real-IP $remote_addr; 
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; 
            proxy_set_header X-Forwarded-Proto http; 
            proxy_redirect off; 

        }

        error_page   500 502 503 504  /50x.html;
        location = /50x.html {
            root   html;
        }
}
Nginx代理的多端口实例负载均衡
云中采薇
12-30 5609
Nginx作为高性能服务器,除了搭建普通的web服务,也经常用作反向代理或微服务网关。为了实现服务高可用,通常会启动多个服务实例,这样某个实例挂掉并不影响整体的可用性,Nginx可以在多个实例中实现负载均衡,并提供了多种负载均衡策略。本人手头只有一台服务器,所以就在本机多端口开启多个实例,并在这些实例中实现负载均衡。在http配置:upstream backser { server loca
nginx反向代理tomcat
chenkya的博客
05-21 523
一、实验说明: 实现nginx反代tomcat二、实验准备:nginxtomcat同一台主机,本次使用Centos7,IP地址为192.168.2.137三、安装tomcattomcat是基于java开发的程序,需要运行在jvm中,java是跨平台的语言,java的运行基于各种类库,java早先用于B/S架构上的是applet,在客户端运行,后期发展为servlet,在servlet端运行,但是...
nginx https 反向代理tomcat http
IT837684734的专栏
04-20 2466
server 中添加 add_header Content-Security-Policy "upgrade-insecure-requests" always; location 添加 proxy_redirect http:// https://; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Fo
一招搞定Nginx反向代理HTTPS配置这么简单,你还在怕什么?
最新发布
jj_jump的博客
09-01 1314
可以结合我之前的文章:https://zhuanlan.zhihu.com/p/715159112用域名搭建一个ServerStatus中文版在线网站。
nginx 反向代理 tomcat (https、虚拟主机)
weixin_34293059的博客
08-14 208
背景:    有一个JSP开发的网站,需要放在tomcat里面运行,考虑到tomcat处理http请求不是那么强,计划前端添加一个nginx作为反向代理,并且提供https服务,并且通过虚拟主机开代理到指定域名的服务。    我们的域名是www.wzlinux.com。1、首先是安装nginxtomcat2、nginx配置文件如下   包含301调整,以及https证书的设定,我的证书是在阿里云...
nginx反向代理批量实现https协议访问
z2007130205的专栏
04-28 4250
介绍下在nginx环境下,通过nginx反向代理批量实现https协议访问的方法,有需要的朋友参考下。 为站点增加https访问,开始只配置了www域名下的https,发现css和js都无法正常加载。 原因分析:https页面,如果加载http协议的内容,会被认为页面不安全,尤其是IE,刷新一下页面就要弹出一次确认。 后来苦逼的把各个子域名都加入了https
nginx实现Tomcat反向代理
12-19
5. **负载均衡和健康检查**:如果你有多个Tomcat实例,可以在Nginx配置中使用`upstream`模块进行负载均衡。同时,可以设置健康检查,确保只有健康的后端服务器接收请求。 通过以上步骤,你已成功配置Nginx作为...
windows下配置nginx反向代理tomcat
08-15
假设你需要通过 Nginx反向代理后端端口为 8080 的 Tomcat 服务,以下是一个简单的配置示例: ```nginx server { listen 80; // 监听的端口号 server_name 192.168.0.238; // server 名称 # 设置代理相关的...
Nginx反向代理实现多Tomcat负载均衡 (1).md
02-05
### Nginx 反向代理实现多 Tomcat 负载均衡详解 #### 一、基础知识概述 在深入了解如何利用 Nginx 实现对多个 Tomcat 的负载均衡之前,我们首先来简要回顾一下几个核心概念: - **Nginx**:是一款高性能的HTTP和...
(5)Nginx 配置实例反向代理
01-09
 使用Nginx反向代理,根据访问的路径跳转到不同端口的服务中,Nginx监听端口为9001 访问http://127.0.0.1:9001/bs-manager/ 直接跳转到127.0.0.1:8001 访问http://127.0.0.1:9001/bs-webapp/ 直接跳转到...
Nginx反向代理实例详解
01-20
(1)使用Nginx反向代理,根据访问的路径跳转到不同端口的服务中,Nginx监听端口为8001。 访问 http://127.0.0.1:9001/deu/ 直接跳转到127.0.0.1:8016 访问 http://127.0.0.1:9001/vod/ 直接跳转到127.0.0
Nginx一个域名访问多个项目的方法实例
09-29
主要给大家介绍了关于Nginx一个域名访问多个项目的方法,文中通过示例代码介绍的非常详细,对大家学习或者使用Nginx具有一定的参考学习价值,需要的朋友们下面来一起学习学习吧
Nginx反向代理多域名的HTTP和HTTPS服务的实现
09-29
主要介绍了Nginx反向代理多域名的HTTP和HTTPS服务的实现,文中通过示例代码介绍的非常详细,对大家的学习或者工作具有一定的参考学习价值,需要的朋友们下面随着小编来一起学习学习吧
nginx部署以及反向代理多域名实现HTTPS访问
weixin_43458965的博客
08-05 2985
nginx部署以及反向代理多域名实现HTTPS访问
Nginx虚拟机主机根据不同的域名使用不同的root路径
weixin_33881050的博客
03-02 530
一 应用场景描述应开发同事需求,需要在开发环境的Nginx能够根据不同的域名使用不同的root路径。例如如果域名是game4.xxx.com,就使用root路径为/data/public/game4game5.xxx.com,就使用root路径为/data/public/game5game6.xxx.com,就是用root路径为/data/public/game6二 解决方法...
centos下nginx+tomcat https反向代理2种实现方法
yhyhaiyi的专栏
06-06 1415
反向代理(经验证可使用) 在计算机世界里,由于单个服务器的处理客户端(用户)请求能力有一个极限,当用户的接入请求蜂拥而入时,会造成服务器忙不过来的局面,可以使用多个服务器来共同分担成千上万的用户请求,这些服务器提供相同的服务,对于用户来说,根本感觉不到任何差别。 nginx做前端代理分发,tomcat处理请求。nginx反代tomcat实现https有二个方法。 一、nginx配置https...
nginx(多实例)安装部署操作参考(linux)
u011635437的博客
11-25 1283
1. 安装环境准备 1.1 主机环境准备 1.1.1. 关闭selinux sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/selinux/config setenforce 0 1.1.2. 部署规划 实例1安装规划 软件安装路径:/usr/local/nginx/ 软件日志路径:/usr/local/nginx/logs/ 软件二进制路径:/usr/local/nginx/sbin/ 软件缓存代理等路径:/usr/local/nginx/{cl
Nginx+Tomcat(多实例)实现动静分离和负载均衡(四层、七层)
云计算运维工程师的成长之路
10-16 1577
Nginx处理静态页面的效率远高于Tomcat的处理能力若Tomcat的请求量为1000次,则Nginx的请求量为6000次Tomcat每秒的吞吐量为0.6M,Nginx的每秒吞吐量为3.6MNginx处理静态资源的能力是Tomcat处理的6倍由于Nginx服务是轻量级、高性能,处理静态页面强,但是几乎不能处理动态页面,所以需要转发给多台tomcat服务器处理动态页面请求。负载均衡是以Nginx为复制均衡器,Tomcat作为应用服务器。Nginx的负载均衡是
Nginx配置双Tomcat反向代理教程
"Nginx配置反向代理的文档介绍了如何使用Nginx作为反向代理服务器,通过设置代理规则将请求转发至不同的后端Tomcat服务器。文档详细讲解了安装和配置过程,包括Tomcat的下载、解压、复制以及修改端口号等步骤。" 在...
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值