Nginx动静分离+tomcat cluster session复制

  • A+
所属分类:系统运维 运维实战

部署情况:

192.168.1.2和192.168.1.3上面部署的是web static (使用nginx1.6.3发布)

192.168.1.4和192.168.1.5上面部署的是web server(使用tomcat7发布)

192.168.1.6代理nginx

一:静态资源web static部署

首先在两台web static服务器上都部署静态资源,其路径为/home/xub/vsign,其发布的nginx的server配置如下:

 server {
 listen 8000;
 server_name 192.168.1.2;   -----------------------另外一台修改ip为192.168.1.3就行了
 access_log logs/vsgin.log main;
 location / {
 root /home/xub/vsign;
 index index.html index.htm;
 }
 }

 

二:服务器端web server部署

这一块server由于并发量不是很大,因此使用的tomcat的cluster的session复制功能,其tomcat中server.xml配置说明如下:

<?xml version='1.0' encoding='utf-8'?>
<Server port="8005" shutdown="SHUTDOWN">
    <Listener className="org.apache.catalina.startup.VersionLoggerListener" />
    <Listener className="org.apache.catalina.core.AprLifecycleListener" SSLEngine="on" />
    <!-- Prevent memory leaks due to use of particular java/javax APIs-->
    <Listener className="org.apache.catalina.core.JreMemoryLeakPreventionListener" />
    <Listener className="org.apache.catalina.mbeans.GlobalResourcesLifecycleListener" />
    <Listener className="org.apache.catalina.core.ThreadLocalLeakPreventionListener" />

    <GlobalNamingResources>
        <Resource name="UserDatabase" auth="Container" type="org.apache.catalina.UserDatabase" description="User database that can be updated and saved" factory="org.apache.catalina.users.MemoryUserDatabaseFactory" pathname="conf/tomcat-users.xml" />
    </GlobalNamingResources>

    <Service name="Catalina">

        <Connector port="8050" protocol="HTTP/1.1"
                   connectionTimeout="20000"
                   redirectPort="8443" URIEncoding="UTF-8" />

        <Connector port="8009" protocol="AJP/1.3" redirectPort="8443" />

        <Engine name="Catalina" defaultHost="localhost">
            <!--同步异步模式由channelSendOptions参数控制,默认值是8,为异步模式,4是同步模式。在异步模式下,可以通过加上拷贝确认Acknowledge来提高可靠性,此时channelSendOptions设为10-->
            <Cluster className="org.apache.catalina.ha.tcp.SimpleTcpCluster"
                     channelSendOptions="10">

                <Manager className="org.apache.catalina.ha.session.DeltaManager"
                         expireSessionsOnShutdown="false"
                         notifyListenersOnReplication="true"/>

                <Channel className="org.apache.catalina.tribes.group.GroupChannel">
                    <Membership className="org.apache.catalina.tribes.membership.McastService"
                                address="228.0.0.4"       -----------------------------广播地址
                    port="45564"
                    frequency="500"
                    dropTime="3000"/>
                    <Receiver className="org.apache.catalina.tribes.transport.nio.NioReceiver"
                              address="192.168.1.3"    -----------------------------------另一个配置ip成192.168.1.4
                              port="4001"
                              autoBind="100"
                              selectorTimeout="5000"
                              maxThreads="6"/>

                    <Sender className="org.apache.catalina.tribes.transport.ReplicationTransmitter">
                        <Transport className="org.apache.catalina.tribes.transport.nio.PooledParallelSender"/>
                    </Sender>
                    <Interceptor className="org.apache.catalina.tribes.group.interceptors.TcpFailureDetector"/>
                    <Interceptor className="org.apache.catalina.tribes.group.interceptors.MessageDispatch15Interceptor"/>
                </Channel>

                <Valve className="org.apache.catalina.ha.tcp.ReplicationValve"
                       filter=""/>
                <Valve className="org.apache.catalina.ha.session.JvmRouteBinderValve"/>

                <Deployer className="org.apache.catalina.ha.deploy.FarmWarDeployer"
                          tempDir="/tmp/war-temp/"
                          deployDir="/tmp/war-deploy/"
                          watchDir="/tmp/war-listen/"
                          watchEnabled="false"/>

                <ClusterListener className="org.apache.catalina.ha.session.JvmRouteSessionIDBinderListener"/>
                <ClusterListener className="org.apache.catalina.ha.session.ClusterSessionListener"/>
            </Cluster>

            <Realm className="org.apache.catalina.realm.LockOutRealm">
                <Realm className="org.apache.catalina.realm.UserDatabaseRealm"
                       resourceName="UserDatabase"/>
            </Realm>

            <Host name="localhost" appBase="webapps"
                  unpackWARs="true" autoDeploy="true">

                <Valve className="org.apache.catalina.valves.AccessLogValve" directory="logs"
                       prefix="localhost_access_log" suffix=".txt"
                       pattern="%h %l %u %t &quot;%r&quot; %s %b" />
                <Context path="" docBase="/xub/instance/vsign/app/" reloadable="true" />
            </Host>
        </Engine>
    </Service>
</Server>

以上配置完成后可以依次启动tomcat,以上静态资源跟server都配置完了,下来配置nginx代理

 

二:nginx反向代理配置

#user nobody;
 worker_processes 2;

#pid logs/nginx.pid;

events {
 use epoll;
 worker_connections 1024;
 }

http {
 include mime.types;
 default_type application/octet-stream;
 charset utf-8;
 log_format main '"$query_string" - "$request_uri" - $remote_addr - $remote_user [$time_local] "$request" '
 '$status $request_time resp[$body_bytes_sent] refer[$http_referer] '
 'agent[$http_user_agent] host[$host] up[$upstream_addr] JSESSIONID[$cookie_jsessionid] $request_body';

access_log logs/access.log main;

#access_log logs/access.log main;
 # 启用内核复制模式,应该保持开启达到最快IO效率
 sendfile on;

#keepalive_timeout 0;
 # HTTP1.1支持持久连接alive
 # 降低每个连接的alive时间可在一定程度上提高可响应连接数量,所以一般可适当降低此值
 keepalive_timeout 65;

# 启动内容压缩,有效降低网络流量
 gzip on;
 # 过短的内容压缩效果不佳,压缩过程还会浪费系统资源
 gzip_min_length 1000;
 # 可选值1~9,压缩级别越高压缩率越高,但对系统性能要求越高
 gzip_comp_level 4;
 # 压缩的内容类别
 gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript;

# 静态文件缓存
 # 最大缓存数量,文件未使用存活期
 open_file_cache max=655350 inactive=20s;
 # 验证缓存有效期时间间隔
 open_file_cache_valid 30s;
 # 有效期内文件最少使用次数
 open_file_cache_min_uses 2;

upstream web_app {
 server 10.99.11.27:8050 weight=1 max_fails=2 fail_timeout=30s;
 server 10.99.11.27:8060 weight=1 max_fails=2 fail_timeout=30s;

}
 upstream web_static {
 server 10.99.11.26:80 ;
 }
 server {
 listen 80;
 server_name localhost;

#charset koi8-r;

#access_log logs/host.access.log main;

location ^~/kaptcha {
 #tomcat地址
 proxy_pass http://web_app;

# 请求头中Host信息
 proxy_set_header HOST $host;
 # # 真实的客户端IP
 proxy_set_header X-Real-IP $remote_addr;
 # # 代理路由信息,此处取IP有安全隐患
 proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
 # # 真实的用户访问协议
 proxy_set_header X-Forwarded-Proto $scheme;
 # 默认值default,
 # 后端response 302时 tomcat header中location的host是http://192.168.1.62:8080
 # 因为tomcat收到的请求是nginx发过去的, nginx发起的请求url host是http://192.168.1.62:8080
 # 设置为default后,nginx自动把响应头中location host部分替换成当前用户请求的host部分
 # 网上很多教程将此值设置成 off,禁用了替换,
 # 这样用户浏览器收到302后跳到http://192.168.1.62:8080,直接将后端服务器暴露给浏览器
 # 所以除非特殊需要,不要设置这种画蛇添足的配置
 proxy_redirect default;
 client_max_body_size 10m;
 client_body_buffer_size 128k;
 proxy_connect_timeout 90;
 proxy_send_timeout 90;
 proxy_read_timeout 90;
 proxy_buffer_size 4k;
 proxy_buffers 4 32k;
 proxy_busy_buffers_size 64k;
 proxy_temp_file_write_size 64k;

}

#配置Nginx动静分离,定义的静态页面直接从Nginx发布目录读取。
 location ~ .*\.(html|htm|gif|jpeg|bmp|png|ico|txt|js|css|swf)$ {
 proxy_pass http://web_static;
 proxy_set_header HOST $host;
 proxy_set_header X-Real-IP $remote_addr;
 #expires定义用户浏览器缓存的时间为7天,如果静态页面不常更新,可以设置更长,这样可以节省带宽和缓解服务器的压力
 # expires 7d;
 }

location / {

proxy_pass http://web_app;

# 请求头中Host信息
 proxy_set_header HOST $host;
 # 真实的客户端IP
 proxy_set_header X-Real-IP $remote_addr;
 # 代理路由信息,此处取IP有安全隐患
 proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
 # 真实的用户访问协议
 proxy_set_header X-Forwarded-Proto $scheme;
 # 默认值default,
 # 后端response 302时 tomcat header中location的host是http://192.168.1.62:8080
 # 因为tomcat收到的请求是nginx发过去的, nginx发起的请求url host是http://192.168.1.62:8080
 # 设置为default后,nginx自动把响应头中location host部分替换成当前用户请求的host部分
 # 网上很多教程将此值设置成 off,禁用了替换,
 # 这样用户浏览器收到302后跳到http://192.168.1.62:8080,直接将后端服务器暴露给浏览器
 # 所以除非特殊需要,不要设置这种画蛇添足的配置
 proxy_redirect default;
 client_max_body_size 10m;
 client_body_buffer_size 128k;
 proxy_connect_timeout 90;
 proxy_send_timeout 90;
 proxy_read_timeout 90;
 proxy_buffer_size 4k;
 proxy_buffers 4 32k;
 proxy_busy_buffers_size 64k;
 proxy_temp_file_write_size 64k;

}

}

}
  • 安卓客户端下载
  • 微信扫一扫
  • weinxin
  • 微信公众号
  • 微信公众号扫一扫
  • weinxin
avatar