tomcat代理的设置
2017-09-03 本文已影响479人
尘曦的雨
NT的实现
yum -y install nginx 安装Nginx
cd /etc/nginx/conf.d/
vim tomcat.conf
server {
listen 80;
server_name www.chenxi.com;
location / {
proxy_pass http://127.0.0.1; 定义只要非.jsp与do文件结尾的都访问本机,也就是动静分离
}
location ~* \.(jsp|do)$ {
proxy_pass http://www.chenxis.com:8080;
}
}
server {
listen 80;
server_name www.chenxit.com;
location / {
proxy_pass http://www.chenxid.com:8080;
}
}
getenforce 查看SELinux策略
setenforce 0 关闭SELinux策略
[root@localhost conf.d]# nginx -t
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful
[root@localhost conf.d]#systemctl start nginx
[root@localhost conf.d]# ss -lnt
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 128 *:80 *:*
LISTEN 0 128 *:22 *:*
LISTEN 0 100 127.0.0.1:25 *:*
LISTEN 0 128 :::80 :::*
LISTEN 0 100 :::8080 :::*
LISTEN 0 128 :::22 :::*
LISTEN 0 100 ::1:25 :::*
LISTEN 0 1 ::ffff:127.0.0.1:8005 :::*
LISTEN 0 100 :::8009 :::*
[root@localhost conf.d]# vim /etc/hosts 配置本地host解析文件
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
172.16.251.203 www.chenxis.com www.chenxid.com
------------------------------------------------------------------------------------------------------------
tomcat的设置
<Host name="www.chenxid.com" appBase="webapps" 默认tomcat主页
unpackWARs="true" autoDeploy="true">
</Host>
<Host name="www.chenxis.com" appBase="/data/webapps" 定义一个网页的目录
unpackWARs="true" autoDeploy="true">
<Valve className="org.apache.catalina.valves.AccessLogValve" directory="logs"
prefix="chenxis_access_log." suffix=".log"
pattern="%h %l %u %t "%r" %s %b" />
[root@centos7 tomcat]# cd /data/webapps
[root@centos7 webapps]# ls ROOT/
classes index.jsp lib META-INF WEB-INF
客户端测试
以.jsp结尾
AT的实现
[root@localhost conf.d]#yum -y install httpd 安装httpd服务
[root@localhost conf.d]# httpd -M 查看httpd的模块
AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using localhost.localdomain. Set t
he 'ServerName' directive globally to suppress this messageLoaded Modules:
core_module (static)
so_module (static)
http_module (static)
access_compat_module (shared)
actions_module (shared)
alias_module (shared)
allowmethods_module (shared)
auth_basic_module (shared)
auth_digest_module (shared)
authn_anon_module (shared)
authn_core_module (shared)
authn_dbd_module (shared)
authn_dbm_module (shared)
authn_file_module (shared)
authn_socache_module (shared)
authz_core_module (shared)
authz_dbd_module (shared)
authz_dbm_module (shared)
authz_groupfile_module (shared)
authz_host_module (shared)
authz_owner_module (shared)
authz_user_module (shared)
autoindex_module (shared)
cache_module (shared)
cache_disk_module (shared)
data_module (shared)
dbd_module (shared)
deflate_module (shared)
dir_module (shared)
dumpio_module (shared)
echo_module (shared)
env_module (shared)
expires_module (shared)
ext_filter_module (shared)
filter_module (shared)
headers_module (shared)
include_module (shared)
info_module (shared)
log_config_module (shared)
logio_module (shared)
mime_magic_module (shared)
mime_module (shared)
negotiation_module (shared)
remoteip_module (shared)
reqtimeout_module (shared)
rewrite_module (shared)
setenvif_module (shared)
slotmem_plain_module (shared)
slotmem_shm_module (shared)
socache_dbm_module (shared)
socache_memcache_module (shared)
socache_shmcb_module (shared)
status_module (shared)
substitute_module (shared)
suexec_module (shared)
unique_id_module (shared)
unixd_module (shared)
userdir_module (shared)
version_module (shared)
vhost_alias_module (shared)
dav_module (shared)
dav_fs_module (shared)
dav_lock_module (shared)
lua_module (shared)
mpm_prefork_module (shared)
proxy_module (shared) 代理模块必须存在,没有的话手动启动
lbmethod_bybusyness_module (shared)
lbmethod_byrequests_module (shared)
lbmethod_bytraffic_module (shared)
lbmethod_heartbeat_module (shared)
proxy_ajp_module (shared) ajp的代理模块
proxy_balancer_module (shared)
proxy_connect_module (shared)
proxy_express_module (shared)
proxy_fcgi_module (shared)
proxy_fdpass_module (shared)
proxy_ftp_module (shared)
proxy_http_module (shared) 确保此模块存在
proxy_scgi_module (shared)
proxy_wstunnel_module (shared)
systemd_module (shared)
cgi_module (shared)
httpd的代理模块:
proxy_module
proxy_http_module:适配http协议客户端;
proxy_ajp_module:适配ajp协议客户端;
Client (http) --> httpd (proxy_http_module)(http) --> tomcat (http connector)
Client (http) --> httpd (proxy_ajp_module)(ajp) --> tomcat (ajp connector)
Client (http) --> httpd (mod_jk)(ajp) --> tomcat (ajp connector)
[root@localhost conf.d]# vim tomcat-http.conf
<VirtualHost *:80>
ServerName www.chenxi.com
ServerAlias www.cx.com 定义一个别名
ProxyRequests Off 是否关闭正想代理off关闭
ProxyVia On响应是是否加一个手部
ProxyPreserveHost Off 是否将客户端请求主机名传递后端主机on传递off不传递
<Proxy *>
Require all granted对本地所有代理功能都允许
</Proxy>
ProxyPass / http://www.chenxis.com:8080/表示你请求的内容是什么后面内容就是什么;建议一致,不一致重写是会出问题
ProxyPassReverse / http://www.chenxis.com:8080/ 重写后是否对新URL做代理
<Location />
Require all granted做授权2.4要求必须要授权的
</Location>
</VirtualHost>
客户端的host文件
客户端测试
使用ajp协议实现at
[root@localhost conf.d]# vim tomcat-http.conf
<VirtualHost *:80>
ServerName www.chenxi.com
ServerAlias www.cx.com
ProxyRequests Off
ProxyVia On
ProxyPreserveHost Off
<Proxy *>
Require all granted
</Proxy>
ProxyPass / ajp://www.chenxis.com:8005/
ProxyPassReverse / ajp://www.chenxis.com:8005/
<Location />
Require all granted
</Location>
</VirtualHost>
[root@localhost conf.d]# systemctl restart httpd
[root@localhost conf.d]# ss -lnt
State Recv-Q Send-Q Local Address:Port Peer Addre
ss:Port LISTEN 0 128 *:22 *:*
LISTEN 0 100 127.0.0.1:25 *:*
LISTEN 0 128 :::80 :::*
LISTEN 0 128 :::22 :::*
LISTEN 0 100 ::1:25 :::*
客户端测试不支持把后端主机,只会把前段用户请求的主机名传给后端主机
<VirtualHost *:80>
ServerName www.chenxi.com
ServerAlias www.cx.com
ProxyRequests Off
ProxyVia On
ProxyPreserveHost Off
<Proxy *>
Require all granted
</Proxy>
ProxyPass / ajp://www.chenxis.com:8009/
ProxyPassReverse / ajp://www.chenxis.com:8009/
<Location />
Require all granted
</Location>
</VirtualHost>
[root@localhost conf.d]# systemctl restart httpd
[root@localhost conf.d]# ss -lnt
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 128 *:22 *:*
LISTEN 0 100 127.0.0.1:25 *:*
LISTEN 0 128 :::80 :::*
LISTEN 0 128 :::22 :::*
LISTEN 0 100 ::1:25 :::*
客户端测试
更改host文件
访问www.chenxis.com
实现NAT用jsp
[root@localhost yum.repos.d]# yum -y install nginx
[root@localhost conf.d]# cd /etc/nginx/conf.d/
[root@localhost conf.d]# cat tomcat.conf Nginx的相关设定
server {
listen 80;
server_name www.chenxi.com;
location / {
proxy_pass http://127.0.0.1;
}
location ~* \.(jsp|do)$ {
proxy_pass http://www.chenxis.com:8080;
}
}
server {
listen 80;
server_name www.chenxit.com;
location / {
proxy_pass http://www.chenxid.com:8080;
}
}
[root@localhost conf.d]# vim tomcat-http.conf httpd端使用ajp代理
<VirtualHost *:80>
ServerName www.chenxi.com
ServerAlias www.cx.com
ProxyRequests Off 关闭正向代理
ProxyVia On
ProxyPreserveHost Off
<Proxy *>
Require all granted
</Proxy>
ProxyPass / ajp:/ http.chenxis.com:8009/
ProxyPassReverse / http://www.chenxis.com:8009/
<Location />
Require all granted
</Location>
</VirtualHost>
客户端测试
实现NAT用httd的配置
http的相关配置
[root@localhost httpd]# vim /etc/httpd/conf.d/tomcat-http.conf
<VirtualHost *:80>
ServerName www.chenxi.com
ServerAlias www.cx.com
ProxyRequests Off
ProxyVia On
ProxyPreserveHost Off
<Proxy *>
Require all granted
</Proxy>
ProxyPass / http://www.chenxis.com:8080/
ProxyPassReverse / http://www.chenxis.com:8080/
<Location />
Require all granted
</Location>
</VirtualHost>
[root@localhost httpd]# systemctl restart httpd 重启服务
Nginx服务不需要做什么改动
客户端测试
NTjijue的实现