Nginx (C): Ejemplos de configuración

Preparación del entorno

  Configuración de un proxy inverso, equilibrio de carga estática y dinámica de separación de las necesidades ambientales necesarias, JDK, 2 Ge Tomcat puertos abiertos 8080 y 8081.

instalación JDK

[root@localhost ~]# rpm -qa|grep java 
[root@localhost ~]# yum install -y java
# 省略

Complete!
[root@localhost ~]# java -version
openjdk version "1.8.0_242"
OpenJDK Runtime Environment (build 1.8.0_242-b08)
OpenJDK 64-Bit Server VM (build 25.242-b08, mixed mode)

instalación de Tomcat

注意：/opt/目录下的softwares和devtools是新创建的，apache-tomcat-7.0.103.tar.gz是网上下载的。

[root@localhost softwares]# ls
apache-tomcat-7.0.103.tar.gz
[root@localhost softwares]# tar -zxvf apache-tomcat-7.0.103.tar.gz -C /opt/devtools/
# 省略
[root@localhost softwares]# cd ../devtools/
[root@localhost devtools]# ls
apache-tomcat-7.0.103
[root@localhost devtools]# mv apache-tomcat-7.0.103/ apache-tomcat-7.0.103.8080/
[root@localhost devtools]# cp -r apache-tomcat-7.0.103.8080/ apache-tomcat-7.0.103.8081/
[root@localhost devtools]# ls
apache-tomcat-7.0.103.8080  apache-tomcat-7.0.103.8081

Modificar el archivo de configuración

[root@localhost devtools]# cd apache-tomcat-7.0.103.8081/conf/
[root@localhost conf]# ls
catalina.policy  catalina.properties  context.xml  logging.properties  server.xml  tomcat-users.xml  web.xml
[root@localhost conf]# vi server.xml 

# 将8080修改为8081
<Connector port="8081" protocol="HTTP/1.1"
               connectionTimeout="20000"
               redirectPort="8443" />

autenticación de inicio

1. Comience 8081

[root@localhost conf]# cd ../bin/
[root@localhost bin]# ./startup.sh 
Using CATALINA_BASE:   /opt/devtools/apache-tomcat-7.0.103.8081
Using CATALINA_HOME:   /opt/devtools/apache-tomcat-7.0.103.8081
Using CATALINA_TMPDIR: /opt/devtools/apache-tomcat-7.0.103.8081/temp
Using JRE_HOME:        /usr
Using CLASSPATH:       /opt/devtools/apache-tomcat-7.0.103.8081/bin/bootstrap.jar:/opt/devtools/apache-tomcat-7.0.103.8081/bin/tomcat-juli.jar
Tomcat started.

2. Comience 8080

[root@localhost bin]# cd /opt/devtools/apache-tomcat-7.0.103.8080/bin/
[root@localhost bin]# ./startup.sh 
Using CATALINA_BASE:   /opt/devtools/apache-tomcat-7.0.103.8080
Using CATALINA_HOME:   /opt/devtools/apache-tomcat-7.0.103.8080
Using CATALINA_TMPDIR: /opt/devtools/apache-tomcat-7.0.103.8080/temp
Using JRE_HOME:        /usr
Using CLASSPATH:       /opt/devtools/apache-tomcat-7.0.103.8080/bin/bootstrap.jar:/opt/devtools/apache-tomcat-7.0.103.8080/bin/tomcat-juli.jar
Tomcat started.

proxy inverso

Ejemplos de un proxy inverso

Para conseguir el efecto: el uso nginx reverse proxy, visita www.123.com saltar directamente a 127.0.0.1:8080

La modificación de la configuración del host local

192.168.1.11		www.123.com

modificación de la configuración Nginx

[root@localhost bin]# cd /etc/nginx/
[root@localhost nginx]# ls
conf.d     fastcgi.conf          fastcgi_params          koi-utf  mime.types          nginx.conf          scgi_params          uwsgi_params          win-utf
default.d  fastcgi.conf.default  fastcgi_params.default  koi-win  mime.types.default  nginx.conf.default  scgi_params.default  uwsgi_params.default
# 建议先把原配置文件备份
[root@localhost nginx]# cp nginx.conf nginx.conf.bak
[root@localhost nginx]# vi nginx.conf

listen       80;
server_name  www.123.com;

location / {
    proxy_pass http://127.0.0.1:8080
}

[root@localhost nginx]# systemctl start nginx
[root@localhost nginx]# cd /var/log/nginx/
[root@localhost nginx]# ls
access.log  error.log
[root@localhost nginx]# tail -500f error.log 
2020/04/05 03:01:25 [crit] 58256#0: *1 connect() to 127.0.0.1:8080 failed (13: Permission denied) while connecting to upstream, client: 192.168.1.9, server: www.123.com, request: "GET / HTTP/1.1", upstream: "http://127.0.0.1:8080/", host: "www.123.com"
2020/04/05 03:01:25 [crit] 58256#0: *1 connect() to 127.0.0.1:8080 failed (13: Permission denied) while connecting to upstream, client: 192.168.1.9, server: www.123.com, request: "GET /nginx-logo.png HTTP/1.1", upstream: "http://127.0.0.1:8080/nginx-logo.png", host: "www.123.com", referrer: "http://www.123.com/"
2020/04/05 03:01:25 [crit] 58259#0: *3 connect() to 127.0.0.1:8080 failed (13: Permission denied) while connecting to upstream, client: 192.168.1.9, server: www.123.com, request: "GET /poweredby.png HTTP/1.1", upstream: "http://127.0.0.1:8080/poweredby.png", host: "www.123.com", referrer: "http://www.123.com/"
2020/04/05 03:01:25 [crit] 58259#0: *3 connect() to 127.0.0.1:8080 failed (13: Permission denied) while connecting to upstream, client: 192.168.1.9, server: www.123.com, request: "GET /favicon.ico HTTP/1.1", upstream: "http://127.0.0.1:8080/favicon.ico", host: "www.123.com", referrer: "http://www.123.com/"
^C
# 抛出异常, 经下方命令排查是因为系统访问网络状态关闭
[root@localhost nginx]# getsebool -a | grep httpd_can_network_connect
httpd_can_network_connect --> off
httpd_can_network_connect_cobbler --> off
httpd_can_network_connect_db --> off

acceso a la red abierta

# SELinux命令，临时配置，重启后失效
[root@localhost nginx]# setsebool httpd_can_network_connect=1
# 写入配置文件的命令，重启后保留
[root@localhost nginx]# setsebool -P httpd_can_network_connect 1

visita exitosa

Ejemplo dos proxy inverso

  Para conseguir el efecto: el uso nginx reverse proxy, salto a un diferentes puertos de servicio que se accede en el camino del puerto de escucha nginx 9001,

Acceso http://www.123.com/edu/ Ir directo a 127.0.0.1:8080

Acceso http://www.123.com/vod/ Ir directo a 127.0.0.1:8081

Modificar los archivos de servicio Tomcat

[root@localhost ~]# cd /opt/devtools/apache-tomcat-7.0.103.8080/webapps/
[root@localhost webapps]# ls
docs  examples  host-manager  manager  ROOT
[root@localhost webapps]# cd ROOT/
[root@localhost ROOT]# ls
asf-logo-wide.svg  bg-button.png  bg-middle.png  bg-nav.png  bg-upper.png  favicon.ico  index.jsp  RELEASE-NOTES.txt  tomcat.css  tomcat.gif  tomcat.png  tomcat-power.gif  tomcat.svg  WEB-INF
[root@localhost ROOT]# vi index.jsp 

<div id="asf-box">
                <h1>${pageContext.servletContext.serverInfo}:8080</h1>
            </div>

Modificar la misma manera 8081

<div id="asf-box">
    <h1>${pageContext.servletContext.serverInfo}:8081</h1>
</div>

• Tomcat reinicio

Nginx modificar archivos de configuración

#        location / {
#            proxy_pass http://127.0.0.1:8080;
#        }
        
        location /edu/ {
            proxy_pass http://127.0.0.1:8080;
        }
        
        location /vod/ {
            proxy_pass http://127.0.0.1:8081;
        }

• nginx reinicio

[root@localhost nginx]# tail -500f error.log
2020/04/05 04:08:34 [error] 62039#0: *78 open() "/usr/share/nginx/html/favicon.ico" failed (2: No such file or directory), client: 192.168.1.9, server: www.123.com, request: "GET /favicon.ico HTTP/1.1", host: "www.123.com", referrer: "http://www.123.com/edu/"

La razón, si la dirección del servidor proxy es con el URI, este URI reemplazará locationla parte coincidente de la URI.
Si la dirección del servidor proxy es sin un URI, se reenvía al servidor proxy con la URL solicitada completa.

Eso http://www.123.com/edu/ solicitud se reenvía a http://127.0.0.1:8080/edu/, este camino no existe en el servidor, a continuación, busque puntos nginx, todavía no se encuentran, una excepción.

注意：location 正则匹配，proxy_pass 不允许使用URI。

Optimización modificar el nginx configuración

#        location / {
#            proxy_pass http://127.0.0.1:8080;
#        }

        location /edu/ {
            proxy_pass http://127.0.0.1:8080/;
        }

        location /vod/ {
            proxy_pass http://127.0.0.1:8081/;
        }

• nginx reinicio