Linux(CentOS 7)下安装配置nginx代理多个tomcat实例和应用
注:本文 nginx版本:1.12.2 Tomcat版本: 9.0.2
*yum安装
[root@izbp1di2a9vvogy93gw0onz local]# rpm -ivh https://nginx.org/packages/centos/7/noarch/RPMS/nginx-release-centos-7-0.el7.ngx.noarch.rpm
[root@izbp1di2a9vvogy93gw0onz local]# yum install nginx
*启动
[root@izbp1di2a9vvogy93gw0onz local]# systemctl start nginx.service
启动报错:
Job for nginx.service failed because the control process exited with error code. See “systemctl status nginx.service” and “journalctl -xe” for details.
● nginx.service - nginx - high performance web server
Loaded: loaded (/usr/lib/systemd/system/nginx.service; disabled; vendor preset: disabled)
查看状态
[root@izbp1di2a9vvogy93gw0onz local]# systemctl status nginx.service
Active: failed (Result: exit-code) since Tue 2017-12-19 10:58:55 CST; 10s ago
Docs: http://nginx.org/en/docs/
Process: 26726 ExecStart=/usr/sbin/nginx -c /etc/nginx/nginx.conf (code=exited, status=1/FAILURE)
Process: 26722 ExecStartPre=/usr/sbin/nginx -t -c /etc/nginx/nginx.conf (code=exited, status=0/SUCCESS)
Dec 19 10:58:52 izbp1di2a9vvogy93gw0onz nginx[26726]: nginx: [emerg] bind() to 0.0.0.0:80 failed (98: Address already in use)
……
Dec 19 10:58:55 izbp1di2a9vvogy93gw0onz systemd[1]: nginx.service: control process exited, code=exited status=1
Dec 19 10:58:55 izbp1di2a9vvogy93gw0onz systemd[1]: Failed to start nginx - high performance web server.
Dec 19 10:58:55 izbp1di2a9vvogy93gw0onz systemd[1]: Unit nginx.service entered failed state.
Dec 19 10:58:55 izbp1di2a9vvogy93gw0onz systemd[1]: nginx.service failed.
可以看到是bind to 0.0.0.0:80 fail——绑定80端口失败,
查看nginx错误日志(可能要先改log文件权限)
[root@izbp1di2a9vvogy93gw0onz local]# /var/log/nginx/error.log
/var/log/nginx/error.log: line 1: syntax error near unexpected token ('
/var/log/nginx/error.log: line 1:2017/12/19 10:54:17 [emerg] 26705#26705: >>bind() to 0.0.0.0:80 failed (98: Address already in use)’
80端口早已被使用,将占用80端口的Tomcat关闭后启动成功
[root@izbp1di2a9vvogy93gw0onz local]# systemctl start nginx.service
可用[root@izbp1di2a9vvogy93gw0onz local]# rpm -ql nginx | grep nginx
查看安装软件(nginx)的位置信息
路径说明/etc一些设置文件放置的目录如/etc/crontab/usr/bin一些可执行文件/usr/lib一些程序使用的动态函数库/usr/share/doc一些基本的软件使用手册与帮助文档/usr/share/man一些man page文件
- /etc/nginx: 默认安装位置;
- /etc/nginx/conf.d/default.conf: 默认配置信息
- /etc/nginx/nginx.conf:Nginx 主配置文件
- /usr/share/nginx/html/:Nginx 的默认站点根目录
- /etc/nginx/conf.d/default.conf:默认站点配置
- /var/log/nginx/error.log:错误日志
相关补充:
启动 Nginx
systemctl start nginx.service
停止 Nginx
systemctl stop nginx.service
重启 Nginx
systemctl restart nginx.service
查看 Nginx 状态
systemctl status nginx.service
*修改Nginx默认配置,转发(映射)请求到不同应用
在Nginx默认配置文件,我的是/etc/nginx/conf.d/default.conf,将不同域名的不同端口配置添加
server {
listen 80;
server_name wx.xxx.name;
location / {
proxy_pass http://wx.xxx.name:8080;#对应下面的tomcat中server.xml的端口
}
}
server {
listen 80;
server_name byxt.xxx.name;
location / {
proxy_set_header Host $host; #设置请求头,并将请求头信息传到服务器,访问服务器文件时不用带上端口号了
proxy_set_header X-Forwarded-For $remote_addr;
proxy_pass http://byxt.xxx.name:8081;
}
}
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19如果是统一域名下请求路径不同,则只需要配置一个server,修改location和proxy_pass的配置
server{
…
…
#加下面的配置
location /路径名1/{
proxy_pass http://xxx.xxx.xxx:8080/路径名1; #主要是这里,这是tomcat1的端口和项目
location /路径名2/{
proxy_pass http://xxx.xxx.xxx:8081/路径名2; #主要是这里,这是tomcat2的端口和项目
}
1
2
3
4
5
6
7
8
9
10重启nginx服务。
*Tomcat相关配置
先准备两个tomcat,不赘述,之后称tomcat1,tomcat2。
1. 先修改vi /etc/profile (末尾or wherever)添加
#第一个Tomcat CATALINA_BASE=/usr/local/wechat/apache-tomcat-9.0.0.M18 CATALINA_HOME=/usr/local/wechat/apache-tomcat-9.0.0.M18 export CATALINA_BASE CATALINA_HOME #第二个Tomcat CATALINA_2_BASE=/usr/local/tomcat CATALINA_2_HOME=/usr/local/tomcat export CATALINA_2_BASE CATALINA_2_HOME #第一个Tomcat路径 TOMCAT_HOME=/usr/local/wechat/apache-tomcat-9.0.0.M18 export TOMCAT_HOME #第二个Tomcat路径 TOMCAT_2_HOME=/usr/local/tomcat export TOMCAT_2_HOME 之后重新执行刚修改的profile使之生效 [root@izbp1di2a]# source /etc/profile 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17
这是tomcat启动时catalina.sh中读取实例的路径。
细分的说CATALINA_HOME 指Tomcat安装路径,CATALINA_BASE 指实例所在位置,CATALINA_HOME 路径下只需要包含 bin 和 lib 目录,而 CATALINA_BASE 只存放 conf、webapps、logs 等这些文件。
随后修改tomcat2的catalina.sh,在
# OS specific support. $var _must_ be set to either true or false.
下面增加如下代码
export CATALINA_BASE=$CATALINA_2_BASE export CATALINA_HOME=$CATALINA_2_HOME 1 2
不修改的话执行tomcat2的start.sh、shutdown.sh等脚本还是会执行默认的tomcat1的脚本。
2. 修改两个tomcat下的server.xml将http和stop的端口号改为不同,其中的两个http协议端口与nginx默认配置中的xxx.xxx.xxx:8080、xxx.xxx.xxx:8081等对应
3. 如果不成功,检查firewall或者iptables有没有开放对应端口,我就是iptables中没有配置要转发到的8081端口:
[root@izbp1di2a9vvogy93gw0onz apache-tomcat-9.0.0.M18]# tail -f /etc/sysconfig/iptables -A INPUT -p icmp -j ACCEPT -A INPUT -i lo -j ACCEPT -A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT -A INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT -A INPUT -m state --state NEW -m tcp -p tcp --dport 8080 -j ACCEPT -A INPUT -m state --state NEW -m tcp -p tcp --dport 3306 -j ACCEPT -A INPUT -j REJECT --reject-with icmp-host-prohibited -A FORWARD -j REJECT --reject-with icmp-host-prohibited COMMIT # Completed on Sun Nov 26 00:26:06 2017 ^[[A^C [root@izbp1di2a9vvogy93gw0onz apache-tomcat-9.0.0.M18]# vim /etc/sysconfig/iptables [root@izbp1di2a9vvogy93gw0onz apache-tomcat-9.0.0.M18]# systemctl restart iptables.service [root@izbp1di2a9vvogy93gw0onz apache-tomcat-9.0.0.M18]# iptables -L -n Chain INPUT (policy ACCEPT) target prot opt source destination ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:22 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:80 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:8080 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:8081 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:3306 REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited Chain FORWARD (policy ACCEPT) target prot opt source destination REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited Chain OUTPUT (policy ACCEPT) target prot opt source destination