|
|
名称:nginx+tomcat+redis+php
mail:maishujie_dj@163.com
-------------------------------------------------------------------------------------
设置ip 192.168.1.26 解析域名 www.egaosi.com
安装redis软件
用户设置 添加用户gaosilive,解决研发部门上传的问题 ssh的问题
目录权限 /opt/tomcat1/webapps /opt/tomcat2/webapps /opt/tomcat3/webapps
/usr/local/nginx/conf/nginx.conf /data
目录设置:
软件目录 /data/tool(长期保存)
安装目录 根据软件情况定制
程序上传目录 /opt/tomcat1/ webapps
备份程序目录 /data/backup/system(程序保存一周)
备份数据库目录 /data/backup/mysql(长期保存)
软件部署:所需软件:
jdk-7u67-linux-x64(jdk软件,版本1.6.67)
nginx(分发软件,版本1.6)
apache-tomcat-7.0.54(版本1.7.0.54)
mysql-5.5.37(数据库软件,版本5.5.37)
redis-2.6.17(缓存,版本2.6.17)
--------------------------------------------------------------------------------
##Jdk安装
rpm –ivh jdk-7u67-linux-x64.rpm
vi /root/.bash_profile
添加内容
JAVA_HOME=/usr/java/jdk1.7.0_67
PATH=$JAVA_HOME/bin:$PATH
CLASSPATH=.:$JAVA_HOME/lib/dt.jar:$JAVA_HOME/lib/tools.jar
export JAVA_HOME
export PATH
export> #使变量文件生效
source /root/.bash_profile
测试:java –version
##Tomcat安装
#安装目录 /opt
#解压tomcat,并复制到/opt下
tar zxf apache-tomcat-7.0.54.tar.gz
cp -a apache-tomcat-7.0.54 /opt/ tomcat1,端口为8080
cp -a apache-tomcat-7.0.54 / opt /tomcat2 端口为8081
cp -a apache-tomcat-7.0.54 / opt /tomcat2 端口为8081
具体端口为
tomcat配置文件为
#具体设置:
tomcat1/conf/server.xml修改内容:以下tomcat的三个端口
shutdown端口:
http端口:
AJP端口:tomcat2的配置
##sessiong共享
加入redis的lib包commons-pool-1.6、jedis-2.1.0、tomcat-redis-session-manager-1.2-tomcat-7
#配置文件
#####################server.xml########################################################
resourceName="UserDatabase"/>
prefix="localhost_access_log." suffix=".txt"
pattern="%h %l %u %t "%r" %s %b" />
####context.xml##############################################
WEB-INF/web.xml
host="192.168.1.26"
port="6379"
database="0"
maxInactiveInterval="60"/>
################context.xml############jndi设置###########################
WEB-INF/web.xml
nginx与tomcat结合并实行分发式负载均衡
nginx安装目录 /usr/local
配置文件
vi /usr/local/nginx/conf
user www www;
worker_processes auto;
error_log /home/wwwlogs/nginx_error.log crit;
pid /usr/local/nginx/logs/nginx.pid;
#Specifies the value for maximum file descriptors that can be opened by this process.
worker_rlimit_nofile 51200;
events
{
use epoll;
worker_connections 51200;
multi_accept on;
}
http
{
include mime.types;
default_type application/octet-stream;
server_names_hash_bucket_size 128;
client_header_buffer_size 32k;
large_client_header_buffers 4 32k;
client_max_body_size 100m;
sendfile on;
tcp_nopush on;
keepalive_timeout 60;
tcp_nodelay on;
fastcgi_connect_timeout 300;
fastcgi_send_timeout 300;
fastcgi_read_timeout 300;
fastcgi_buffer_size 64k;
fastcgi_buffers 4 64k;
fastcgi_busy_buffers_size 128k;
fastcgi_temp_file_write_size 256k;
#gzip on;
#gzip_min_length 1k;
#gzip_buffers 4 16k;
#gzip_http_version 1.0;
#gzip_comp_level 2;
#gzip_types text/plain application/x-javascript text/css application/xml;
#gzip_vary on;
#gzip_proxied expired no-cache no-store private auth;
#gzip_disable "MSIE [1-6]\.";
#limit_conn_zone $binary_remote_addr zone=perip:10m;
##If enable limit_conn_zone,add "limit_conn perip 10;" to server section.
server_tokens off;
#log format
log_format access '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" $http_x_forwarded_for';
upstream egaosi {
server 127.0.0.1:8080;
server 127.0.0.1:8090;
server 127.0.0.1:8100;
server 127.0.0.1:8200 backup;
}
server
{
listen 80;
server_name www.egaosi.com egaosi.com;
#charset koi8-r;
#access_log logs/host.access.log main;
location / {
proxy_redirect off ;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header REMOTE-HOST $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
client_max_body_size 50m;
client_body_buffer_size 256k;
proxy_connect_timeout 30;
proxy_send_timeout 30;
proxy_read_timeout 60;
proxy_buffer_size 256k;
proxy_buffers 4 256k;
proxy_busy_buffers_size 256k;
proxy_temp_file_write_size 256k;
proxy_next_upstream error timeout invalid_header http_500 http_503 http_404;
proxy_max_temp_file_size 128m;
proxy_pass http://egaosi;
}
#error_page 404 /404.html;
location /nginx_status {
stub_status on;
access_log off;
}
location ^~ ^\/bbs {
root /data/webRoot/bbs;
index index.html index.htm index.php;
}
location ^~ ^\/bbs\/.+\.php{
root /data/webRoot/bbs;
include fastcgi.conf;
fastcgi_pass unix:/tmp/php-cgi.sock;
}
location ~ [^/]\.php(/|$)
{
# comment try_files $uri =404; to enable pathinfo
try_files $uri =404;
fastcgi_pass unix:/tmp/php-cgi.sock;
fastcgi_index index.php;
include fastcgi.conf;
#include pathinfo.conf;
}
#location ~* .(gif|jpg|jpeg|png|bmp|swf)$
#{
# expires 30d;
#}
#location ~* .(js|css)$
#{
# expires 12h;
#}
access_log /home/wwwlogs/access.log access;
}
include vhost/*.conf;
}
vim vhost/www.91haoke.com.conf
server{
listen 80;
server_name www.91haoke.com;
root /data/91haoke;
index index.html index.htm index.php;
location / {
# try_files $uri /index.php$uri;
if (!-e $request_filename) {
rewrite ^/(.*)$ /index.php/$1 last;
break;
}
}
error_page 500 502 503 504 /50x.html;
location /50x.html
{
root html;
}
location ~* \.php {
fastcgi_pass unix:/tmp/php-cgi.sock;
fastcgi_index index.php;
fastcgi_split_path_info ^(.+\.php)(/.*)$;
fastcgi_param PATH_INFO $fastcgi_path_info;
include fastcgi.conf;
ssi on;
ssi_silent_errors on;
}
location /status {
stub_status on;
access_log off;
}
location ~ .*\.(gif|jpg|jpeg|png|bmp|swf|mp3)$
{
expires 30d;
}
location ~ .*\.(js|css)?$
{
expires 1h;
}
access_log /home/wwwlogs/access.log access;
}
vim vhost/ht.tuiyou.com.conf
server{
listen 80;
server_name ht.tuiyou.com;
root /data/ceping/ht;
index index.html index.htm index.jsp;
error_page 500 502 503 504 /50x.html;
location /50x.html {
root html;
}
#location ~ .*.jsp$ {
location ~ $ {
index index.jsp;
proxy_pass http://127.0.0.1:8082;
}
location /status {
stub_status on;
access_log off;
}
location ~ .*\.(gif|jpg|jpeg|png|bmp|swf|mp3)$
{
expires 30d;
}
location ~ .*\.(js|css)?$
{
expires 1h;
}
location ~ \.mp4$
{
# mp4;
}
access_log /home/wwwlogs/access.log access;
}
重启服务:/etc/init.d/nginx start
##Mysql安装
mysql目录 /usr/local
cp support-files/my-innodb-heavy-4G.cnf /etc/my.cnf
##config file edit
vim /etc/my.cnf
skip-name-resolve=1
cp support-files/mysql.server /etc/init.d/mysqlsource
chmod 755 /etc/init.d/mysqlsource
chown mysql.mysql /usr/local/mysql/ -R
##init mysql datadir
sh scripts/mysql_install_db --user=mysql --basedir=/usr/local/mysql/ --datadir=/usr/local/mysql/data/
重启服务:/etc/init.d/mysqld start
-------------------------------------------------------------------------------------------------------------
#redis install
tar xf redis-2.6.17.tar.gz
cd redis-2.6.17
make
cd src/
make install
mkdir -p /usr/local/bin
make install
cd ..
cp redis.conf redis6379.conf
cp redis.conf redis6379.conf
vi redis6379.conf
daemonize yes
pidfile /usr/local/redis/var/redis.pid
port 6379
timeout 300
loglevel debug
logfile /usr/local/redis/var/redis.log
databases 16
save 900 1
save 300 10
save 60 10000
rdbcompression yes
dbfilename dump.rdb
dir /usr/local/redis/var/
appendonly no
appendfsync always
glueoutputbuf yes
shareobjects no
shareobjectspoolsize 1024
vi redis6380.conf
aemonize yes
pidfile /usr/local/redis/var/redis.pid
port 6380
timeout 300
loglevel debug
logfile /usr/local/redis/var/redis.log
databases 16
save 900 1
save 300 10
save 60 10000
rdbcompression yes
dbfilename dump.rdb
dir /usr/local/redis/var/
appendonly no
appendfsync always
glueoutputbuf yes
shareobjects no
shareobjectspoolsize 1024
cd /usr/local/redis/bin/
./redis-server --port 6379 > /dev/null &
./redis-server --port 6380 > /dev/null &
./redis-server --port 6379 > /dev/null &
ps aux |grep redis
telnet 127.0.0.1 6379
telnet 127.0.0.1 6380
-------------------------------------------------------------------------------------------------------------
###备份数据
1。Web备份
#!/bin/bash
DAY=`/bin/date +%Y%m%d`
DATA_DIR=/opt/tomcat1/webapps
BACKUP_DIR=/data/backup/system
export DAY DATA_DIR DEL_DAY BACKUP_DIR
if [ -d $BACKUP_DIR/$DEL_DAY ]
then
rm -rf $BACKUP_DIR/$DEL_DAY
fi
/bin/mkdir -p $BACKUP_DIR/$DAY
cd $DATA_DIR
for i in `ls`
do
if [ $i != weblog ]
then
cd $DATA_DIR
tar cjf $BACKUP_DIR/$DAY/$i.tar.bz2 $i
fi
done
2. Mysql备份(长期保存)
#!/bin/bash
AAA=gaosilive
mysqldump -h localhost -u root -pgaosilive $AAA > /data/backup/mysql/$AAA`date +%Y%m%d`.sql
tomcat之间的同步问题:
采用
防火墙:
防火墙设置:
允许sshd(22)端口访问,远程登录更改端口号
iptables -A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT
允许ftp(21、20)端口访问
iptables -A INPUT -p tcp -m state --state NEW -m tcp --dport 20 -j ACCEPT
iptables -A INPUT -p tcp -m state --state NEW -m tcp --dport 21 -j ACCEPT
允许web(80)端口访问
iptables -A INPUT -p tcp -m state --state NEW -m tcp --dport 80 -j ACCEPT
允许mysql(3306)端口访问
iptables -A INPUT -p tcp -m state --state NEW -m tcp --dport 3306 -j ACCEPT
允许redis(6379)端口访问
iptables -A INPUT -p tcp -m state --state NEW -m tcp --dport 6379 -j ACCEPT
测试环境部署线上环境(rsync):
server:192.168.1.244(测试服务器)
client:192.168.1.26(正式服务器)
##--------------------------------------server192.168.1.244----------------------------
yum -y install gcc wget vim
wget http://rsync.samba.org/ftp/rsync/src/rsync-3.0.9.tar.gz
tar xvf rsync-3.0.9.tar.gz && cd rsync-3.0.9
./configure --prefix=/usr
make && make install
mkdir -p /etc/rsyncd/rsyncd && cd /etc/rsyncd/rsyncd/
touch rsyncd.conf
touch rsyncd.secrets
chmod 600 rsyncd.secrets
touch rsyncd.motd
vi /etc/rsyncd/rsyncd.conf
# Distributed under the terms of the GNU General Public License v2
# Minimal configuration file for rsync daemon
# See rsync(1) and rsyncd.conf(5) man pages for help
# This line is required by the /etc/init.d/rsyncd script
pid file = /var/run/rsyncd.pid
port = 873
address =192.168.1.244
#uid = nobody
#gid = nobody
uid = root
gid = root
use chroot = yes
read only = yes
#limit access to private LANs
hosts allow=192.168.1.0/255.255.255.0
hosts deny=*
max connections = 5
motd file = /etc/rsyncd/rsyncd.motd
#This will give you a separate log file
log file = /var/log/rsync.log
#This will log every file transferred - up to 85,000+ per user, per sync
#transfer logging = yes
log format = %t %a %m %f %b
syslog facility = local3
timeout = 300
[samba_data]
path = /opt
list=no
ignore errors
auth users = root
secrets file = /etc/rsyncd/rsyncd.secrets
vi /etc/rsyncd/rsyncd.secrets
root:111111
user:111111
chown root.root rsyncd.secrets
chmod 600 rsyncd.secrets
vi /etc/rsyncd/rsyncd.motd
++++++++++++++++++++++++++++++++++++++++++++++
Welcome to use the mike.org.cn rsync services!
2002------2014
++++++++++++++++++++++++++++++++++++++++++++++
EOF
### 启动rsync服务器
/usr/bin/rsync --daemon --config=/etc/rsyncd/rsyncd.conf
ipt.9.tar.gz
cd rsync-3.0.9
./configure --prefix=/usr
makemake install
##在rsync客户端上查看提供了哪些可用的数据源:
rsync -avzP rables -A INPUT -p tcp -m state --state NEW -m tcp --dport 873 -j ACCEPT
###rsync 服务器上的所提供的同步内容在rsync服务器上查看提供了哪些可用的数据源。
rsync --list-only root@172.16.244::samba_data
mkdir -p /data/share/
-----------------------rsync客户端安装192.168.1.26--------------------------------------
wget http://rsync.samba.org/ftp/rsync/src/rsync-3.0.9.tar.gz
tar xvf rsync-3.0oot@172.16.5.244::samba_data
rsync -avzP --delete root@192.168.1.26::samba_data /opt
rsync -avzp --delete --password-file=rsync.password root@172.16.5.244::samba_data /data
touch rsync.password
chmod 600 rsync.passwod
echo "111111"> rsync.password
rsync -avzp --delete --password-file=rsync.password root@172.16.5.244::samba_data /data这样就不需要密码了
##在 /etc/cron.daily.rsync中创建了一个文件名为:root.sh ,并且是权限是 755。
mkdir /etc/cron.daily.rsync
cd /etc/cron.daily.rsync
touch root.sh
chmod 755 root.sh
root.sh
#!/bin/bash
#172.16.5.244 samba_data backup
/usr/bin/rsync -avzP --delete --password-file=/etc/rsyncd/rsyncroot.password root@192.168.1.26::samba_data /data/$(date +'%m-%d-%y')
sh root.sh
mkdir /etc/rsyncd/
cd /etc/rsyncd/
touch rsyncroot.password
chmod 600 rsyncroot.password
echo "111111" > rsyncroot.password
service crond restart
killall crond
ps aux |grep crond
/usr/sbin/crond
ps aux |grep crond
|
|
|
|
|
|
|
|
|
QQ群⑧:
窥视卡
雷达卡
发表于 2018-11-10 14:15:59
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
千斤顶
显身卡