1.每日复盘与今日内容
1.1复盘
- keepalived高可用配置
- 抢占式与非抢占式
- 脑裂
- keepalived处理Nginx挂掉
1.2今日内容
- 部署、安装、配置tomcat(systemctl)
- Tomcat主配置文件
- 部署静态页
- 部署zrlog🍟🍟🍟🍟🍟
- 接入负载均衡
- 挂载到NFS
2.部署Tomcat
tomcat--处理动态
Nginx--处理静态
- 官网
|----------|-----------|
| 主流 | 依赖 |
| Tomcat11 | 依赖JDK17版本 |
| Tomcat10 | 依赖JDK11版本 |
| Tomcat9 | 依赖JDK8版本 |
#WEB01部署JDK
上传JDK8安装
先将文件拖入之后安装
[root@web01 ~]# rpm -ivh jdk-8u181-linux-x64.rpm
warning: jdk-8u181-linux-x64.rpm: Header V3 RSA/SHA256 Signature, key ID ec551f03: NOKEY
Verifying... ################################# [100%]
Preparing... ################################# [100%]
Updating / installing...
1:jdk1.8-2000:1.8.0_181-fcs ################################# [100%]
#检查
[root@web01 ~]# rpm -qa|grep jdk
jdk1.8-1.8.0_181-fcs.x86_64
#下载Tomcat9
[root@web01 ~]# wget https://dlcdn.apache.org/tomcat/tomcat-9/v9.0.108/bin/apache-tomcat-9.0.108.tar.gz
[root@web01 ~]# mkdir /soft
#解压到/soft
[root@web01 ~]# tar xf apache-tomcat-9.0.108.tar.gz -C /soft/
[root@web01 ~]# ll /soft/
total 0
drwxr-xr-x 9 root root 220 Aug 22 08:58 apache-tomcat-9.0.108
[root@web01 ~]# ln -s /soft/apache-tomcat-9.0.108/ /soft/tomcat
[root@web01 ~]# ll /soft/
total 0
drwxr-xr-x 9 root root 220 Aug 22 08:58 apache-tomcat-9.0.108
lrwxrwxrwx 1 root root 28 Aug 22 08:58 tomcat -> /soft/apache-tomcat-9.0.108/
#运行Tomcat
[root@web01 bin]# #./startup.sh # 相对路径启动Tomcat
[root@web01 bin]# #/soft/tomcat/bin/startup.sh # 绝对路径启动Tomcat
[root@web01 bin]# /soft/tomcat/bin/startup.sh
#默认运行端口8080
[root@web01 bin]# netstat -tnulp
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 127.0.0.1:9000 0.0.0.0:* LISTEN 1504/php-fpm: maste
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 6909/nginx: master
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 980/sshd: /usr/sbin
tcp 0 0 0.0.0.0:443 0.0.0.0:* LISTEN 6909/nginx: master
tcp6 0 0 :::8080 :::* LISTEN 18473/java 
3.配置systemctl方式启动Tomcat
[root@web01 ~]# cat >/usr/lib/systemd/system/tomcat.service<<'EOF'
> [Unit]
> Description=Apache Tomcat Server
> After=network.target remote-fs.target nss-lookup.target
>
> [Service]
> Type=forking
> ExecStart=/soft/tomcat/bin/startup.sh
> ExecStop=/soft/tomcat/bin/shutdown.sh
> ExecRestart=/soft/tomcat/bin/shutdown.sh && sleep2 && /soft/tomcat/bin/startup.sh
>
> [Install]
> WantedBy=multi-user.target
> EOF
#重新加载systemctl
[root@web01 ~]# systemctl daemon-reload
#同一时间只能用一种方式来管理启动方式要么是用命令、要么是用systemctl,不要用命令开启,systemctl关闭,不然关不掉。
#停止tomcat
[root@web01 ~]# /soft/tomcat/bin/shutdown.sh
#使用systemctl 运行 tomcat
[root@web01 ~]# systemctl start tomcat
[root@web01 ~]# netstat -tnulp
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 127.0.0.1:9000 0.0.0.0:* LISTEN 1504/php-fpm: maste
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 980/sshd: /usr/sbin
tcp6 0 0 :::8080 :::* LISTEN 18708/java
tcp6 0 0 :::22 :::* LISTEN 980/sshd: /usr/sbin
tcp6 0 0 127.0.0.1:8005 :::* LISTEN 18708/java
udp 0 0 127.0.0.1:323 0.0.0.0:* 671/chronyd
udp6 0 0 ::1:323 :::* 671/chronyd 4.Tomcat主配置文件
整体结构说明
server.xml 采用嵌套结构,从外到内定义了 Tomcat 的运行时容器:
Server -> Service -> Connector(s) + Engine -> Host -> Context
#类似nginx的核心区块-->http区块-->server区块-->location区块
[root@web01 conf]# cat /soft/tomcat/conf/server.xml
<?xml version="1.0" encoding="UTF-8"?>
<Server port="8005" shutdown="SHUTDOWN">
<Listener className="org.apache.catalina.startup.VersionLoggerListener" />
<Listener className="org.apache.catalina.core.AprLifecycleListener" />
<Listener className="org.apache.catalina.core.JreMemoryLeakPreventionListener" />
<Listener className="org.apache.catalina.mbeans.GlobalResourcesLifecycleListener" />
<Listener className="org.apache.catalina.core.ThreadLocalLeakPreventionListener" />
<GlobalNamingResources>
<Resource name="UserDatabase" auth="Container"
type="org.apache.catalina.UserDatabase"
description="User database that can be updated and saved"
factory="org.apache.catalina.users.MemoryUserDatabaseFactory"
pathname="conf/tomcat-users.xml" />
</GlobalNamingResources>
<Service name="Catalina">
<Connector port="8080" protocol="HTTP/1.1"
connectionTimeout="20000"
redirectPort="8443"
maxParameterCount="1000"
/>
<Engine name="Catalina" defaultHost="localhost">
<Realm className="org.apache.catalina.realm.LockOutRealm">
<Realm className="org.apache.catalina.realm.UserDatabaseRealm"
resourceName="UserDatabase"/>
</Realm>
<Host name="localhost" appBase="webapps"
unpackWARs="true" autoDeploy="true">
<Valve className="org.apache.catalina.valves.AccessLogValve" directory="logs"
prefix="localhost_access_log" suffix=".txt"
pattern="%h %l %u %t "%r" %s %b" />
</Host>
</Engine>
</Service>
</Server>5.快速部署静态页面
1.配置虚拟主机
cd /soft/tomcat/conf/
vim server.xml
...
<Host name="localhost" appBase="webapps"
unpackWARs="true" autoDeploy="true">
<Valve className="org.apache.catalina.valves.AccessLogValve" directory="logs"
prefix="localhost_access_log" suffix=".txt"
pattern="%h %l %u %t "%r" %s %b" />
</Host>
<!--复制一份Host自定义为diy.oldboy.com 代码目录指向/code/diy-->
<Host name="diy.oldboy.com" appBase="/code/diy/"
unpackWARs="true" autoDeploy="true">
<Valve className="org.apache.catalina.valves.AccessLogValve" directory="logs"
prefix="diy.oldboy.com" suffix=".log"
pattern="%h %l %u %t "%r" %s %b" />
</Host>
</Engine>
</Service>
</Server>
~
"server.xml" 51L, 1985C written
#重启生效
[root@web01 conf]# systemctl restart tomcat
[root@web01 conf]# echo diy... > /code/diy/index.html
[root@web01 conf]# mkdir /code/diy/ROOT
[root@web01 conf]# mv /code/diy/index.html /code/diy/ROOT
[root@web01 conf]# ll /code/diy/ROOT
total 4
-rw-r--r-- 1 root root 7 Aug 22 10:15 index.htmlTomcat的文件页内容需放在指向目录的/ROOT下才能生效
-
context
类似nginx的location作用
#下面的context作用 如果访问diy.oldboy.com/tt 则给用户返回/code/tt/下的内容
#注意如果context下的目录如果不提前创建、则tomcat无法运行
<Host name="diy.oldboy.com" appBase="/code/diy/" unpackWARs="true" autoDeploy="true">
<Context docBase="/code/tt" path="/tt" reloadable="true" />
<Valve className="org.apache.catalina.valves.AccessLogValve" directory="logs" prefix="diy.oldboy.com" suffix=".log" pattern="%h %l %u %t "%r" %s %b" />
</Host>[root@web01 conf]# systemctl restart tomcat
[root@web01 conf]# mkdir /code/tt
[root@web01 conf]# echo context... > /code/tt/index.html
[root@web01 conf]# cat /code/tt/index.html
context...
-
管理自带的管理界面
Tomcat自带的管理页面
管理功能
监控功能
1.所有的管理页面,都将权限赋予给了角色,而角色的名称是固定的: manager-gui admin-gui
2.需要添加一个用户,将用户捆绑至对应的角色,这样用户就可以访问到对应的页面
#将3行内容复制到倒数第1行的上面
[root@web01 conf]# tail -4 /soft/tomcat/conf/tomcat-users.xml
<role rolename="manager-gui"/>
<role rolename="admin-gui"/>
<user username="tomcat" password="123456" roles="manager-gui,admin-gui"/>
</tomcat-users>3.由于项目默认允许127.0.0.1访问,所以配置好了角色和用户也无法正常访问:
[root@web01 ROOT]# vim /soft/tomcat/webapps/host-manager/META-INF/context.xml
[root@web01 ROOT]# vim /soft/tomcat/webapps/manager/META-INF/context.xml默认状态,
<Valve className="org.apache.catalina.valves.RemoteAddrValve" allow="\d+\.\d+\.\d+\.\d+|::1|0:0:0:0:0:0:0:1" />
修改后的状态:10.0.0.\d
<Valve className="org.apache.catalina.valves.RemoteAddrValve" allow="10\d+\.\d+\.\d+\.\d+|::1|0:0:0:0:0:0:0:1" />
重启生效
[root@web01 conf]# systemctl restart tomcat
6.Tomcat部署zrlog博客
#第一步 配置server
[root@web01 ~]# cd /soft/tomcat/conf/
[root@web01 conf]# vim server.xml
...
<Host name="diy.oldboy.com" appBase="/code/diy/"
unpackWARs="true" autoDeploy="true">
<Context docBase="/code/tt" path="/tt" reloadable="true" />
<Valve className="org.apache.catalina.valves.AccessLogValve" directory="logs"
prefix="diy.oldboy.com" suffix=".log"
pattern="%h %l %u %t "%r" %s %b" />
</Host>
<Host name="www.zrlog.com" appBase="/code/zrlog/"
unpackWARs="true" autoDeploy="true">
<Valve className="org.apache.catalina.valves.AccessLogValve" directory="logs"
prefix="zrlog" suffix=".log"
pattern="%h %l %u %t "%r" %s %b" />
</Host>
</Engine>
</Service>
</Server>
#重启生效
[root@web01 conf]# systemctl restart tomcat
[root@web01 conf]# cd /code/zrlog/
[root@web01 zrlog]# wget https://dl.zrlog.com/release/javax-war/zrlog.war
#修改名称为ROOT.war 立刻自动解压部署
[root@web01 zrlog]# mv zrlog ROOT
#等待自动解压后删除war包
[root@web01 zrlog]# rm -rf zrlog.war
#创建数据库zrlog
[root@db01 ~]# mysql -uroot -plzy123.com -e "create database zrlog;"
[root@db01 ~]# mysql -uroot -plzy123.com -e "show databases;"
+--------------------+
| Database |
+--------------------+
| information_schema |
| mysql |
| performance_schema |
| wordpress |
| zh |
| zrlog |
+--------------------+
#windows解析
10.0.0.7 www.zrlog.com
#安装部署流程
7.Tomcat接入负载均衡
-
单台
[root@web01 conf.d]# cat tom.conf
server {
listen 80;
server_name www.zrlog.com;location / { proxy_pass http://127.0.0.1:8080; proxy_set_header Host $http_host; }}
[root@web01 conf.d]# nginx -t
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful
[root@web01 conf.d]# systemctl restart nginx -
多台
#1.WEB02部署JDK
[root@web02 ~]# scp 10.0.0.7:~/jdk* .
[root@web02 ~]# rpm -ivh jdk-8u181-linux-x64.rpm#2.WEB02部署Tomcat
[root@web02 ~]# scp -r 10.0.0.7:/soft /#3.将WEB01的代码同步到WEB02
[root@web02 ~]# scp -r 10.0.0.7:/code/zrlog /code/#4.配置systemctl启动方式
[root@web02 ~]# scp 10.0.0.7:/usr/lib/systemd/system/tomcat.service /usr/lib/systemd/system/[root@web02 ~]# systemctl daemon-reload
#5.启动tomcat
[root@web02 ~]# systemctl start tomcat
[root@web02 ~]# netstat -tnulp
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 961/sshd: /usr/sbin
tcp 0 0 127.0.0.1:9000 0.0.0.0:* LISTEN 69766/php-fpm: mast
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 94884/nginx: master
tcp6 0 0 :::22 :::* LISTEN 961/sshd: /usr/sbin
tcp6 0 0 :::8080 :::* LISTEN 105456/java#6.windows hosts解析到10.0.0.8测试zrlog
#7.负载均衡配置转发zrlog
[root@lb01 conf.d]# cat zrlog.conf
upstream tom {
server 172.16.1.7:8080;
server 172.16.1.8:8080;
}
server {
listen 443 ssl;
server_name www.zrlog.com;
ssl_certificate ssl_key/server.crt;
ssl_certificate_key ssl_key/server.key;
# 配置 SSL 会话缓存,提高性能
ssl_session_cache shared:SSL:1m;
# 设置 SSL 会话超时时间
ssl_session_timeout 5m;
# 自定义设置使用的TLS协议的类型以及加密套件(以下为配置示例,请您自行评估是否需要配置)
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
# 指定允许的 TLS 协议版本,TLS协议版本越高,HTTPS通信的安全性越高,但是相较于低版本TLS协议,高版本TLS协议对浏览器的兼容性较差
ssl_protocols TLSv1.2 TLSv1.3;
# 优先使用服务端指定的加密套件
ssl_prefer_server_ciphers on;include lv_env; location / { proxy_pass http://tom; }}
#配置将用户访问http请求强制跳转https
server {
listen 80;
server_name www.zrlog.com;
return 302 https://server_namerequest_uri;
}
[root@lb01 conf.d]# nginx -t
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful
[root@lb01 conf.d]# systemctl restart nginx
8.静态文件挂载NFS
#1.找到图片的位置
Request URL: http://www.zrlog.com:8080/attached/image/20250822/20250822114746_206_thumbnail.png?h=723&w=660
#2.配置NFS
[root@nfs ~]# vim /etc/exports
/data/wp 172.16.1.0/24(rw,sync,all_squash,anonuid=666,anongid=666)
/data/zh 172.16.1.0/24(rw,sync,all_squash,anonuid=666,anongid=666)
/data/zrlog 172.16.1.0/24(rw,sync,all_squash,anonuid=666,anongid=666)
[root@nfs ~]# mkdir /data/zrlog
[root@nfs ~]# chown www.www /data/zrlog
[root@nfs ~]# systemctl start nfs
[root@nfs ~]# systemctl restart nfs
#3.将上传的图片拷贝到NFS
[root@web02 zrlog]# scp -r /code/zrlog/ROOT/attached/image 10.0.0.31:/data/zrlog/
[root@nfs ~]# chown -R www.www /data/zrlog/
[root@nfs ~]# ll /data/zrlog/
total 0
drwxr-x--- 3 www www 19 Aug 22 11:53 attached
#4.挂载相应目录、
#如果没有上传attached目录不存在需要手动创建。
[root@web01 ~]# mkdir /code/zrlog/ROOT/attached/
[root@web01 ~]# mount -t nfs 172.16.1.31:/data/zrlog /code/zrlog/ROOT/attached/
[root@web01 ~]# df -h
Filesystem Size Used Avail Use% Mounted on
devtmpfs 459M 0 459M 0% /dev
tmpfs 475M 0 475M 0% /dev/shm
tmpfs 475M 37M 438M 8% /run
tmpfs 475M 0 475M 0% /sys/fs/cgroup
/dev/sda3 48G 5.2G 43G 11% /
/dev/sda1 195M 122M 74M 63% /boot
tmpfs 95M 0 95M 0% /run/user/0
172.16.1.31:/data/zrlog 48G 3.8G 45G 8% /code/zrlog/ROOT/attached
[root@web02 ~]# mount -t nfs 172.16.1.31:/data/zrlog /code/zrlog/ROOT/attached/
[root@web02 ~]# df -h
Filesystem Size Used Avail Use% Mounted on
devtmpfs 459M 0 459M 0% /dev
tmpfs 475M 0 475M 0% /dev/shm
tmpfs 475M 49M 426M 11% /run
tmpfs 475M 0 475M 0% /sys/fs/cgroup
/dev/sda3 48G 4.8G 43G 11% /
/dev/sda1 195M 122M 74M 63% /boot
tmpfs 95M 0 95M 0% /run/user/0
172.16.1.31:/data/wp 48G 3.8G 45G 8% /code/wordpress/wp-content/uploads
172.16.1.31:/data/zrlog 48G 3.8G 45G 8% /code/zrlog/ROOT/attached
#注意Nginx默认上传的限制
vim /etc/nginx/nginx.conf # 写在http区块即可
client_max_body_size 20M;9.今日总结
- 部署、安装、配置tomcat(systemctl)
- Tomcat主配置文件
- 部署静态页
- 部署zrlog🍟🍟🍟🍟🍟
- 接入负载均衡
- 挂载到NFS
