nginx+tomcat+mysql模板配置


说明:

    nginx+tomcat+mysql全部安装在一台云服务器上,然后对其做一个镜像



服务器配置:

    ucloud云服务器

    centos6.5 64位

    cpu:4核

    内存:8G



软件版本:

    nginx-1.8.0.tar.gz

    apache-tomcat-7.0.64.tar.gz

    jdk-7u80-linux-x64.rpm

    mysql-5.6.27.tar.gz



安装jdk:

    软件:jdk-7u80-linux-x64.rpm

    下载地址:http://www.oracle.com/technetwork/java/javase/downloads/jdk7-downloads-1880260.html

rpm -qa | grep java             #查看是否已安装java环境
mkdir /usr/java                 #java程序将安装在此目录
cd /usr/local/src/
rpm -ivh jdk-7u80-linux-x64.rpm
vi /etc/profile                 #设置环境变量
##在最后添加:
export JAVA_HOME=/usr/java/jdk1.7.0_80
export PATH=$PATH:$JAVA_HOME/bin
export CLASSPATH=.:$JAVA_HOME/jre/lib/rt.jar:$JAVA_HOME/lib/dt.jar:$JAVA_HOME/lib/tools.jar
source /etc/profile             #立即生效
java -version                   #查看安装是否成功
java version "1.7.0_80"
Java(TM) SE Runtime Environment (build 1.7.0_80-b15)
Java HotSpot(TM) 64-Bit Server VM (build 24.80-b02, mixed mode)



安装tomcat:

    软件:apache-tomcat-7.0.64.tar.gz

    下载地址:http://tomcat.apache.org/download-70.cgi

cd /usr/local/src/
tar -zxf apache-tomcat-7.0.64.tar.gz
cp -a apache-tomcat-7.0.64 /usr/local/tomcat7/

    配置和优化:

vi /usr/local/tomcat7/conf/server.xml
##修改为:
    
                
注意:
    tomcat7里面没有maxSpareThreads="1000",minProcessors="100",maxProcessors="1000" 这三个参数
    参考:http://tomcat.apache.org/tomcat-7.0-doc/config/http.html
vi /usr/local/tomcat7/bin/catalina.sh
##添加:
JAVA_OPTS='-server -Xms1024m -Xmx2048m -XX:PermSize=256M -XX:MaxNewSize=256m -XX:MaxPermSize=256m'

    修改日志目录:/data/tomcat7/logs

vi /usr/local/tomcat7/conf/server.xml
 
  
vi /usr/local/tomcat7/conf/logging.properties
1catalina.org.apache.juli.FileHandler.level = FINE
1catalina.org.apache.juli.FileHandler.directory = /data/tomcat7/logs
1catalina.org.apache.juli.FileHandler.prefix = catalina.

2localhost.org.apache.juli.FileHandler.level = FINE
2localhost.org.apache.juli.FileHandler.directory = /data/tomcat7/logs
2localhost.org.apache.juli.FileHandler.prefix = localhost.

3manager.org.apache.juli.FileHandler.level = FINE
3manager.org.apache.juli.FileHandler.directory = /data/tomcat7/logs
3manager.org.apache.juli.FileHandler.prefix = manager.

4host-manager.org.apache.juli.FileHandler.level = FINE
4host-manager.org.apache.juli.FileHandler.directory = /data/tomcat7/logs
4host-manager.org.apache.juli.FileHandler.prefix = host-manager.
vi /usr/local/tomcat7/bin/catalina.sh
if [ -z "$CATALINA_OUT" ] ; then
	CATALINA_OUT=/data/tomcat7/logs/catalina.out
fi

    修改日志输出格式:

vi /usr/local/tomcat7/conf/server.xml
pattern="%{X-Real-IP}i %a %l %u %t "%r" %s %b" />            #nginx做反向代理,%{X-Real-IP}i 获取用户的真实ip

    修改根目录:

vi /usr/local/tomcat7/conf/server.xml
 
  


    cronolog日志切割:

1.安装cronolog 
cd /usr/local/src/
tar xf cronolog-1.6.2.tar.gz 
cd cronolog-1.6.2 
./configure && make && make install

which cronolog:查看是否安装成功


2.修改catalina.sh
vi /opt/tomcat7/bin/catalina.sh
#大概390行,删除原来的2行(有两处地方要改)
#改为:

      org.apache.catalina.startup.Bootstrap "$@" start 2>&1 \
      | /usr/local/sbin/cronolog /data/tomcat7/logs/catalina.%Y-%m-%d.out >> /dev/null &


3.重启tomcat


    安装APR插件,提高tomcat处理静态请求的性能:

tomcat 使用apr运行模式,提升IO性能

apr configure报错
rm: cannot remove `libtoolT': No such file or directory

解决:
编辑 configure文件,找到29605行

查找/$RM   按n键查找 加上$RM -f


tar -zxvf apr-1.5.2.tar.gz
cd apr-1.5.2
./configure --prefix=/opt/apr
make
make install

tar -zxvf apr-iconv-1.2.1.tar.gz
cd apr-iconv-1.2.1
./configure --prefix=/opt/apr-iconv --with-apr=/opt/apr
make
make install

tar -zxvf apr-util-1.5.4.tar.gz
cd apr-util-1.5.4
./configure --prefix=/opt/apr-util --with-apr=/opt/apr --with-apr-iconv=/opt/apr-iconv/bin/apriconv
make
make install

cd /opt/tomcat7/bin
tar -zxvf tomcat-native.tar.gz
cd /opt/tomcat7/bin/tomcat-native-1.1.33-src/jni/native/
./configure --prefix=/opt/apr --with-apr=/opt/apr --with-java-home=/usr/java/jdk1.7.0_80
make
make install

编辑/etc/profile,添加环境变量

vim /etc/profile

export LD_LIBRARY_PATH=$LD_LIBRARY_PATH:/opt/apr/lib

source /etc/profile

cd /opt/tomcat7/conf
vi server.xml
将
 
  


    创建日志目录和根目录:

mkdir -p /data/tomcat7/logs
mkdir -p /data/tomcat7/www/ROOT

    启动tomcat:

/usr/local/tomcat7/bin/startup.sh
		
/usr/local/tomcat7/bin/shutdown.sh            #关闭tomcat

    设置开机自动启动:

vi /etc/rc.local
##添加:
/usr/local/tomcat7/bin/startup.sh



安装nginx:

    软件:nginx-1.8.0.tar.gz

    下载地址:http://nginx.org/en/download.html

    安装nginx的依赖包:

yum -y install make gcc gcc-c++ autoconf automake
yum -y install zlib zlib-devel openssl openssl-devel pcre-devel

    安装pcre,使nginx支持rewrite重写:      

        软件:pcre-8.37.tar.gz

        载地址:ftp://ftp.csx.cam.ac.uk/pub/software/programming/pcre/

cd /usr/local/src/
tar -zxf pcre-8.37.tar.gz
cd pcre-8.37
./configure
make
make install

    安装ngx_cache_purge:

        软件:ngx_cache_purge-2.3.tar.gz

        下载地址:http://labs.frickle.com/nginx_ngx_cache_purge/

cd /usr/local/src/
tar -zxf ngx_cache_purge-2.3.tar.gz

    安装nginx:

cd /usr/local/src/
tar -zxf nginx-1.8.0.tar.gz 
cd nginx-1.8.0
./configure  --prefix=/usr/local/nginx --with-http_stub_status_module --with-http_ssl_module --with-http_gzip_static_module --with-http_gunzip_module --with-http_realip_module --add-module=../ngx_cache_purge-2.3
make
make install

    创建nginx用户:

useradd -s /sbin/nologin nginx

    修改文件打开数:(忽略)

ulimit -n 65535                     #记得设置开机自动启动

    修改配置文件:

mv /usr/local/nginx/conf/nginx.conf /usr/local/nginx/conf/nginx.conf.old
vi /usr/local/nginx/conf/nginx.conf
user nginx nginx;
worker_processes  4;
error_log  /data/nginx/logs/error.log;
pid        logs/nginx.pid;
worker_rlimit_nofile 65535;
  
events {
    use epoll;
    worker_connections  65535;
}
  
http {
    include       mime.types;
    default_type  application/octet-stream;
    log_format main '$remote_addr - $remote_user [$time_local] "$request" '
                        '$status $body_bytes_sent "$http_referer" '
                        '"$http_user_agent" $http_x_forwarded_for "$upstream_addr" "$upstream_status" "$upstream_response_time" "$request_time"';
      
    server_names_hash_bucket_size 128;
    client_header_buffer_size 32k;
    large_client_header_buffers 4 32k;
  
    sendfile       on;
    server_tokens off;
  
    tcp_nopush     on;
    tcp_nodelay    on;
  
    client_header_timeout 30;
    client_body_timeout 30;
    send_timeout   30;
    client_max_body_size 100M;
  
    keepalive_timeout  60;
  
    proxy_connect_timeout  100;
    proxy_send_timeout  100;
    proxy_read_timeout  100;
    proxy_buffer_size  16k;
    proxy_buffers  4 32k;
    proxy_busy_buffers_size  64k;
      
    gzip  on;
    gzip_min_length 1k;
    gzip_buffers 4 16k;
    gzip_http_version 1.1;
    gzip_comp_level 2;
    gzip_types text/plain application/x-javascript text/css application/xml text/javascript;
    gzip_vary on;
  
    upstream web1{
      #ip_hash;
      server 139.196.xx.xxx:8080 max_fails=3 fail_timeout=10s;
      #server 192.168.247.131:8080 max_fails=3 fail_timeout=30s;
    }
  
  
    server {
        listen       80;
        server_name  www.jinzhuanch.com;
        root /data/nginx/www/www.scj.com;
        index index.html index.htm index.jsp;

        #rewrite /login$ https://$server_name$request_uri;
        #rewrite /register.html$ https://$server_name$request_uri;
        #rewrite /account/.*$ https://$server_name$request_uri;
  
        access_log  /data/nginx/logs/www.scj.com/access.log main;
        error_page   500 502 503 504  /50x.html;

        location = /50x.html {
            root   html;
        }

        location = /p2p/rest/login {
          rewrite ^(.*) https://$server_name$1 permanent;
        }

        location = /p2p/static/html/register.html {
          rewrite ^(.*) https://$server_name$1 permanent;
        }

        location ~ /p2p/static/html/account/.* {
          rewrite ^(.*) https://$server_name$1 permanent;
        }
  
        location /p2p {
          proxy_pass http://web1;
          proxy_pass_header Server;
          proxy_set_header Host $host;
          proxy_set_header X-Real-IP $remote_addr;
          proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
          #proxy_next_upstream http_502 http_504 error timeout invalid_header;
        }
  
        #location ~ .*\.(gif|jpg|png|swf|bmp|jpeg)$ {
        #    expires 10d;
        #}
  
        #location ~ .*\.(js|css)?$ {
        #    expires 1h;
        #}
    }
  
    server {
        listen       443;
        server_name  www.jinzhuanch.com;
        root /data/nginx/www/www.scj.com;
        index index.html index.htm index.jsp;
 
        ssl on;
        ssl_certificate /usr/local/nginx/ca/server.crt;
        ssl_certificate_key /usr/local/nginx/ca/server.key;
        ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
        ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-SHA:AES128-GCM-SHA256:AES128-SHA256:AES128-SHA:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:AES256-GCM-SHA384:AES256-SHA256:AES256-SHA:ECDHE-RSA-AES128-SHA256:!aNULL:!eNULL:!EXPORT:!DES:!3DES:!MD5:!DSS:!PKS;
        ssl_prefer_server_ciphers on;
        ssl_session_cache shared:SSL:10m;
        ssl_session_timeout 10m;
 
        access_log  /data/nginx/logs/www.scj.com/access.log main;
        error_page   500 502 503 504  /50x.html;

        rewrite ^/p2p/?$ http://www.jinzhuanch.com/p2p;

        set $flag 0;
        if ($uri !~ /login$) {
          set $flag "${flag}1";
        }
        if ($uri !~ /register.html$) {
          set $flag "${flag}1";
        }
        if ($uri !~ /account/.*$) {
          set $flag "${flag}1";
        }
        if ($flag = "0111") {
          #rewrite ^/?.*$ http://$server_name$request_uri;
          rewrite ^(.*) http://$server_name$1 permanent;
        }

        location = /50x.html {
            root   html;
        }

        location /p2p {
          proxy_pass http://web1;
          proxy_set_header Host $host;
          proxy_set_header X-Real-IP $remote_addr;
          proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
          #proxy_next_upstream http_502 http_504 error timeout invalid_header;
        }
 
        #location ~ .*\.(gif|jpg|png|swf|bmp|jpeg)$ {
        #    expires 10d;
        #}
 
        #location ~ .*\.(js|css)?$ {
        #    expires 1h;
        #}
    }

    #server {
       #listen 80 default;
       #server_name _;
       #return 500;
    #}
}

##配置中采用了rewrite重写
##匹配login跳转到https
##匹配register跳转到https
##匹配/account/目录跳转到https
##其它所有请求全部用http

    创建根目录和日志目录:

mkdir -p /data/nginx/{www,logs}/www.scj.com

    创建ssl目录:

mkdir -p /usr/local/nginx/ca

    启动nginx:

/usr/local/nginx/sbin/nginx
    ##设置开机自动启动:
    vi /etc/rc.local
    /usr/local/nginx/sbin/nginx
			
/usr/local/nginx/sbin/nginx -s stop                #关闭nginx



安装mysql:

    软件:mysql-5.6.27.tar.gz

    下载地址:http://mirrors.sohu.com/mysql/MySQL-5.6/

    安装依赖包:

yum -y install cmake bison-devel  ncurses-devel kernel-devel readline-devel perl perl-devel
#yum -y install make gcc gcc-c++ cmake bison-devel  ncurses-devel kernel-devel readline-devel pcre-devel openssl-devel openssl zlib zlib-devel perl perl-devel
cd /usr/local/src/
tar -zxf mysql-5.6.27.tar.gz
cd mysql-5.6.27
	
mkdir -p /data/mysql/{data,logs}                #创建数据目录和日志目录
	
cmake  -DCMAKE_INSTALL_PREFIX=/usr/local/mysql -DMYSQL_DATADIR=/data/mysql/data -DSYSCONFDIR=/usr/local/mysql -DWITH_MYISAM_STORAGE_ENGINE=1 -DWITH_INNOBASE_STORAGE_ENGINE=1 -DWITH_MEMORY_STORAGE_ENGINE=1 -DWITH_PARTITION_STORAGE_ENGINE=1  -DMYSQL_UNIX_ADDR=/var/lib/mysql/mysql.sock  -DDEFAULT_CHARSET=utf8 -DDEFAULT_COLLATION=utf8_general_ci  -DEXTRA_CHARSETS:STRING=utf8,gbk  -DWITH_DEBUG=0
make -j4           #启用4个cpu同时编译(默认启用一个cpu编译)
make install

    创建数据库用户:

groupadd mysql 
useradd -s /sbin/nologin -g mysql mysql
/usr/local/mysql/scripts/mysql_install_db --basedir=/usr/local/mysql --datadir=/data/mysql/data --defaults-file=/usr/local/mysql/my.cnf --user=mysql         #初始化
chown -R mysql.mysql /data/mysql                   #授权

    修改配置文件:8核16G

mv /usr/local/mysql/my.cnf /usr/local/mysql/my.cnf.old
vi /usr/local/mysql/my.cnf

[mysqld]
port = 3306
basedir = /home/mysql
datadir = /home/mysql/data
socket = /home/mysql/mysql.sock
pid-file = /home/mysql/mysql.pid
open_files_limit = 65535
character_set_server=utf8

#log-bin = 
#binlog_format = mixed
##log_slave_updates = 1
##relay-log = /data/mysql/binlog/relay-log-bin
##relay-log-index = /data/mysql/binlog/slave-relay-bin.index
expire_logs_days = 7
max_binlog_size = 1G
binlog_cache_size = 32M
max_binlog_cache_size = 64M

long_query_time = 2
slow_query_log
slow_query_log_file = /home/mysql/logs/slowquery.log

default_storage_engine = InnoDB
innodb = FORCE
innodb_buffer_pool_size = 8G
innodb_log_file_size = 512M
innodb_additional_mem_pool_size = 16M
innodb_file_io_threads = 4
innodb_thread_concurrency = 8
innodb_flush_log_at_trx_commit = 2
innodb_log_buffer_size = 16M
innodb_log_files_in_group = 3
innodb_lock_wait_timeout = 120
innodb_file_per_table = 0

table_definition_cache = 512
table_open_cache = 512
back_log = 600
max_connections = 5000
max_connect_errors = 60000
external-locking = FALSE
max_allowed_packet = 64M
sort_buffer_size = 2M
join_buffer_size = 2M
thread_cache_size = 300
thread_concurrency = 16
query_cache_size = 64M
query_cache_limit = 4M
query_cache_min_res_unit = 2k
tmp_table_size = 256M 
max_heap_table_size = 256M

key_buffer_size = 2048M
read_buffer_size = 1M
read_rnd_buffer_size = 16M
bulk_insert_buffer_size = 64M

skip-host-cache
skip-name-resolve
lower_case_table_names=1
sql_mode=NO_ENGINE_SUBSTITUTION,STRICT_TRANS_TABLES
explicit_defaults_for_timestamp=true

[mysqld_safe]
log-error = /home/mysql/logs/error.log

[client]
socket = /home/mysql/mysql.sock
port = 3306



要修改参数:
basedir = /home/mysql
datadir = /home/mysql/data
socket = /home/mysql/mysql.sock
pid-file = /home/mysql/mysql.pid
slow_query_log_file = /home/mysql/logs/slowquery.log
log-error = /home/mysql/logs/error.log
max_connections = 5000
thread_cache_size = 300            #设置规则如下:1GB 内存配置为8,2GB配置为16,3GB配置为32,4GB或更高内存,可配置更大
thread_concurrency = 16			   #cpu核数的2倍
key_buffer_size = 2048M 		   #对于内存在4GB左右的服务器来说,该参数可设置为256MB或384MB
innodb_buffer_pool_size = 8G       #如果只需要用Innodb的话则可以设置它高达 70-80% 的可用内存
innodb_thread_concurrency = 8      #cpu的核数

    启动mysql:

cp -a /usr/local/mysql/support-files/mysql.server /etc/init.d/mysqld
chkconfig --add mysqld
chkconfig mysqld on
/etc/init.d/mysqld start     #/etc/init.d/mysqld 执行这个脚本时,会尝试去读取/etc/my.cnf文件或者mysql安装目录$basedir下的my.cnf文件

    修改path路径:

vi /etc/profile         
##在最后添加:
export PATH=$PATH:/usr/local/mysql/bin
		
source /etc/profile