`
rensanning
  • 浏览: 3552582 次
  • 性别: Icon_minigender_1
  • 来自: 大连
博客专栏
Efef1dba-f7dd-3931-8a61-8e1c76c3e39f
使用Titanium Mo...
浏览量:38217
Bbab2146-6e1d-3c50-acd6-c8bae29e307d
Cordova 3.x入门...
浏览量:607595
C08766e7-8a33-3f9b-9155-654af05c3484
常用Java开源Libra...
浏览量:682776
77063fb3-0ee7-3bfa-9c72-2a0234ebf83e
搭建 CentOS 6 服...
浏览量:89531
E40e5e76-1f3b-398e-b6a6-dc9cfbb38156
Spring Boot 入...
浏览量:402134
Abe39461-b089-344f-99fa-cdfbddea0e18
基于Spring Secu...
浏览量:69760
66a41a70-fdf0-3dc9-aa31-19b7e8b24672
MQTT入门
浏览量:91835
社区版块
存档分类
最新评论

搭建 CentOS 6 服务器(8) - Apache/Nginx/Jetty、Tomcat、WildFly

 
阅读更多
(一)Apache

(1)下载安装APR-Apache Portable Runtime
# cd /usr/local/src
# wget http://www.apache.org/dist/apr/apr-1.5.1.tar.gz
# tar zxvf apr-1.5.1.tar.gz
# cd /usr/local/src/apr-1.5.1
# ./configure --prefix=/usr/local/apr/1.5.1
# make clean
# make && make install


(2)下载安装APR-Util-Apache Portable Runtime Utility Library
# cd /usr/local/src
# wget http://www.apache.org/dist/apr/apr-util-1.5.3.tar.gz
# tar zxvf apr-util-1.5.3.tar.gz
# cd /usr/local/src/apr-util-1.5.3
# ./configure --prefix=/usr/local/apr-util/1.5.3 --with-apr=/usr/local/apr/1.5.1
# make clean
# make && make install


(3)下载安装httpd
# cd /usr/local/src
# wget http://archive.apache.org/dist/httpd/httpd-2.4.9.tar.gz
# tar zxvf httpd-2.4.9.tar.gz
# cd /usr/local/src/httpd-2.4.9
# ./configure \
   --prefix=/usr/local/apache/2.4.9 \
   --enable-expires \
   --enable-proxy \
   --enable-proxy-ajp \
   --enable-proxy-http \
   --enable-proxy-connect \
   --enable-headers \
   --enable-so \
   --enable-rewrite \
   --enable-ssl=shared \
   --with-apr=/usr/local/apr/1.5.1 \
   --with-apr-util=/usr/local/apr-util/1.5.3 \
   --with-pcre=/usr/local/pcre/8.35 \
   --with-ssl=/usr/local/ssl
# make && make install


(4)设置

日志
# cp -f /usr/local/apache/2.4.9/conf/httpd.conf /usr/local/apache/2.4.9/conf/httpd.conf.org
# vi /usr/local/apache/2.4.9/conf/httpd.conf
    # when proxy server
    #LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
    LogFormat "%{X-Forwarded-For}i %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined

    #CustomLog "logs/access_log" common    
    CustomLog "|/usr/sbin/rotatelogs /usr/local/apache/2.4.9/logs/access_log.%Y-%m-%d 86400" common


ServerName
# cat /usr/local/apache/2.4.9/conf/httpd.conf | grep ServerName
    # ServerName gives the name and port that the server uses to identify itself.
    ServerName xxxxx
# vi /etc/hosts
    127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4 xxxxx


启动
# echo "# chkconfig: 2345 99 10" >> /usr/local/apache/2.4.9/bin/apachectl
# echo "# description: Starts/Stops httpd Server" >> /usr/local/apache/2.4.9/bin/apachectl
# mv /etc/init.d/httpd /etc/init.d/httpd.org
# ln -s /usr/local/apache/2.4.9/bin/apachectl /etc/init.d/httpd


确认
# /etc/init.d/httpd start
# wget http://localhost
   It works!
# /etc/init.d/httpd sttop


(5)设置SSL

私钥
# mkdir -p /usr/local/apache/2.4.9/conf/cert_`date +%Y%m%d`
# cd /usr/local/apache/2.4.9/conf/cert_`date +%Y%m%d`
# openssl genrsa -des3 -out server_needpass.key 2048
    Generating RSA private key, 2048 bit long modulus
    ................................................+++
    ...................+++
    e is 65537 (0x10001)
    Enter pass phrase for server_needpass.key: my-phrase
    Verifying - Enter pass phrase for server_needpass.key: my-phrase
# openssl rsa -in server_needpass.key -out server.key
    Enter pass phrase for server_needpass.key: my-phrase
    writing RSA key


公钥
# openssl req -new -days 365 -key server.key -out server.csr <-第三方认证
Country Name (2 letter code) [GB]:
......

# openssl req -new -x509 -days 3650 -key server.key -out server.crt <-测试用


配置Apache的SSL认证文件
# cp /usr/local/apache/2.4.9/conf/cert_<YYYYMMDD>/server_needpass.key /usr/local/apache/2.4.9/conf/server_needpass.key 
# cp /usr/local/apache/2.4.9/conf/cert_<YYYYMMDD>/server.key /usr/local/apache/2.4.9/conf/server.key 
# cp /usr/local/apache/2.4.9/conf/cert_<YYYYMMDD>/server.csr /usr/local/apache/2.4.9/conf/server.csr 
# cp /usr/local/apache/2.4.9/conf/cert_<YYYYMMDD>/server.crt /usr/local/apache/2.4.9/conf/server.crt


安装设置mod_ssl
# yum install mod_ssl
# vi /usr/local/apache/2.4.9/conf/httpd.conf
    LoadModule ssl_module modules/mod_ssl.so
    LoadModule socache_shmcb_module modules/mod_socache_shmcb.so


再确认
# /etc/init.d/httpd restart
# wget http://localhost
    Congratulations!
# wget https://localhost
    Congratulations!


安装mod_jk
# cd /usr/local/src/
# wget http://archive.apache.org/dist/tomcat/tomcat-connectors/jk/tomcat-connectors-1.2.41-src.tar.gz
# tar zxvf tomcat-connectors-1.2.41-src.tar.gz
# cd tomcat-connectors-1.2.41-src/native/
# ./configure --with-apxs=/usr/sbin/apxs
# make
# make install

默认安装到了/etc/httpd/modules/mod_jk.so

(二)Nginx

下载安装
# cd /usr/local/src/
# wget http://nginx.org/download/nginx-1.7.7.tar.gz
# tar xzvf nginx-1.7.7.tar.gz
# cd nginx-1.7.7
# ./configure  \
   --prefix=/usr/local/nginx-1.7.7 \
   --with-pcre=/usr/local/src/pcre-8.35 \
   --with-zlib=/usr/local/src/zlib-1.2.8 \
   --user=nginx \
   --group=nginx \
   --with-http_ssl_module \
   --without-http_ssi_module \
   --without-http_uwsgi_module \
   --with-http_realip_module
# make
# make install
# ln -s /usr/local/nginx-1.7.7 /usr/local/nginx


启动
# vi /etc/init.d/nginx
   从http://wiki.nginx.org/RedHatNginxInitScript下载脚本文件后按以下修改:
    9 # config:      /usr/local/nginx/conf/nginx.conf
    11 # pidfile:     /var/run/nginx/nginx.pid
    22 nginx="/usr/local/nginx/sbin/nginx" 
    25 NGINX_CONF_FILE="/usr/local/nginx/conf/nginx.conf"
# chown nginx:nginx /etc/init.d/nginx
# chmod 755 /etc/init.d/nginx


设置
# cd /usr/local/nginx/conf/
# cp nginx.conf nginx.conf.default
# vi nginx.conf
    location /myproj {
        client_max_body_size 20M;
        proxy_set_header   Host             $host;
        proxy_set_header   X-Real-IP        $remote_addr;
        proxy_set_header HTTP_X_FORWARDED_FOR $remote_addr;
        proxy_pass http://localhost:8080/myproj; # <= Tomcat 
    }


设置SSL
# mkdir /etc/nginx/ssl
# cd /etc/nginx/ssl
# openssl req -new -x509 -sha256 -newkey rsa:2048 -days 365 -nodes -out /etc/nginx/ssl/nginx.pem -keyout /etc/nginx/ssl/nginx.key
# chmod 600 /etc/nginx/ssl/nginx.pem   

# vi /usr/local/nginx/conf/nginx.conf
server {

      # [...]

      listen 443 ssl;

      ssl on; 
      ssl_certificate      /etc/nginx/ssl/nginx.pem;
      ssl_certificate_key  /etc/nginx/ssl/nginx.key;
      # SSLv3 is broken by POODLE as of October 2014
      ssl_protocols TLSv1 TLSv1.1 TLSv1.2;

      ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP;   
      ssl_prefer_server_ciphers on;   

      # make the server choose the best cipher instead of the browser
      # Perfect Forward Secrecy(PFS) is frequently compromised without this
      ssl_prefer_server_ciphers on;

      # support only believed secure ciphersuites using the following priority:
      # 1.) prefer PFS enabled ciphers
      # 2.) prefer AES128 over AES256 for speed (AES128 has completely adequate security for now)
      # 3.) Support DES3 for IE8 support
      #
      # disable the following ciphersuites completely
      # 1.) null ciphers
      # 2.) ciphers with low security
      # 3.) fixed ECDH cipher (does not allow for PFS)
      # 4.) known vulnerable cypers (MD5, RC4, etc)
      # 5.) little-used ciphers (Camellia, Seed)
      ssl_ciphers 'kEECDH+ECDSA+AES128 kEECDH+ECDSA+AES256 kEECDH+AES128 kEECDH+AES256 kEDH+AES128 kEDH+AES256 DES-CBC3-SHA +SHA !aNULL !eNULL !LOW !kECDH !DSS !MD5 !EXP !PSK !SRP !CAMELLIA !SEED';

      ssl_session_cache shared:SSL:10m;
      ssl_session_timeout 10m;

      # [...]


确认
# /etc/init.d/nginx start
# wget http://localhost
# wget https://localhost
# /etc/init.d/nginx stop


设置维护页面
# vi /usr/local/nginx/html/maintenance.html
    <html>
    <head>
    <title>System Maintenance</title>
    </head>
    <body>
    <h1>System Maintenance</h1>
    Our apologies for the temporary inconvenience. The requested URL generated 503 "Service Unavailable" error due to overloading or maintenance of the server.
    </body>
    </html>
# vi nginx.conf
    #----------------------------------------------
    # Maintenance Settings
    set $maintenance false;
    if (-e /var/tmp/do_maintenance ) {
        set $maintenance true;
    }
    if ($maintenance = true) {
        rewrite ^ /maintenance.html redirect;
    }
    location /maintenance.html {
        root /usr/local/nginx/html;
        expires 0;
    }
    #----------------------------------------------
# nginx -s reload

维护开始时:
# touch /var/tmp/do_maintenance

维护结束时:
# rm -f /var/tmp/do_maintenance


(三)Jetty

下载安装
# cd /usr/local/src
# wget http://download.eclipse.org/jetty/stable-9/dist/jetty-distribution-9.2.9.v20150224.tar.gz
# tar zxvf jetty-distribution-9.2.9.v20150224.tar.gz -C /opt/
# mv /opt/jetty-distribution-9.2.9.v20150224/ /opt/jetty
# useradd -m jetty
# chown -R jetty:jetty /opt/jetty/
# ln -s /opt/jetty/bin/jetty.sh /etc/init.d/jetty


设置
# vi /etc/default/jetty
    JETTY_HOME=/opt/jetty
    NO_START=0
    JETTY_USER=jetty
    JETTY_ARGS=jetty.port=8085
    JETTY_HOST=0.0.0.0
    JETTY_LOGS=/opt/jetty/logs/


确认
# service jetty start
# wget http://localhost:8085
# service jetty stop


(四)Tomcat

下载安装
# cd /usr/local/src
# wget http://archive.apache.org/dist/tomcat/tomcat-7/v7.0.57/bin/apache-tomcat-7.0.57.tar.gz
# tar xzvf apache-tomcat-7.0.57.tar.gz
# mv apache-tomcat-7.0.57 /usr/local/tomcat
# /usr/local/tomcat/bin/version.sh
    Using CATALINA_BASE:   /usr/local/tomcat
    Using CATALINA_HOME:   /usr/local/tomcat
    Using CATALINA_TMPDIR: /usr/local/tomcat/temp
    Using JRE_HOME:        /usr/java/default
    ......


安装Tomcat Daemon服务
# cp -pf /usr/local/tomcat/bin/commons-daemon-native.tar.gz /usr/local/src/
# tar xzvf commons-daemon-native.tar.gz
# cd commons-daemon-1.0.15-native-src/unix/
# ./configure --with-java=/usr/java/default
# make clean && make
# cp -f jsvc /usr/local/tomcat/bin/


安装Tomcat APR(Tomcat Native Library)
# cd /usr/local/tomcat/bin/
# tar xzvf tomcat-native.tar.gz
# cd tomcat-native-1.1.32-src/jni/native
# ./configure  \
   --with-apr=/usr/local/apr/1.5.1/bin/apr-1-config  \
   --with-java-home=/usr/java/default/  \
   --prefix=/usr/local/tomcat/
# make && make install


设置
# cd /usr/local/tomcat/bin/
# vi setenv.sh
    # Where your java installation lives
    JAVA_HOME=/usr/java/default
    # You can pass some parameters to java
    JAVA_OPTS='-server -Djava.net.preferIPv4Stack=true'

    # Where your tomcat installation lives
    CATALINA_HOME=/usr/local/tomcat
    # What user should run tomcat
    TOMCAT_USER=tomcat
    # Set the TOMCAT_PID location
    CATALINA_PID="/var/run/tomcat.pid"

    LD_LIBRARY_PATH=$LD_LIBRARY_PATH:$CATALINA_HOME/lib
    export LD_LIBRARY_PATH

    # jsvc options
    JSVC_OPTS='-jvm server'

    CATALINA_OPTS="-server -Xms1024m -Xmx1024m 
                             -XX:PermSize=512m -XX:MaxPermSize=1024m 
                             -Xloggc:/usr/local/tomcat/logs/gc.log 
                             -XX:+PrintClassHistogram -XX:+PrintGCDetails"
# cp /usr/local/tomcat/bin/daemon.sh /etc/init.d/tomcat
# echo "# chkconfig: 2345 98 11" >> /etc/init.d/tomcat
# echo "# description: Starts/Stops Tomcat Server" >> /etc/init.d/tomcat
# useradd -M tomcat
# chown -R tomcat.tomcat /usr/local/tomcat/ 
# vi /usr/local/tomcat/conf/tomcat-users.xml
    <?xml version='1.0' encoding='utf-8'?>
    <tomcat-users>
      <role rolename="admin"/>
      <role rolename="manager"/>
      <role rolename="manager-gui"/>
      <user username="admin" password="123456" roles="admin,manager,manager-gui"/>
    </tomcat-users>


确认
# /etc/init.d/tomcat start
# wget http://localhost:8080
    Congratulations!
# /etc/init.d/tomcat stop


Apache &Tomcat

Apache与Tomcat有3种连接方式:JK、http_proxy、ajp_proxy,这里使用AJP链接。

设置Apache的AJP
# cat /dev/null > /usr/local/apache/2.4.9/conf/extra/httpd-proxy.conf
# vi /usr/local/apache/2.4.9/conf/extra/httpd-proxy.conf
    <Location /myproj>
      ProxyPass ajp://127.0.0.1:8009/myproj/
    </Location>
# vi /usr/local/apache/2.4.9/conf/httpd.conf
    Include conf/extra/httpd-proxy.conf

    LoadModule slotmem_shm_module modules/mod_slotmem_shm.so
    LoadModule lbmethod_heartbeat_module modules/mod_lbmethod_heartbeat.so


设置Tomcat
# vi /usr/local/tomcat/conf/server.xml
    禁用8080端口
    <!-- <Connector port="8080" protocol="HTTP/1.1"
           connectionTimeout="20000" redirectPort="8443" /> -->
    设置URIEncoding为UTF-8
    <Connector port="8009" protocol="AJP/1.3" redirectPort="8443" 
          URIEncoding="UTF-8" useBodyEncodingForURI="true" />
    不输出访问日志
    <!-- <Valve className="org.apache.catalina.valves.AccessLogValve"
            directory="logs"
            prefix="localhost_access_log." suffix=".txt"
            pattern="%h %l %u %t &quot;%r&quot; %s %b" /> -->


确认
# /etc/init.d/tomcat stop
# /etc/init.d/tomcat start
# /etc/init.d/httpd restart
# wget http://localhost:8080
   Error
# wget http://localhost
   Congratulations!


(五)WildFly

(1)下载安装
# cd /usr/local/src/
# wget http://download.jboss.org/wildfly/10.1.0.Final/wildfly-10.1.0.Final.tar.gz
# tar zxvf wildfly-10.1.0.Final.tar.gz
# mv wildfly-10.1.0.Final /usr/local/wildfly-10.1.0.Final


(2)创建用户组及用户
# groupadd -g 1001 wildfly
# tail -n 1 /etc/group
# useradd -u 1001 -g 1001 wildfly
# tail -n 1 /etc/passwd
# passwd wildfly


(3)变更wildfly文件夹所属
# chown -R wildfly:wildfly /usr/local/wildfly-10.1.0.Final


(4)配置IP
# su - wildfly
$ cd /usr/local/wildfly-10.1.0.Final/standalone/configuration/
$ vi standalone.xml

引用
<wsdl-host>${jboss.bind.address:127.0.0.1}</wsdl-host>
         ↓
            <wsdl-host>${jboss.bind.address:0.0.0.0}</wsdl-host>
<inet-address value="${jboss.bind.address.management:127.0.0.1}"/>
         ↓
            <inet-address value="${jboss.bind.address.management:0.0.0.0}"/>
<inet-address value="${jboss.bind.address:127.0.0.1}"/>
         ↓
            <inet-address value="${jboss.bind.address:0.0.0.0}"/>


(5)启动
$ cd /usr/local/wildfly-10.1.0.Final/bin/
$ ./standalone.sh &

确认 http://<IP>:8080

(6)停止
$ ./jboss-cli.sh --connect command=:shutdown 


(7)发布war
# su - wildfly
$ cd /usr/local/wildfly-10.1.0.Final/bin/
$ ./jboss-cli.sh --connect "deploy /tmp/TestApp.war --force"
$ ./jboss-cli.sh --connect "undeploy TestApp.war"


(8)添加管理界面用户
# su - wildfly
$ cd /usr/local/wildfly-10.1.0.Final/bin/
$ ./add-user.sh

确认 http://<IP>:9990

修改端口
引用
<socket-binding name="ajp" port="${jboss.ajp.port:8009}"/>
<socket-binding name="http" port="${jboss.http.port:8080}"/>
<socket-binding name="https" port="${jboss.https.port:8443}"/>
->
<socket-binding name="ajp" port="${jboss.ajp.port:8109}"/>
<socket-binding name="http" port="${jboss.http.port:8180}"/>
<socket-binding name="https" port="${jboss.https.port:8433}"/>

<socket-binding name="management-http" interface="management" port="${jboss.management.http.port:9990}"/>
<socket-binding name="management-https" interface="management" port="${jboss.management.https.port:9993}"/>
->
<socket-binding name="management-http" interface="management" port="${jboss.management.http.port:9980}"/>
<socket-binding name="management-https" interface="management" port="${jboss.management.https.port:9983}"/>


端口修改后相应的命令中需要指定端口号:
引用
$ ./jboss-cli.sh --connect --controller=localhost:9980 command=:shutdown


Script to install JBoss Wildfly 10.x as service in Linux:
https://gist.github.com/sukharevd/6087988
分享到:
评论

相关推荐

    搭建WEB应用环境下载资料

    应用服务器则运行Web应用程序的逻辑,如Tomcat或Jetty;数据库存储应用程序的数据,如MySQL、PostgreSQL或MongoDB。 **Web服务器**:Web服务器接收用户的HTTP请求,将它们转发给适当的应用服务器,并将应用服务器的...

    网狐服务器架设指南!

    服务器软件可能包括Web服务器(如Apache、Nginx)、数据库服务器(如MySQL、PostgreSQL)、应用服务器(如Tomcat、Jetty)等。网狐服务器可能有自己的专用软件栈,包含特定的游戏服务端程序和管理工具。 **三、游戏...

    小豪商城服务器资源

    4. **应用服务器**:小豪商城可能使用Tomcat、Jetty等Java应用服务器运行其后端应用程序,处理业务逻辑和服务接口。 5. **数据库系统**:对于存储用户信息、商品数据、订单记录等,可能使用MySQL、Oracle或MongoDB...

    server 和client

    2. **安装服务器软件**:根据服务类型,可能需要安装HTTP服务器(如Apache、Nginx)、数据库服务器(如MySQL、PostgreSQL)、应用服务器(如Tomcat、Jetty)等。 3. **配置服务器**:包括设置防火墙规则、安全策略...

    TheBasics:服务器需要的一组基本东西

    3. **应用服务器**:对于Java应用,Tomcat、Jetty或WildFly等是常见的应用服务器,它们负责运行Java Web应用,管理应用生命周期并提供动态内容。 4. **数据库**:MySQL、PostgreSQL、MongoDB等数据库系统用于存储和...

    应用系统基础服务安装所需安装包

    4. **应用服务器**:例如Tomcat、Jetty、Jboss或WebLogic,它们用于运行Java应用。安装包可能包含这些服务器的版本,以及配置文件和部署脚本。 5. **开发工具**:如Git用于版本控制,Python、Node.js、Java SDKs...

    系统部署到Linux共2页.pdf.zip

    4. **服务与守护进程**:在Linux上部署服务,如Web服务器(Apache或Nginx)、数据库(MySQL或PostgreSQL)、应用服务器(Tomcat或Jetty),需要了解如何配置服务启动脚本,以及如何通过`systemd`控制服务的启动、...

    server-system_del:这是我的服务器系统

    3. **应用程序服务器**:如Tomcat、Jetty,用于运行Java Web应用程序。 4. **数据库管理系统**:如MySQL、PostgreSQL或Oracle,存储和处理数据。 5. **安全组件**:如SSL证书、防火墙、入侵检测系统,确保服务器的...

    服务器

    应用服务器,如Tomcat、Jetty或Jboss,是运行企业级Java应用程序的平台。它们处理业务逻辑,与数据库交互,执行用户请求。应用服务器还提供负载均衡、事务管理、安全控制等功能,是构建复杂分布式系统的关键组件。 ...

    javaWeb物资管理系统项目源码.zip

    对于JavaWeb项目,开发者可能还会用到`java`和`javac`命令来编译和运行Java程序,以及`tomcat`或`jetty`等应用服务器来部署Web应用。 【标签】"linux java 软件/插件" 表明项目与Linux操作系统、Java编程语言及可能...

    server

    3. **应用服务器**:如Tomcat、Jetty、Jboss等,它们运行特定的中间件来处理业务逻辑,支持Java EE或类似的框架。应用服务器处理来自客户端的请求,执行应用程序代码,然后将结果返回给客户端。 4. **邮件服务器**...

Global site tag (gtag.js) - Google Analytics