2015年12月20日 | Wizzer | 评论 1、JDK安装 /data1/soft/java/ >>chmod 777 jdk-6u45-linux-x64-rpm.bin >>jdk-6u45-linux-x64-rpm.bin >>gedit /etc/profile JAVA_HOME=/data1/soft/java/jdk1.6.0_45 CLASSPATH=.:$JAVA_HOME/jre/lib/rt.jar:$JAVA_HOME/lib/dt.jar:$JAVA_HOME/lib/tools.jar PATH=$JAVA_HOME/bin:$PATH export JAVA_HOME export CLASSPATH export PATH >>source /etc/profile 2、TOMCAT安装 将原windows系统中的tomcat主要文件拷贝到linux(conf、lib、bin),并新建空文件夹(logs、temp、work) /data1/soft/tomcat1 多网站的那个tomcat /data1/soft/tomcat2 少网站的那个tomcat 分别修改两个tomcat下的server.xml文件,将项目路径分别替换为 /data1/www/websties1 和 /data1/www/websties2 >>/data1/soft/tomcat/bin/startup.sh //启动tomcat >>/data1/soft/tomcat/bin/shutdown.sh //停止tomcat 开机启动: http://jingyan.baidu.com/article/6525d4b1382f0aac7d2e9421.html 【tomcat1、tomcat2分别设置为启动项】 除了百度经验之外,要在catalina.sh 里加上下面三行,否则在自启动的时候找不到jdk export JAVA_HOME=/data1/soft/java/jdk1.6.0_45 export CLASSPATH=.:$JAVA_HOME/jre/lib/rt.jar:$JAVA_HOME/lib/dt.jar:$JAVA_HOME/lib/tools.jar export PATH=$JAVA_HOME/bin:$PATH 3、Nginx安装 >>rpm -ivh http://nginx.org/packages/centos/6/noarch/RPMS/nginx-release-centos-6-0.el6.ngx.noarch.rpm >>yum -y install nginx 通过命令安装后 配置文件:/etc/nginx/nginx.conf 域名配置:/etc/nginx/conf.d/ 一个域名一个配置文件,不要的域名可以备份后删除 server { listen 80; server_name test.wizzer.cn; location / { proxy_pass http://test.wizzer.cn:8101; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; } } 日志文件路径:/var/logs/nginx 服务启动或通知 >>service nginx stop >>service nginx start 设置为随机启动 >>chkconfig nginx on 4、Nginx代理权限设置 若通过域名+端口号可访问,但80端口显示 502 Bad Gateway ,日志/var/logs/nginx/error.log报 2015/12/19 18:02:03 [crit] 9978#0: *8 connect() to 61.132.139.155:8101 failed (13: Permission denied) while connecting to upstream, client: 124.73.13.21, server: test.wizzer.cn, request: “GET / HTTP/1.1”, upstream: “http://61.132.139.155:8101/”, host: “test.wizzer.cn” 则需要设置selinux权限(宽容模式): >>setenforce 0 >>setsebool -P httpd_can_network_connect 1 5、防火墙配置 >>vi /etc/sysconfig/iptables ######################################################### # Firewall configuration written by system-config-firewall # Manual customization of this file is not recommended. *filter :INPUT ACCEPT [0:0] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [0:0] -A INPUT -m state –state ESTABLISHED,RELATED -j ACCEPT -A INPUT -p icmp -j ACCEPT -A INPUT -i lo -j ACCEPT -A INPUT -m state –state NEW -m tcp -p tcp –dport 21 -j ACCEPT -A INPUT -m state –state NEW -m tcp -p tcp –dport 22 -j ACCEPT -A INPUT -m state –state NEW -m tcp -p tcp –dport 80 -j ACCEPT -A INPUT -j REJECT –reject-with icmp-host-prohibited -A FORWARD -j REJECT –reject-with icmp-host-prohibited COMMIT ######################################################### >>/etc/init.d/iptables restart #重启防火墙使配置生效,或者命令 service iptables restart 1,684 total views, 3 views today