2015年12月20日  |     |    评论

1、JDK安装
/data1/soft/java/
>>chmod 777 jdk-6u45-linux-x64-rpm.bin
>>jdk-6u45-linux-x64-rpm.bin
>>gedit /etc/profile
JAVA_HOME=/data1/soft/java/jdk1.6.0_45

CLASSPATH=.:$JAVA_HOME/jre/lib/rt.jar:$JAVA_HOME/lib/dt.jar:$JAVA_HOME/lib/tools.jar

PATH=$JAVA_HOME/bin:$PATH
export JAVA_HOME
export CLASSPATH
export PATH
>>source /etc/profile

2、TOMCAT安装
将原windows系统中的tomcat主要文件拷贝到linux(conf、lib、bin),并新建空文件夹(logs、temp、work)
/data1/soft/tomcat1 多网站的那个tomcat
/data1/soft/tomcat2 少网站的那个tomcat
分别修改两个tomcat下的server.xml文件,将项目路径分别替换为 /data1/www/websties1 和 /data1/www/websties2
>>/data1/soft/tomcat/bin/startup.sh //启动tomcat
>>/data1/soft/tomcat/bin/shutdown.sh //停止tomcat

开机启动:
http://jingyan.baidu.com/article/6525d4b1382f0aac7d2e9421.html
【tomcat1、tomcat2分别设置为启动项】
除了百度经验之外,要在catalina.sh 里加上下面三行,否则在自启动的时候找不到jdk
export JAVA_HOME=/data1/soft/java/jdk1.6.0_45
export CLASSPATH=.:$JAVA_HOME/jre/lib/rt.jar:$JAVA_HOME/lib/dt.jar:$JAVA_HOME/lib/tools.jar
export PATH=$JAVA_HOME/bin:$PATH

3、Nginx安装
>>rpm -ivh http://nginx.org/packages/centos/6/noarch/RPMS/nginx-release-centos-6-0.el6.ngx.noarch.rpm
>>yum -y install nginx
通过命令安装后
配置文件:/etc/nginx/nginx.conf
域名配置:/etc/nginx/conf.d/ 一个域名一个配置文件,不要的域名可以备份后删除

server {
listen 80;
server_name test.wizzer.cn;
location / {
proxy_pass http://test.wizzer.cn:8101;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}

日志文件路径:/var/logs/nginx
服务启动或通知
>>service nginx stop
>>service nginx start
设置为随机启动
>>chkconfig nginx on

4、Nginx代理权限设置
若通过域名+端口号可访问,但80端口显示 502 Bad Gateway ,日志/var/logs/nginx/error.log报
2015/12/19 18:02:03 [crit] 9978#0: *8 connect() to 61.132.139.155:8101 failed (13: Permission denied) while connecting to upstream, client: 124.73.13.21, server: test.wizzer.cn, request: “GET / HTTP/1.1”, upstream: “http://61.132.139.155:8101/”, host: “test.wizzer.cn”
则需要设置selinux权限(宽容模式):
>>setenforce 0
>>setsebool -P httpd_can_network_connect 1

5、防火墙配置
>>vi /etc/sysconfig/iptables
#########################################################
# Firewall configuration written by system-config-firewall
# Manual customization of this file is not recommended.
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -m state –state ESTABLISHED,RELATED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -m state –state NEW -m tcp -p tcp –dport 21 -j ACCEPT
-A INPUT -m state –state NEW -m tcp -p tcp –dport 22 -j ACCEPT
-A INPUT -m state –state NEW -m tcp -p tcp –dport 80 -j ACCEPT
-A INPUT -j REJECT –reject-with icmp-host-prohibited
-A FORWARD -j REJECT –reject-with icmp-host-prohibited
COMMIT
#########################################################

>>/etc/init.d/iptables restart #重启防火墙使配置生效,或者命令 service iptables restart

1,069 total views, 1 views today

发表评论

电子邮件地址不会被公开。 必填项已用*标注