web 服务搭建

实验拓扑图：

实验环境搭建

Centos7-5作为Client（12.0.0.12/24）；Centos7-1作为网关服务器（配置两块网卡ens33 192.168.246.7/24，ens36 12.0.0.1/24）；Centos7-2作为Web1（192.168.246.8/24 提供web1服务）；Centos7-3作为Web2（192.168.246.9/24 提供web2服务）；Centos7-4作为Nginx服务器（192.168.246.10/24）

五台机器都关闭防火墙、防护

7-1网关服务器配置


[root@localhost ~]#ifconfig
[root@localhost ~]#cd /etc/sysconfig/network-scripts/
[root@localhost network-scripts]#ls
ifcfg-ens33  ifdown-ipv6    ifdown-TeamPort  ifup-ippp   ifup-routes       network-functions
ifcfg-lo     ifdown-isdn    ifdown-tunnel    ifup-ipv6   ifup-sit          network-functions-ipv6
ifdown       ifdown-post    ifup             ifup-isdn   ifup-Team
ifdown-bnep  ifdown-ppp     ifup-aliases     ifup-plip   ifup-TeamPort
ifdown-eth   ifdown-routes  ifup-bnep        ifup-plusb  ifup-tunnel
ifdown-ib    ifdown-sit     ifup-eth         ifup-post   ifup-wireless
ifdown-ippp  ifdown-Team    ifup-ib          ifup-ppp    init.ipv6-global
[root@localhost network-scripts]#cp ifcfg-ens33 ifcfg-ens36
[root@localhost network-scripts]#vim ifcfg-ens36

7-5客户机配置：最后一题的才需要这个地址

一、在Nginx服务器上搭建LNMP服务，并且能够对外提供Discuz论坛服务，在Web1、Web2服务器上搭建Tomcat 服务

（一）Nginx服务器上搭建LNMP服务

①编译安装nginx


[root@zzzcentos4 ~]#yum -y install pcre-devel zlib-devel gcc gcc-c++ make
[root@zzzcentos4 ~]#cd /opt
[root@zzzcentos4 opt]#ls
rh
[root@zzzcentos4 opt]#rz -E
rz waiting to receive.
[root@zzzcentos4 opt]#rz -E
rz waiting to receive.
[root@zzzcentos4 opt]#rz -E
rz waiting to receive.
[root@zzzcentos4 opt]#rz -E
rz waiting to receive.
[root@zzzcentos4 opt]#ls
Discuz_X3.4_SC_UTF8.zip    nginx-1.22.0.tar.gz  rh
mysql-boost-5.7.20.tar.gz  php-7.1.10.tar.bz2
[root@zzzcentos4 opt]#tar xf nginx-1.22.0.tar.gz 
[root@zzzcentos4 opt]#cd nginx-1.22.0/
[root@zzzcentos4 nginx-1.22.0]#useradd -M -s /sbin/nologin nginx
[root@zzzcentos4 nginx-1.22.0]#./configure \
> --prefix=/usr/local/nginx \
> --user=nginx \
> --group=nginx \
> --with-http_stub_status_module
[root@zzzcentos4 nginx-1.22.0]#make -j 2
[root@zzzcentos4 nginx-1.22.0]#make install


[root@zzzcentos4 nginx-1.22.0]#echo $PATH
/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/root/bin
[root@zzzcentos4 nginx-1.22.0]#
[root@zzzcentos4 nginx-1.22.0]#ln -s /usr/local/nginx/sbin/nginx  /usr/bin
 #为了使用nginx命令可以补全  (做到$PATH下面就行)
[root@zzzcentos4 nginx-1.22.0]#tee /lib/systemd/system/nginx.service   <<eof
> [Unit]
> Description=nginx
> After=network.target
> [Service]
> Type=forking
> PIDFile=/usr/local/nginx/logs/nginx.pid
> ExecStart=/usr/local/nginx/sbin/nginx
> ExecReload=/bin/kill -1 $MAINPID
> ExecStop=/bin/kill -3 $MAINPID
> PrivateTmp=true
> [Install]
> WantedBy=multi-user.target
> eof
[Unit]
Description=nginx
After=network.target
[Service]
Type=forking
PIDFile=/usr/local/nginx/logs/nginx.pid
ExecStart=/usr/local/nginx/sbin/nginx
ExecReload=/bin/kill -1 
ExecStop=/bin/kill -3 
PrivateTmp=true
[Install]
WantedBy=multi-user.target
[root@zzzcentos4 nginx-1.22.0]#systemctl daemon-reload 
[root@zzzcentos4 nginx-1.22.0]#systemctl enable --now nginx.service 
Created symlink from /etc/systemd/system/multi-user.target.wants/nginx.service to /usr/lib/systemd/system/nginx.service.
[root@zzzcentos4 nginx-1.22.0]#systemctl start nginx
[root@zzzcentos4 nginx-1.22.0]#systemctl status nginx

②编译安装mysql


[root@zzzcentos4 nginx-1.22.0]#cd /opt
[root@zzzcentos4 opt]#ls
Discuz_X3.4_SC_UTF8.zip    nginx-1.22.0         php-7.1.10.tar.bz2
mysql-boost-5.7.20.tar.gz  nginx-1.22.0.tar.gz  rh
[root@zzzcentos4 opt]#yum -y install \
> ncurses \
> ncurses-devel \
> bison \
> cmake
[root@zzzcentos4 opt]#yum -y install gcc gcc-c++ cmake bison bison-devel zlib-devel libcurl-devel libarchive-devel boost-devel   ncurses-devel gnutls-devel libxml2-devel openssl-devel libevent-devel libaio-devel
[root@zzzcentos4 opt]#useradd -M -s /sbin/nologin  mysql
[root@zzzcentos4 opt]#ls
Discuz_X3.4_SC_UTF8.zip    nginx-1.22.0         php-7.1.10.tar.bz2
mysql-boost-5.7.20.tar.gz  nginx-1.22.0.tar.gz  rh
[root@zzzcentos4 opt]#tar xf mysql-boost-5.7.20.tar.gz 
[root@zzzcentos4 opt]#ls
Discuz_X3.4_SC_UTF8.zip  mysql-boost-5.7.20.tar.gz  nginx-1.22.0.tar.gz  rh
mysql-5.7.20             nginx-1.22.0               php-7.1.10.tar.bz2
[root@zzzcentos4 opt]#cd mysql-5.7.20/
[root@zzzcentos4 mysql-5.7.20]#
[root@zzzcentos4 mysql-5.7.20]#cmake \
> -DCMAKE_INSTALL_PREFIX=/usr/local/mysql \
> -DMYSQL_UNIX_ADDR=/usr/local/mysql/mysql.sock \
> -DSYSCONFDIR=/etc \
> -DSYSTEMD_PID_DIR=/usr/local/mysql \
> -DDEFAULT_CHARSET=utf8  \
> -DDEFAULT_COLLATION=utf8_general_ci \
> -DWITH_EXTRA_CHARSETS=all \
> -DWITH_INNOBASE_STORAGE_ENGINE=1 \
> -DWITH_ARCHIVE_STORAGE_ENGINE=1 \
> -DWITH_BLACKHOLE_STORAGE_ENGINE=1 \
> -DWITH_PERFSCHEMA_STORAGE_ENGINE=1 \
> -DMYSQL_DATADIR=/usr/local/mysql/data \
> -DWITH_BOOST=boost \
> -DWITH_SYSTEMD=1


[root@zzzcentos4 mysql-5.7.20]#vim /etc/my.cnf
[client]
port = 3306
socket=/usr/local/mysql/mysql.sock
 
[mysqld]
user = mysql
basedir=/usr/local/mysql
datadir=/usr/local/mysql/data
port = 3306
character-set-server=utf8
pid-file = /usr/local/mysql/mysqld.pid
socket=/usr/local/mysql/mysql.sock
bind-address = 0.0.0.0
skip-name-resolve
max_connections=2048
default-storage-engine=INNODB
max_allowed_packet=16M
server-id = 1
 
sql_mode=NO_ENGINE_SUBSTITUTION,STRICT_TRANS_TABLES,NO_AUTO_CREATE_USER,NO_AUTO_VALUE_ON_ZERO,
NO_ZERO_IN_DATE,NO_ZERO_DATE,ERROR_FOR_DIVISION_BY_ZERO,PIPES_AS_CONCAT,ANSI_QUOTES
[root@zzzcentos4 mysql-5.7.20]#chown -R mysql:mysql /usr/local/mysql/
[root@zzzcentos4 mysql-5.7.20]#chown mysql:mysql /etc/my.cnf
[root@zzzcentos4 mysql-5.7.20]#
[root@zzzcentos4 mysql-5.7.20]#echo 'export PATH=/usr/local/mysql/bin:/usr/local/mysql/lib:$PATH' >> /etc/profile
[root@zzzcentos4 mysql-5.7.20]#source /etc/profile
[root@zzzcentos4 mysql-5.7.20]#cd /usr/local/mysql/bin/
[root@zzzcentos4 bin]#./mysqld \
> --initialize-insecure \
> --user=mysql \
> --basedir=/usr/local/mysql \
> --datadir=/usr/local/mysql/data
[root@zzzcentos4 bin]#cp /usr/local/mysql/usr/lib/systemd/system/mysqld.service /usr/lib/systemd/system/
[root@zzzcentos4 bin]#systemctl daemon-reload 
[root@zzzcentos4 bin]#systemctl start mysqld.service
[root@zzzcentos4 bin]#systemctl status mysqld.service

③ 编译安装php软件


[root@zzzcentos4 bin]#cd /opt
[root@zzzcentos4 opt]#ls
Discuz_X3.4_SC_UTF8.zip  mysql-boost-5.7.20.tar.gz  nginx-1.22.0.tar.gz  rh
mysql-5.7.20             nginx-1.22.0               php-7.1.10.tar.bz2
[root@zzzcentos4 opt]#tar xf php-7.1.10.tar.bz2 
[root@zzzcentos4 opt]#cd php-7.1.10/
[root@zzzcentos4 php-7.1.10]#yum -y install gd \
> libjpeg libjpeg-devel \
> libpng libpng-devel \
> freetype freetype-devel \
> libxml2 libxml2-devel \
> zlib zlib-devel \
> curl curl-devel \
> openssl openssl-devel
[root@zzzcentos4 php-7.1.10]#./configure \
> --prefix=/usr/local/php \
> --with-mysql-sock=/usr/local/mysql/mysql.sock \
> --with-mysqli \
> --with-zlib \
> --with-curl \
> --with-gd \
> --with-jpeg-dir \
> --with-png-dir \
> --with-freetype-dir \
> --with-openssl \
> --enable-fpm \
> --enable-mbstring \
> --enable-xml \
> --enable-session \
> --enable-ftp \
> --enable-pdo \
> --enable-tokenizer \
> --enable-zip
[root@zzzcentos4 php-7.1.10]#make -j 2
[root@zzzcentos4 php-7.1.10]#make install


[root@zzzcentos4 etc]#ls
pear.conf  php-fpm.conf  php-fpm.conf.default  php-fpm.d
[root@zzzcentos4 etc]#cd php-fpm.d/
[root@zzzcentos4 php-fpm.d]#ls
www.conf.default
[root@zzzcentos4 php-fpm.d]#cp www.conf.default www.conf
[root@zzzcentos4 php-fpm.d]#ls
www.conf  www.conf.default
[root@zzzcentos4 php-fpm.d]#ln -s /usr/local/php/bin/* /usr/local/bin/
[root@zzzcentos4 php-fpm.d]#ln -s /usr/local/php/sbin/* /usr/local/sbin/
[root@zzzcentos4 php-fpm.d]#
[root@zzzcentos4 php-fpm.d]#cd /opt/php-7.1.10/sapi/fpm
[root@zzzcentos4 fpm]#cp php-fpm.service /usr/lib/systemd/system/php-fpm.service
[root@zzzcentos4 fpm]#systemctl daemon-reload 
[root@zzzcentos4 fpm]#systemctl start php-fpm.service 
[root@zzzcentos4 fpm]#systemctl status php-fpm.service

④配置 Nginx支持PHP解析

[root@zzzcentos4 fpm]#vim /usr/local/nginx/conf/nginx.conf


[root@zzzcentos4 fpm]#nginx -s reload
[root@zzzcentos4 fpm]#systemctl restart nginx.service 
[root@zzzcentos4 fpm]#cd /usr/local/nginx/html/
[root@zzzcentos4 html]#vim /usr/local/nginx/html/index.php
[root@zzzcentos4 html]#cat /usr/local/nginx/html/index.php
<?php
phpinfo();
?>
[root@zzzcentos4 html]#

验证数据库工作是否正常


[root@zzzcentos4 html]#mysql -uroot -pabc123
mysql: [Warning] Using a password on the command line interface can be insecure.
Welcome to the MySQL monitor.  Commands end with ; or \g.
Your MySQL connection id is 5
Server version: 5.7.20 Source distribution
 
Copyright (c) 2000, 2017, Oracle and/or its affiliates. All rights reserved.
 
Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.
 
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
 
mysql> CREATE DATABASE bbs;
Query OK, 1 row affected (0.02 sec)
 
mysql> GRANT all ON bbs.* TO 'bbsuser'@'%' IDENTIFIED BY 'admin123';
Query OK, 0 rows affected, 1 warning (0.03 sec)
 
mysql> GRANT all ON bbs.* TO 'bbsuser'@'localhost' IDENTIFIED BY 'admin123';
Query OK, 0 rows affected, 2 warnings (0.00 sec)
 
mysql> flush privileges;
Query OK, 0 rows affected (0.01 sec)
 
mysql> quit
Bye
[root@zzzcentos4 html]#vim /usr/local/nginx/html/index.php 
<?php
$link=mysqli_connect('192.168.246.10','bbsuser','admin123');
if($link) echo "Success!!
";
else echo "Fail!!";
?>

⑤安装论坛


[root@zzzcentos4 opt]#ls
dir_SC_UTF8              mysql-5.7.20               nginx-1.22.0         php-7.1.10          rh
Discuz_X3.4_SC_UTF8.zip  mysql-boost-5.7.20.tar.gz  nginx-1.22.0.tar.gz  php-7.1.10.tar.bz2  说明.htm
[root@zzzcentos4 opt]#cd dir_SC_UTF8/
[root@zzzcentos4 dir_SC_UTF8]#ls
readme  upload  utility
[root@zzzcentos4 dir_SC_UTF8]#cp -r upload/ /usr/local/nginx/html/bbs/
[root@zzzcentos4 dir_SC_UTF8]#cd /usr/local/nginx/html/bbs/
[root@zzzcentos4 bbs]#ls
admin.php  archiver     crossdomain.xml  forum.php  index.php  member.php  portal.php  source    uc_client
api        config       data             group.php  install    misc.php    robots.txt  static    uc_server
api.php    connect.php  favicon.ico      home.php   m          plugin.php  search.php  template
[root@zzzcentos4 bbs]#chown -R nginx.nginx ./config/
[root@zzzcentos4 bbs]#chown -R nginx.nginx  ./data/
[root@zzzcentos4 bbs]#chown -R nginx.nginx ./uc_client/
[root@zzzcentos4 bbs]#chown -R nginx.nginx ./uc_server/
[root@zzzcentos4 bbs]#chmod -R 777 ./config/
[root@zzzcentos4 bbs]#chmod -R 777 ./data/
[root@zzzcentos4 bbs]#chmod -R 777 ./uc_client/
[root@zzzcentos4 bbs]#chmod -R 777 ./uc_server/
[root@zzzcentos4 bbs]#

（二）Web1、Web2服务器上搭建Tomcat 服务

①安装Oracle JDK（即部署java环境）


[root@zzzcentos2 ~]#cd /opt/
[root@zzzcentos2 opt]#ls
rh
[root@zzzcentos2 opt]#rz -E
rz waiting to receive.
[root@zzzcentos2 opt]#rz -E
rz waiting to receive.
[root@zzzcentos2 opt]#ls
apache-tomcat-9.0.16.tar.gz  jdk-8u291-linux-x64.tar.gz  rh
[root@zzzcentos2 opt]#ls
apache-tomcat-9.0.16.tar.gz  jdk-8u291-linux-x64.tar.gz  rh
[root@zzzcentos2 opt]#systemctl stop firewalld
[root@zzzcentos2 opt]#setenforce 0
setenforce: SELinux is disabled
[root@zzzcentos2 opt]#java -version
openjdk version "1.8.0_131"
OpenJDK Runtime Environment (build 1.8.0_131-b12)
OpenJDK 64-Bit Server VM (build 25.131-b12, mixed mode)
[root@zzzcentos2 opt]#tar xf jdk-8u291-linux-x64.tar.gz -C /usr/local/
[root@zzzcentos2 opt]#cd /usr/local/
[root@zzzcentos2 local]#ls
bin  etc  games  include  jdk1.8.0_291  lib  lib64  libexec  sbin  share  src
[root@zzzcentos2 local]#ln -s jdk1.8.0_291/ jdk
[root@zzzcentos2 local]#vim /etc/profile.d/jdk.sh
[root@zzzcentos2 local]#cat /etc/profile.d/jdk.sh
export JAVA_HOME=/usr/local/jdk
export PATH=$JAVA_HOME/bin:$PATH
export JRE_HOME=$JAVA_HOME/jre
export CLASSPATH=$JAVA_HOME/lib/:$JRE_HOME/lib/
 
[root@zzzcentos2 local]#source /etc/pro
profile    profile.d/ protocols  
[root@zzzcentos2 local]#source /etc/profile.d/jdk.sh 
[root@zzzcentos2 local]#java -version
java version "1.8.0_291"
Java(TM) SE Runtime Environment (build 1.8.0_291-b10)
Java HotSpot(TM) 64-Bit Server VM (build 25.291-b10, mixed mode)
[root@zzzcentos2 local]#

②安装tomcat


[root@zzzcentos2 local]#cd /opt/
[root@zzzcentos2 opt]#ls
apache-tomcat-9.0.16.tar.gz  jdk-8u291-linux-x64.tar.gz  rh
[root@zzzcentos2 opt]#tar xf apache-tomcat-9.0.16.tar.gz 
[root@zzzcentos2 opt]#ls
apache-tomcat-9.0.16  apache-tomcat-9.0.16.tar.gz  jdk-8u291-linux-x64.tar.gz  rh
[root@zzzcentos2 opt]#cp -r apache-tomcat-9.0.16 /usr/local/
[root@zzzcentos2 opt]#cd /usr/local/
[root@zzzcentos2 local]#ls
apache-tomcat-9.0.16  bin  etc  games  include  jdk  jdk1.8.0_291  lib  lib64  libexec  sbin  share  src
[root@zzzcentos2 local]#ln -s apache-tomcat-9.0.16/ tomcat
[root@zzzcentos2 local]#useradd -s /sbin/nologin -M tomcat
[root@zzzcentos2 local]#chown -R tomcat:tomcat tomcat/
[root@zzzcentos2 local]#vim /usr/lib/systemd/system/tomcat.service
[root@zzzcentos2 local]#cat /usr/lib/systemd/system/tomcat.service
[Unit]
Description=Tomcat
After=syslog.target network.target
 
[Service]
Type=forking
ExecStart=/usr/local/tomcat/bin/startup.sh
ExecStop=/usr/local/tomcat/bin/shutdown.sh
RestartSec=3
PrivateTmp=true
User=tomcat
Group=tomcat
 
[Install]
WantedBy=multi-user.target
 
[root@zzzcentos2 local]#systemctl daemon-reload
[root@zzzcentos2 local]#systemctl start tomcat
[root@zzzcentos2 local]#systemctl status tomcat

二、为nginx服务配置虚拟主机，新增两个域名 www.kgc.com 和 www.benet.com，使用http://www.kgc.com/index.php可访问上一题的Discuz论坛页面。使用http://www.benet.com则访问/usr/local/nginx/html/index.html目录中的index.html文件的内容，内容自定义

①nginx服务配置虚拟主机

[root@zzzcentos4 ~]#vim /usr/local/nginx/conf/nginx.conf

搭建好论坛之后就生成了


server {
        listen       80;
        server_name  www.benet.com;
        root /usr/local/nginx/html;
}

②客户机配置：

③真机配置：

C:\Windows\System32\drivers\etc

④检测：

使用http://www.benet.com则访问/usr/local/nginx/html/index.html目录中的index.html文件的内容

使用http://www.kgc.com/index.php可访问上一题的Discuz论坛页面

三、对基于www.benet.com域名的虚拟机主机的nginx服务调优：隐藏nginx版本号，缓存静态图片网页时间为1天，设置防盗链功能

[root@zzzcentos4 ~]#vim /usr/local/nginx/conf/nginx.conf


server {
       listen 80;
       server_name www.benet.com;
       expires 1d;
       server_tokens off;
       root /usr/local/nginx/html;
       location ~* \.(jpg|jepg|gif|bmp)$ {
       valid_referers none blocked *.benet.com benet.com;
       if ( $invalid_referer ) {
       return 403;
}
}
}

客户机检测：

四、网关服务器搭建NFS服务，提供的文件系统使用LVM类型，共享目录名称为/opt/nfs；要求根据日期对Discuz论坛服务的访问日志进行日志分割，要求每天生成一份日志文件，保存到NFS服务共享的目录内。

Centos7-1作为网关服务器


[root@localhost ~]#lsblk
[root@localhost ~]#echo "- - -" > /sys/class/scsi_host/host0/scan;echo "- - -" > /sys/class/scsi_host/host1/scan;echo "- - -" > /sys/class/scsi_host/host2/scan
[root@localhost ~]#lsblk
NAME            MAJ:MIN RM  SIZE RO TYPE MOUNTPOINT
sda               8:0    0   60G  0 disk 
├─sda1            8:1    0    5G  0 part /boot
└─sda2            8:2    0   54G  0 part 
  ├─centos-root 253:0    0   50G  0 lvm  /
  └─centos-swap 253:1    0    4G  0 lvm  [SWAP]
sdb               8:16   0   20G  0 disk 
sdc               8:32   0   20G  0 disk 
sr0              11:0    1  4.2G  0 rom
[root@localhost ~]#pvcreate /dev/sdb /dev/sdc
#建物理卷
  Physical volume "/dev/sdb" successfully created.
  Physical volume "/dev/sdc" successfully created.
[root@localhost ~]#vgcreate vg /dev/sdb /dev/sdc
#建卷组
  Volume group "vg" successfully created
[root@localhost ~]#lvcreate -n lvm -L 10G /dev/vg
#建逻辑卷  指定名称lvm  指定大小30G  存放在/dev/vg下
  Logical volume "lvm" created.
[root@localhost ~]#mkfs.xfs /dev/vg/lvm
meta-data=/dev/vg/lvm            isize=512    agcount=4, agsize=655360 blks
         =                       sectsz=512   attr=2, projid32bit=1
         =                       crc=1        finobt=0, sparse=0
data     =                       bsize=4096   blocks=2621440, imaxpct=25
         =                       sunit=0      swidth=0 blks
naming   =version 2              bsize=4096   ascii-ci=0 ftype=1
log      =internal log           bsize=4096   blocks=2560, version=2
         =                       sectsz=512   sunit=0 blks, lazy-count=1
realtime =none                   extsz=4096   blocks=0, rtextents=0
[root@localhost ~]#mount /dev/vg/lvm /opt
[root@localhost ~]#mkdir /opt/nfs
[root@localhost ~]#vim /etc/exports
/opt/nfs *
[root@localhost ~]#cat /etc/exports
/opt/nfs *
[root@localhost ~]#exportfs -r
exportfs: No options for /opt/nfs *: suggest *(sync) to avoid warning
[root@localhost ~]#exportfs -v
/opt/nfs      	<world>(ro,sync,wdelay,hide,no_subtree_check,sec=sys,secure,root_squash,no_all_squash)
[root@localhost ~]#hostname zzzcentos1
[root@localhost ~]#su
[root@zzzcentos1 ~]#

nginx 服务挂载共享目录


[root@zzzcentos4 ~]#systemctl restart nginx
[root@zzzcentos4 ~]#showmount -e 192.168.246.7
Export list for 192.168.246.7:
/opt/nfs *
[root@zzzcentos4 ~]#mount 192.168.246.7:/opt/nfs /opt
[root@zzzcentos4 ~]#

日志文件


#!/bin/bash
day=`date  "+%Y-%m-%d"`
log="/usr/local/nginx/logs"
pid=`cat  /usr/local/nginx/logs/nginx.pid`
 
mv /${log}/access.log  /opt/${day}
kill -USR1 ${pid}
sed -i '/.*bbs.*/!p' /opt/${day}

五、要求配置location匹配请求地址http://www.kgc.com/test/XXXX，使用户访问该路径下的文件时返回/var/share/nginx/html/目录下的文件内容。
要求使用rewrite将使用域名www.benet.com 请求以 .php 结尾的访问都跳转到域名www.kgc.com上，而且后面的参数保持不变，比如访问http://www.benet.com/bbs/index.php跳转到http://www.kgc.com/bbs/index.php

Nginx服务配置


location ~* \.php$ {
      rewrite (.*) http://www.kgc.com/$1;
}


[root@zzzcentos4 ~]#nginx -s reload
[root@zzzcentos4 ~]#mkdir /var/share/nginx/html -p
[root@zzzcentos4 ~]#cd /var/share/nginx/html/
[root@zzzcentos4 html]#echo hello > index.html
[root@zzzcentos4 html]#nginx -s reload

去浏览器检测：

六、在Nginx服务器上对基于www.benet.com域名的虚拟机主机设置动静分离由nginx提供静态页面服务，将对 .jsp文件的动态页面请求转发到Tomcat 服务器处理，并实现负载均衡

Nginx服务器配置

location下的根没生效？？

配置Tomcat服务器


[root@localhost ~]#cd /usr/local/tomcat/webapps/ROOT/
[root@localhost ROOT]#echo tomcat 7-2 > index.jsp
[root@localhost ROOT]#cat index.jsp
tomcat 7-2
[root@localhost ROOT]#


[root@localhost ~]#systemctl stop firewalld
[root@localhost ~]#setenforce 0
setenforce: SELinux is disabled
[root@localhost ~]#hostname zzzcentos3
[root@localhost ~]#su
[root@zzzcentos3 ~]#cd /usr/local/tomcat/webapps/ROOT/
[root@zzzcentos3 ROOT]#ls
asf-logo-wide.svg  bg-middle.png  bg-upper.png  index.jsp          tomcat.css  tomcat.png        tomcat.svg
bg-button.png      bg-nav.png     favicon.ico   RELEASE-NOTES.txt  tomcat.gif  tomcat-power.gif  WEB-INF
[root@zzzcentos3 ROOT]#echo tomcat 7-3 > index.jsp
[root@zzzcentos3 ROOT]#cat  index.jsp
tomcat 7-3
[root@zzzcentos3 ROOT]#

检测：

七、在网关服务器上设置SNAT/DNAT，使client使用网关服务器的ens36接口的IP地址访问也可实现上一题的效果。

客户机地址配置

网关服务器配置


[root@zzzcentos1 ~]#sysctl -a |grep "ip_forward"
[root@zzzcentos1 ~]#vim /etc/sysctl.conf 
# sysctl settings are defined through files in
# /usr/lib/sysctl.d/, /run/sysctl.d/, and /etc/sysctl.d/.
#
# Vendors settings live in /usr/lib/sysctl.d/.
# To override a whole file, create a new file with the same in
# /etc/sysctl.d/ and put new settings there. To override
# only specific settings, add a file with a lexically later
# name in /etc/sysctl.d/ and put new settings there.
#
# For more information, see sysctl.conf(5) and sysctl.d(5).
net.ipv4.ip_forward = 1
[root@zzzcentos1 ~]#sysctl  -p
net.ipv4.ip_forward = 1
[root@zzzcentos1 ~]#

做SNAT与DNAT


[root@zzzcentos1 ~]#iptables -t nat -A PREROUTING -i ens36 -d 12.0.0.1 -p tcp --dport 80 -j DNAT --to 192.168.246.7
[root@zzzcentos1 ~]#
[root@zzzcentos1 ~]#iptables -t nat -A POSTROUTING -o ens36 -s 192.168.246.0/24 -j SNAT --to 12.0.0.1
[root@zzzcentos1 ~]#iptables -t nat -vnL
Chain PREROUTING (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 DNAT       tcp  --  ens36  *       0.0.0.0/0            12.0.0.1             tcp dpt:80 to:192.168.246.7
 
Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination         
 
Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination         
 
Chain POSTROUTING (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 SNAT       all  --  *      ens36   192.168.246.0/24     0.0.0.0/0            to:12.0.0.1
[root@zzzcentos1 ~]#

[root@zzzcentos1 ~]#iptables -t nat -A PREROUTING -i ens36 -d 12.0.0.1 -p tcp --dport 80 -j DNAT --to 192.168.246.10

此题有点问题，下回接着分析

相关阅读:
ClickHouse(15)ClickHouse合并树MergeTree家族表引擎之GraphiteMergeTree详细解析
 霸榜双11！科技创新助力九牧卫浴赢战全渠道
 已解决‘mongo‘ 不是内部或外部命令,也不是可运行的程序
 化工行业调研：中国二氧化碳（CO2）2028年市场规模将达到64.66亿元
 金仓数据库KingbaseES运维工具参考手册（3. 系统数据与日志收集工具）
基于springboot的高校失物招领系统毕业设计源码111731
封装适用于CentOS7的MySQL离线包
 计算机中CPU、内存、缓存的关系
 Verilog实现半整数分频，3.5分频电路，可推广至N.5分频
 Android PackageManager 基本使用
原文地址：https://blog.csdn.net/zzzxxx520369/article/details/136515624