From c67890d7f816fe9fb384984e28777b10744643e7 Mon Sep 17 00:00:00 2001
From: wojiushixiaobai <296015668@qq.com>
Date: Thu, 12 Jul 2018 14:56:30 +0800
Subject: [PATCH] =?UTF-8?q?=E4=BF=AE=E6=94=B9=E6=96=87=E6=A1=A3?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
---
docs/distributed_01.rst | 5 +-
docs/distributed_02.rst | 133 ++++++++++++++++++++++++++++++++++++++--
2 files changed, 131 insertions(+), 7 deletions(-)
diff --git a/docs/distributed_01.rst b/docs/distributed_01.rst
index 02cf4d07..06f09672 100644
--- a/docs/distributed_01.rst
+++ b/docs/distributed_01.rst
@@ -1,5 +1,5 @@
-分布å¼éƒ¨ç½²æ–‡æ¡£ - 环境说明
-----------------------------------------------------
+分布å¼éƒ¨ç½²æ–‡æ¡£ - 局域网部署说明
+--------------------------------------------------------
说明
~~~~~~~
@@ -31,5 +31,6 @@ Nginx 代ç†æœåŠ¡å™¨è¿è¡Œ nginx æœåŠ¡
其他
~~~~~~~
+最终用户都是通过 Nginx åå‘代ç†è®¿é—®ã€‚
如需è¦åš HA 或 负载,按照如上方å¼éƒ¨ç½²å¤šä¸ªåº”用,数æ®åº“åšä¸»ä»Žï¼Œç„¶åŽåœ¨ nginx 代ç†æœåŠ¡å™¨ç”¨è´Ÿè½½å³å¯ï¼ˆå››å±‚)。
注æ„:录åƒéœ€è¦è‡ªå·±æ‰‹åŠ¨åŒæ¥æˆ–者å˜æ”¾åœ¨å…¬å…±ç›®å½•ã€‚
diff --git a/docs/distributed_02.rst b/docs/distributed_02.rst
index 01b5347e..43902055 100644
--- a/docs/distributed_02.rst
+++ b/docs/distributed_02.rst
@@ -22,7 +22,7 @@
$ yum upgrade -y
# èŽ·å– epel-release æº
- $ yum -y install epel-release
+ $ yum -y install epel-release vim
# 设置防ç«å¢™ï¼Œå¼€å‘ 80 端å£
$ firewall-cmd --zone=public --add-port=80/tcp --permanent
@@ -32,6 +32,16 @@
$ setsebool -P httpd_can_network_connect 1
# 安装 nginx
+ $ vim /etc/yum.repos.d/nginx.repo
+
+ [nginx]
+ name=nginx repo
+ baseurl=http://nginx.org/packages/centos/7/$basearch/
+ gpgcheck=0
+ enabled=1
+
+ # éž Centos7 请å‚考 http://nginx.org/en/linux_packages.html#stable
+
$ yum -y install nginx
$ systemctl enable nginx
@@ -41,9 +51,102 @@
$ tar xvf luna.tar.gz
$ chown -R root:root luna
- # é…ç½® Nginxï¼ˆå¦‚æžœæ— æ³•æ£å¸¸è®¿é—®ï¼Œè¯·æ³¨é‡ŠæŽ‰ nginx.conf çš„ server 所有å—段)
+::
+
+ # é…ç½® Nginx
+ $ vim /etc/nginx/nginx.conf
+
+ user nginx;
+ worker_processes auto;
+
+ error_log /var/log/nginx/error.log warn;
+ pid /var/run/nginx.pid;
+
+
+ events {
+ worker_connections 1024;
+ }
+
+ stream {
+ log_format proxy '$remote_addr [$time_local] '
+ '$protocol $status $bytes_sent $bytes_received '
+ '$session_time "$upstream_addr" '
+ '"$upstream_bytes_sent" "$upstream_bytes_received" "$upstream_connect_time"';
+
+ access_log /var/log/nginx/tcp-access.log proxy;
+ open_log_file_cache off;
+
+ include /etc/nginx/conf.d/*.stream;
+ }
+
+ http {
+ include /etc/nginx/mime.types;
+ default_type application/octet-stream;
+
+ log_format main '$remote_addr - $remote_user [$time_local] "$request" '
+ '$status $body_bytes_sent "$http_referer" '
+ '"$http_user_agent" "$http_x_forwarded_for"';
+
+ access_log /var/log/nginx/access.log main;
+
+ sendfile on;
+ #tcp_nopush on;
+
+ keepalive_timeout 65;
+
+ #å…³é—版本显示
+ server_tokens off;
+
+ #gzip åŽ‹ç¼©ä¼ è¾“
+ gzip on;
+ gzip_min_length 1k;
+ gzip_buffers 4 16k;
+ gzip_http_version 1.0;
+ gzip_comp_level 2;
+ gzip_types text/plain application/x-javascripttext/css application/xml;
+ gzip_vary on;
+
+ #é…置代ç†å‚æ•°
+ proxy_redirect off;
+ proxy_set_header Host $host;
+ proxy_set_header X-Real-IP $remote_addr;
+ proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+ proxy_connect_timeout 90;
+ proxy_read_timeout 90;
+ proxy_send_timeout 90;
+ proxy_buffer_size 4k;
+
+ #缓å˜é…ç½®
+ proxy_temp_file_write_size 264k;
+ proxy_temp_path /var/cache/nginx/nginx_temp;
+ proxy_cache_path /var/cache/nginx/nginx_cache levels=1:2 keys_zone=cache_one:200m inactive=5d max_size=400m;
+ proxy_ignore_headers X-Accel-Expires Expires Cache-Control Set-Cookie;
+
+ include /etc/nginx/conf.d/*.conf;
+ }
+
+::
+
$ vim /etc/nginx/conf.d/jumpserver.conf
+ upstream jumpserver {
+ server 192.168.100.11:80 max_fails=1 fail_timeout=120s;
+ # server ip:port max_fails=1 fail_timeout=120s;
+ # 这里是 jumpserver çš„åŽç«¯ip ,max_fails=1 fail_timeout=120s 是 HA å‚æ•°
+ }
+
+ upstream cocows {
+ server 192.168.100.12:5000 max_fails=1 fail_timeout=120s;
+ # server ip:port max_fails=1 fail_timeout=120s;
+ # 这里是 coco ws çš„åŽç«¯ip ,max_fails=1 fail_timeout=120s 是 HA å‚æ•°
+ }
+
+ upstream guacamole {
+ server 192.168.100.13:8081 max_fails=1 fail_timeout=120s;
+ # server ip:port max_fails=1 fail_timeout=120s;
+ # 这里是 guacamole çš„åŽç«¯ip ,max_fails=1 fail_timeout=120s 是 HA å‚æ•°
+ }
+
server {
listen 80;
@@ -52,7 +155,7 @@
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
location / {
- proxy_pass http://192.168.100.11; # 192.168.100.11 是 jumpserver æœåŠ¡å™¨ip
+ proxy_pass http://jumpserver; # jumpserver
}
location /luna/ {
@@ -61,7 +164,7 @@
}
location /socket.io/ {
- proxy_pass http://192.168.100.12:5000/socket.io/; # 192.168.100.12 是 coco æœåŠ¡å™¨ip
+ proxy_pass http://cocows/socket.io/; # coco
proxy_buffering off;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
@@ -69,7 +172,7 @@
}
location /guacamole/ {
- proxy_pass http://192.168.100.13:8081/; # 192.168.100.13 是 docker æœåŠ¡å™¨ip
+ proxy_pass http://guacamole/; # guacamole
proxy_buffering off;
proxy_http_version 1.1;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
@@ -80,8 +183,28 @@
}
}
+::
+
+ $ vim /etc/nginx/conf.d/coco.stream
+
+ stream {
+ upstream cocossh {
+ server 192.168.100.12:2222;
+ # server ip:port max_fails=1 fail_timeout=120s;
+ # 这里是 coco ssh çš„åŽç«¯ip ,max_fails=1 fail_timeout=120s 是 HA å‚æ•°
+ }
+ server {
+ listen 2222;
+ proxy_pass cocossh;
+ proxy_connect_timeout 10s;
+ proxy_timeout 24h; #代ç†è¶…æ—¶
+ }
+ }
+
::
# nginx 测试并å¯åŠ¨ï¼Œå¦‚果报错请按报错æ示自行解决
$ nginx -t
$ systemctl start nginx
+
+
--
2.18.0