架设某大型网站服务器之全部过程(2)_建站学-个人建站指南,网页制作,网站设计,网站制作教程

3.配置DNS
由于要南北互通,开源得只有使用view的ACL访问控制列表文件来实现多线路的自动导向.
(当然也有其他的商业解决办法,比如智能路由与交换机的设置来实现,我们这里使用开源的而且容易实现与调整的解决软件bind)
关于view的ACL获得办法有很多途径,这里不一一商讨.
具体架设参考如下
默认安装的bind为9系列的,已经支持view,配置分为三步骤分别如下所示.
(1)修改named.conf
(2)创建与配置hosts
(3)域名解析
#vi /etc/named.conf
////////////////////////文件内容开始///////////////////
//
// named.conf for Red Hat caching-nameserver
//

options {
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
/*
* If there is a firewall between you and nameservers you want
* to talk to, you might need to uncomment the query-source
* directive below. Previous versions of BIND always asked
* questions using port 53, but BIND 8.1 uses an unprivileged
* port by default.
*/
// query-source address * port 53;
};

//
// a caching only nameserver config
//
controls {
inet 127.0.0.1 allow { localhost; } keys { rndckey; };
};

include "/etc/rndc.key";

//modify by mingfu 060404
acl "CNC" {
58.16.0.0/16;
58.17.0.0/17;
58.17.128.0/17;
58.18.0.0/16;
58.19.0.0/16;
58.20.0.0/16;
58.21.0.0/16;
58.22.0.0/15;
58.240.0.0/15;
58.242.0.0/15;
58.244.0.0/15;
58.246.0.0/15;
58.248.0.0/13;
60.0.0.0/13;
60.8.0.0/15;
60.10.0.0/16;
60.11.0.0/16;
60.12.0.0/16;
60.13.0.0/18;
60.13.128.0/17;
60.14.0.0/15;
60.16.0.0/13;
60.24.0.0/14;
60.30.0.0/16;
60.31.0.0/16;
60.208.0.0/13;
60.216.0.0/15;
60.218.0.0/15;
60.220.0.0/14;
61.48.0.0/13;
61.133.0.0/17;
61.134.96.0/19;
61.134.128.0/17;
61.135.0.0/16;
61.137.128.0/17;
61.138.0.0/17;
61.138.128.0/18;
61.139.128.0/18;
61.148.0.0/15;
61.156.0.0/16;
61.159.0.0/18;
61.161.0.0/18;
61.161.128.0/17;
61.162.0.0/16;
61.163.0.0/16;
61.167.0.0/16;
61.168.0.0/16;
61.176.0.0/16;
61.179.0.0/16;
61.181.0.0/16;
61.182.0.0/16;
61.189.0.0/17;
125.32.0.0/16;
125.40.0.0/13;
202.96.0.0/18;
202.96.64.0/21;
202.96.72.0/21;
202.97.128.0/18;
202.97.224.0/21;
202.97.240.0/20;
202.98.0.0/21;
202.98.8.0/21;
202.99.64.0/19;
202.99.96.0/21;
202.99.128.0/19;
202.99.160.0/21;
202.99.168.0/21;
202.99.176.0/20;
202.99.208.0/20;
202.99.224.0/21;
202.99.232.0/21;
202.99.240.0/20;
202.102.128.0/21;
202.102.224.0/21;
202.102.232.0/21;
202.106.0.0/16;
202.107.0.0/17;
202.108.0.0/16;
202.110.0.0/17;
202.111.128.0/18;
203.93.8.0/24;
203.93.192.0/18;
210.13.128.0/17;
210.14.160.0/19;
210.14.192.0/19;
210.15.32.0/19;
210.15.96.0/19;
210.15.128.0/18;
210.21.0.0/16;
210.52.128.0/17;
210.53.0.0/17;
210.53.128.0/17;
210.74.96.0/19;
210.74.128.0/19;
210.82.0.0/15;
218.8.0.0/14;
218.12.0.0/16;
218.21.128.0/17;
218.24.0.0/14;
218.56.0.0/14;
218.60.0.0/15;
218.67.128.0/17;
218.68.0.0/15;
218.104.0.0/14;
219.154.0.0/15;
219.156.0.0/15;
219.158.0.0/17;
219.158.128.0/17;
219.159.0.0/18;
220.252.0.0/16;
221.0.0.0/15;
221.2.0.0/16;
221.3.0.0/17;
221.3.128.0/17;
221.4.0.0/16;
221.5.0.0/17;
221.5.128.0/17;
221.6.0.0/16;
221.7.0.0/19;
221.7.32.0/19;
221.7.64.0/19;
221.7.96.0/19;
221.8.0.0/15;
221.10.0.0/16;
221.11.0.0/17;
221.11.128.0/18;
221.11.192.0/19;
221.12.0.0/17;
221.12.128.0/18;
221.13.0.0/18;
221.13.64.0/19;
221.13.96.0/19;
221.13.128.0/17;
221.14.0.0/15;
221.192.0.0/15;
221.194.0.0/16;
221.195.0.0/16;
221.196.0.0/15;
221.198.0.0/16;
221.199.0.0/19;
221.199.32.0/20;
221.199.128.0/18;
221.199.192.0/20;
221.200.0.0/14;
221.204.0.0/15;
221.206.0.0/16;
221.207.0.0/18;
221.207.64.0/18;
221.207.128.0/17;
221.208.0.0/14;
221.212.0.0/16;
221.213.0.0/16;
221.216.0.0/13;
222.128.0.0/14;
222.132.0.0/14;
222.136.0.0/13;
222.160.0.0/15;
222.162.0.0/16;
222.163.0.0/19;
222.163.32.0/19;
222.163.64.0/18;
222.163.128.0/17;
};

view "view_cnc" {
match-clients { CNC; };
zone "." {
type hint;
file "named.ca";
};

zone "0.0.127.IN-ADDR.ARPA" {
type master;
file "localhost.rev";
};

include "master/cnc.def";
};

view "view_any" {
match-clients { any; };
zone "." {
type hint;
file "named.ca";
};

zone "0.0.127.IN-ADDR.ARPA" {
type master;
file "localhost.rev";
};

include "master/telecom.def";
};
////////////////////////文件内容结束///////////////////

#mkdir /var/named/master
#mkdir /var/named/master/cnc
#mkdir /var/named/master/telecom
#touch /var/named/master/cnc.def
#touch /var/named/master/telecom.def

说明:关于如何进行域名解析配置:

@Zone区文件配置:
Master/Cnc.def 网通
Master/Telecom.def 电信
*.def文件里面为解析域名的zone配置区设置部分.

@Hosts 区文件配置
Master/Cnc 网通
Master/Telecom 电信
下面以解析www.xxxx.com为例

#vi /var/named/master/cnc.def
////////////////////////文件内容开始///////////////////
zone "xxxx.com" {
type master;
file "master/cnc/xxxx.com";
};
////////////////////////文件内容结束///////////////////

#vi /var/named/master/telecom.def
////////////////////////文件内容开始///////////////////
zone "xxxx.com" {
type master;
file "master/telecom/xxxx.com";
};
////////////////////////文件内容结束///////////////////

#vi /var/named/master/cnc/xxxx.com
////////////////////////文件内容开始///////////////////
$TTL 3600
$ORIGIN xxxx.com.
@ IN SOA ns.xxxx.com. root.ns.xxxx.com.(
2005121013 ;Serial
3600 ; Refresh ( seconds )
900 ; Retry ( seconds )
68400 ; Expire ( seconds )
15 );Minimum TTL for Zone ( seconds )
;
@ IN NS ns.xxxx.com.
@ IN MX xxxx.com.
;;ip for cnc
@ IN A x.x.x.x(网通IP)
www IN A x.x.x.x(网通IP)
////////////////////////文件内容结束///////////////////

#vi /var/named/master/telecom/xxxx.com
////////////////////////文件内容开始///////////////////
$TTL 3600
$ORIGIN xxxx.com.
@ IN SOA ns.xxxx.com. root.ns.xxxx.com.(
2005121013 ;Serial
3600 ; Refresh ( seconds )
900 ; Retry ( seconds )
68400 ; Expire ( seconds )
15 );Minimum TTL for Zone ( seconds )
;
@ IN NS ns.xxxx.com.
@ IN MX xxxx.com.
;;ip for telecom
@ IN A x.x.x.x(电信IP)
www IN A x.x.x.x(电信IP)

////////////////////////文件内容结束///////////////////

客服端测试:
nslookup --type=a xxxx.com x.x.x.x(网通任意一个DNS服务器IP)

nslookup --type=a xxxx.com x.x.x.x(电信任意一个DNS服务器IP)
看到的为配置文件中对应ip则解析配置正常.

注意:
上面的xxxxx.com需要修改DNS解析服务器为
ns.xxxxx.com
对应IP为:网通IP.

备注:
1).在这里做了网通与非网通的访问控制,用于实现南北互通,如要国内外互通,需要在列出一个相应的访问控制列表ACL就可以实现了.
2).关于使用tar包编译安装请参看:
http://www.mingfor.com/forum/showthread.php?tid=94

4.配置LAJO
软件:
Apache2.0.58
JBOSS.4.0.3SP1
Oracle9.2.0.4
Mod-jk1.12
配置:
1)apache+mod-jk
#tar zxvf httpd-2.0.58.tar.gz
#cd httpd-2.0.58
#./configure --enable-MODULE=shared --enable-so --with-mpm=worker
#make&&make install
#tar zxvf jakarta-tomcat-connectors-1.2.14.1-src.tar.gz
#cd /home/software/jakarta-tomcat-connectors-1.2.14.1-src/jk/native
# ./configure --with-apxs=/usr/local/apache2/bin/apxs
#make
# cp ./apache-2.0/mod_jk.so /usr/local/apache2/modules

httpd.conf的修改
该文件的路径位于$APACHE-HOME/conf
上述编译过程中我们选用的worker模式，因此我们将修改worker模块的配置

StartServers 4 #最初建立进程的数量
ServerLimit 24 #进程建立的最大数量，硬限制
ThreadLimit 128 #每一进程能创建线程的最大数量，硬限制，该参数建议#和ThreadsPerChild一致，如果ThreadLimit > ThreadsPerChild的话，会造成不##必要的内存消耗。
MaxClients 3072 #同时可以得到处理的客户端的最大数量
MinSpareThreads 100 #所有进程中空闲线程的总数最小数值
MaxSpareThreads 200 #所有进程中空闲线程的总数最大数值
ThreadsPerChild 128 #每个子进程可以建立的固定数量的线程
MaxRequestsPerChild 0 #用于控制服务器建立和结束进程的频率,为0表示没有#限制，但在solaris OS下该值可能会出错，可以设置为1000或2000。根据系统#的并发负载吧。

同时修改与新增httpd.conf如下内容：
Include conf/mod_jk2.conf
User xxxx
Group 5dxc
DocumentRoot "/site"

NameVirtualHost IP:80

ServerAdmin foway@163.com
DocumentRoot /site
ServerName IP
ErrorLog logs/ip-error_log
CustomLog logs/ip-access_log common

ServerAdmin foway@163.com
DocumentRoot /var/www/html
ServerName admin.xxxx.com
ErrorLog logs/ip-error_log
CustomLog logs/ip-access_log common

#vi $APACHE-HOME/conf/mod_jk2.conf
////////////////////////文件内容开始///////////////////
LoadModule jk_module modules/mod_jk.so
JkWorkersFile conf/workers2.properties
JkLogFile logs/mod_jk.log
# Set the jk log level [debug/error/info]
JkLogLevel info
# Select the log format
JkLogStampFormat "[%a %b %d %H:%M:%S %Y] "
# JkOptions indicate to send SSL KEY SIZE,
JkOptions +ForwardKeySize +ForwardURICompat -ForwardDirectories
# JkRequestLogFormat set the request format
JkRequestLogFormat "%w %V %T"
JkMount /* loadbalancer
#apache will serve the static picture.
#以下命令意味着所有的图片与htm,css,js页面将由APACHE解析其它交由jboss处理
JkUnMount /*.jpg loadbalancer
JkUnMount /*.gif loadbalancer
JkUnMount /*.swf loadbalancer
JkUnMount /*.bmp loadbalancer
JkUnMount /*.png loadbalancer
JkUnMount /*.js loadbalancer
JkUnMount /*.css loadbalancer
JkUnMount /*.htm loadbalancer
////////////////////////文件内容结束///////////////////

#vi $APACHE-HOME/conf/ uriworkermap.properties
////////////////////////文件内容开始///////////////////
/jmx-console=loadbalancer
/jmx-console/*=loadbalancer
/web-console=loadbalancer
/web-console/*=loadbalancer
////////////////////////文件内容结束///////////////////

#vi $APACHE-HOME/conf/uriworkermap.properties
////////////////////////文件内容开始///////////////////

worker.list=loadbalancer,status

worker.node1.port=8009
worker.node1.host=192.168.0.192(请填写服务器的IP)
worker.node1.type=ajp13
worder.node1.lbfactor=1
worker.node1.cachesize=10

worker.node2.port=8009
worker.node1.host=localhost
worker.node1.type=ajp13
worder.node1.lbfactor=1
worker.node1.cachesize=10

worker.loadbalancer.type=lb
worker.loadbalancer.balance_workers=node1,node2
worker.loadbalancer.sticky_session=1

worker.status.type=status
////////////////////////文件内容结束///////////////////
注意:如果需要负载:修改
worker.node2.port=8009
worker.node1.host=localhost
worker.node1.type=ajp13
worder.node1.lbfactor=1
worker.node1.cachesize=10
为:
worker.node2.port=8009
worker.node2.host=IP(进行负载的IP地址)
worker.node2.type=ajp13
worder.node2.lbfactor=1
worker.node2.cachesize=10

备注:如果要进行更多的负载….
修改:

worker.noden.port=8009
worker.noden.host=IP(进行负载的IP地址)
worker.noden.type=ajp13
worder.noden.lbfactor=1
worker.noden.cachesize=10

worker.loadbalancer.balance_workers=node1,node2,noden

2)jboss
jboss安装.
Jboss4.0.3sp1 解压到/site/jboss目录下….
…./ deploy/jbossweb-tomcat55.sar/server.xml中，找8080,修改为8088

Jdk环境变量设定:

Jdk安装:
#chmod 755 jdk-1_5_0_06-linux-i586.bin
#./jdk-1_5_0_06-linux-i586.bin
Java参数设置:
#ln –s /usr/local/jdk1.5.0_06 /usr/local/jdk

如果你下载的是rpm包请如下操作
#./jdk-1_5_0_06-linux-i586.rpm.bin
#rpm jdk-1_5_0_06-linux-i586.rpm
# ln –s /usr/ jdk1.5.0_06 /usr/local/jdk

#vi /etc/profile.d/java.sh
////////////////////////文件内容///////////////////
JAVA_HOME=/usr/local/jdk
PATH=$PATH:$JAVA_HOME/bin:$JAVA_HOME/jre/bin:$CATALINA_HOME/bin
export JAVA_HOME PATH
////////////////////////文件内容///////////////////

3) apache+jboos服务启动问题

apache+jboss整合配置已完毕.下面是启动这些服务了. (责任编辑：admin)

搜索

热门标签:

架设某大型网站服务器之全部过程(2)